Re: Monero "BADCACA" - XMR Tracking Project, or just dumb FUD?
I should preface this by noting that I myself have been known to make moderately deprecating remarks about Monero’s practical security. For example, I do think that the Monero community is underestimating the practical threat from CipherTrace. I also use Monero sometimes—with careful coin control in the CLI wallet. Thus, I am quite interested in seeing actual evidence of weaknesses that can be exploited in practice.
As such, I have taken a glance over this. Briefly.
I see long lists allegedly linking txids to IP addresses, some with allegations of porn viewing habits of the same IP addresses.
My zeroth thought is, “LOL, who doesn’t use Tor with Monero?”
My first thought is, “Whose IP addresses are those supposed to be? The originating nodes’? Contra what it says in the badcaca FAQ, Dandelion++ would make it easy to mistake the IP address of the originating node.”
My second thought is, “Where are the technical details to show that this isn’t just wholly fabricated?”
In search of hard facts and rigorous discussion, I poked around the site for a few minutes...
Say what!? When was AES broken?
(Just a guess: If you are talking about related-key cryptanalysis, then you are mentally retarded and you know nothing about cryptography.)
I dearly wish that Monero were exactly as “broken” as AES!
SJW political correct mudslinging, punctuated by a cute emoji in lieu of an argument. 🤮
No technical relevance. (Anyway, Bitcoin is the primary coin of choice for anybody who is politically incorrect in any way.)
Just because they may have something more or less damaging to Monero’s security, does not mean that you do. Repeating the name “Ciphertrace” is not a technical argument.
OK, anybody who has spent even three seconds kicking around Moneroland can sort of guess what is going on here.
The monero-badcaca.net homepage prominently displays a cherry-picked out-of-context quote of fluffypony (Richard Spagni). That is dishonest! It casts fluffypony and Monero in a false light.
The portion selectively quoted on the monero-badcaca.net homepage is hereby highlighted in light green; the important missing context is highlighted in yellow:
For this to be treated as anything more than noise, it needs to be presented with more than noise. Why should I even spend more time evaluating your claims? Claims require evidence—extraordinary claims require extraordinary evidence—and the burden of proof is on you, not on others to dig around.
When Monerolink was first presented, smart people took it seriously because, well—it was serious (and fixed—but that doesn’t help people who made vulnerable transactions). Whatever one may think of Andrew Miller, he is an academic cryptographer, not a blithering idiot; he and his team presented a rigorous report, not a bunch of hyped-up mudslinging. Hint, hint.
badcaca, I will NOT hereby claim that you can’t do what you say you are doing. You don’t even provide up front sufficient information to evaluate such a question! That, in itself, is reason to write this off as “probably just dumb FUD”.
As such, I have taken a glance over this. Briefly.
I see long lists allegedly linking txids to IP addresses, some with allegations of porn viewing habits of the same IP addresses.
My zeroth thought is, “LOL, who doesn’t use Tor with Monero?”
My first thought is, “Whose IP addresses are those supposed to be? The originating nodes’? Contra what it says in the badcaca FAQ, Dandelion++ would make it easy to mistake the IP address of the originating node.”
My second thought is, “Where are the technical details to show that this isn’t just wholly fabricated?”
In search of hard facts and rigorous discussion, I poked around the site for a few minutes...
Quote from: https://monero-badcaca.net/faq.html
Do you think Vincent Rijmen exploded with anger when AES was broken? No, he congratulated the authors.
Say what!? When was AES broken?
(Just a guess: If you are talking about related-key cryptanalysis, then you are mentally retarded and you know nothing about cryptography.)
I dearly wish that Monero were exactly as “broken” as AES!
Quote from: https://monero-badcaca.net/faq.html
Yes, Monero community is full of lovely, lovely people. And that's not even counting neo-Nazis 😒
SJW political correct mudslinging, punctuated by a cute emoji in lieu of an argument. 🤮
No technical relevance. (Anyway, Bitcoin is the primary coin of choice for anybody who is politically incorrect in any way.)
Quote from: https://monero-badcaca.net/
Ciphertrace
Ciphertrace
Ciphertrace
Ciphertrace
Ciphertrace
Just because they may have something more or less damaging to Monero’s security, does not mean that you do. Repeating the name “Ciphertrace” is not a technical argument.
