privacy – Lifeboat News: The Blog https://lifeboat.com/blog Safeguarding Humanity Sat, 07 Sep 2019 16:07:52 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.1 Can Bitcoin Transactions be Made Private? https://lifeboat.com/blog/2019/09/can-bitcoin-transactions-be-made-private Fri, 06 Sep 2019 23:29:55 +0000 https://lifeboat.com/blog/?p=95877 The blockchain is public, yet a Bitcoin wallet can be created anonymously. So are Bitcoin transactions anonymous? Not at all…

Each transaction into and out of a wallet is a bread crumb. Following the trail is trivial. Every day, an army of armchair sleuths help the FBI. That’s how Silk Road was brought down.

The problem is that some of that money eventually interacts with the real world (a dentist is paid, a package shipped or a candy is purchased at a gas station). Even if the real-world transaction is 4 hops before or after hitting the “anonymous” wallet, it creates a forensic focal point. Next comes a tax man, an ex-spouse or a goon.

The first article linked below addresses the state of tumblers (aka “mixers”). They anonymize an open network by obfuscating the trail of bread crumbs.

Mixers/tumblers aren’t the only way to add a layer of privacy to Bitcoin transactions. The Lightning Network spec includes an optional 17-hop onion routing (just like TOR’s 4 step onion routing). I have not yet seen the feature expressed in wallets or services, but if implemented, it will be even more private and trustworthy than a mixer, because there is no middle party to trust (by you) or squeeze (by investigators). It has the potential to makes any crypto Bitcoin even more anonymous than cash.

Certain cryptocurrencies (not Bitcoin) have anonymity baked in by design. Monero, ZCash and Dash are privacy tokens that use very different approaches to eliminate the bread crumbs. Monero appears to have one distinct advantage: Like the TOR network, it is trustless. But there are benefits to each approach.


Philip Raymond co-chairs CRYPSA, hosts the Bitcoin Event and is keynote speaker at Cryptocurrency Conferences. He is a top writer at Quora.

]]>
Can I Check Web Sites Visited by my Kids/Staff? https://lifeboat.com/blog/2019/07/can-i-check-web-sites-visited-by-my-kids-staff Sun, 14 Jul 2019 14:17:29 +0000 https://lifeboat.com/blog/?p=93591 Early this morning, I was asked this question at Quora. It’s a pretty basic request of network administrators, including parents, schools and anyone who administers a public, sensitive or legally exposed WiFi hot spot.

Is there a quick and easy way to view, log, or otherwise monitor the web sites visited by people on your home or office network?

Yes. It’s free and and it is pretty easy to do.

It gets a bit trickier, if the individual on your network is using a VPN service that they have configured on their device.[1] A VPN does not stop you from logging their browsing, but all of their activity will point to the VPN address instead of the site that they are actually visiting. In that case, there is another way to monitor their activity. See note #1, below.

Before getting into this, I should mention that I believe that using covert methods to monitor a family member’s online activity is a terrible method of parenting. In my opinion, there are better ways to deal with the issue—parenting techniques that don’t undermine trust as they deal with safety.

I can think of at least three methods for logging the websites that people on your network visit. In the explanation below, we will focus on #2. For more information, dig into the notes at the bottom of this answer.

You can either…

  1. Configure your router to store logs of visited IP addresses [2]
  2. Set your router to use the DNS server at opendns.com, instead of the default server offered by your internet service provider. This involves a simple setting available in all routers. (Replace default DNS server addresses with 208.67.222.222 and 208.67.220.220)
  3. You can set up a proxy which redirects web traffic to one of the computers in your house or a third-party service. This is how the monitoring software for parents and custodial services monitor or block web traffic.

In the remainder of this quick tutorial, we focus on method #2..

Once you configure your router to use the two DNS servers at OpenDNS.com, create a free account on their web site. Then, enable the logging feature. It not only shows you visited domains, it maps them into actual domain names and subdomains—making it easy to search, sort or analyze traffic.

