Latest 30 Comments

Quoting: SlaxerOther than volatility, why do you suppose businesses choose not to take it as payment? Not debating here, just picking your brain.

The biggest thing may be an artifact of how some of the most popular crypto works, I'm not sure about that: Bitcoin in particular, and I believe the blockchain in general to a significant degree, is really slow at doing transactions. The more transactions you want to do, the more this starts to bite. Probably not a big thing for small businesses, but maybe significant for some of the financial services those small businesses have to deal with. For big businesses on the other hand it could become a complete blocker.

I think another thing may be that the main place to keep crypto is these exchanges, and they're insecure as fuck. My understanding is they avoid the blockchain slow transaction problem by just . . . not using it, just kind of pretending to transfer the crypto around, and their pretenses are foolishly flimsy. It's like "What if banks just didn't bother to do security?" where there are really serious chances someone will just hack in and steal your stuff. Or maybe it'll go under and your stuff will just disappear, and it's not publicly insured like a bank deposit. It may be that businesses aren't attracted by that kind of risk. Or, to avoid the risk, they'd have to buy insurance and maybe it costs too much.

View this comment - View article - View full comments - Report this comment

Two articles in a row about combat games with hockey sticks :)
Can we get an actual hockey game soon? :D
(yes i'm from Canada)

View this comment - View article - View full comments - Report this comment

Quoting: CatKillerStay away from Reddit; be happy.

Timeless advice right here. Reddit isn't what it used to be in the early 2010s, it's basically a scam at this point because of how much control there is over discussions - especially if it's something even remotely political. Never ever look at the world through the lens of a Reddit thread, and assume that nothing you read in there is an accurate portrayal how the world currently is.

View this comment - View article - View full comments - Report this comment

This is pretty bad. Luckily, I don't have too many packages from the AUR. I think I'm fine, thank God.

Quoting: doragasuAUR does not have package checks by definition, it puts that weight on the user.

As I always say, I have been using Arch as my main distro for 10+ years, and despite that (maybe because of that) I never recommend Arch!

We all start off as beginners. You don't have to not recommend it. If you do recommend it, just explain the reasons for why someone would want to try Arch. Arch is for people who are interested in really learning how to do things on their own, and don't mind scraping their knees a bit by learning things the hard way. It's also good for people that just want to be aware of every package on a clean install.

My first distro was Slackware, and I reckon it's much harder to get into as a beginner than Arch is, especially during the mid 2000s. If I can learn my way through it, anybody can.

View this comment - View article - View full comments - Report this comment

Sorry, which part of arch user repository is that hard to understand?

In special when both the aur webpage and the arch wiki are explaining that all AUR-Repositories are user-provided packages that aren't checked / monitored / reviewed?

The AUR is from / for the community, not maintained, no QA or anything else. If you use it you have to understand what's happening.

And - that's for all distributions and all operating systems: Never ever should one blindly install any software packages without a bare minimum of understanding what's going on with the installation script.
If you blindly trust your 'best budddy' and just click install - sorry not sorry.

BTW: arch itself and responsible derivates are forcing you to manually enable the AUR. Or - as for e.g. I handle it myself for 2-3 pkgbuilds - I download and build them manually on my computer. Regular updates are done with pacman, AUR-repos disabled. I'm on arch since 2005, btw

View this comment - View article - View full comments - Report this comment

Quoting: tmtvlIt is dangerous in the same way that the Arch forums are dangerous.

That comparison is interesting. The Arch team would never let some random new account edit the forum posts of an inactive user. So why are they letting them do it on the AUR? IMO the ophaning system should be eliminated entirely and abandoned PKGBUILDs archived or deleted. If someone wants to reintroduce an abandoned PKGBUILD they should have to write it entirely themselves as a new entry.

View this comment - View article - View full comments - Report this comment

Quoting: Caldathras

Quoting: tuubi

Quoting: Pyrate

Quoting: LoudTechiealso relevant to this discussion.
Valve will never accept monero, because it's anonymous and decentralized.
The scammers for which they sacrificed their own gift cards would exploit exactly this decentralization and anonymity to hide their activity.

Even though I can't imagine how that could happen, (just like how I cant believe peoole sfill fall for gift card scams), you're probably right. I wonder when this stops being about a problem with gift cards and currencies, and more about people not thinking clearly when falling for these scams.

People will always fall for scams. That's not a problem that'll ever go away. Which is why we need governments, laws and regulations to protect the vulnerable. Of course governments do that with varying success and enthusiasm, but that's a political and social problem that doesn't have a technical solution.

