Saki
@Saki@monero.town
- Comment on Should we remove this Buskill ad? 11 months ago:
I’ve already sent you (in PM) everything I got. One report reads, “Reason: spam, unreadable on mobile. seriously guys, do better.” Not clear what they meant by “unreadable on mobile” but perhaps your post was too long or having too many big pictures, movies, etc.
It’s not like I’m personally criticizing you or your post. But the fact remains that several people were unhappy with it and that the admin has the final say, so I suggest you read admin’s comment, which makes sense too.
- Comment on Should we remove this Buskill ad? 11 months ago:
I can see your points but see @admin’s comment below: if you massively cross post using your monero.town account repeatedly, Monero.town itself might be blocked by other Lemmy instances. So please don’t over do it. One compliant was that your post was not phone-friendly.
As long as you only post in Monero.town infrequently, that should be fine. As you can see, I didn’t want to delete your posts easily and somehow they’ve been kept. Ultimately, though, admin has the final say.
- Image Hosting Catbox Blocks Tor: Solutions + How to embed 3rd party (clickable) images in generalfatbox.moe ↗Submitted 11 months ago to meta@monero.town | 0 comments
- Comment on Is something up with the API? 11 months ago:
It might be that this instance is having more and more users, and the server load is high? There is also this reproducible issue: monero.town/post/1135619
If the server upgrade is necessary, probably many users are willing to chip in. These issues may be magically gone after updating to v0.19, though: monero.town/post/1135619 since the new version appears to be “very fast according to some new posts”.
PS. Sometimes “Post” doesn’t work either, taking forever and not posted.
- Comment on What are some good private email service? 11 months ago:
Not a recommendation but I too trust Disroot pretty much. You can get a custom domain there without “buying a paid plan” once you make a donation. Would that be an option for you?
Using multiple providers (having multiple accounts) is a good idea, though. Don’t put all the eggs in one basket. I’ve never heard the two providers you mentioned, so I can’t tell. If you can sign up anonymously via Tor, if they’re Google-free + not behind CF, and (most importantly) they feel “good” (subjective but gut feeling…), I think they’re usable.
If their support use PGP, that’s a good sign too. (Proton even don’t share its pub key iirc.) If they also accept the privacy coin like Disroot and Tuta do, that’s nice too. Ultimately, though, believe your gut feeling, because everyone has different priorities, different thread models, etc.
- Comment on You SHOULD connect to Tor via a VPN, actually 11 months ago:
While doing this is generally not recommended, EFF does indeed suggest this option in some context: ssd.eff.org/module/choosing-vpn-thats-right-you#t…
- Comment on What are some good private email service? 11 months ago:
Don’t worry about e2ee: Even if you get the most expensive plan from e.g. Proton, it’s not e2ee unless both parties use Proton. There is a free, “easy” way to realize true e2e: OpenPGP in Thunderbird (convenient), GnuPGP (more secure), etc.
As for mailbox.org: I used it before but it showed Google reCaptcha, which was an obvious red flag:
cf. [Security and GDPR Issue] ProtonMail includes Google Recaptcha for Login, every single time. #242Also, technical score of mailbox.org has been relatively low, not improving: internet.nl/mail/mailbox.org/1080449/ (Don’t worry too much about this score, though. It’s only technical; human factors (philosophies, trust, etc.) are more important when it comes to privacy.) This is not a recommendation. DYOR; ultimately, believe your own intuition.
- Comment on What are some good private email service? 11 months ago:
- Tuta (free): you can send only like 6 email per day. Otherwise, Tor-friendly. No onion. Support forum on Reddit 😞 Germany.
- Posteo.de: 1 €/mo affordable. Nothing fancy. Support via PGP like that’s common sense. Germany. Non-crypto anonymous payments w/ various options (e.g. a prepaid CC): they don’t even ask your name (much less address, cell phone number).
- Disroot.org: Free, pop/smtp, community-based, trusted even by the Tails team. w/ onion. Netherlands.
- Cock.li: Free, pop/smtp etc. Very Tor-friendly w/ fast onion. It’s good if you think it like disposal. Irresponsible in a way (aka Freedom), but actually 10-year-old & stable. Romania.
