Topic: Monero exchance centralization... a danger? (Read 6395 times)

Actually, there are two different points. 

1) Why should one AVOID giving one's identity to Polo when buying monero ?  This question only makes sense if you think somehow that the simple fact of buying monero makes you a suspect.  If that is the case, then your liberties are in an extremely bad shape.  If the very fact of using a crypto currency makes you a suspect criminal, then the only thing you can hope for, is that half the world uses that crypto, so that half of the world becomes a suspect.  This is a matter of civil responsibility, to use all things that may "make them think you might be a criminal".  Set up a tor relay, use monero, use GPG, .... to fight for your freedom.

2) With monero (contrary to bitcoin) there is no reason to hide your identity when buying it, if you don't want people to link this act of buying monero with whatever you're going to do with it afterwards.  That's exactly what the crypto of monero is made for !

Of course the crypto can fail, like the crypto of bitcoin can fail.  Dark market activities are of course always a risky affair, and the biggest risk will not come from using monero, but from actually "getting into contact" and "obtaining stuff" there.  The whole idea of monero is not so much to stimulate dark markets, but to allow people to get their monetary privacy back which they lost partially with banks, and totally with bitcoin.   That privacy doesn't need to be used for illegal stuff.  You can just as well appreciate the privacy when doing things that are allowed by the laws that states have decided to impose upon to you.  But it is true that dark markets are a particularly well suited test bed for the solidity of the privacy.  So there's a symbiosis between all privacy-enabling technologies on one hand, and dark markets on the other.  The privacy-enabling technologies find in dark markets a great test bed, and dark markets can appreciate the privacy technology to allow them to escape the prying eyes of law enforcement.  It is a win-win situation.

I actually wrote a  long post on this yesterday night, but it seems was never posted

At end I actually got to this. Many times while I post that happens, that once post is already written i finally see what should I actually write. Anyway.


OP concern is that if to much coins gets traded on one exchange and that exchange gets hacked, lots of coins will change its owner.   If in past there was most trades made on Poloniex if totally fine for this fear, since you cant hack exchange in the past.


also first 2 years there was not that much volume on Poloinex as was  one to half year ago. When those ETH whales come to Poloniex and start playing with coins there increased Monero volume a lot and made far most Monero volume on the Poloniex exchange.  Now that will change quite fast. No worries about that. New exchanges are starting trade Monero almost weakly.

what opening tor and opening bitcoin to send a transaction have to do with being anonymous? i know that bitcoin do not reveal your ip, poloniex will never know what ip have your node, if you just send them a transaction, tor could be used to register there once, but has nothing to do with sending bitcoin, but maybe your are talking about tor node for bitcoin, by using the tor network?

they trace you here if you send your id for widrawing more than 2k usd per day, if you stay below that amount, nothing can be traced

I don't see how someone can get traced until his real identity gets found because of buying coins in poloniex. Let's say our guys buy BTC in localbitcoin or whatever, uses helix to mix the coins, then opens Tor Browser, then bitcoin core, this should make the transaction to poloniex anonymous, to access poloniex VPN is always used (im not sure if Tor works in poloniex), then you get your XMR, and theorically that's all since XMR doesn't need a mixer right?
So how can they trace our guy?

You are upping your thing because you see that you're getting nowhere, don't you.  Now we already have a "terrorist".  First, it was a guy buying crack on Alphabay.  You're upping the amounts too, to get attention.  

I'm back to my guy buying 100 XMR on Polo.  I guess you can have your crack for some $1000,- right ?

Ok, so you think that all monero buyers on Polo are now under investigation.  That's good enough.  They have a lot of work then, at the FBI.


Up to now, that's not difficult.  That's the information you gave out to Polo.


So essentially, you're telling me that the guy would in any case be given out by someone, whether he was using monero or not.  So the fact of buying monero on Polo or not doesn't change a shit, does it ?


Of course, but that has nothing to do with monero, or with the "danger" of buying monero on Polo.  He would have been given out in any case.  So this doesn't prove your point about the danger of using monero when it is taken from a single exchange.


So every single person who ever withdrew some coins from Polo is now under profound investigation.   As such, whether or not you use those coins or not has nothing to do with the danger you spell out.  Monero is not the culprit is it ?  The guy is already under investigation.