In my opinion, the reason scams work so well is because they are exploiting the individual's innate greed and, in some cases, the appeal of getting something for nothing (i.e., minimal effort or work). So, greed exploits greed, in the end, and, ironically, we look to government regulation to protect us from ourselves. I think the old phrase "and if you believe that, I have a bridge in Brooklyn to sell you", says it all. Better to operate under the idiom that "if it sounds too good to be true, it probably is."

I wouldn't go all in on victim blaming, unless you only count the "investment opportunity" scams and the "Nigerian princes". And sure, I want governments to protect their citizens from exploitation by criminals (or greedy corporations) even if they're too greedy or gullible for their own good.

View this comment - View article - View full comments - Report this comment

Quoting: Liam Squires-HandIf they cannot do any checks - that's just a glaring flaw in the entire design of the AUR and so yes - it should be shut. If it's just going to repeatedly be a huge security issue like this, then why should it exist? It's dangerous.

The AUR is basically a convenient wrapper around a forum where people share scripts to easily build software from source. It is dangerous in the same way that the Arch forums are dangerous. The Arch team should probably appoint some moderators to check the AUR, but then you get to the point where those people will have a really difficult time checking every single package. You're welcome to your opinion that 'it should be shut down', but I'd sooner say 'people shouldn't be using Arch (and derivatives) unless they understand the risks of the AUR and are willing to take responsibility for what they do on their computer'. Some may call that elitism, but to me it's like saying stores selling cooking supplies shouldn't be allowed to sell knives because people who can't handle them may injure themselves.

View this comment - View article - View full comments - Report this comment

Quoting: ExplosiveDiarrhea

Quoting: Liam Squires-Handthe Arch Linux AUR (Arch User Repository) needs some better security and package checks […] for some improvements to the packaging processes to prevent this from happening in future.

That's like saying "people who can't swim can drown in the sea, so we should have every single access to the sea guarded and protected at all time".
That is insane...

That is not even remotely the same. It’s more like: this one pond is shark infested and they’re hungry so don’t enter.

Anyway, the fact that the AUR clearly has no verification of any sort is very clearly a problem that needs to be dealt with properly.

View this comment - View article - View full comments - Report this comment

Phew, I just used the list of affected on the report thread on the mailing list and compared it (via meld) to the output of pacman -Qqm and it looks like I dodged a bullet.

Several helpers come with a feature that warns you about changes to a PKGBUILD, or .install script/additional files.

If you use an AUR helper, it's still wise to review build scripts just like any other bash script. Malicious edits are usually painfully obvious, even for someone who doesn't know much more than a line of code like myself.

The crux of the problem seems to be the post-install .install scripts that run after a package has been installed; people probably don't have the presence-of-mind to look at those too often, they just check the PKGBUILD.

View this comment - View article - View full comments - Report this comment

for anyone who doesn't use an AUR helper, I made this basic little bash script:

for dir in ~/AUR/*/
do
dir=${dir%*/}
echo "${dir}"
cd ${dir}
cat PKGBUILD | grep $1
cd ~/AUR/
done

if you don't keep your AUR packages in ~/AUR/, you will need to change that in the code.

run it with `./<script-name>.sh <bad-package>`. so for this one, if you do `./script.sh atomic` and any of them print anything, you have been compromised. If none of them do, you're hopefully safe.

I'm sure you could probably do this more elegantly and if your AUR helper stores its packages predictably, you could also use it for that - but this is what I just made (and luckily none of mine are affected as far as I can tell) and it works for me.

It is worrying, and I'm torn - I find the AUR incredibly helpful, as it means that the only packaging system I have on my PC is pacman. AUR has filled every gap I've ever needed, compared to when I ran Ubuntu and had flatpak, apt, snap, manual `.deb` packages, and full git repos to compile from source. However clearly it is a flawed system, and this is a huge disgrace - I sincerely doubt the majority of users read through PKGBUILDs, so undoubtedly this is going to have some severe impacts. I'm also a little disappointed in the response, as I feel like there are systems they could have put in place to handle this quicker - like turning off all adoptions, for starters. Easier said than done though I'm sure.

View this comment - View article - View full comments - Report this comment

Quoting: Liam Squires-Handthe Arch Linux AUR (Arch User Repository) needs some better security and package checks […] for some improvements to the packaging processes to prevent this from happening in future.

That's like saying "people who can't swim can drown in the sea, so we should have every single access to the sea guarded and protected at all time".
That is insane...

