With FinCEN Notice 2020-2 it's clear that the US wants to treat crypto as foreign bank accounts to coerce disclosure but that severely limits the scope of regulation they can do as it would place public blockchains as strictly not being American jurisdiction, and it would make monitoring American activity on these blockchains outside of the scope of domestic agencies and spy agencies would not be legally able to spy on American activities on these blockchains. When you understand these facts it explains why the US pursued dubious NK sanctions over what would be a much stronger case of considering the Tornado Cash protocol an unregulated bank which it is. There is a very big technical and legal distinction between what centralized BTC mixers do with UTXOs to be considered laundering and how the Tornado Cash protocol exploits how ETH works on-chain to combine ETH in a single account without taking KYC.
Seconded. The actions that can be done with Tornado Cash are specific & finitely-defined: Even if it could be translated into regular banking terms, what Tornado does is not something that a normal bank does, & what Tornado provides is nowhere near the functionality that a regular bank performs for its depositors/lenders.
>US wants to treat crypto as foreign bank accounts to coerce disclosure but that severely limits the scope of regulation they can do as it would place public blockchains as strictly not being American jurisdiction, and it would make monitoring American activity on these blockchains outside of the scope of domestic agencies and spy agencies would not be legally able to spy on American activities on these blockchains.
...You have no idea how this'd shake out do you?
OFAC'll be able to still do it's thing, the only thing it needs is LE or IC input saying "Yup, sanctioned individual's value is there."
Domestic law enforcement will have literally no legal impediment to surveilling the blockchain, because guess what? It's public! They don't even need a warrant to serve. You just send it on over to their node. With a financial institution, you at least generally have a shot at counsel requiring a warrant to be served.
Jurisdiction is going to be determined based on where you (the operator of the transacting medium) operate.
Hell, I could see the potential for some intrepid implementer to put in-line packet analyzers capable of creating a signal propagation map to home in on where a candidate block originated, causing a reversion back to the old school system under which enforceable strict liability will disincent anyone but people willing to participate in good faith from processing anyone else's transactions.
In the end, the only people who have really gotten anything out of this fad, were the people who cashed out early in the hype cycle, and the government/regulators who now jave a medium much more condicive to centralized surveillance.
> it would make monitoring American activity on these blockchains outside of the scope of domestic agencies and spy agencies would not be legally able to spy on American activities on these blockchains.
I am genuinely not sure, is it still "spying" if the information is public for anyone and everyone to see? If I publish an attested list of my daily foreign transactions on my blog, I don't see why the government can't use that to prosecute me just because the website may be hosted offshore without it being considered "spying".
This article is terrible honestly. Statements like "tracing a cryptocurrency that once seemed untraceable". Excuse me what? Who thought this? Idiots at three letter agencies? Pedophiles and drug dealers?
Here's what the Bitcoin whitepaper itself speculated.
"As an additional firewall, a new key pair should be used for each transaction to keep them from being linked to a common owner. Some linking is still unavoidable with multi-input transactions, which necessarily reveal that their inputs were owned by the same owner. The risk is that if the owner of a key is revealed, linking could reveal other transactions that belonged to the same owner."
And here's an early Bitcointalk thread. Traceability was discussed and acknowledged from the very beginning.
>This article is terrible honestly. Statements like "tracing a cryptocurrency that once seemed untraceable". Excuse me what? Who thought this? Idiots at three letter agencies? Pedophiles and drug dealers?
There's often a disconnect on HN between what HN users collectively know by virtue of this being their field of trade, and what the average non-tech person is aware of. It's this latter group of people that, by and large, as Bitcoin started to become popular, were under the impression that it was anonymous.
Edit: It doesn't help that, as the article states, Satoshi even said, "Participants can be anonymous," back in 2008[1]. To your point, he did say this as he linked to the white paper you mentioned, but average users are less likely to read the white paper than we are.
> "There's often a disconnect on HN between what HN users collectively know by virtue of this being their field of trade, and what the average non-tech person is aware of."
