abonnementen ibood.com bol.com Coolblue
  woensdag 4 april 2018 @ 18:24:02 #1
424655 MisterCe
The B but not the C
pi_178306946
registreer om deze reclame te verbergen
AS DISCERNING DARK web drug dealers and pseudonymous hackers have figured that Bitcoin is not magically private money, many have turned to Monero, a digital coin that promises a far higher degree of anonymity and untraceability baked into its design. But one group of researchers has found that Monero's privacy protections, while better than Bitcoin's, still aren’t the cloak of invisibility they might seem.

Monero is designed to mix up any given Monero "coin" with other payments, so that anyone scouring Monero's blockchain can't link it to any particular identity or previous transaction from the same source. But in a recent paper, a team of researchers from a broad collection of institutions—including Princeton, Carnegie Mellon, Boston University, MIT, and the University of Illinois at Urbana-Champaign—point to flaws in that mixing that make it possible to nonetheless extract individual transactions.

That shouldn’t just worry anyone trying to stealthily spend Monero today. It also means evidence of earlier not-quite-untraceable payments remain carved into Monero’s blockchain for years to come, visible for any snoop that cares to look.

Those privacy flaws were especially acute before a change to Monero's code in February of 2017, the researchers note. But transactions before that time remain dangerously identifiable, and even payments after that change may be easier to identify than Monero's privacy-sensitive users might think. "The mental model that people have today for Monero is a simplistic one, that these transactions are private. That model is just incorrect," says Andrew Miller, a researcher at the University of Illinois at Urbana-Champaign who worked on the paper. "There's information that’s revealed and not covered up by Monero's cryptography." Miller is also an advisor to Zcash, another cryptocurrency that promises privacy protections.

The researchers' paper, which will be presented at the Privacy Enhancing Technologies Symposium in July, takes special note of a period starting in July 2016, when Monero was first adopted as an alternative to Bitcoin by the then-largest dark web black market for drugs, AlphaBay, and ending in February 2017, when Monero completed an upgrade to its privacy protections known as Ring Confidential Transactions. Roughly 200,000 Monero transactions occurred during that period, the researchers point out, many of which likely involved purchases of illegal narcotics or other sensitive payments made by users who believed their payments were fully untraceable.

"People took the privacy guarantees of the currency at face value," says Nicolas Christin, a dark web focused researcher who contributed to the paper. "All indications show people were really using this for applications where they needed privacy. And those transactions were very, very vulnerable."

Not So Stealthy
Despite Bitcoin's widespread use on the dark web and for other illicit applications like ransomware, scofflaws have become increasingly aware that if they're not ultra-careful in how they use it, the Bitcoin blockchain can help identify them—just as it helped connect the dark web drug market Silk Road's fortune to the laptop of its creator Ross Ulbricht, and even helped to track down the servers of another dark web marketplace, Hansa. As a result, the online underground has increasingly switched to Monero.

But researchers now point to two distinct cracks in Monero's untraceability, one of which was fixed in its early 2017 revamp, and one that still lingers today, even as Monero coders have taken steps to fix it. Both problems relate to how Monero hides the source of a payment, essentially by mixing the coin someone spends with a sampling of other coins used as decoys known as "mixins."

The researchers first note that simple tricks allow an observer to identify some of the decoy mixins used to cover for a real coin being spent. In Monero's first year, for instance, it allowed users to opt out of its privacy protections and spend coins with no mixins at all. (Today, Monero requires a minimum of four mixin decoys for every transaction.) The problem with that opt-out system: When an already spent and identified coin is later as a mixin, it can be easily plucked out of the mix to help identify the remaining coins. If that results in another coin being identified, and that coin is itself used as a mixin in a subsequent transaction, it can reduce the stealth of those later transactions, too.

The researchers also found a second problem in Monero's untraceability system tied to the timing of transactions. In any mix of one real coin and a set of fake coins bundled up in a transaction, the real one is very likely to have been the most recent coin to have moved prior to that transaction. Before a recent change from Monero's developers, that timing analysis correctly identified the real coin more than 90 percent of the time, virtually nullifying Monero's privacy safeguards. After that change to how Monero chooses its mixins, that trick now can spot the real coin just 45 percent of the time—but still narrows down the real coin to about two possibilities, far fewer than most Monero users would like.

