Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Tag: privacy

The blockchain is public, yet a Bitcoin wallet can be created anonymously. So are Bitcoin transactions anonymous? Not at all…

Each transaction into and out of a wallet is a bread crumb. Following the trail is trivial. Every day, an army of armchair sleuths help the FBI. That’s how Silk Road was brought down.

The problem is that some of that money eventually interacts with the real world (a dentist is paid, a package shipped or a candy is purchased at a gas station). Even if the real-world transaction is 4 hops before or after hitting the “anonymous” wallet, it creates a forensic focal point. Next comes a tax man, an ex-spouse or a goon.

The first article linked below addresses the state of tumblers (aka “mixers”). They anonymize an open network by obfuscating the trail of bread crumbs.

Mixers/tumblers aren’t the only way to add a layer of privacy to Bitcoin transactions. The Lightning Network spec includes an optional 17-hop onion routing (just like TOR’s 4 step onion routing). I have not yet seen the feature expressed in wallets or services, but if implemented, it will be even more private and trustworthy than a mixer, because there is no middle party to trust (by you) or squeeze (by investigators). It has the potential to makes any crypto Bitcoin even more anonymous than cash.

Certain cryptocurrencies (not Bitcoin) have anonymity baked in by design. Monero, ZCash and Dash are privacy tokens that use very different approaches to eliminate the bread crumbs. Monero appears to have one distinct advantage: Like the TOR network, it is trustless. But there are benefits to each approach.

Philip Raymond co-chairs CRYPSA, hosts the Bitcoin Event and is keynote speaker at Cryptocurrency Conferences. He is a top writer at Quora.

Early this morning, I was asked this question at Quora. It’s a pretty basic request of network administrators, including parents, schools and anyone who administers a public, sensitive or legally exposed WiFi hot spot.

Is there a quick and easy way to view, log, or otherwise monitor the web sites visited by people on your home or office network?

Yes. It’s free and and it is pretty easy to do.

It gets a bit trickier, if the individual on your network is using a VPN service that they have configured on their device.[1] A VPN does not stop you from logging their browsing, but all of their activity will point to the VPN address instead of the site that they are actually visiting. In that case, there is another way to monitor their activity. See note #1, below.

Before getting into this, I should mention that I believe that using covert methods to monitor a family member’s online activity is a terrible method of parenting. In my opinion, there are better ways to deal with the issue—parenting techniques that don’t undermine trust as they deal with safety.

I can think of at least three methods for logging the websites that people on your network visit. In the explanation below, we will focus on #2. For more information, dig into the notes at the bottom of this answer.

You can either…

  1. Configure your router to store logs of visited IP addresses [2]
  2. Set your router to use the DNS server at opendns.com, instead of the default server offered by your internet service provider. This involves a simple setting available in all routers. (Replace default DNS server addresses with 208.67.222.222 and 208.67.220.220)
  3. You can set up a proxy which redirects web traffic to one of the computers in your house or a third-party service. This is how the monitoring software for parents and custodial services monitor or block web traffic.

In the remainder of this quick tutorial, we focus on method #2..

Once you configure your router to use the two DNS servers at OpenDNS.com, create a free account on their web site. Then, enable the logging feature. It not only shows you visited domains, it maps them into actual domain names and subdomains—making it easy to search, sort or analyze traffic.

You can download a spreadsheets and sort by number of visits or by the domains visited. Logs are maintained for only two weeks. So, if you wish to maintain a history, you will need to visit OpenDNS and download them regularly. (Check their user forum. Someone has created a safe, single-line DOS command that downloads these activity logs to your PC).

[1] VPN, Onion Routing and Encryption

If an individual in your home or office is using a Virtual Private Network [VPN], they are effectively covering their tracks with method #3, above. You can see their connection to the VPN service, but that service is either trusted to destroy logs of visited web sites, or anonymize traffic, by routing it through a chain of users that have no way to back-trace and identify the requester’s address.

Since their traffic originates on your network, there are other things you can do to monitor their activities. For example, if they are not using end-to-end encryption, you can use method #3 yourself, to route data in and out through your own PC or service.