In large part, "the average non-tech person" is not aware of a great many things because they actively ignore or dismiss those who know those things and try to warn them in advance of impending troubles they face due to their faulty Facebook acquired "knowledge" about any topic of great importance or significance (until after they're bitten in the ass by it, at which point they blame those same people they previously ignored). Network security issues are one easy example. We're ridiculed as "paranoid neck-beards" for calling out clear and obvious security issues right up until something bad happens and huge troves of personal/private data are leaked or stolen, and then we're raked over the coals for not somehow magically fixing an issue that we were previously told were "unimportant paranoid perfectionism".
How much sway does the “average journalist” have on Tech matters relative to, let’s say, Elon Musk, Mark Zuckerberg, Peter Thiel, Jack Dorsey, etc. who have all publicly promoted crypto currency?
Thiel literally was calling out bank CEOs and Warren Buffett a day or so ago for preventing the future.
They’re not preventing the future so much as they are not buying into the hype. That speech from Thiel was totally unprofessional and ill-suited to man of his station. If he’s so confident about crypto, he doesn’t need to insult successful people to achieve his aims. I’ll take the classiness of a Warren Buffet over that meanness any day.
What interests me is that so many people discuss the same thing and still seem to come away with entirely different takes.
You can be anonymous if you deal with BTC exclusively just as though you would with cash. But, and this is a very big but: if you use the same addresses repeatedly or if the addresses that you use can be linked and your identity can be tied to one of the addresses then all of your linked transactions are now no longer anonymous.
So you're anonymous right up to the point that you aren't, and then it works retroactively on anything that can be tied to that same identity.
Cash doesn't really have that property, and is therefore more anonymous than BTC, anonymity is in principle a boolean but there appear to be grades of anonymity when you start looking at it more closely. Anonymity as in 'the state of knowledge about an individual' vs 'anonymity, the level of anonymity that an individual can expect as the use of a particular method of payment' are two different concepts that we lump together as though they are the same thing.
Bitcoin is pseudonymous. It's baked into the protocol. Every transaction is public, and authenticated and authorized via cryptography. But every transaction has a name attached... Just not a name immediately linked to the human being responsible for executing the transaction.
Once that link is made, the blockchain becomes a towering monument to all that name's sins.
Contrast with a chan site, where the default configuration is that every post has a unique identifier independent from any posts previously made by an author. Depending on what data the administrator is collecting, those posts may be reversible to a human being, but tugging on one piece of the thread does not unravel the tapestry because a person's posts aren't tied to each other by default.
(HN is pseudonymous too. I post under a handle. I prefer not to link this handle to my public name. It would not take much effort to do so, and once somebody did, every comment I've ever made is immediately searchable).
> It doesn't help that, as the article states, Satoshi even said, "Participants can be anonymous"
Am I nitpicking if I say that's actually true? Anonymous means "not identified by name; of unknown identity". Disguised people can also be anonymous. The fine print is that your disguise won't help you much when you go visit your family and you're subject to gait profiling.
I agree with your first paragraph but your edit is repeating the same non-sequitur made by the article. I don't know why journalists and people in these discussions keep referring back to Satoshi's statements as if they mean anything. The average non-tech person still has no idea who that is, will never care who that is, was not following bitcoin back in 2008 and has no reason to care about a random comment on a mailing list or in a whitepaper. The average cryptographer or hardcore blockchain person also probably has no reason to care about them. The only reason to bring it up at all just seems to be part of the myth-building.
>The only reason to bring it up at all just seems to be part of the myth-building.
I don't understand how this can be what you think I'm getting at, when my post was myth-busting. You agree with me that most average, non-tech-oriented people seemed to misunderstand that Bitcoin was largely anonymous. Now, those assumptions had to come from somewhere, right? I'm not saying they know who Satoshi is, or what a Bitcoin whitepaper is at all, nor am I saying Satoshi should be lionized or mythologized. But what I am doing is pointing to rhetoric used early on in Bitcoin's life that could've easily made it's way into the lexicon of the less technically-minded and explain how we ended up there.
An analysis of how the myth was built, as it were, rather than further building of the myth.
Thanks for the clarification, that makes a lot of sense. But I honestly don't think you could chalk it up to any statements made by Satoshi or anyone else in particular. The tech press in general has a problem with not understanding cryptography or "privacy tech" or whatever. That's not a new thing. It really doesn't help that in the last several years there are privacycoin pushers who muddy the waters with confusing marketing statements that are misleading to anyone who doesn't bury themselves in crypto jargon.