- Proton (free): bloated, very mixed opinions, yet better than Google. w/ onion (slow). Switzerland. A simple feature like Plain Text view is missing (HTML by default: not serious about privacy).
- Comment on lemmy 0.19.x incoming 11 months ago:
This glitch might disappear as a good side effect of updating:
monero.town/post/1135619 SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data
- Comment on A Controversial US Surveillance Program May Get Slipped Into a ‘Must-Pass’ Defense Bill. 11 months ago:
If you mean this article on Wired itself, it’s not pay walled, though annoying. Click the V (chevron) to hide the Subscribe Now thing.
Or if it’s indeed pay-walled in your area, open it via Germany by search this -> metager.org/meta/meta.ger3?eingabe=A Controversia…
find the article, and use the “OPEN ANONYMOUSLY” link. Many annoying things will be filtered too. - Comment on Most private crypto wallet? 11 months ago:
Confusing but the official site is not monero.com but www.getmonero.org, where you can see the full list of officially suggested wallets. Official GUI is a safe option. Feather is also good, Electrum-like.
Cake (Monero.com) is one of the suggested options too & is popular, but certainly not “most private“. With Feather, you can do everything over Tor, more privacy-friendly.
Most Monero users only use non-custodial wallets; so they just say “wallets” meaning that. Technically running a local node yourself is the most secure & private—though this option is not for everyone.
- Comment on Most private crypto wallet? 11 months ago:
The monero.com domain has been taken by a for-profit company, Cake. The Monero community is not wealthy (nor motivated) enough to buy it back.
- Comment on Most private crypto wallet? 11 months ago:
Let’s say I’m selling you a book B and accepting a crypto payment. What if you sent me your crypto C trusting me, but I exit-scammed, vanishing without sending you B you’re trying to buy? That’d be bad. But what if I sent you B first, trusting you’ll send me C as soon as you receive B? Now you could cheat and vanish without paying. That’d be bad too.
To prevent any of those things from happening, there are a few methods. One is a 2-of-3 escrow service. Another is 2-of-2. Both based on multisig. A simplified example follows.
The book costs you 100€. You’ll send, say, 200€ to address A controlled by both you and me via multi-signature. I too will send 100€ to A. Now Wallet A has 300€. When 2 persons (you and I) sign, there will be a 2-output transaction from A to you (100€) and to me (200€), but any single person can’t move fund from A. That’s multisig.
Now I must send you the book in a good condition, because I don’t want to lose my 100€. So I’ll act carefully and honestly, and sign when I ship the book. You too will be willing to sign when you receive the book, because otherwise you can’t retrieve your 100€ (you deposited 200, when the book only costs 100). Sometimes an unexpected accident may happen, but usually something like this will work pretty well. This is one way how a P2P platform works (not very accurate, but I hope you get the idea).
- Comment on Most private crypto wallet? 11 months ago:
You’re right. Use a centralized exchange (CEX), and you’ll be KYCed and de-anonymized. That’s why most privacy-coin users prefer DEX. For normal persons, if privacy is important, using anonymous gift cards or prepaid credit cards, which you can easily buy without ID, is more practical, much better than KYC’ed crypto.
If you can somehow get KYC-free coin, maybe from DEX, i.e. if you can get it personally from your friend or peer without showing ID etc., then and only then, you have real private crypto. There are two popular ways for this (Bisq and LocalMonero). Another option called Haveno is hopefully usable soon, but that is still iffy.
Using DEX is not essentially difficult, much safer than you might imagine due to a mechanism called multisig, but maybe this option is not for normal people. When you feel experimental, you might want to try to buy a small amount via DEX, to see what it’s like. If you’re a popular programmer or artist, accepting donations in crypto is also an easy way to get no-KYC coin. Another option is p2pooling—you can get a few Euro worth of XMR relatively easily; yet this last option is time-consuming and not very effective. Many of p2pool users or full-node people are privacy-advocating volunteers, doing that for a philosophical reason, fully aware that it’s never profitable. This might be part of the reason why Monero tx fees are almost zero (like 1/100 of that of BTC). That said, not everyone is a person of goodwill; (like everyone knows) there are quite a few sketchy people around crypto 😟 Be careful and stay safe!