[2] Logging the IP address or domain of visited web sites is not a feature of all routers. I have three recent model routers — and only one of them has a feature to log traffic in and out of the network.

[3] OpenDNS cannot discriminate the individual device in your home or office that has accessed websites that it logs. The logs include the traffic for all HTTP access that originates through your internet service subscription.

But some remarkable feature of OpenDNS (other than it being completely free):

a) It speeds up your overall internet experience noticeably! Like Google’s free DNS service, it is more robust and more redundant than the default DNS settings recommended by your internet service provider.

b) It maps every IP address into a domain name. So when you log in to check your logs and statistics, you don’t need to figure what the numbers mean. You view a list that makes sense. You can even search for certain words or web sites.

c) It permits you to block websites based on a very rich set of 100 criteria, including violence, adult content, hate speech, etc.

d) It offers graphs of your network access including overall volume. An example is shown here:

Tune in tomorrow (Thursday, Nov 10, 2016) at 4:30PM Eastern. Find out what Edward Snowden has to say on the future of the US. [Source: StartPage via Engadget]

edward-snowden

American technology policies could change significantly under Donald Trump, and that includes its stance on privacy. How will the new leader alter government surveillance, for example? Edward Snowden might have an answer. The whistleblower and Dutch search engine StartPage are hosting a live event on November 10th at 4:30PM Eastern to address what happens to privacy in the Trump era, among other questions. Snowden speaking engagements are nothing new, but this is special — he’s more than a little familiar with government spying activities, and this is his first chance to opine on how things might be different under a new administration.

Snowden hasn’t said much of anything about the subject as of this writing. However, Trump doesn’t exactly have a stellar record on internet privacy so far. He has proposed reauthorizing the Patriot Act and the previous, less restrained NSA mass surveillance that took place while the Act was in force. He tends to “err on the side of security” over privacy, even if he’s not especially fond of it. As such, Snowden probably won’t have many kind things to say. He’s in favor of more privacy wherever possible, and that could easily put him at greater odds with the US government than he is now.

By now, most Bitcoin and Blockchain enthusiasts are aware of four looming issues that threaten the conversion of Bitcoin from an instrument of academics, criminal activity, and closed circle communities into a broader instrument that is fungible, private, stable, ubiquitous and recognized as a currency—and not just an investment unit or a transaction instrument.

These are the elephants in the room:

  • Unleashing high-volume and speedy transactions
  • Governance and the concentration of mining influence among pools, geography or special interests
  • Privacy & Anonymity
  • Dwindling mining incentives (and the eventual end of mining). Bitcoin’s design eventually drops financial incentives for transaction validation. What then?

As an Op-Ed pundit, I value original content. But the article, below, on Bitcoin fungibility, and this one on the post-incentive era, are a well-deserved nod to inspired thinking by other writers on issues that loom over the cryptocurrency community.

This article at Coinidol comes from an unlikely source: Jacob Okonya is a graduate student in Uganda. He is highly articulate, has a keen sense of market economics and the evolution of technology adoption. He is also a quick study and a budding columnist.

What Happens When Bitcoin Mining Rewards Diminish To Zero?

Jacob addresses this last issue with clarity and focus. I urge Wild Ducks to read it. My response, below touches on both issues 3 and 4 in the impromptu list, above.

Sunset mining incentives—and also the absence of supporting fully anonymous transactions—are two serious deficiencies in Bitcoin today.
I am confident that both shortcomings will be successfully addressed and resolved.

Thoughts about Issues #3 and #4: [Disclosure] I sit on the board at CRYPSA and draft whitepapers and position statements.*

Blockchain Building: Dwindling Incentives

mining-incentive-02Financial incentives for miners can be replaced by non-financial awards, such as recognition, governance, gaming, stakeholder lotteries, and exchange reputation points. I am barely scratching the surface. Others will come up with more creative ideas.

Last year, at the 2015 MIT Bitcoin Expo, Keynote speaker Andreas Antonopoulos expressed confidence that Bitcoin will survive the sunset of miner incentives. He proposed some novel methods of ongoing validation incentives—most notably, a game theory replacement. Of course, another possibility is the use of very small transaction fees to continue financial incentives.