Because of BTC's prominence on darknet markets, people who hadn't heard of it naively assumed it wasn't traceable.
It's reasonable to assume that if you were purchasing illicit substances online, that the currency wouldn't be traceable, when it reality it was because no one really cared at the time for this new bitcoin thing.
Keep in mind how most people don't read documentation for anything, let alone a whitepaper
I probably am not alone, but if I hadn't wasted money on drugs a decade ago and had just kept the bitcoin I would be a rich person. No one I know read a white paper back then, we just found the Wild West, snorted, shot and popped it up
That seems largely correct, Monero came out in 2014, so I think it was a combination of law enforcement becoming more familiar with how to track BTC payments and markets realizing there's a better alternative.
I think the fact that the U.S. Government put out a bounty for cracking Monero shows that it's working fairly well so far
The thing about monero, is that even if it is impossible to track today, all the transactions are still in the public blockchain, even if heavily obfuscated. It is quite possible that it eventually will be cracked and all historical transactions deobfuscated. Then it becomes as simple to track things down as bitcoin is today.
If this ever happens, it could lead to a massive wave of crime resolution on par with what happened when DNA testing became cheap and ubiquitous.
Because of this, when it comes to significant organized crime, physical cash and seedy banks like Chase and Deustche Bank are still king.
Bitcoin is for people who don't mind living in the light.
The article mentions several times how criminal naivete over the untraceability of Bitcoin aided the investigation - so why let the cat out of the bag now? It might be just that the IRS thinks it is not getting enough respect, but another theory is that Bitcoin is becoming known as being traceable, alternatives like Monero are currently effective, and the hope is to spread FUD by association and the implicit threat of future retroactive traceability.
To be clear, if that is the case, I have no objection.
I would go further and say that most of the users of this site thought bitcoin was untraceable too. If they knew they needed to mix their bitcoins if they didn't want to government figuring out that they bought/sold child porn they absolutely would've done that.
Why does that make this article terrible? The criminals involved believed that Bitcoin was untraceable, as does your every day non-technical person, and the article explains how that isn't the case.
They do now. Governments know they have to act very decisively on these kinds of markets and activities because each time they act it galvanizes everyone to implement the more resilient technology.
This is the antifragile nature that some proponents acknowledge and like.
Before there is proof of a state action, forums go back and forth ad nauseum on what level of work and inconvenience is necessary. After there is proof of a state action, they just go ahead and implement the multisig escrow (making sure consumers and merchants can get their money even if the government seizes the servers, greatly increasing the costs for the government while lowering the bounty collected) privacy enhanced coins (like Monero), contribute to UI/UX improvements for making Monero easier to use, etc
If you look at these darknet busts, the level of effort and coordination has gone up by orders of magnitude over the last decade while the amounts seized have gone down.
What are the biggest and most reputable darknet markets currently? Do they still get taken down frequently? My understanding is that it's easy for state-level actors to unmask hidden service IPs through traffic correlation attacks
Not sure, the way I would find out is open Tor browser and go to dark.fail and then switch to the onion service version of the site (the browser might prompt you, but there should be one on dark.fail to copy and paste)
Then just use that site like normal and it will have a list of popular onion services like the New York Times and Dread and also including darknet markets (DNMs) and their mirrors, and the liveness of those URLs
Then I would go on Dread (if its up) and see what people are saying about any particular DNM, else I would find the darknet market subreddit to see if there is anything there, else find articles about current top markets. some last for so long and are still lasting that they're pretty reliable, so I would probably skip all this if I've still got credentials to one thats still up. its a hassle to sign up to some markets and some more secure ones so it thwarts my curiosity
for just browsing those sites I'm fine with Tor browser, but if you actually want to buy things or download things or communicate with a vendor I would say stick with Whonix (or Tails if thats fine for you) because you need other apps and having Tor for all connections and other anonyming techniques at all times is better.
