Bless Bruce but if I were able to write one sentence and call it a blog entry some things would be different around here!

You’re talking about the French kid. As it turns out, operating an email service requires knowing a users ip and the government can implement ip monitoring if they want to. Protons response was to use tor or a vpn like theirs which everyone got mad at them about but was later upheld in court as the correct solution (email provider isn’t a telecommunications provider judgement).

How to be paranoid but not schizophrenic guide. Avoiding mental illness in the modern age %100 no cap real strats the pros use now you’re playing with power!

Gotta excercise the ol creative muscles somehow. Thanks for putting up with it!

I think what you just said is our breakdown. Neither cryptocurrency, cryptography (in its d-h or one time code permutation) or any other technology removes the requirement that you trust the other party both to perform their side of the process and to not betray you.

It’s important to not go down that route because if you can’t ever trust then you can’t believe you can ever have privacy or anonymity except when you completely retreat from all communication or interaction both electronically and physically.

Remember that the problem cryptocurrency solves is the credit card clearing problem, not the problem of trusting your counterpart.

Also your proton example might be the one where some ding dong used their out of the box (no adp) icloud email as the recovery for proton and the cops got the icloud through a logged in device and recovered the proton account using it as opposed to forced ip logging but I might be mistaken.

I still dont think you’re comparing apples to apples here.

A physical payment for the thing you linked (I dont use posteo but they seem to use the same cash+nonce system everyone else does) consists of a sealed addressed envelope with the bills and a number used once (nonce) at the recipient in order to associate receipt with account. The nonce is not saved or recorded.

So a surveilling party could possibly perform in depth inspection of every letter going to the service they’re trying to surveil, record all the payments and nonces, cross reference the mailing location of the individual letters (idk of any post service that bins them according to location of origin but I’ll go with your description!) with public camera footage and make a positive id for all the people who mailed the letters and they still don’t have the ability to associate payment/person/letter/nonce with a particular account because the nonce isn’t retained.

They’d just know you sent a letter containing money and a code to a service.

Again, what I described is a type of investigation that is extremely expensive and requires exacting precision at every step in order to not make an error that would make the evidence inadmissible.

They’d have to have infiltrated the recipient at the time and place of associating account with nonce and if that’s the case it doesn’t matter if you’re using the monero jetpack/ninja climb or the physical letter walk across the gymnastics mat t-posing method because the other end of the mat is jail.

But let’s look at it from the other direction, they’re not trying to remove privacy and anonymity in general, they’re specifically trying to get you:

You are observed through your open window from the cleaning service van across the street. When you leave to mail your letter, which contains unique microscopic markings and fiber identifiers cross referenced to the s/n of envelope boxes you were recorded on cctv purchasing at the drug store last week, the van radios a follow car around the corner that appears to be a bunch of hoodlums who slow to a crawl and yell out their car window, berating and denigrating you. You don’t respond, though their yelling distracts you from the pebble in your shoe and the traffic cameras get a good id on you through gait recognition.

The follow car bumps into a fire hydrant and you round the corner and enter the restaurant, where the server seems to be looking at you and texting constantly. Your grilled cheese has melted chocolate in it with the unique mushroomy taste of senna. You catch the host and bartender running your change back to the office and hear the sound of a scanner and notice the shifting white light coming from behind the open door.

You put part of your change in the envelope with the nonce you wrote using your non dominant hand and lick it to seal the flap, activating dozens of moisture sensitive polymer capsules to absorb and preserve the trace genetic material left behind for later analysis. Outside the restaurant, you drop the letter in the mailbox and head home. The restaurants host radios when you round the corner and a flower seller with dark sunglasses, an earpiece and a conservative suit on under their apron rolls their cart down to the mailbox, unlocks it and picks out your letter.

They know that you sent a letter with money and a code to some address. If they allow it to continue on its way then they can’t associate it with a particular account because the code isn’t retained after use.

Good and ethical depends on what you want. You should probably abandon both of those qualifiers though.