Indelible Fingerprints
It's important to note that all of this only helps a snoop identify the spender of a coin, not its recipient, since Monero hides recipients' addresses with another technique called "stealth addresses." But if, as just one example, someone were to make a payment to a Monero exchange that knew their identity, and then later to an undercover cop posing as a drug dealer on the dark web, that second payment could be tied to the first, and thus to their identity. That threat becomes even more tangible given that AlphaBay was shut down and its servers seized last summer, potentially helping cops to identify the recipients of thousands of transactions during the seven months during which AlphaBay accepted Monero in its most traceable form. "Anyone who expected privacy at that point is still susceptible to being tracked down," says Miller.

When WIRED reached out to Monero core developer and spokeperson Riccardo Spagni, he responded to the paper's findings by pointing out that Monero's stealth addresses and Ring Confidential Transactions do limit which transactions can be traced. He also says that Monero's developers have been aware of the problems the researchers point out for years, and have made periodic and ongoing improvements to Monero's protocols designed to shore up its privacy shortcomings. "Privacy isn’t a thing you achieve, it’s a constant cat-and-mouse battle," Spagni says.

https://www.wired.com/story/monero-privacy/

[ Bericht 0% gewijzigd door MisterCe op 04-04-2018 18:43:17 ]
pi_178307158
Haha ja.
Doe afstand van je account en kom nooit meer terug.
  woensdag 4 april 2018 @ 18:37:59 #3
424655 MisterCe
The B but not the C
pi_178307197
GET OUT OF MONERO WHILE YOU CAN

MONERO GOES TO ZERO
pi_178307212
registreer om deze reclame te verbergen
Goed verhaal. Lekker kort ook.
  woensdag 4 april 2018 @ 18:43:51 #5
424655 MisterCe
The B but not the C
pi_178307309
quote:
0s.gif Op woensdag 4 april 2018 18:38 schreef BadVlad het volgende:
Goed verhaal. Lekker kort ook.
Goed punt, ik heb wat punten eruit gelicht. Zo beter?
pi_178315614
Wat wil je met dit topic dan?

Je moet met monero, en zo ook met btc, goed weten wat je doet als je het anoniem wilt doen, met elke coin moet je goed weten wat je doet als je in dit soort business zit. In eerder werk heb ik hier behoorlijk onderzoek naar gedaan, zo'n 4 jaar lang.

Het artikel zegt niets nieuws ofzo.
Lambo of Rekt
pi_178315620
registreer om deze reclame te verbergen
kopie pasta topics :r
pi_178323658
Ook de fork met Airdrops maakt het zeer kwetsbaar. Staat een artikel over op Reddit. Een public ledger zou wel handig zijn voor Monero trouwens.
  donderdag 5 april 2018 @ 14:45:38 #9
157922 fathank
Wie baas is bakt koekjes.
pi_178323760
De AIVD is helemaal niet geinteresseerd in mensen die drugs kopen via TOR-marketplaces met crypto's.

Hebben ze zelf gezegd in College Tour.
Behulpzaam als een waterkraan.
Op woensdag 29 april 2015 16:30 schreef seto het volgende:
als je niet #teamhenk bent ben je gewoon een *weggeFopt*homo
pi_178332046
quote:
10s.gif Op donderdag 5 april 2018 14:45 schreef fathank het volgende:
De AIVD is helemaal niet geinteresseerd in mensen die drugs kopen via TOR-marketplaces met crypto's.

Hebben ze zelf gezegd in College Tour.
Kopen niet, verkopen wel denk ik.
Lambo of Rekt
pi_178379669
quote:
10s.gif Op donderdag 5 april 2018 14:45 schreef fathank het volgende:
De AIVD is helemaal niet geinteresseerd in mensen die drugs kopen via TOR-marketplaces met crypto's.

Hebben ze zelf gezegd in College Tour.
:D

Perfecte privacy bestaat helaas niet, en het is goed om dat niet te vergeten.
As the officer took her away, she recalled that she asked,
"Why do you push us around?"
And she remembered him saying,
"I don't know, but the law's the law, and you're under arrest."
abonnementen ibood.com bol.com Coolblue
Forum Opties
Forumhop:
Hop naar:
(afkorting, bv 'KLB')