- Comment on Most private crypto wallet? 11 months ago:
It depends on how much you have, etc. If it’s just like 10 or 100 €, maybe you don’t need to be super careful.
The following is just one possible way—get a safe and libre “poor man’s hardware wallet” quickly and easily without paying:
(1. Main wallet)
- Get a USB stick, install Tails. This takes about an hour (most time is for downloading the .img file)
- Create a persistent storage, with a strong password (maybe 7 or 8 random words).
- Install Feather. This takes 10–15 minutes; 30 minutes if generating a new wallet. Use it as your main wallet, and send your Monero to it.
- When ready, shut down Tails. Pull out the USB and save it in a safe place. Now your wallet is physically disconnected from the Internet, air gapped. Very hard for any attacker to hack it.
(2. Hot wallet)
- Set up whatever wallet(s) you like on your daily device(s) for daily use. It too can be Feather, or it can be something different. Just don’t have too much money in a daily wallet.
(3. When you send Monero from 1 to 2)
- Insert the said USB, boot into Tails, send a necessary (small) amount from 1 to 2. Unlike BTC, the tx fees are like 1 cent or less. You can make a lot of small TXs without worrying about fees.
- Once you signed and sent, immediately close your main Feather, shut down Tails, and physically disconnect the USB again. You don’t need to wait for confirmations. It’ll be fully confirmed in 15 or 30 minutes, and for which your wallet doesn’t need to be online.
- So your daily wallet will be moderately funded, ready to use. You can enjoy private transactions, e.g. buying VPS or making anonymous donations to support your favorite software. Even if your daily wallet is hacked, your main wallet will be safe, physically disconnected from the Internet.
In theory this should work pretty well, if not the strongest possible. It’s not a recommendation, though. Do your own research. You may want to ask the same question in monero.town; hearing various opinions, not just trusting one person (me), is a good idea.
- Comment on Most private crypto wallet? 11 months ago:
If you’re familiar with Electrum and migrating to the privacy coin, Feather may be a convenient choice.
The fundamental problem for you might not be the wallet; but KYC vs. non-KYC. Is it allowed to post a link or mention specific platforms here? You may want to check a website about no-kyc and tried a trusted, no-kyc platform—not a CEX but a DEX (pure P2P), so no company can’t monitor your private life (related to shopping). You can browser monero.town, which is a friendly Lemmy instance of !privacyguides@lemmy.one in the sense that Monero is recomended on the official site of Privacy Gudies: www.privacyguides.org/en/cryptocurrency/
The tricky problem is, if you have been once KYCed, your privacy invaded, then you couldn’t undo it (be un-KYC it). You may need to start over, creating totally new addresses, doing everything anonymously over Tor. If you’re not that privacy-oriented, you can just swap the KYC coin you have to Monero, and you’ll be invisible from that point.
But Moneo is not magic to solve everything. DYOR and stay safe!
- Comment on SimpleX Self-Host Script, Tutorial, on Monero Provider 11 months ago:
That’s a good point. One of the two biggest weak points of a so-called e2e provider/platform is, the e2e provider itself.
The only true e2e is e.g. Alice does gpg -ea on an offline computer, copy-pastes ascii and sends it to Bob via an online computer, who copy-pastes this ascii to his offline computer and does gpg -d there. Their seckeys are airgapped from the communication channel. Sharing your sec with a provider is especially ridiculous (e.g. Proton). At least that’s what I think.
- Comment on Should we remove this Buskill ad? 11 months ago:
Right. Idealism doesn’t always work.
In this specific case, though, it feels unfair to suddenly give them a severe punishment, as they didn’t do anything against the rules when posts were made, monero.town had accepted their posts for a few months, @maltfield were never given a warning; some users even found Buskill interesting/fun and posted positive comments at first.
- Comment on Should we remove this Buskill ad? 11 months ago:
Current Status 2023-11-19 23:00Z (Any comments would be appreciated)
- Some of these posts by our fellow user @maltfield@monero.town were removed by mods in several instances (lemmy.ml, lemmy.one, lemmy.world, etc.)