View this comment - View article - View full comments - Report this comment

Quoting: StellaThis highlights how AUR cannot be the future of Linux Desktop. It's totally unregulated, mostly limited to a single distro family (unless wrappers like distrobox are used), and requires a lot of user input (reading PKGBUILDs) as well as ensuring packages are up-to-date on the system at all times. In contrast, there hasn't been a single case of malware found on Flathub so far, mostly due to the strict requirements to publish on Flathub, and every app being manually reviewed before it's published. Also Flatpaks are available on every distro.

Was anyone saying AUR could be the future of Linux Desktop? I don't think so.
Flathub has better security but it's not a great example for packaging for the Linux Desktop either. A huge amount of duplication and massive waste of disk space, which is the result of some flatpaks that require downloading enormous amounts of data, this needs to be addressed if flatpak is to succeed in any meaningful way, in my opinion.

View this comment - View article - View full comments - Report this comment

Added the Arch Linux statement.

View this comment - View article - View full comments - Report this comment

Quoting: tuubi

Quoting: Pyrate

Quoting: LoudTechiealso relevant to this discussion.
Valve will never accept monero, because it's anonymous and decentralized.
The scammers for which they sacrificed their own gift cards would exploit exactly this decentralization and anonymity to hide their activity.

Even though I can't imagine how that could happen, (just like how I cant believe peoole sfill fall for gift card scams), you're probably right. I wonder when this stops being about a problem with gift cards and currencies, and more about people not thinking clearly when falling for these scams.

People will always fall for scams. That's not a problem that'll ever go away. Which is why we need governments, laws and regulations to protect the vulnerable. Of course governments do that with varying success and enthusiasm, but that's a political and social problem that doesn't have a technical solution.

In my opinion, the reason scams work so well is because they are exploiting the individual's innate greed and, in some cases, the appeal of getting something for nothing (i.e., minimal effort or work). So, greed exploits greed, in the end, and, ironically, we look to government regulation to protect us from ourselves. I think the old phrase "and if you believe that, I have a bridge in Brooklyn to sell you", says it all. Better to operate under the idiom that "if it sounds too good to be true, it probably is."

View this comment - View article - View full comments - Report this comment

Quoting: Pyrate

Quoting: CarollySomebody who is.... overly enthusiastic about anything and who appears dismissive to people's concerns is going to trip that flag for people.

A lot of your replies are lengthy, defensive, and boil down to "but Monero" and that's going to trip that flag for a lot of people, especially on a subject like crypto where excessive enthusiasm for a crypto poduct has almost invariably ended in "oops it's another scam" for more than a decade.

But that's the problem. I say a few things unrelated to Bitcoin, and other users turn the other direction and write monologues going "the problem with Bitcoin is..." when my message was talking about something else. I'm dismissive about all the Bitcoin paragraphs because they don't apply to what I was saying.

Also I never said people should tust me like you claim here, on the contrary, you should actually go do your own research and verify all of this yourself. Maybe you'll learn something new.

I'm well aware of the crypto baggage, it sucks hard, and its so bad it actually influences how I write, like I keep thinking "how do I answer this question without it unintentionally sounding like some web3 bullshit to the uninitiated". It's extra daunting when all that effort gets thrown out and people either don't read or selectively choose what they want to respond to in my messages, and this specifically continues to the next part here:

I'll also point out that what Monero is most known for among the general public is its prevalence in malware and popularity with the criminal element including Darknet retailers and CSAM traders. Saying it has a bit of a reputation problem would be significantly understating the situation.

Let this be the last time I answer these type of questions, since it is clear that when I do, they don't always get read.

I've already addressed the use in crime. You can't dismiss a technology just because criminals make use of it, I'll say the same example again: what other type of money gets used for illicit acts, a lot more than Monero does, even ? Physical cash. Guess we're gonna start to ban that ?

Criminals are among the first to adopt new technologies, whether it is to gain an edge, or to protect themselves from getting caught, this is a well established phenomenon; printing (to print counterfeit currency), the telegraph and the phone (to coordinate scams and crimes), railway and cars for quick escape, the internet and so on. It's nothing new.

If you want to be consistent, you should be like those EU officials who want to ban encryption for citizens. Ban the Tor network, VPNs, virtual machines and encrypted messengers because criminals can and do use them.

If anything, with the idea it is used in criminal activities, and those criminals are getting away because of it, the fact of the matter here is this all means the technology works. Not how I would prefer for it to be demonstrated, but facts are facts.