There was a good article in one of those counter culture handbills in the 90s equating the peripheral or colonial labor required to get expensive raw materials & the core labor required to turn them into carbide blades or microchips or whatever and production & djing.

It was pretty stupid though because once a dj gets a little success or time they start to make their own songs to play out (often before they start to get some success). So it’s not like one type of labor has less value and is engaged in a race to the bottom or pushed to the colonial areas while another type of labor has more value and exists under different conditions in the core.

Their inverse is also true. Electronic musicians who produce music often get invited to dj at venues. How could someone make a song that fits well in a djs set if they themselves didn’t get some hands on time behind decks? It’s like expecting a person to be able to design a car but never drive one.

They’re the same labor. They’re making the same thing.

It’s maybe worth investigating what you mean when you say “having value”.

I agree about the devil you know vs the infinite possible future ones you don’t.

I think you’re making way too many assumptions about physical surveillance (“they know you care about privacy” as opposed to the actual thing they know, which is simply that you mailed a letter, being able to narrow your suspect list down based on the fact that they care about privacy, etc) but even if I were to take every single one of them at face value then the authorities have less information than is public on a bitcoin transaction (I know you’re a fan of monero, I’m using the amount of information in a bitcoin transaction here to make my point clear in the language of crypto). And they had to be looking when you did it.

I’m of the opposite opinion: digital surveillance is game over. The opponent still has orders of magnitude more resources than you, but they also have access to your entire communications chain via well documented backdoors, can apply millions of exploits on each piece of software or hardware involved in that chain, can literally directly translate those resources to faster and higher quality exploits and with hndl they don’t even have to be there when it happens. I think the best thing you can do is avoid the digital as much as possible.

I always used to laugh at my professors, friends and coworkers who were “revolver next to the fax machine in case it gets any funny ideas” types but a few decades around computer security done made me into a stereotype.

What kind of model and space limitations are you under with v100s?

Some of the most interesting computer music I’ve heard in years was composed on them but idk if it’s worth getting into a whole new generation of hardware if it can only really do that.

Of course Im not suggesting that d-h is comparable to some mathematical expression of laundering your money during lunch and sending a letter. You can’t compare the two using mathematics because elliptic curve works in a really narrow set of domains. Now my friends in actuarial work might have something to say about that but I was trying to use types of equations as a way to help explain how the physical and digital are different. what I mean is that any new discovery or development could undo the security of digital transactions, specifically blockchains which exist as public ledgers in perpetuity. When solving the calculus of what degree of concern and care a person needs to exercise you gotta look to any possible future.

Physical transactions are done when theyre done. You either succeed or you don’t, no one can dig back into the perfect public copy of everything you did and reveal it was you (or even in the case of some blockchains what was done!). Perhaps they find out they have a surveillance video of you going to the restaurant and getting lunch then mailing a letter and try to use it as evidence that you conducted a cash transaction using a nonce. It’s meaningless.

You don’t need to worry about it in any way you wouldn’t have to worry about conducting the transaction digitally. The solution space of a physical transaction is finite, which of course could be partially or completely encompassed by the infinite solution.

That last part is to say that for both a physical or digital transaction you gotta worry that the other party (or yourself) screwed it up somehow or betrayed their counterpart but because it’s common to both methods it’s not worth discussing.

Again the point of all this math talk isn’t to suggest that we ought to be talking in proofs or something silly like that. Some people really “get” math though and using it as a metaphor can help get the point across.

They might see that I ate a sandwich and mailed a letter vs my transactions are in a public ledger and can be tied to me at any time in the future when that ledgers cryptography gets broken or my information or the other party’s information gets corroborated.

Quantum is fake. Everybody knows it but no one talks about it.

Parallel computing is not fake though, and the technology to do it is being deployed at scale never seen before in our lives. Hash cracking software is already designed to take advantage of video cards, and the same mathematics were put into service and honed on those video cards years before during the crypto boom(s).