- lemmy.ml/modlog?page=1&userId=814254
- lemmy.one/modlog?page=1&userId=166019
- lemmy.world/modlog?page=1&userId=186463
-
Even in these instances, not all of their posts were removed. For example lemmy.ml/post/4403541 from 3 months ago was well accepted, and is still kept. Maybe @maltfield is not a “pure spammer” and we can discuss with them in a civil manner, ask them not to overdo it.
-
The said user even got (2-month?) bans from certain instances. I wouldn’t like to ban/block a fellow Monero supporter from monero.town. At the same time I don’t want people from other instances see monero.town as a “bad” place. (Hopefully people are rational enough not to assume @maltfield represents typical Monero users/privacy advocates.)
-
Some other instances did not (yet?) remove @maltfield’s posts in question. E.g. our friendly instance !privacyguides@lemmy.one still keeps yesterday’s BusKill post: lemmy.one/post/6940197
-
I PM’ed @maltfield ~8 hours ago, explaining the situation, asking “Speak up now if necessary.”
- Comment on Should we remove this Buskill ad? 11 months ago:
Since you’re the admin, you have the final say, obviously. @maltfield is a fellow user of monero.town. Apparently their posts were well received once ( monero.town/post/478676 monero.town/post/132041 ) then became a bit too repetitive and (perceived as) spammy.
we should probably add something similar to r/monero where you can only advertise every 2 weeks as well as limiting reposts to your own community and a limited amount of others
Sounds reasonable.
- Comment on Should we remove this Buskill ad? 11 months ago:
They double-posted a new one monero.town/post/1142415 in !moneromarket. So deleting this one in !privacy wouldn’t be censorship because just cleaning up duplicates?
- Comment on SimpleX Self-Host Script, Tutorial, on Monero Provider 11 months ago:
@ride I know the background: this info could be very useful, and you commented, “Even if not directly Monero-related, this draws attention to the community when such contributions come from here.”
The problem is, !privacyguides@lemmy.one has a different set of rules than Monero.town does, explicitly stating:
This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
Hence, as you can see in monero.town/post/1085883 (you double-posted the same thing, too), a negative comment about this:
I feel like this might count as self-promotion, given it’s mentioning a particular website, their GitHub, their running service, etc. Regardless, it is informative
So @LWD@LWD@lemm.ee is not “childish”, even stating “it is informative.” But if the info is useful, we should follow the rules of !privacyguides@lemmy.one when (cross-)posting here; otherwise, Monero.town may look bad.
- Comment on Should we remove this Buskill ad? 11 months ago:
Similar posts by the same user @maltfield were accepted in the past: monero.town/post/131992 monero.town/post/131986 monero.town/post/478694
The idea itself could be interesting and thought-provoking. Personally I wouldn’t like to be oppressive, removing posts easily; but this time, monero.town/post/1144305 it seems somewhat excessive too. Any advice? I’m new here, though technically a mod. @monerobull@monero.town @rottenwheel@monero.town
- Submitted 11 months ago to meta@monero.town | 15 comments
- Comment on SimpleX Self-Host Script, Tutorial, on Monero Provider 11 months ago:
Leave it to the cryptocurrency people to turn a simple tutorial into an ad.
I’m from the same Lemmy instance monero.town (technically a mod?) and can see your point. Initially I was vocal about perceived link-spamming, advertising this SimplifiedPrivacy thing; at least a few users there were/are feeling the same way, as you can see e.g. here. So please don’t lump crypto (esp. Monero) users as a single kind of people.
Like @leraje@lemmy.blahaj.zone pointed out, some of info provided by this user (ShadowRebel) can be useful. Perhaps some people prefer a video to text. Monero users tend to respect freedom (of speech) and advertisement is not forbidden in Monero.town anyway. Perhaps you can understand that this does not mean “the cryptocurrency people” are the same.
- Comment on What is the good alternative right now to Google translate? 11 months ago:
The SimplyTranslate front end has many languages, translate engines selectable: Google | DeepL (Testing) | ICIBA | Reverso | LibreTranslate. Some instances are Tor-friendly, even onion. The project page seems to be codeberg.org/SimpleWeb/SimplyTranslate
Refusing to use Google is just common sense. LibreTranslate itself is decent (at least not Google), except a website hosting it may have some opaque JS or Google things (Font, Analytics, TagManagers, etc.)