Prevalence in malware ? Come on, man. Do you know how that sounds ? This is like when a game publisher denies Linux players access to their online game because of "the prevalence of hacking and cheating on Linux". Linux is most known among the general public for hacking, does that mean this is all what it's about ?

More defensiveness. More dismissiveness. More "my thing is different, you clearly haven't done your research."

I'm done at this point but I'll just reiterate that you clearly have no idea how you're coming off and that's what's hurting your credibility.

View this comment - View article - View full comments - Report this comment

Quoting: LoudTechie

Quoting: Pyrate

Quoting: LoudTechie

Quoting: tuubi

Quoting: Pyrate

Quoting: tuubiI view people who get very passionate about crypto the same way I view enthusiastic small-time stock traders. They keep talking my ear off about how they make (or save) money with it and everyone should do it, and I indulge them to a point because I'm nice and patient like that (in real life more than online), but I just don't find any of it interesting. Money is a necessity and I've never been wealthy enough to ignore it. It's just not something I could ever get passionate about.

Im sorry, but point to me where I did this here, where did I talk about making or saving money, market price, hype and all that wall street crap ?

I know, you come from a different angle. My example was mostly about the traders. But both groups (and I'm not talking about you, specifically) want to talk to me about money/currency, or how I'm using it wrong, or maybe how I should use this or that tech to get around the system.

Sorry that I kinda grouped you in with the cryptobros. In my defence, you compared me to Windows and WhatsApp users, which is way worse in my opinion. 😁

Quoting: Pyrate

Monero would protect my financial activity from heavily regulated banks and my government, which I'm a lot less concerned about. Some communities have excellent reasons to hide this activity, but most of us do not.

Only if you choose to. You can disclose your transactions for taxes or any other reason. I could explain how it works but I'm getting fed up with still being talked to like a crypto bro, I'll just share that optional transparency is a built-in function into a Monero wallet for auditing and taxes etc.

Yes, but this is a solution looking for a problem, or rather a solution to someone else's problem, as far as I can tell. And this isn't a disagreement you can fix by explaining. It's not intellectual laziness or lack of understanding on my part, and even less about giving up privacy for convenience. I wouldn't have been using Linux for ~25 years if that was the case, and I'd probably have owned an Android or Apple mobile device at some point. Or caved in and got on WhatsApp or LinkedIn or whatever social media I've been cajoled to join over the years. As I said, I like my privacy, but not everything privacy-related is equal in importance.

I don't mind that Monero exists, but if it's ever accepted as a mainstream currency, its use needs to be regulated and monitored, losing many of its apparent benefits.

Quoting: Pyrate

Quoting: LoudTechiealso relevant to this discussion.
Valve will never accept monero, because it's anonymous and decentralized.
The scammers for which they sacrificed their own gift cards would exploit exactly this decentralization and anonymity to hide their activity.

Even though I can't imagine how that could happen, (just like how I cant believe peoole sfill fall for gift card scams), you're probably right. I wonder when this stops being about a problem with gift cards and currencies, and more about people not thinking clearly when falling for these scams.

People will always fall for scams. That's not a problem that'll ever go away. Which is why we need governments, laws and regulations to protect the vulnerable. Of course governments do that with varying success and enthusiasm, but that's a political and social problem that doesn't have a technical solution.

On the anonymity thing
Anonymity from the bank is still achieved.
Only the regulator gets access to this information this way.

Also anonymity is valuable for everybody, because its a big part of our shield against oppression. In transactions and in communications. It's all the same.
Nothing to hide is a myth(kinda).
In this case for example you wouldn't be comfortable sharing your transaction details with me(don't do it please) proving there's at one person you want to hide this data from.
You don't know [who ](https://unbanx.substack.com/p/banks-are-selling-your-data-heres)your bank is sharing it with(maybe I'm it) or [what](https://artoftruth.org/data-broker-stalking-spokeo-harassment/) they're using it for.
Also anonymity is a herd immunity thing. Only when we're anonymous together are we truly anonymous(simplest case, when I know Monero has only one payer and one payed all transactions can easily be traced).

On the regulation thing.
I disagree that finance needs to be regulated on the current level.
It needs to be limited on the current level.
If crypto wants to succeed it must find a way to implement the currently centralized controls in a decentralized manner.
So not by sacrificing transaction anonymity, so the centralized police and banks can take care of it.
No by, building those controls in the system itself.
First start by copying the features of a good banking app.
MFA, double naming, transaction tagging, daily limits, blacklists, geoblocking, etc.
From that moment it can at least call itself a real decentralized alternative to banks.
If it wants to become an alternative to financial regulators.
It needs to obtain dedicated Big Fish controls, trusted judgement, sanctions, white listing, public minting, etc.