Quote from: https://monero-badcaca.net/faq.html
[—quote of fireice_uk alleging political incorrectness, and links to Ryo subreddit and Medium blog—]
OK, anybody who has spent even three seconds kicking around Moneroland can sort of guess what is going on here.
The monero-badcaca.net homepage prominently displays a cherry-picked out-of-context quote of fluffypony (Richard Spagni). That is dishonest! It casts fluffypony and Monero in a false light.
The portion selectively quoted on the monero-badcaca.net homepage is hereby highlighted in light green; the important missing context is highlighted in yellow:
Spagni told CoinDesk:
“I don’t care about the price increase, that shouldn’t be the thing that makes people interested. In terms of transactional growth, in new contributors, in transactions per day, those have far more meaning.”
[...]
Odd origins
But the journey to this point for monero is a long one.
[...]
Spagni said that he became interested in the “fair relaunch” of the network called BitMonero, which was later forked away from its lead developer in April 2014, again under suspicious of improprieties.
Yet, at the time, even he notes that his intentions weren’t entirely altruistic.
“I thought, ‘I’m going to pump it and dump it,’ because I was interested and taking the ideas and implementing them in bitcoin. The bitcoin code base was far more interesting to me than monero, and I thought, ‘I’m not going to work on this codebase, it’s terrible,'” he recalls.
Changing course
After of all this, however, monero miraculously emerged, growing slowly over time into a project that’s now one of the more reputable in the field, despite use cases that may be unsavory to some.
The credit lies with how monero’s team made adjustments along the way.
[...]
Spagni largely credits the movement on the development front to cultural differences, and the fact that monero adopted a development process where any contribution that isn’t “dumb or obviously bad” is added to the code base.
“Because of that open structure, we have had people pitch up and people work on it, sometimes they’re there for a few weeks, sometimes they’re there for three years,” he said.
There’s an attitude difference as well, in that the project has a bleacher-seat distaste for vested interests.
“I think there’s a lot of respect from the wider audience because we don’t make decisions based on stakeholders interested in short or long-term profit,” he said, adding:
“We’re getting that social capital because we hacked away at stuff and aren’t idiots, I can’t think of another reason.”
“I don’t care about the price increase, that shouldn’t be the thing that makes people interested. In terms of transactional growth, in new contributors, in transactions per day, those have far more meaning.”
[...]
Odd origins
But the journey to this point for monero is a long one.
[...]
Spagni said that he became interested in the “fair relaunch” of the network called BitMonero, which was later forked away from its lead developer in April 2014, again under suspicious of improprieties.
Yet, at the time, even he notes that his intentions weren’t entirely altruistic.
“I thought, ‘I’m going to pump it and dump it,’ because I was interested and taking the ideas and implementing them in bitcoin. The bitcoin code base was far more interesting to me than monero, and I thought, ‘I’m not going to work on this codebase, it’s terrible,'” he recalls.
Changing course
After of all this, however, monero miraculously emerged, growing slowly over time into a project that’s now one of the more reputable in the field, despite use cases that may be unsavory to some.
The credit lies with how monero’s team made adjustments along the way.
[...]
Spagni largely credits the movement on the development front to cultural differences, and the fact that monero adopted a development process where any contribution that isn’t “dumb or obviously bad” is added to the code base.
“Because of that open structure, we have had people pitch up and people work on it, sometimes they’re there for a few weeks, sometimes they’re there for three years,” he said.
There’s an attitude difference as well, in that the project has a bleacher-seat distaste for vested interests.
“I think there’s a lot of respect from the wider audience because we don’t make decisions based on stakeholders interested in short or long-term profit,” he said, adding:
“We’re getting that social capital because we hacked away at stuff and aren’t idiots, I can’t think of another reason.”
For this to be treated as anything more than noise, it needs to be presented with more than noise. Why should I even spend more time evaluating your claims? Claims require evidence—extraordinary claims require extraordinary evidence—and the burden of proof is on you, not on others to dig around.
When Monerolink was first presented, smart people took it seriously because, well—it was serious (and fixed—but that doesn’t help people who made vulnerable transactions). Whatever one may think of Andrew Miller, he is an academic cryptographer, not a blithering idiot; he and his team presented a rigorous report, not a bunch of hyped-up mudslinging. Hint, hint.
badcaca, I will NOT hereby claim that you can’t do what you say you are doing. You don’t even provide up front sufficient information to evaluate such a question! That, in itself, is reason to write this off as “probably just dumb FUD”.