Either way, translation can’t be super-private in general. For example, if you use it to write a private message or love letter in a foreign language… even including real names and physical addresses…
Also, metadata like “a Danish-speaker is reading this German text about X” can’t be hidden, and if the language pair is uncommon and/or if text to be translated is specialized (not generic), the engine provider may easily guess “this request and that request yesterday may be from the same user”, etc. if they want to. A sufficiently powerful “attacker” might de-anonymize you, helped by other info about you, already gathered. In practice, maybe not a big concern, if you’re just translating generic, non-sensitive text, not showing your real IP, and clearing cookies frequently.
- Comment on Microsoft Can't Stop Being Annoying About OneDrive | They make you take a survey every time you close OneDrive on your device. 11 months ago:
I’ve found two possible solutions:
- If you use some kind of Lemmy reader instead of using a browser, it may have a filtering function, like “hide post including this word” like using regex.
- “After complaining yesterday about seeing too much Linux content in the Fediverse” — this Lemmy user seemed to have experienced a similar problem, and finally found a fundamental (albeit rather unexpected) solution. Read more: lemmy.world/post/8107430
- Comment on Microsoft lays hands on login data: Beware of the new Outlook 11 months ago:
Thunderbird doesn’t passphrase-protect your PGP key. Though you can set a general password… For something less important, its OpenPGP may be convenient, given that if you send/receive email normally, there is metadata problem anyway. But if you need to play it safe, you may want to use gpg offline and paste ascii.
Increasingly more and more “phoning home” is not exactly comfortable, either: thunderbird-settings.thunderbird(.)net location.services.mozilla(.)com addons.thunderbird(.)net versioncheck.addons.thunderbird(.)net services.addons.thunderbird(.)net, etc. Perhaps people today, both users and developers, feel something like this is normal, because things were already more or less like this when they were born.
Re: Micro$oft - It might be that after raped by Google, the society has been desensitized and stopped feeling anything about “minor details.” Why worrying now? You use a Windows 10 passport account (what is it called?) just to log on to “your own” computer and also a Gmail account anyway, right? So bad news is, your privacy is almost zero already.
- Comment on Microsoft Can't Stop Being Annoying About OneDrive | They make you take a survey every time you close OneDrive on your device. 11 months ago:
It doesn’t need to be today. You don’t need to ditch it completely, but if you’d like to, you can use two machines side by side. It’s about freedom. No one should force you to do anything. Good luck!
- Comment on Microsoft Can't Stop Being Annoying About OneDrive | They make you take a survey every time you close OneDrive on your device. 11 months ago:
That should be easy if you do some script-fu, etc. Perhaps not so easy on Windows, though.
I understand that you may feel depressed, or even annoyed, for example when told, “Solving the problem foo is trivial if you use bar” when bar is not trivial nor realistic for you (or so you believe). For example, 2^149^−1 is easy to factor if you use elliptic curves, but studying elliptic curves may feel daunting (though it’s not so hard as you might think).
I do understand how you may feel in such a situation. I may be sometimes in a similar situation too.
Obviously, though, not trying to read about the solution bar wouldn’t solve the original problem foo. Not learning ECM doesn’t enable you to factor 2^149^−1 for example. Not trying to listen to about the L-word wouldn’t fix the annoyance of Windows. Annoyance itself may be harmless but everyone knows Windows is privacy-invasive and vulnerable to malware, viruses, keyloggers, etc. So staying too long there, refusing to learn some solution, something really bad might happen to you eventually. Honestly, something like that did happen to ourselves recently. Our community lost a lot of money, apparently stolen by attacker(s)—exactly what happened is still unknown, but the victimized wallet was on Ubuntu connected to Windows 10 via SSH.
You don’t need to ditch Windows. I respect your freedom to use non-free software. In fact, many L-word systems do include non-free blobs too!
That being said, may I suggest that you try different OS(es) just for 10 minutes, booted from a USB stick, when you have time, to see what it’s like. You might be surprised because it just works, actually more intuitive, you can use it easily, not to mention you’re not forced to see ads. Or no invasive telemetry. Feel free to ignore this suggestion if you really love Windows, thinking it’s the best OS ever. I respect freedom of thought!