So contrary to you I believe Monero like crypto has great potential. Contrary to Pyrate I think it's not there yet.

I simply no longer take "I have nothing to hide" people seriously. Maybe in time they'll realise how naive a statement that is.

Yeah you seem to have a low view of the naive.
I think naivety is a great good.
It's trust the glue of our society.
People assume that it will be alright and don't look in that direction, because someone they trust handles the issue.
They believe they've nothing to hide, because they believe the things they want hidden are already hidden.
I'm simply a security engineer. It's my passion to patch the distance between trust and trustworthiness with cold hard logic, so society can get used to an even more trustworthy world.

Edit:
In a way the naive are just like the hardasses they show us how our society should be.

Forgot to reply to this, sorry. I like your perspective, I find it interesting. I do feel like going deeper into this though is well beyond the topic here and this is not the place.

This is how I would ideally like the equation to be: the people should always be critical, hard-ass, and pick on the smallest things when it comes to their governments. Meanwhile governments should stop what I can only describe as "everyone gets punished and treated as a criminal" with the increasing regulations, and instead return to this naive and trust-based outlook on society.

View this comment - View article - View full comments - Report this comment

Quoting: CatKillerStay away from Reddit; be happy.

Oh I'm well aware that Reddit can be a very toxic place don't worry about that 😆 I don't even have an account.

It's just sometimes I browse it and read a few things which can lead me to discover interesting pieces of information or software, or at least to prompt a research onto other more reliable sources and stuff like that. And I missed the issues with some previous Windows versions so I'm more cautious now regarding that software.

Quoting: LoudTechieIn a simple case you might get away with :
gdb
set hp 47
running program

I'll also check that gdb thingy, sounds interesting too, thanks ! I've seen PINCE which may seem interesting and they seem to have implemented " speedhack " recently, sadly no CE Table but I feel like no program will really have CE table support except for CE 😅 But if at least I can find one that supports at least basic features like godmode / health / ammo, that'd be good already.

I miss the days when all you had to do on your games was open the game console, I still remember tinkering with it to change my saber style or color in the Star Wars Jedi Outcast and Jedi Academy games for example. And of course you had the noclip to move around, the godmode, etc. 😅

View this comment - View article - View full comments - Report this comment

Quoting: CatKiller

Quoting: TriciaPearsona bit unsettled by the Reddit posts.

I want to be happy

Stay away from Reddit; be happy.

Yup, speaking from experience. Life is so much smoother once cut out all that fear mongering, Reddit, out of my life.

View this comment - View article - View full comments - Report this comment

Quoting: ROllerozxaFeels weird to see this because I've always thought of Cheat Engine as something that's so deeply married to Win32 that it wouldn't even make sense to port it to Linux. In the past I've used Game Conqueror on Linux.

actually cheat engine and similar programs are exactly the opposite of what you thought. they directly read and write raw data in ram, and technically they should be able to peek into anything as long as they can access memory. i guess there might be some tools inside such programs with specific API, like faking a system call or something like that, but their basic functionality is to read X bytes at memory address Y, and overwrite it if user tells them to.

View this comment - View article - View full comments - Report this comment

I seem to be alright, the one AUR package on this entire install is clean to my knowledge, but I'm getting rid of it anyways as it didn't work at all.

Although, this is pretty much why I don't mess with the AUR typically, it's too... laissez-faire, and me no likey.

View this comment - View article - View full comments - Report this comment

Oh! I saw that the game was free, but since I already had it didn't check it out this time.

I'll give it a revisit, just for the sake of it.

View this comment - View article - View full comments - Report this comment

Quoting: CarollySomebody who is.... overly enthusiastic about anything and who appears dismissive to people's concerns is going to trip that flag for people.

A lot of your replies are lengthy, defensive, and boil down to "but Monero" and that's going to trip that flag for a lot of people, especially on a subject like crypto where excessive enthusiasm for a crypto poduct has almost invariably ended in "oops it's another scam" for more than a decade.

But that's the problem. I say a few things unrelated to Bitcoin, and other users turn the other direction and write monologues going "the problem with Bitcoin is..." when my message was talking about something else. I'm dismissive about all the Bitcoin paragraphs because they don't apply to what I was saying.

Also I never said people should tust me like you claim here, on the contrary, you should actually go do your own research and verify all of this yourself. Maybe you'll learn something new.