Personally, I doubt that direct financial incentives—in the form of microcash payments— will be needed. Ultimately, I envision an ecosystem in which everyone who uses Bitcoin to buy, sell, gift, trade, or invest will avoid fees while creating fluidity—by sharing the CPU burden. All users will validate at least one Blockchain transaction for every 5 transactions of their own.

Today, that burden is complex by design, because it reflects increasing competition to find a diminishing cache of unmined coins. But without that competition, the CPU overhead will be trivial. In fact, it seems likely that a validation mechanism could be built into every personal wallet and every mobile device app. The potential for massive crowd-sourced scrutiny has the added benefit of making the blockchain more robust: Trusted, speedy, and resistant to attack.

Transaction Privacy & Anonymity

Bitcoin’s lack of rock-solid, forensic-thwarting anonymity is a weak point that must ultimately be addressed. It’s not about helping criminals, it’s about liberty and freedoms. Detectives & forensic labs have classic methods of pursuing criminals. It is not our job to offer interlopers an identity, serial number and traceable event for every transaction.

Anonymity can come in one of three ways. Method #3 is least desirable:

  1. Add complex, multi-stage, multi-party mixing to every transaction—including random time delays, and parsing out fragments for real purchases and payments. To be successful, mixing must be ubiquitous. That is, it must be active with every wallet and every transaction by default. Ideally, it should even be applied to idle funds. This thwarts both forensic analysis mining-incentive-03and earnest but misguided attempts to create a registry of ‘tainted’ coins.
  2. Fork by consensus: Add anonymizing technology by copying a vetted, open source alt-coin
  3. Migrate to a new coin with robust, anonymizing tech at its core. To be effective, it must respect all BTC stakeholders with no other ownership, pre-mined or withheld distribution. Of course, it must be open, transparent and permissionless—with an opportunity and incentive for all users to be miners, or more specifically, to be bookkeepers.

That’s my opinion on the sunset of mining incentives and on transaction anonymity.
—What’s yours?

* Philip Raymond is co-chair of the Cryptocurrency Standards
Association. He was host and MC for the Bitcoin Event in New York.

I was pointed to this article by Jon Matonis, Founding Director, Bitcoin Foundation. I was sufficiently moved to highlight it here at Lifeboat Foundation, where I am a contributing writer.

On Fungibility, Bitcoin, Monero and ZCash … [backup]

This is among the best general introductions I have come across on traceability and the false illusion of privacy. The explanation of coin mixing provides and coin_mixing-03excellent, quick & brief overview.

Regarding transaction privacy, a few alt-coins provide enhanced immunity or deniability from forensic analysis. But if your bet is on Bitcoin (as it must be), the future is headed toward super-mixing and wallet trading by desgin and by default. Just as the big email providers haved added secure transit,
Bitcoin will eventually be fully randomized and anonymized per trade and even when assets are idle. It’s not about criminals; it’s about protecting business, government and individuals. It’s about liberty and our freedoms. [Continue below image]

coin_mixing-04
How to thwart forensic investigation: Fogify explains an advanced mixing process

The next section of the article explains the danger of losing fungibility due to transaction tracing and blacklisting. I can see only ONE case for this, and it requires a consensus and a hard fork (preferably a consensus of ALL stakeholders and not just miners). For example, when a great number of Etherium was stolen during the DAO meltdown.

My partner, Manny Perez, and I take opposing views of blacklisting coins based on their ‘tainted’ history (according to “The Man”, of course!). I believe that blacklists must ultimately be rendered moot by ubiquitous mixing, random transaction-circuit delays, dilbert-060219and multiple-transaction ‘washing’ (intentionally invoking a term that legislators and forensic investigators hate)—Manny feels that there should be a “Law and Order” list of tainted coins. Last year, our Pro-&-Con views were published side-by-side in this whitepaper.

Finally, for Dogbert’s take on fungible, click here. I bought the domain fungible.net many years ago, and I still haven’t figured out what to do with it. Hence this Dilbert cartoon. smile
____________
Philip Raymond is co-chair of The Cryptocurrency Standards Association.
He also presents on privacy, anonymity, blind signaling & antiforensics.