Well, if it is proven that it was monero's block chain that gave him away, then that would be entirely normal because that is monero's value proposition.  If monero gets deanonymized, then of course it is worthless.  In the same way that if you can crack bitcoin addresses and do transactions in their name, bitcoin will be worthless.   If the cryptographic protocol of a crypto fails, then of course it is worthless.


if that happens through the deanonymisation of the monero block chain, I agree with you.   Like even if one person succeeds in finding the private keys of Satoshi from his (public) addresses, that's good enough to stop with bitcoin and put it in the dust bin.  Sure.

One single bitcoin key found from the block chain, and that's indeed good enough to consider it a total failure.  One deanonymisation of the monero block chain, and that's good enough to consider it a failure.


Consider now this.  Your guy buys 100 XMR of on Polo.
Now he loses his wallet.  His monero are gone.

A year later, he buys crack at a local dealer using amazon gift cards.  He is totally out of crypto.  In your story, he's JUST AS EXPOSED, because it was his buying coins one day on Polo, which got nowhere.  The very fact of buying monero on Polo put him under scrutiny, and whatever he did later which was against the law, got him caught, even if it didn't have anything to do with crypto.

No, that is not what I'm saying.  I'm saying that with monero's scheme, there is SOME ENTROPY leaking when two transactions happen quickly one after the other: the anonymity set is still small, in other words.  The number of potential "suspect transactions" is limited in that case.  If you put a few intermediate transactions, and you wait for a while, however, this "anonymity set" grows strongly, and in the end, it could be just any monero user.


That is true.  It is untraceable in the sense that EVEN two successive transactions are not traceable, in the sense that there is no way to PROVE that the second transaction was done by the receiver of the previous transaction, but there is some indication that it COULD be this receiver.  If you wait somewhat, and you do a few intermediate transactions, then this link is indeed becoming totally untraceable.


That was not your claim.  Of course, if the FBI gets into my computer, and sees directly my transaction to Alphabay, they know it was me.  Duh.  Your claim, however, was that having to buy monero on an exchange was the danger.   In other words, your claim is the fact that the MONERO PROTOCOL and block chain are going to rat me over ; that the fact that I bought monero on Polo was going to get linked to my buying stuff on alphabay with those same coins.  Well, I'm telling you that that is exactly what monero DOESN'T do (in opposition to bitcoin).

Of course, you are perfectly right that the very act of contacting Alphabay and having them send stuff to me is a risky act.  And that of course there's a serious risk that this very act, using computers and networks, is going to give me away.  But that has nothing to do with monero, and that is not your claim.  Your claim was that using monero on alphabay is going to be linked to my ID on Polo.  Well, I claim that that is not going to happen, exactly because of the way monero works.

That my very act of going to alphabay may give me away, is of course obvious.  But not through the use of monero.


Well, you need to find a deanonimisation bug in monero.  If you do so, I'm sure you can get rich with it.  Do you also consider that you can crack the bitcoin block chain, "because if it runs, it can be cracked", and that you can get at Satoshi's million coins or so ?  Or does your "if it runs it can be cracked" statement suddenly doesn't apply any more ?

If you consider that the cryptography can be cracked, then I wouldn't touch a bitcoin, honestly.  Before you know, people have cracked your address, and have discovered the secret key that goes with it.  Remember, if it runs, it can be cracked, and hence people know how to get the secret key of just any bitcoin address used on the chain.  Or are you suddenly much more confident ?


Sure.  So if you know someone's bitcoin address, you can crack the elliptic curve signature code, and find out his private key from it I guess ?  Who the hell would still be using bitcoin if it can be cracked ?


Of course, but if they do that to catch my buying on alphabay, they HAVE NOT USED MY POLO ID.  They just found me directly and saw me buying on alphabay directly, without the need of looking at monero.   And that was not your claim.  Your claim was that if I bought monero on Polo, and THEN bought something on alphabay, my Polo ID was going to give me away.

I'm telling you that in as much as it would be true that the monero block chain is giving me away because of that, that this is a cryptographic cracking that is of the same order as being able to find bitcoin private keys if one knows a bitcoin address.