I'm well aware of the crypto baggage, it sucks hard, and its so bad it actually influences how I write, like I keep thinking "how do I answer this question without it unintentionally sounding like some web3 bullshit to the uninitiated". It's extra daunting when all that effort gets thrown out and people either don't read or selectively choose what they want to respond to in my messages, and this specifically continues to the next part here:

I'll also point out that what Monero is most known for among the general public is its prevalence in malware and popularity with the criminal element including Darknet retailers and CSAM traders. Saying it has a bit of a reputation problem would be significantly understating the situation.

Let this be the last time I answer these type of questions, since it is clear that when I do, they don't always get read.

I've already addressed the use in crime. You can't dismiss a technology just because criminals make use of it, I'll say the same example again: what other type of money gets used for illicit acts, a lot more than Monero does, even ? Physical cash. Guess we're gonna start to ban that ?

Criminals are among the first to adopt new technologies, whether it is to gain an edge, or to protect themselves from getting caught, this is a well established phenomenon; printing (to print counterfeit currency), the telegraph and the phone (to coordinate scams and crimes), railway and cars for quick escape, the internet and so on. It's nothing new.

If you want to be consistent, you should be like those EU officials who want to ban encryption for citizens. Ban the Tor network, VPNs, virtual machines and encrypted messengers because criminals can and do use them.

If anything, with the idea it is used in criminal activities, and those criminals are getting away because of it, the fact of the matter here is this all means the technology works. Not how I would prefer for it to be demonstrated, but facts are facts.

Prevalence in malware ? Come on, man. Do you know how that sounds ? This is like when a game publisher denies Linux players access to their online game because of "the prevalence of hacking and cheating on Linux". Linux is most known among the general public for hacking, does that mean this is all what it's about ?

View this comment - View article - View full comments - Report this comment

Late comment but I have to say that this is the first time that I've encountered a game that absolutely requires a controller. If you launch without one, the game prompts you about its absence then exits.

😲

View this comment - View article - View full comments - Report this comment

It seems I'm unaffected, but WOW what a disaster. With all the newbies flocking to CachyOS and other Arch based distros, there are definitely going to be some bad outcomes here.

I hope the Arch community comes up with something that isn't just victim blaming newbies for not having their security dialed. The AUR is universally easily accessible and recommended with caveats that disavow responsibility. So Arch fans gave their fair warnings, sure, but then threw newbies to the wolves.

This will go down as AURgate

View this comment - View article - View full comments - Report this comment

I got this game a while back and it keeps paying off like no mans sky

View this comment - View article - View full comments - Report this comment

Quoting: LoudTechie

Quoting: Pyrate

Quoting: LoudTechie

Quoting: Pyrate

Quoting: tuubiI view people who get very passionate about crypto the same way I view enthusiastic small-time stock traders. They keep talking my ear off about how they make (or save) money with it and everyone should do it, and I indulge them to a point because I'm nice and patient like that (in real life more than online), but I just don't find any of it interesting. Money is a necessity and I've never been wealthy enough to ignore it. It's just not something I could ever get passionate about.

Im sorry, but point to me where I did this here, where did I talk about making or saving money, market price, hype and all that wall street crap ?

Monero would protect my financial activity from heavily regulated banks and my government, which I'm a lot less concerned about. Some communities have excellent reasons to hide this activity, but most of us do not.

Only if you choose to. You can disclose your transactions for taxes or any other reason. I could explain how it works but I'm getting fed up with still being talked to like a crypto bro, I'll just share that optional transparency is a built-in function into a Monero wallet for auditing and taxes etc.

I'm not paranoid and this isn't about paranoia. Speaking for myself for example, I recognise what is a real and what is a more theoretical danger when I'm constructing my threat model, but most of the time, I use privacy tools out of principle more than out of immediate need. This is something I feel is lost for many people recently, at least that's what I'm getting online. Recently I keep recalling that one Luke Smith youtube video about in projects like Linux, how users are slowly abandoning the freedom hard lines started with Free Software and GNU etc. I think we need more hardasses, the Stallman type, so we don't drift away in convenience and complacency.

On the hyped up cryptobro part.
You're not being treated like a cryptobro. You're experiencing something even more frustrating:
"I've nothing to hide."
A cryptobro would get fundamental disbelief in the promises they make, not in their value.
"crypto is decentralized": except for all the exit scams.
"crypto is the future": except for all the exit scams.
"crypto can do anything": you don't know what you're talking about.
"crypto ...": I'm done hearing about these scams.

