It's an open source project, so please, if possible, name of file and line of code...
Here is what I wrote:
I don't need to dig in the source. It is a conceptual truth in terms of the way the anonymity has been described (at least the last time I paid attention).
Evan mentioned he was going to improve it for Evolution, but even if he shifts to onion routing across masternodes, that won't entirely absolve the attacks on anonymity from colluding masternodes (although it can improve the statistics on the masternode coverage needed for breaking anonymity). Ditto any mixnet he employs, including if he prefers to implement CoinShuffle.
Instead if he implements Cryptonote then he won't have RingCT's features. If implements RingCT, then he is copying Monero's recent research. Also I doubt he is capable of understanding the RingCT white paper and implementing it. He will probably have to work by copying source code or hiring some expert crypto assistance.
In any case, that won't correct the other flaws in InstantX and mass-scale transactions that are his other big selling points of Evolution. And none of that will correct the fact that masternodes reduces Dash to an inferior proof-of-stake security/politics model.
I will correct the comparison chart to indicate the anonymity may be improving for Evolution.
It's an open source project, so please, if possible, name of file and line of code...
Here is what I wrote:
I don't need to dig in the source. It is a conceptual truth in terms of the way the anonymity has been described (at least the last time I paid attention).
OK, I missed that (just got to the thread), but Spyware, as a term, is something entirely different.
It's one thing to say that an obfuscation model could be vulnerable under XYZ circumstances with a probability of x% of that happening, and another thing altogether to say "spyware". This is sensationalist crap. Especially when the masternode model as is implemented right now can use multiple rounds of laundering where each round reduces the probability of that happening to an insanely low percentage.
Sybil attacks with those you are mixing with is a very overlooked -yet much weaker point- than masternodes being crooked. Pretending to be a mixing partner does not require NSA-level resources. Unfortunately, all mixing systems will have this problem to one degree or the other.
I disagree with the probability miscalculation that says many mixers assures the probability of unmasking is reduced asymptotically towards 0. There are patterns that develop and can be correlated. The more visibility, the more correlation. For me to enumerate all scenarios would require writing a research paper.
When all the masternodes are hosted, it is not crap to say the NSA can probably get access trivially. When most are hosted on one cloud provider (something I read, don't know if it is true), then even an employee could potentially get access trivially.
You simply can't get anonymity without cryptography. The masternodes see everything in clear text. Dash is more likely to be spyware than anonymity. In fact, I've conjectured the wild speculation that Evan hasn't been worried about SEC because he might be on the dole of the NSA (but that is too conspiratorial to assert as likely).
Dark my ass. Dark where the NSA got its fist up the users' buttholes. I have often returned to the wild speculation that Dark(Vader)Coin was really a big data harvesting coin.
The official definition of spyware is any software that exposes your data out on the wire. It doesn't have to actually be intended to do that. Just opening the security hole is sufficient to meet the definition.
It's your table / your labels / your definitions so I don't mind really. I just needed some clarification because it was stated as fact that dash is ...spyware.
I already updated the table to link to our discussion and added "potentially improving". So hopefully it is clear to readers that the characterization is contested to some degree.
I somewhat agree with you that "spyware" is a bit harsh and doesn't imply that the mixing might work in some scenarios, except in another sense I think it is unfair if I don't draw attention to the fact that it can be the opposite of anonymity and actually increase the odds of intercepting user data in clear text in certain attack scenarios. For example, it provides prefiltered list of those who are attempting to be anonymous— which is one example of why multiple rounds won't help in some scenarios of "privacy".