So now you have to contend with the future of ai: if the bubble pops then there’s piles of parallel computing hardware out there that are suddenly upside down on their leases and have to be pressed into service doing something, anything. If the bubble doesn’t pop then consistent improvements in efficiency of new stuff cause old hardware to become available to the part of the market that can afford a little more per millisecond of torch time: crypto and crackers.

This is already happening.

The space you need to be able to solve for to transact physically is limited and finite, the same space for digital is unlimited and infinite.

Infuse? Or is there a different one?

I think you’re making some critical errors in this reply. If you make personal privacy or security decisions based on its content, it’s probably a very good idea to reevaluate them with a clear and honest outlook.

It is easier to develop trust of a single provider than to develop trust of a random decentralized network of providers in a system that has been under confirmed attack for at least 15 years.

Browser fingerprinting can be defeated or manipulated in many ways to accomplish different goals outside of either using tor or a vpn.

Cash may not be under active surveillance and provides fantastic anonymity if you are capable of handling it appropriately. Even if you are not, investigating cash transactions is incredibly expensive, cumbersome, time sensitive and is defeated by a million simple methods that have been in practice for millennia.

We accept that there is a surveillance panopticon that operates on all our actions online. We accept that it collects information that can be compiled to form a frighteningly accurate picture of us as individuals. We accept that the internet as a whole uses the presence of this information to prevent anonymity, ostensibly to stop spammers and scammers.

But it wouldn’t be obvious an account changed hands.

Physical surveillance is barely even circumstantial evidence of the crimes we’re talking about, Hndl troves are incontrovertible. People get caught using monero to do crimes all the time.

Of course if you dress up like the hamburgler you’re gonna stick out. Just look normal.

I did not intend to fight you about this, the point of my reply was to provide some context about the often overlooked physical side of things.

We very often overlook the physical because we think it’s too unknown and that we understand the digital much better but in many years I’ve never met a person who thought that way and could explain in detail how the web works or why certificates are scrubbed.

Keep your nose clean out there, you never know whose gonna be looking in 20 years…

The threat is that someone who learns the material facts of your accounts interactions around the internet would (correctly) recognize that it changed hands and if that person were some kind of cop they would have cause to investigate further, possibly uncovering other facts about you or your activities.

The point is that you’re breaking one of the cardinal rules: “keep your head down and your nose clean!”

Not gonna fight about it, just making it known.

Physical surveillance of mail is incredibly expensive, slow and subject to a bunch of regulations.

It also doesn’t consistently work.

Electronic surveillance of communications is incredibly cheap in comparison, near instantaneous and an evolving new technology that’s loosely regulated if at all.

It also creates a 1:1 copy of the transmission for interpretation at a later date.

Hndl applied to physical surveillance is all metadata. Hndl for digital interactions is content too.

It’s anonymous at the moment you buy it. After that you use it and identifying data and metadata that conflicts with the original users data and metadata starts to accumulate.

Physical movement can be tracked by cameras. All digital transactions are tracked by virtue of the way the internet works.

When you put your trust in digital transactions you are putting your trust in the cryptography that hopefully underpins them. With recent regimes of harvest now decrypt later, you are putting your trust in both the perfect forward and quantum/parallel resistance of that cryptography.

Just some food for thought. Sending cash might be a smarter choice than you think.

You are not following the point I’m making:

The account you buy on the darknet works because the rest of the internet already associated it with an identity. That means law enforcement has cause to investigate the new user for impersonation or id theft. It doesn’t matter if they can’t get you for id theft or impersonation on a technicality, they’re already investigating you at that point! Law enforcement attention is what you don’t want!

It’s like using your neighbors car with an expired tag because you don’t want to have your car show up on the highway cameras.

It varies by jurisdiction but if the reseller you bought from is selling you an account used by some other person for some personally identifiable thing (which is why the internet at large trusts that account and why you bought it!) then you’re at the very least toeing the line of Id theft or impersonation and while the cops might not be able to get you for that particular crime they will absolutely have enough suspicion to investigate you and discover other crimes or even just watchlist you.

I don’t care if you break the law from a moral or ethical standpoint, but it can cause you problems from a practical one.

Yeah I use mullvad.