As to why this is frustrating,
a. because it devalues other people's needs.
b. because it undercounts one's reliance on fundamental rights.
To say it with a quote I got from schneiers website, but attributed to someone else.
Saying you don't need privacy, because you've nothing to hide is like saying you don't need free speech, because you have nothing to say.

About the complacency part.
I disagree kinda.
Users are going to the centralized semi-free options, because they come from fully proprietary systems and are used to thinking that way and have become to love the strengths of the existing systems.
In general it's going in the right direction.
Just not in the jumps hardliners and early adopters believe in.

Also even a little extra freedom helps a lot.
If Redhat sufficiently fucks up systemD we can fork it with a patch. Would this be a lot of work, yes. Would this be less work than the entire Wine project(which tackles the Windows equivalent) easily, because we have the source code.
Do proprietary kernel modules render your system less free and give root to dangerous parties, absolutely. Still I can patch the interface to limit their power and repair their mistakes For Windows and Mac that requires a jailbreak.
Do locked bootloaders illegally, but unrepentant limit consumer choice. Undeniably, but they still can't sue you under the DMCA for a jailbreak.
Or an example from this forum. If our proprietary electron program botches their testing we can still patch electron without any license problems.

Hardasses are important they remind us how we can improve the world, but they're too blinded by their rage to see the the individual value of the incremental improvements.

I think it's an issue of balance. Taking the SystemD example, when is it that the community draws the line ? Personally, the comically-fast and instant compliance with age verification fiasco a month or two ago was it for ne. I'm sort of coerced to continue to use SystemD currently, even though that was the final straw for me and I'd rather use something else now.

So it's like a continuous battle to balance out the hardass-ness with the complacency. I tend to lean more on the former (even though I don't at all feel like I'm doing a lot of work in doing so, it just seems to me everyone else is so lazy and quick to sideline what they claim to believe in). But as long as the right people don't go all the way and they don't lose the plot, you're right in that fighting back is possible.

Also, about regulations being a necessity etc etc, I get it. But I really won't play along if any countermeasure gets implemented ends up chipping away at one of the rights that were once given, that's in brief my angle on all that 'the system is important, actually'.

On the age gating fiasco.
That was a reaction to a passed law.
Yes, it's problematic, but the reason they can get away with it is that the government is backing them.
Anyone who wants to make that fork has to fight the law and [we know the law often wins.](https://genius.com/The-clash-i-fought-the-law-lyrics)
Most distros also include an Api for handling USA crypto export controls.

It was more about how fast they jumped on that. I remember within the same newsfeed that day, I read how System76 CEO advising open source devs to hold on for a bit because he was exploring exclusion for FOSS OS's, and shortly after SystemD implements the thing.

And sure, they would've eventually had to by law, it still counts as a redflag for me.

View this comment - View article - View full comments - Report this comment

This is for when you've played too much of [Placid Plastic Duck Simulator](https://store.steampowered.com/app/1999360/Placid_Plastic_Duck_Simulator/) and you don't know what to do with all these ducks.😅

View this comment - View article - View full comments - Report this comment

Quoting: PyrateYou continue to talk about Bitcoin and bitcoin-like crytpo in particular, like everything I've mentioned about Monero is irrelevant. With all due respect, after this message, if I feel like what I type isn't being engaged with, I think I'm better off spending my time doing something else rather than write a few paragraphs that'll get avoided.

Is this really how you guys find my messages, like PR ? I only answered what I got asked. How can I prove to you that I'm actually debating in good faith and out of passion ? I don't understand how my messages get read like intense ads, like, did I ever do the thing and talked about price, or said "you should buy it now, it'll go to the moon !!" or anything like that ? Genuinely curious here.

Somebody who is.... overly enthusiastic about anything and who appears dismissive to people's concerns is going to trip that flag for people.

A lot of your replies are lengthy, defensive, and boil down to "but Monero" and that's going to trip that flag for a lot of people, especially on a subject like crypto where excessive enthusiasm for a crypto product has almost invariably ended in "oops it's another scam" for more than a decade.

If you really want to make progress with this, start from the position that people have really legitimate reasons for being doubtful, rather than "I feel insulted when people who don't know me don't inherently trust me when I start hyping a product from a market niche with a known history of failed hype cycles and fraudulent behaviour."

I'll also point out that what Monero is most known for among the general public is its prevalence in malware and popularity with the criminal element including Darknet retailers and CSAM traders. Saying it has a bit of a reputation problem would be significantly understating the situation.