Bitcoin is a traceable block chain.  If I do the same with bitcoin, I'm totally exposing myself.  That's exactly the difference between a transparant chain such as bitcoin, and an opaque chain such as monero.


To do a meager imitation of what happens automatically on the monero block chain, but with much, much more risk, and with the necessity to trust the mixer.  In other words, mixing can be even more dangerous.  Bitcoin is a privacy hell, everything can be followed.

Maybe you should understand how monero works before claiming things about it ?

I think that bitcoin could survive a poloniex hack, we already had a major hack recently (bitfinex) and all the price did was dip, to grow higher later. If anything, exchanges getting hacked are oppotunities to buy in again cheaper, of course ideally this shouldn't happen..

About the monero scaling.. bi yearly fucking hardforks? that's insane isn't it? Too many hardforks in my book. We already know what happened when ETH hard forked, everytime a hardfork happens we know the risks..

Your gonna get your ass ridin' hard when it happens eventually smart guy.
First you argue that it's "mostly secure"
And that no one was claiming it was fool proof.. then i show you the fucking god damn hoody
where it says "Secure, Private & Untraceable"

Dino you are all over the place desperately in vain trying to smooth over any Danger or risk etc.

We may not know entirely until after the fact how EXACTLY a suspect is tracked.
But i do know the assumption of having bullet proof computer code is foolish.
When has anything on a computer been secure ?

If it runs it can be cracked.

As always i have tried to explain this shit to contrarians who don't know fuck all about cracking.
I am not the guy doing it so i can only speculate.
You may want to contact the NSA who has performed sick brutal hardcore shit when it comes to computer code rape.
Seen my topic on the malware in the off-topic section that uses sound waves from your speaker or microphone to propagate ?

Hear about how the US govt intercepted a guys Dell computer from Dell and had it delivered to them instead so they could install custom one of a kind hacks so they could monitor him at the BIOS level from across the street ?

I am Spoetnik.. a poor guy at home.
I am not the CIA who can buy a Saudi a Lamborgini in exchange for a phone number.
But i do have the mind of a cracker and i have hammered you assholes with the concept of cross referencing which is how Bitcoin was tracked.
Why do they do mixing again ?
And no little miss contrarian looking to fire off another exception most guys are going to trust the slogan on the hoody and not go through extra steps to be extra secure.
So don't gimme that bullshit yet again.

What part of cross referencing don't you idiots understand ?

Lets say a Terrorist is doin' shit..
He signs up at Poloniex to use it to transfer large amounts of money.
He goes over 10k and gets flagged and is now being investigated.
His trade activity, IP address and coin address's are handed to the Fed's...
Now the Fed's suspect he is at XYZ location.. so they show up there and start harvesting Info.
Such as VPN providers or this forum or his own ISP or his family that rats him out or his Boss at work.. or his friends for a Lambo. LOL
And who is to say there is not a rat at Alpha Bay who is going to tattle on him for a cool million dollars in cash ?
Start point.. seized.. end point seized.. all control points seized.
All inputs and outputs being monitors means ?
The silly tech wankry bullshit in the middle is irrelevant.

That is not hypothetical.. that is in fact what happens all the time.
And they only get better at it too.

You know i love the precocious cute little opinions on security here but you are all idiots.
This was already proven by more than one guy with Monero exploits and yet you STILL did not learn your lesson ?
They already found some and now ? ohhhhhh well there is no more because NOW the code is secure HAHHAHA
Fuckin' Hillarious ROFL

I had a dev of a program mouthing me off getting all cocky before..
He was yammering at me all hot shit after i posted online Keygen's for his Firewall.
I told him i could crack his app with 1 byte if i wanted too.. he called me out.
So i posted the cracked binary and 3 versions of the keygen source and a picture tutorial on how to patch it.
Get it ?
Security bullshit in the middle that the dev thinks is bullet proof.. say a hashing algo.
So a cracker can try and crack the algo head on ... or ?
He can go around it with patching.. side stepping the frontal attack.
Cross referencing is close to that.
It's about the starting point and the end point.. not the silly security bullshit that lies in between the two.

What it REALLY boils down to is contrarians spouting off unrealistic and deceitful claims on the web giving users a false sense of security so their bags are worth more.

