What?

I didn’t get it 🤔

That’s… pretty funny actually x)

Sorry for u my dude

The protocol doesn’t try to use each output 16 times actually, that could be pretty nice I guess. I was just saying that statistically, you should get an average of 16 times because, well, the ring size is 16. The actual may vary quite a bit, and your output might potentially never be featured as a decoy, or featured 100+ times. It isn’t likely though. I just used 16 because it is simpler this way.

I never watched the breaking Monero series, I should take the time to do it

And yea, really excited for FCMP++ as well :) - most chain analysis stuff will go bye bye

For real

OP is literally churning, just to a different wallet if his.

If transactions aren’t completely swept and they keep a non-zero change output, it makes things worse

Churning is fine if you have coin control and keep note of your outputs

Different wallets are fine if you manage to keep track of everything and properly sweep outputs. Avoid spending multiple churned outputs together if you can to prevent linking them together, but apart from that, it’s good.

I was really happy this topic was discussed. Decoys being chosen by the remote node is a real threat. IPs are discussed but any individual willing to hide their identity will either go through tor or a VPN that claims no logs are stored

If you use your XMR on something with your mail on it, with any personal info linked or with a CEX, you’re cooked

You’re right and wrong. Churning will reduce the traces linking back to you, but you’re still exposed at 1 churn per output, when including 10 outputs. You would even be exposed when spending 2 outputs from the same source

As you know, each ring currently has 16 transactions, including you. This means, on average (more or less because of other factors, but still), each output will be featured in 16 transactions. We can therefore assume that 1 in 16 of those transactions is real (in reality the distribution is not that perfect, but as an average, it is important to know the consequences).

You now have a 1 in 16 chance of being traced. Statistically, the transaction you made has 6,25% chance of being made by you. That’s pretty high for a single poisoned output, right?

Now imagine you spend 2 poisoned outputs… the distribution algorithm is not evenly distributed: older outputs are less likely to be picked than newer. This means you get a situation where the older your 2nd poisoned output is, the more you’ll stand out. The math is not that easy the make, but just knowing that each output will only be included 16 times on average, and that there are a lot of transactions so a lot of outputs, it becomes really unlikely that 2 of the poisoned outputs that are linked to the same individual end up in the same transaction if it was not made by the individual of question itself.

With 3+ poisoned outputs you basically confirm that it was the same person. Might not hold up in court, but they’ll definitely know

10+ poisoned outputs? Definitely you.

Churning each output only multiplies the number of possibilities by 32 (16 for one output, 32 in reality because 2 outputs are generated). This will certainly throw off the basic chain analysis methods, but if you’re a person of interest, all the linked outputs will be analyzed. All outputs that are created by including poisoned inputs might be considered, effectively multiplying the number of possibilities by 32 as said earlier. If I tried to spy on someone with this, I would probably set a higher suspicion level on the first transaction level, then less on the second… assuming chain analysis software does that as well, churning would actually divide the chances of being caught by more than 32 but lets assume they don’t do that as it’ll be easier. You now have 1 chance on 16^2=256 so 0,39% chance of having done a transaction with a churned output in between for a single poisoned output. Still pretty high if you want my opinion. If you do that multiple times, you’ll stand out for sure. Including multiple outputs will also expose you a lot. Spending 10 churned poisoned outputs will definitely expose you.

I should just make a blockchain analysis program and test transactions with it 😂

My recommendation: if you’re going to spend multiple poisoned outputs at once: churn them together into 1 output (it’s called sweeping afaik), then churn this individual output. The initial churn merge will make the transaction stand out, but since you only have one output to churn, you reduce the traces.

Please correct me if I’m wrong, I have put a lot of time thinking about all of this but I might have forgot to include some specific things. I already noticed that all transactions include 2 outputs (at least), so the possibilities are multiplied by 32, not 16 as was my initial assumption

Woops I omitted this crucial information from the title, fixed. Sorry for that.

Kraken is nice. You can get XMR directly if it’s available in your country, and you’ll have less withdrawal fees. Else, kraken charges about 0,20€ (equivalent in crypto) for withdrawal fees iirc

I would not call an OS where you can’t really start any “big” app a success. If you can’t do anything with it, what’s the point?

You can’t really degoogle a phone without sacrificing a lot of things. Most “degoogled” phones just use a compatibility layer that still gives google loads of infos

I would much rather have neither of Apple or google, but having to chose, I prefer Apple, at least they’re not on every website I visit

Btw you can “deapple” by jailbreaking but it becomes a huge pain, as degoogling is

Finding a good phone with good specs, a good OS that is elegant and doesn’t track you at an acceptable price with all the features just isn’t possible

But you still sadly have google services everywhere, popping up here and there, reminding you that they have control over apps

No, I don’t want to login with google or rate the app

Most matrix clients just collect loads of data, so meh

They’re supposed to be hashed so that shouldn’t matter

Unless that’s the joke or something

Great news!

Yes and no

Not that much against government but for everything else, it’s pretty good indeed

You nailed it, it’s all about the threat model

Bro went out of his way to be annoying

Let people buy the shit they want

Everything they recently added is pure bullshit and useless stuff. Just watch the video I linked, it says everything you want to hear. With all the data shared to their partners, I guess it’s relatively easy to fingerprint you, depending on how they do it. And cmon about the servers, I never go to their website, I only cost money because of the shit ton of data they retrieve. An update ping from time to time and an update twice a month can’t possibly cost 5 million dollars.

They don’t have anything to spend money on, the browser is pretty much full of features. The only thing to do is make it faster and check for security issues.

At least on Brave you can opt out of this bullshit

sorry if I missed something I’m high as fuck

Nice

firefox is an opensource software where literally anyone can view the source code and check themselves what is actually sent. you argument all you want with the “but can youn trust them?” but literally anyone esle except some guy on youtube didn’t feel like complaining about firefox

As if people actually did that. I bet serverside code isn’t open source

Did you forget about geolocation?

Mozilla’s websites are full of trackers too, and they are largely funded by Google. How can you protect privacy when your biggest customer gains money by tracking? Seems like a clear conflict of interest.

And it’s not a bit of telemetry data, it’s literally your entire computer config, number of tabs open, duration… they claim not to log IPs, but can you really trust them? The point is you’re constantly pinging with your IP to their servers for useless reasons. They literally sell your data by sharing it to their “business partners”.

They also send the url of all files you download to Google by default. Great. That’s privacy!

(The video also gives some good points)

I believe a lot of info I got was from this video but it’s been a while so I’m not too sure: https://youtu.be/ugnOM2mzgNU

Also yea Firefox sends a lot of telemetry data and stuff, even if you disable the option in the menu. You have to go to the developer mode to remove all of it. Check “hardened Firefox”. If there is an hardened Firefox, then there is a non-hardened Firefox.

And then there are all the contracts and calls to Google’s server, for example for geolocation and stuff

And if you want the ultimate proof, everything is in their privacy policy https://www.mozilla.org/fr/privacy/firefox/ - just see how much data they collect, use and share, for better or for worse.

Not really anymore for Mozilla. They now get a lot of your private data and share em with their “business partners”