View this comment - View article - View full comments - Report this comment

Quoting: Pyrate

Quoting: LoudTechie

Quoting: Pyrate

Quoting: tuubiI view people who get very passionate about crypto the same way I view enthusiastic small-time stock traders. They keep talking my ear off about how they make (or save) money with it and everyone should do it, and I indulge them to a point because I'm nice and patient like that (in real life more than online), but I just don't find any of it interesting. Money is a necessity and I've never been wealthy enough to ignore it. It's just not something I could ever get passionate about.

Im sorry, but point to me where I did this here, where did I talk about making or saving money, market price, hype and all that wall street crap ?

Monero would protect my financial activity from heavily regulated banks and my government, which I'm a lot less concerned about. Some communities have excellent reasons to hide this activity, but most of us do not.

Only if you choose to. You can disclose your transactions for taxes or any other reason. I could explain how it works but I'm getting fed up with still being talked to like a crypto bro, I'll just share that optional transparency is a built-in function into a Monero wallet for auditing and taxes etc.

I'm not paranoid and this isn't about paranoia. Speaking for myself for example, I recognise what is a real and what is a more theoretical danger when I'm constructing my threat model, but most of the time, I use privacy tools out of principle more than out of immediate need. This is something I feel is lost for many people recently, at least that's what I'm getting online. Recently I keep recalling that one Luke Smith youtube video about in projects like Linux, how users are slowly abandoning the freedom hard lines started with Free Software and GNU etc. I think we need more hardasses, the Stallman type, so we don't drift away in convenience and complacency.

On the hyped up cryptobro part.
You're not being treated like a cryptobro. You're experiencing something even more frustrating:
"I've nothing to hide."
A cryptobro would get fundamental disbelief in the promises they make, not in their value.
"crypto is decentralized": except for all the exit scams.
"crypto is the future": except for all the exit scams.
"crypto can do anything": you don't know what you're talking about.
"crypto ...": I'm done hearing about these scams.

As to why this is frustrating,
a. because it devalues other people's needs.
b. because it undercounts one's reliance on fundamental rights.
To say it with a quote I got from schneiers website, but attributed to someone else.
Saying you don't need privacy, because you've nothing to hide is like saying you don't need free speech, because you have nothing to say.

About the complacency part.
I disagree kinda.
Users are going to the centralized semi-free options, because they come from fully proprietary systems and are used to thinking that way and have become to love the strengths of the existing systems.
In general it's going in the right direction.
Just not in the jumps hardliners and early adopters believe in.

Also even a little extra freedom helps a lot.
If Redhat sufficiently fucks up systemD we can fork it with a patch. Would this be a lot of work, yes. Would this be less work than the entire Wine project(which tackles the Windows equivalent) easily, because we have the source code.
Do proprietary kernel modules render your system less free and give root to dangerous parties, absolutely. Still I can patch the interface to limit their power and repair their mistakes For Windows and Mac that requires a jailbreak.
Do locked bootloaders illegally, but unrepentant limit consumer choice. Undeniably, but they still can't sue you under the DMCA for a jailbreak.
Or an example from this forum. If our proprietary electron program botches their testing we can still patch electron without any license problems.

Hardasses are important they remind us how we can improve the world, but they're too blinded by their rage to see the the individual value of the incremental improvements.

I think it's an issue of balance. Taking the SystemD example, when is it that the community draws the line ? Personally, the comically-fast and instant compliance with age verification fiasco a month or two ago was it for ne. I'm sort of coerced to continue to use SystemD currently, even though that was the final straw for me and I'd rather use something else now.

So it's like a continuous battle to balance out the hardass-ness with the complacency. I tend to lean more on the former (even though I don't at all feel like I'm doing a lot of work in doing so, it just seems to me everyone else is so lazy and quick to sideline what they claim to believe in). But as long as the right people don't go all the way and they don't lose the plot, you're right in that fighting back is possible.

Also, about regulations being a necessity etc etc, I get it. But I really won't play along if any countermeasure gets implemented ends up chipping away at one of the rights that were once given, that's in brief my angle on all that 'the system is important, actually'.

On the age gating fiasco.
That was a reaction to a passed law.
Yes, it's problematic, but the reason they can get away with it is that the government is backing them.
Anyone who wants to make that fork has to fight the law and [we know the law often wins.](https://genius.com/The-clash-i-fought-the-law-lyrics)
Most distros also include an Api for handling USA crypto export controls.

View this comment - View article - View full comments - Report this comment