When those exploits came out of Monero before the price tanked.
..yeah on Polo of course  

Imagine if a guy on Alpha Bay gets nailed.
If it's proven that Monero failed to keep the guy "Secure, Private and Untraceable" as it' sprinted on their merch and repeated here for years your Poloniex shitcoin prices will be decimated.

And what are the actual real odd's ?
0.01% ?
If even 1 person gets arrested then that is far too many.
That is enough to refute the bold claims being made and argued.

And is that realistic ? 0.01% chance of that ever happening ?
If so then YES we can say that having an exchange sitting there working with the Police is YES a god damn fucking "Danger"

Seriously cut the crap guys.. i know your bags are heavy and you think you "know things" but come on.

No, seriously.  How is one going to link the transaction to alphabay with the withdrawal from Polo ?

I don't know what happened to the owner of kickasstorrents.com, but I can think of two reasons, correct me if it is something else:

1) that guy was using his coinbase wallet to do directly transfers to or from shady activities.  
2) that guy was using bitcoin, and the transactions in bitcoin are of course linked and traceable.

(I would bet on 1) ).

But I repeat my question, so that you can clearly point out how silly I am:

1) I put my picture, ID and everything you want to know about me on Polo.

2) I buy 100 XMR on Polo with money from my bank account

3) I withdraw my 100 XMR from Polo.

4) I transfer my 100 XMR a few times between addresses of mine on the XMR block chain

5) I wait for a few months

6) I now buy crack on alphabay with 80 XMR from one of my addresses.

Tell me how one is going to use the ID information on Polo in relationship with this transaction.  Tell me how giving out my ID and picture on Polo is going to get linked to this transaction on alphabay and is going to inform law enforcement that *I* was the guy buying that stuff.

Or, to put it differently: tell me how giving out my ID to polo to buy XMR is going to put me at risk, while obtaining XMR over the counter from someone is NOT going to put me at risk (because you are talking about the risk of a centralized exchange and getting people in jail because of that, so the risk must come from the fact that I gave my picture to Polo to make your point).

Explain me in detail, so that my silliness is illustrated.

You just made it blatantly obvious that you don't understand what xmr is about...

but first of all:
- if you stay under the 2k-day-limit, you don't need any picture id... aka, you can give a false name... combine that with a little opsec (like using a vpn or something) and you're good to go

second of all:
- xmr transactions are unlinkable... here's the address where I send the coins that I buy on poloniex too (aka my base-wallet-address when I want to get coins offline): 4473WH5nch2Mr7mGjxo1gVGYcGXbPTFqREzffmUA8YJTBgLpfcLB5n1eL8pjV2YeXx8MDXj5Le5cZSr zoS4zFg549Cszzwx

now show me your magic and prove which transactions I have done with that address please! which coins have entered that address, which coins have left... how many coins have i deposited on that address etc... I'm sure LE would be very much interested in how you do it...

thanks in advance,
best regards

WOW holy fucking Christ you are playing stupid.
Then railing on in vain making excuses.. which i add is not doing Monero any favors.
Because smart people can see what i see.
But carry on though.. just realize i am in fact the messenger to the obvious here.
Your desperately trying to refute the blatant facts does not change them.
And if swaying the opinion of idiots makes you feel good then go for it i don't care.
After all they are just profiteers anyway.. who will dump on the coin at some point.

Coinbase ratted out the owner of KickAssTorrents.com and he was arrested and put in jail.
Cryptsy said they had a system in place for doing it and they did too when requested.
Your attempts to say there is no risk is a laughable joke.

Dipshits go look at the picture i posted earlier with David Latapie wearing the hoody..
Then read this topic title.. THEN go bring your picture ID to Poloniex and buy Monero to get crack on Alpha Bay.

Yeah.. the future of Monero is bright 

Tell me now exactly how that would happen.

Imagine that tomorrow, I buy, say, 100 XMR on Polo and withdraw them.  I now send my own 100 XMR to another of my addresses.  I do this, say, 3 times.

Imagine that 3 months from now, I use 80 of those to buy crack on Alpha bay. 

How is anyone going to link this transaction to the one I used to withdraw my XMR from Polo ?

I think you think too much in bitcoin.  In monero, these transactions are essentially unlinked.   So what has my Polo account information to do with this unlinked transaction on the monero block chain ?