Ex-NSA boss says FBI director is wrong on encryption

encryption

Encryption protects everyone’s communications, including terrorists. The FBI director wants to undermine that. The ex-NSA director says that’s a terrible idea.

The FBI director wants the keys to your private conversations on your smartphone to keep terrorists from plotting secret attacks.

But on Tuesday, the former head of the U.S. National Security Agency…

Read the full article at CNN Money
http://money.cnn.com/2016/01/13/technology/nsa-michael-hayden-encryption/

As the old social bonds unravel, philosopher and member of the Lifeboat Foundation’s advisory board Professor Steve Fuller asks: can we balance free expression against security?

justice

Justice has been always about modes of interconnectivity. Retributive justice – ‘eye for an eye’ stuff – recalls an age when kinship was how we related to each other. In the modern era, courtesy of the nation-state, bonds have been forged in terms of common laws, common language, common education, common roads, etc. The internet, understood as a global information and communication infrastructure, is both enhancing and replacing these bonds, resulting in new senses of what counts as ‘mine’, ‘yours’, ‘theirs’ and ‘ours’ – the building blocks of a just society…

Read the full article at IAI.TV

The recent scandal involving the surveillance of the Associated Press and Fox News by the United States Justice Department has focused attention on the erosion of privacy and freedom of speech in recent years. But before we simply attribute these events to the ethical failings of Attorney General Eric Holder and his staff, we also should consider the technological revolution powering this incident, and thousands like it. It would appear that bureaucrats simply are seduced by the ease with which information can be gathered and manipulated. At the rate that technologies for the collection and fabrication of information are evolving, what is now available to law enforcement and intelligence agencies in the United States, and around the world, will soon be available to individuals and small groups.

We must come to terms with the current information revolution and take the first steps to form global institutions that will assure that our society, and our governments, can continue to function through this chaotic and disconcerting period. The exponential increase in the power of computers will mean that changes the go far beyond the limits of slow-moving human government. We will need to build new institutions to the crisis that are substantial and long-term. It will not be a matter that can be solved by adding a new division to Homeland Security or Google.

We do not have any choice. To make light of the crisis means allowing shadowy organizations to usurp for themselves immense power through the collection and distortion of information. Failure to keep up with technological change in an institutional sense will mean that in the future government will be at best a symbolic façade of authority with little authority or capacity to respond to the threats of information manipulation. In the worst case scenario, corporations and government agencies could degenerate into warring factions, a new form of feudalism in which invisible forces use their control of information to wage murky wars for global domination.

No degree of moral propriety among public servants, or corporate leaders, can stop the explosion of spying and the propagation of false information that we will witness over the next decade. The most significant factor behind this development will be Moore’s Law which stipulates that the number of microprocessors that can be placed economically on a chip will double every 18 months (and the cost of storage has halved every 14 months) — and not the moral decline of citizens. This exponential increase in our capability to gather, store, share, alter and fabricate information of every form will offer tremendous opportunities for the development of new technologies. But the rate of change of computational power is so much faster than the rate at which human institutions can adapt — let alone the rate at which the human species evolves — that we will face devastating existential challenges to human civilization.

The Challenges we face as a result of the Information Revolution

The dropping cost of computational power means that individuals can gather gigantic amounts of information and integrate it into meaningful intelligence about thousands, or millions, of individuals with minimal investment. The ease of extracting personal information from garbage, recordings of people walking up and down the street, taking aerial photographs and combining then with other seemingly worthless material and then organizing it in a meaningful manner will increase dramatically. Facial recognition, speech recognition and instantaneous speech to text will become literally child’s play. Inexpensive, and tiny, surveillance drones will be readily available to collect information on people 24/7 for analysis. My son recently received a helicopter drone with a camera as a present that cost less than $40. In a few years elaborate tracking of the activities of thousands, or millions, of people will become literally child’s play. Continue reading “The Impending Crisis of Data: Do We Need a Constitution of Information?” | >