• 1 Post
  • 3 Comments
Joined 3 years ago
cake
Cake day: November 29th, 2021

help-circle
  • There is no one-size-fits-all solution and there likely isn’t a solution that works for everyone even in specific situations due to different threat models. Purchasing and using a custom domain is often listed as a good practice for maintaining a person’s privacy. However, it can be even more detrimental to a person’s privacy than just using a trusted email masking/forwarding service and trusted email provider. For example:

    • The domain is purchased without WHOIS protection (or without using non-personal information) or the WHOIS protection is not renewed
    • The email server is hosted on hardware that can be linked to other services that identify the individual (eg: the email is self hosted using a home IP address)
    • A self hosted email server is configured in a way that leaks information or is configured insecurely
    • The email domain is used by only one person, which enables agencies to link each individual, unique email address back to that individual and create an aggregated profile across various accounts/services
    • If the domain/DNS is not configured properly (or if the domain is not renewed), then the domain (and thus the email accounts) can be hijacked, which could lead to any additional accounts/services that are still using the domain vulnerable to a take over attack
    • The email server is hosted by a privacy invasive company/service
    • The person assumes that all emails are private since they use a custom domain on a trusted email provider (or self hosted email server), but continue to send emails containing sensitive information to email accounts running privacy invasive email services (eg: Gmail)

    Please note that I am not saying that this is not a good option, but I just wanted to note some of the things that should be considered if a person decides to use a custom email domain to improve their digital privacy.


  • My beef with them is that they’re either pushed by scammer to empty honest but gullible people’s bank accounts, or they’re used to pay for illegal activities because they’re totally opaque and unregulated.

    Scammers also use gift cards, checks, wires, cash, bank accounts, investment funds, and many other means to accomplish this. Several of them are tightly regulated and it does not seem to deter or prevent the scams from occurring.

    My other beef is that they’re really securities and they’re not subject to the rules on securities for a reason that totally escapes me.

    Admittedly, I am not well versed in this area. Do you foresee a way to properly subject cryptocurrencies to the same/similar regulations as other securities while still providing many/all of cryptocurrencies’ benefits, including anonymity? Are the legitimate cryptocurrency exchanges (eg: Coinbase) not subject to those regulations? How different is this from individuals being taxed on gains/losses from cryptocurrencies?

    I don’t do cryptocurrencies both out of self-financial preservation, and also because I refuse to participate - and thus promote - stuff that’s generally bad for society as a whole.

    The first part is in relation to investing in cryptocurrency moreso than using cryptocurrency.

    What makes cryptocurrency generally bad for society as a whole? While I am not familiar enough with the current estimates, I know there are environmental concerns (eg: water/electricity usage, required hardware, etc.). I concede that the environmental impacts may be (and likely are) worse than traditional fist currencies, I am unaware of other reasons that make cryptocurrency generally bad for society as a whole.

    Trump loves em

    Many privacy advocates also love cryptocurrency. Two different people or groups of people (no matter how similar or different) can have one or more shared interests, even if the reasons or motivations are drastically different. It is likely best to avoid politics on this topic.


  • Cryptocurrency

    Hard no. I don’t partake in scams, even for the sake of privacy.

    Is this in relation to the monetary value of cryptocurrency or the anonymity of cryptocurrency?

    The list included cryptocurrency as a channel for anonymous payments, not an investment opportunity. The two cryptocurrencies listed are two of the more well established cryptocurrencies that are more widely accepted than many other cryptocurrencies (granted, one or both of them are still not accepted by a large number of merchants). Additionally, the list also mentions some of the considerations necessary to help ensure the cryptocurrency is obtained anonymously.

    If the list only included insert_newly_created_obscure_cryptocurrencies then this would definitely be more concerning.

    However, if the cryptocurrency is both obtained and used “properly” where the person is ultimately anonymously exchanging cryptocurrency for a desired good(s) or service(s), is it truly a scam?