Suppose that law enforcement knows about my withdrawal of my 100 XMR (because Polo knows it of course).  Suppose that they know that there has been an XMR transaction to alphabay of 80 XMR, but of course, law enforcement doesn't know what was bought with it, or to whom it was sent (if they knew, they had me already, and monero didn't have anything to do with it: for instance, I naively told Alphabay to send the stuff to my postal address, and law enforcement found out).

For you to accuse monero to "put people at danger", you have to explain how law enforcement can, from the knowledge they get from Polo (my withdrawal of 100 XMR)  infer that *I was the buyer*.

Now tell me exactly how that's going to happen.  How are they going to use the Polo information to track me to alphabay ?

If you are going to tell me that they saw that it was MY IP ADDRESS that did the transaction, then that's of course the same as "finding my postal address".  Monero/Polo/single exchange is not involved, they simply saw where the order was coming from. 

Tell me how "buying XMR on Polo" puts me at danger, which I wouldn't have if I didn't get my coins from Polo.

Does 64% negate what it has been for 2+ years ?
And what will see if this topic drops to page 100 ? 74% in a week or two ?
Get it ?

Oh and 65% does not concern you all ?  
It means if this point was being watched you would have a greater than 50/50 chance at getting put in jail for Crack selling on Alpha Bay.
I sure as hell would call that a "danger".

Actually I think you are right. I usually learn while I post, would be better if I learned before I post. 5th January was just an approximate date set months ago.  Hard fork was encoded in last binaries that come out in middle of December and will happen if majority of nodes will run  it at  block 1220516.  Those running old binaries, will be sort of left on an fork without RingCT.

Ah, I have a conceptual difficulty distinguishing between both, to be honest.  To me, a hard fork happens when the rules to make blocks become different.  So I don't really know what happened on the 5th (although I have to say that I hurried like crazy to get my new node version running by then, which I had forgotten to update, and was then surprised that the status response told me that it was still several days away...)

I might be wrong. But as I understood this hardforks https://www.reddit.com/r/Monero/comments/50tngy/general_information_for_the_upcoming_hardforks/ , they get done one day, but changes that are encoded into hardfork start getting implemented at some blocks.  So like hard fork was on 5th January, but RingCT implementation will happen whenever block 1220516 will happen.

Eh, my node tells me that it is in half a day, at block 1220516.  I'm currently at block 1220135.

http://moneroblocks.info/warning

lol  Scheduled Monero hard fork was 4 days ago, so you can exactly see if there was a dip or not.
Next will be in Autumn 2017. So far we had 2 per year, so i think will be same in 2018. You should put them in your calendar, so you dont miss them by 4 days.


Meanwhile on the monero exchanges




@thejaytiesto

It seems danger passed in only a week time   so you are free to lock this thread.

To add to the topic discussion:


talking about "danger", is it MUCH MORE dangerous to use bitcoin on dark markets than it is to use monero, because bitcoin is traceable as hell.   Referring to Spoetniks complaint about putting people at danger, if one crypto did that, it was bitcoin !

The fact that there is only one or a few exchanges that offer monero is hence a "danger" in the following sense only:

- people thinking that exchange IOU are the same as the crypto token, and hence can lose every IOU they have on an exchange when that exchange decides not to honour that IOU.

- people using an exchange to obtain exchange IOU, and think that it is the same as the crypto token, *paying others directly from their exchange account* (doing "withdrawals" to their trading partner's address directly).

- people thinking that exchange IOU are the same as the crypto token, and do "trading" to get rich, ripping their peers playing the same game.

- people buying and withdrawing monero and use it directly to do VERY SENSITIVE stuff.  The monero anonymity system is not 100% opaque (like zero knowledge proofs would be), and so there is limited traceability if the transactions succeed themselves quickly, which can help law enforcement somewhat in limiting the list of potential infractors.

For most "normal" use of crypto, where you put up some fiat to an exchange, and withdraw it immediately, monero is essentially private, in the sense that the next transaction you do cannot be linked strongly to the act of buying the coins from an exchange.  Which is the totally opposite behaviour of bitcoin.

Exchange IOU (the stuff you buy with fiat on an exchange) are NOT the crypto.

Delighted as always