HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ColanR

no profile record

comments

ColanR
·6 jaar geleden·discuss
Use uBlock Origin. No ads at all.
ColanR
·6 jaar geleden·discuss
Yes, it does. Monitoring is easy with htop - just look at the ram and swap usage. Leave FF open too long with too many tabs, and even the swap starts to fill up and the whole computer gets laggy.

This is a well-known problem. What's hard to believe?
ColanR
·6 jaar geleden·discuss
The only way to free up the memory is to close firefox. Closing tabs doesn't do anything. I can 'killall firefox' and then reopen it to the same 50 tabs, and the memory usage after they're loaded again will be several GB lower.

I don't know if you count memory exhaustion as a 'crash' per se.
ColanR
·6 jaar geleden·discuss
The difference is, chrome allocates what it needs upfront, and that's all it uses. Firefox keeps increasing its usage.

That means that when I want to leave a website open on my server for a month, I use chrome because I know exactly how much memory it's going to use. If it was firefox, at the end of the month even the swap would be filled.
ColanR
·6 jaar geleden·discuss
Except for the memory leaks.
ColanR
·6 jaar geleden·discuss
If we're going to use SpaceX to validate our language choices, then we should be moving back to C for the "mission critical" code.

> The certification and correctness part is made easier by using software verification tools. One such tool is Astrée. It is a static code analyzer that checks for runtime errors and concurrency related bugs in C projects. This also leads us to the answer for why a lot of mission-critical code is written in C. Its because there are a lot of static analyzers and software verification tools for C.
ColanR
·6 jaar geleden·discuss
And don't forget about harmonics. Seems like flicker at higher refresh rates would happen whenever the mental and external rates synchronize.
ColanR
·6 jaar geleden·discuss
This is my question as well. Additionally, I've wondered if there are non-explicit behaviors of the browser that are used for fingerprinting.
ColanR
·7 jaar geleden·discuss
There are a lot of mountains in the US where you're going to spend hours driving up steep inclines. I used to live on the wrong end of a 2 hour uphill drive with one gas station in the middle. That road was steep enough that even a gasoline car couldn't make the trip without a full tank of gas.

Your comment makes you sound like a city boy.
ColanR
·7 jaar geleden·discuss
> If such a method existed then the system would indeed be broken

Yes, I think that is the fundamental problem with depending on 'mixers' against state-level actors. We both agreed earlier that the tech is theoretically possible. It seems like we're disagreeing about whether someone exists who is motivated enough to build the tech, and whether that person is also motivated to keep their tech under wraps.

> they can't exactly hide the results

It's a known method that US law enforcement has done in the past. Parallel construction is absolutely a thing. https://en.wikipedia.org/wiki/Parallel_construction

> the idea is to make all the transactions look the same so that even using your best graph theory tools you can't narrow down the possibilities enough to reasonably investigate all of them

I just don't get the impression that it's successful. There's a lot of 'metadata' that could be used to narrow the candidates down: geography, time, transaction amount, method of accessing the exchange (API / browser / desktop app ), age of wallets - I don't know which is specifically relevant here, but there's a lot of similar information which could be used to narrow the possibilities down, and most of it could probably involve 'fuzzy logic'. I just don't think that a threat model which includes state-level actors should ignore the possibility that transactions could be traced through mixers.

By the way, I'm really enjoying this discussion. Thanks for playing. :)
ColanR
·7 jaar geleden·discuss
Maybe this is where we diverge.

> or the prosecutor looking to use the results of such an investigation as evidence in a trial

I'm inclined to believe in the possibility of parallel constructions being used to cover up the best sources of intel.

> Anything is possible.[...] As long as it's not cost-effective to trace the transfer, that's enough. It doesn't need to be mathematically impossible.

And here, I think it is probably cost-effective to come up with that technology, because it would allow tracing people and transactions that might otherwise be impenetrable. And, if that were the case, I don't have a hard time imagining that it would be of utmost importance to keep such technology under wraps.

But again, at this point it seems like we're comparing pessimism to optimism.
ColanR
·7 jaar geleden·discuss
Who would have published such an example? When we deal with opsec, we have to consider what is possible, rather than what has been done in the past. We have to do better than merely "locking the house after the thief has gone".
ColanR
·7 jaar geleden·discuss
> It's still not immune to tracing, obviously, but it's a much harder problem than just looking for symmetric transactions.

"And with the proper graph theory tools, much more complex interactions could be tracked."

> The simplest system, though, is probably just to spend some BTC renting time on a mining rig. It doesn't have to be profitable, just break even. Newly mined bitcoins have no official history to show who paid for the mining.

That is a good idea.
ColanR
·7 jaar geleden·discuss
> A counterparty that is willing to swap anonymously acquired and sent altcoins for Bitcoin can provide a privacy conscious individual with anonymous Bitcoins.

Not if amounts are tracked, rather than addresses. "oh look, this gal X just lost 5.3876BTC and gained 3.76549ALTCOIN, and this other dude Y just gained 5.3876BTC and lost 3.76549ALTCOIN. Geeze, I wonder if they traded."

And with the proper graph theory tools, much more complex interactions could be tracked.
ColanR
·7 jaar geleden·discuss
I think it should be, when the tax reporting requirements are so granular; and in such cases, the effect is analogous to a timing attack.
ColanR
·7 jaar geleden·discuss
I haven't heard of PirateChain. However, the state-level threat model includes things like taxes, where (e.g.) people in the US have to report every transaction they make.

If most people report their PirateChain transactions, amount in, amount out, then the problem is that unreported transactions would stick out and would probably be associable with wallets. Am I getting this wrong?
ColanR
·7 jaar geleden·discuss
From what I understand, that penny pinching is often why the rich are rich (excluding those born into more wealth than they can spend).

Edit: I'm getting the impression that a large subset of people replying ignored my parenthetical comment.
ColanR
·7 jaar geleden·discuss
> It's meant to be anonymous

Unfortunately, Bitcoin (BTC) is not anonymous, as you pointed out. It never was; and with tax laws requiring copious transaction information, it is particularly easily traceable.

That's the idea behind Monero & Co., which tries to mix things up a bit (literally). The anonymity is still not perfect, especially against state-level actors.
ColanR
·7 jaar geleden·discuss
> moral and philosophical education along with ability to independently think

That's a fairly good description of Machiavelli.
ColanR
·7 jaar geleden·discuss
Freedom of speech ensures we can always debate the value of the rest of our rights. Without it, that amorphous 'tolerance' could remove the ability to speak against bad things.

Who defines hate speech? Mobs? Who gets to enforce the official definition of intolerant behavior? Trump? Hillary? (hyperbole to make a point) If we don't maintain freedom of speech above tolerance, then we cannot speak out when our words violate the accepted (and as you pointed out, transitory and unpredictable) definition of 'what is fine'.

Do you really want to just stop talking, without recourse, when a future mob decides your words are unacceptable?