I asked two Mastodon admins, both new to crypto, to accept crypto donations, adding “if possible Monero.” To my surprise, a few weeks later one started to accept only Monero, running a full-node, p2pool’ing, even providing xmrno.de publicly for non-full-node p2pool miners. So this privacy-oriented (no-logging) generic Mastodon instance ieji.de (also providing onion/I2P) is now Monero supporting.

Recently (2023), the default of GnuPG has been changed: a new key generated will be no longer RSA but ECC. Elliptic (25519) is a way to go: keys are much shorter than say RSA4096. Migrating to elliptic is convenient and perhaps safer, even though RSA may be still safe too.

Realistically 2048 is about 600-digit. Factorization of a 100-400 digit number is more or less possible now. 600 is still hard, but maybe not totally impossible in the near future.

25519 was designed by D. J. Bernstein, who tenaciously fought a long legal battle against the US cryptography export regulations. He’s also strongly criticized various sabotages (backdoor) in NIST standardized cryptography algorithms, such as the random bit generation in Dual EC. That’s why people tend to like 25519, over RSA etc.

Nerdy footnotes 😅

multiplying two different large prime numbers

Technically, the two numbers are usually not proven primes (not a big deal: they’re most probably primes, just not mathematically proven…).

brute-force cracking a strong key would require an enormous amount of time

Obviously, one wouldn’t do a naive brute-force, like trial division. There are some number theoretic, sophisticated algorithms, and they’re getting stronger and stronger, both algorithm-wise and machine power-wise… Not too long ago, people were saying RSA512 was strong enough!

Some of possible solutions include:

• always use Tor 24/7, Tails or not, when possible, even when browsing normal websites, or using IRC etc.
• use bridges

Sorry if I sounded unpleasant. I’m not holding Monero, I actually use it (just like one may use Paypal), is all. Still, as you can see I’m from Monero.town, so obviously I’m a fan. Guilty as charged!

I’ve actually been “preaching” about privacy to my friends, but they’re typically like “Google is fine. I have nothing to hide.” Or about PGP (in vain). But I wouldn’t preach about (recommend) the privacy coin to regular people. Like you pointed out, it’s controversial and risky. As a long time user, I know too well about both sides of this.

It’s a free country, you can use whatever you like. Respect yourself and your own intuition :)

The current situation (summer July–Sept 2023) is, you better switch to any browser that is not Chromium-based. The reason is “Web Environment Integrity” (WEI), which seems to mean, basically, Google is trying to DRM-lock the whole Internet to make sure you see their ads and they can track everyone. Freedom-loving users obviously don’t like that.

At the same time Firefox is getting more and more annoying, yet it’s better than Google. A safe bet for a general user might be LibreWolf. Another new option is Mullvad Browser.

Exactly, except not “the entire”, but “almost entire”?

Monero has been largely detached from CEXes, no companies, no middle men… Many users still have that idealism, a cypherpunk philosophy, that which Bitcoin tried to achieve originally. It’s community-based and crowd-funded… Some of that fund was stolen, so we’ve got to admit that the Monero community was not so smart after all… Yeah, a bit embarrassing tbh. To err is human, I guess.

For example, we do have a zero-fee donation site kuno.anne.media and recently help some girl buy a laptop or doing things like that. Some of Monero users are idealists by nature, maybe silly dreamers or naive philosophers, but definitely not greedy HODLERs. Weird people, either way, haha 😅

I think I know what you’re trying to say, and that’s actually a difficult point. Privacy is double-edged.

By that logic, you’d have to support chat control, e2e backdoor, eIDAS 45, etc. and ban Tor, Tails, VPN, BitTorrent, or encrypted communication in general because sometimes criminals can (and do) abuse such technology too. While such logic is understandable, I’m a privacy advocate and can’t agree with that. Most libre people, EFF, FSF, etc. have been fighting against that very logic for more than 20 years. I’m one of them.

The same URL now: Microsoft gives in and lets you close OneDrive on Windows without explaining yourself

Update November 10th, 4:45AM ET: Microsoft has removed the dialog forcing users to fill out a survey when quitting OneDrive, and reverted to the original prompt. In a statement sent to The Verge, Microsoft says:

Between Nov. 1 and 8, a small subset of consumer OneDrive users were presented with a dialog box when closing the OneDrive sync client, asking for feedback on the reason they chose to close the application. This type of user feedback helps inform our ongoing efforts to enhance the quality of our products.

The story below is unchanged.

Excuse me, do you have a moment to talk about GNU/Linux? 🙃

When I got my senior mom a computer she had never used Windows. Instead of having her learn that I installed Debian with Xfce and Firefox. Now that’s all she knows, I laugh at people who tell me Linux is too hard when my mom without any tech knowledge uses it as her daily computer. If I had to switch her to Windows or a Chrome browser she’ll make a fuss about it.

How about a live OS as a free trial? Not only free as in free beer, but free as in freedom, and always will be free. You own your OS, not vice versa.

Become a Linux user today, while keeping your precious Windows 11 or whatever. I raise you Tails if you do this at all.

• Get an unused USB stick, download Tails and make a bootable USB. Typically this will take less than an hour.
• Restart and boot your computer into Tails.
• Congratulations! You’re a Debian user now, even on Tor. Meaning your real IP is hidden. Privacy strikes back!
• Start Tor Browser and enjoy Lemmy. Libre world is usually Tor-friendly (though lemmy.world may be behind CF).

I’m not saying you should ditch Windows today, but you might want to do some experiments? There are other OSes too, if you think yours is (becoming more and more) annoying!

[PS: lemmy.world is indeed behind Cloudflare (CF). You may not be able to use it directly via Tor. I’m okay because writing/reading this from a different, privacy-friendly instance. Though CF is MitM, some people believe it’s necessary. Be careful, though: everything you send, including your password, may be visible to this MitM as plaintext.]

The linked article (and so AutoTL;DR) is not very accurate. If you’re interested in this incident, read the original post, which is short and compact. General media articles are only quoting or re-quoting this thread, typically with some misunderstanding.

Specifically (about this post): Among other things, multisig is only suggested; nothing has been decided yet.

Generally (in many similar articles): Probably a specific local machine was hacked, though no one really knows yet what happened. It’s unlikely that the Monero network itself was hacked.

Since I’m a Monero supporter, obviously I tend to say good things about it, but frankly, the ironical fact here is, Monero is so privacy-focused that when something like this happens, it’s difficult to identify the attacker—i.e. by design Monero also protects the identity of the attacker. Some Monero users are having this weird, paradoxical feeling: it would be nice if we could catch this evil attacker, but being able to catch the attacker would be in a way very bad news for Monero (if you know what I mean) 😕