(if you are going to a site with more objectionable content for even viewing, don't use Tor browser either. dark.fail doesn't list those)
Thanks. I've been out of that world for roughly a decade, it's neat to see a more resilient social ecosystem emerging around these markets. I'm still sort of surprised that the three letter agencies can't just immediately unmask the server IP of new markets when they pop up and take them down immediately
DNMs are several orders of magnitude larger than the Silk Road days and all the technology is way better, Tor is super fast(ish) but that’s partially because the exit nodes and relay nodes are (probably) adversaries lol
Cat and mouse game. They're trying timing attacks all the time while improving the UX, assuming “they” are state actors
yeah even my accomplished professional colleagues will randomly (but predictably) make a quip about not reporting taxes just because they opened a Coinbase account, or finally moved a token onchain once.
I don't think thats a crypto specific perspective, as there is this super large population in this country (USA) that only has the experience of their employer taking a big chunk of their money for the whole year and giving it to the government automatically, so a lot (most?) of that population thinks that any situation where they have something valuable on their own has no way of being known about for taxes. Crypto amplifies that myth to those people, when its just a total misunderstanding about how taxes and tax reporting works, and how the blockchain works, and what organizations already exist to specialize in watching the blockchain as well as trades at exchanges.
It's non-trivial to go from a list of transactions to having a nicely indexed DB with convenient tools for investigating.
It's correct that you can trace transactions through the blockchain, but in practice you need something like Reactor to be built and maintained. It's not going to be obvious to police, because the skill is a specialized thing in the domain of coders, and those coders have to have a reason to look at blockchain.
The police department will ask IT, they will Google it, and tell the cops to use one of the various commercial options used to deanonymize wallets and transaction trails. A credit card payment or trial sign-up later and if the service is any good, they'll have what they need.
I'd put anything available to the general public in the "trivial" camp, even if the underlying tech is fantastically complex or difficult.
Is that widely used? There's a world of difference between "theoretically possible" and "commonly used", and I'm not familiar enough to know which this is.
Everybody should browse the internet on Tor from time to time to get an understanding about how the web works on a second class IP address and a slow connection. On some exit nodes reCAPTCHA actually enters an endless selection where it's impossible to pass.
> reCAPTCHA actually enters an endless selection where it's impossible to pass
I believe this is because from the same IP address there are other users who are failing the recaptcha. So in between you starting, and clicking 'submit', there are a bunch of other wrong-answer recaptchas, so, when combined with your correct answer, it looks like you got it correct just by chance, not by being a human.
Any specific suggestions for experiencing the difference? I've used Tor a bit, and can't say I noticed a huge amount of difference between that and browsing on a new mobile device.
If you're adventurous you could log into Google, PayPal and social media sites. Once you get past captcha challenges and manage to access your account, they may helpfully lock your account and never let you use it again, regardless of how much proof you provide for the ownership of the account to their support staff.
On the other hand Minecraft is the best-selling PC video game of all time and it was originally written in Java and the Java client is the definitive experience of the game.
Heh, thanks for bringing that to my attention; based on the video alone, I think that'd be right up my alley (linky-linky:https://www.gog.com/game/project_zomboidand it's on Steam, too, if you're into that)
> Why?
From the GOG page:
Works on: Windows (10, 11), Linux (Ubuntu 16.04, Ubuntu 18.04), Mac OS X (10.9.0+)
is almost certainly "why," and I'd guess the lua part is because it seems to be the lingua franca of game modding, so meet folks where they are
It's a game. It's UI is full screen and completely divorced from "standard" UI elements (WIMP, etc).
You can call it a desktop app, and you'd be correct in the most pedantic sense, but then every web app is also a desktop app since you run it on a desktop.
Still, not really in the sense of the article - he's talking about desktop apps like word processors or email clients: Minecraft's GUI is just a big canvas that the 3D renderer renders into. It's not using any windowing components - IIRC, even the menu and buttons were custom.
Theoretically the whole area could be turned into a dirty bomb with a few strategic strikes and it would be carried down a river destroying vast areas of Ukraine for millennia.
I assume its to make sure no one in the Ukraine makes a dirty bomb, not the other way around. Revenge is a powerful motivator and Chernobyl has the raw materials to make for a horrific revenge.
It'd be easier to cover up by claiming it was an accident or they were fired on by the Ukranians. You don't really have the same leeway when you drop a nuke.
True - but Russia has nuclear weapons which are more precise and would send the strongest possible message. This is also important because destroying a country might land you a victory, but if it's destroyed, that is a shallow victory. A well-placed nuke is scary and controlled.
https://twitter.com/zhusu/status/1116945693946433536