You can download a spreadsheets and sort by number of visits or by the domains visited. Logs are maintained for only two weeks. So, if you wish to maintain a history, you will need to visit OpenDNS and download them regularly. (Check their user forum. Someone has created a safe, single-line DOS command that downloads these activity logs to your PC).


[1] VPN, Onion Routing and Encryption

If an individual in your home or office is using a Virtual Private Network [VPN], they are effectively covering their tracks with method #3, above. You can see their connection to the VPN service, but that service is either trusted to destroy logs of visited web sites, or anonymize traffic, by routing it through a chain of users that have no way to back-trace and identify the requester’s address.

Since their traffic originates on your network, there are other things you can do to monitor their activities. For example, if they are not using end-to-end encryption, you can use method #3 yourself, to route data in and out through your own PC or service.

[2] Logging the IP address or domain of visited web sites is not a feature of all routers. I have three recent model routers — and only one of them has a feature to log traffic in and out of the network.

[3] OpenDNS cannot discriminate the individual device in your home or office that has accessed websites that it logs. The logs include the traffic for all HTTP access that originates through your internet service subscription.

But some remarkable feature of OpenDNS (other than it being completely free):

a) It speeds up your overall internet experience noticeably! Like Google’s free DNS service, it is more robust and more redundant than the default DNS settings recommended by your internet service provider.

b) It maps every IP address into a domain name. So when you log in to check your logs and statistics, you don’t need to figure what the numbers mean. You view a list that makes sense. You can even search for certain words or web sites.

c) It permits you to block websites based on a very rich set of 100 criteria, including violence, adult content, hate speech, etc.

d) It offers graphs of your network access including overall volume. An example is shown here:

]]>
Edward Snowden will discuss Trump & privacy: Nov 10th https://lifeboat.com/blog/2016/11/edward-snowden-will-discuss-trump-privacy-nov-10th Thu, 10 Nov 2016 01:27:05 +0000 http://lifeboat.com/blog/?p=31808 Tune in tomorrow (Thursday, Nov 10, 2016) at 4:30PM Eastern. Find out what Edward Snowden has to say on the future of the US.                                                                    [Source: StartPage via Engadget]

edward-snowden

American technology policies could change significantly under Donald Trump, and that includes its stance on privacy. How will the new leader alter government surveillance, for example? Edward Snowden might have an answer. The whistleblower and Dutch search engine StartPage are hosting a live event on November 10th at 4:30PM Eastern to address what happens to privacy in the Trump era, among other questions. Snowden speaking engagements are nothing new, but this is special — he’s more than a little familiar with government spying activities, and this is his first chance to opine on how things might be different under a new administration.

Snowden hasn’t said much of anything about the subject as of this writing. However, Trump doesn’t exactly have a stellar record on internet privacy so far. He has proposed reauthorizing the Patriot Act and the previous, less restrained NSA mass surveillance that took place while the Act was in force. He tends to “err on the side of security” over privacy, even if he’s not especially fond of it. As such, Snowden probably won’t have many kind things to say. He’s in favor of more privacy wherever possible, and that could easily put him at greater odds with the US government than he is now.

]]>
Diminishing Bitcoin Mining Rewards https://lifeboat.com/blog/2016/10/diminishing-bitcoin-mining-rewards Mon, 31 Oct 2016 15:38:39 +0000 http://lifeboat.com/blog/?p=31548 By now, most Bitcoin and Blockchain enthusiasts are aware of four looming issues that threaten the conversion of Bitcoin from an instrument of academics, criminal activity, and closed circle communities into a broader instrument that is fungible, private, stable, ubiquitous and recognized as a currency—and not just an investment unit or a transaction instrument.

These are the elephants in the room:

  • Unleashing high-volume and speedy transactions
  • Governance and the concentration of mining influence among pools, geography or special interests
  • Privacy & Anonymity
  • Dwindling mining incentives (and the eventual end of mining). Bitcoin’s design eventually drops financial incentives for transaction validation. What then?

As an Op-Ed pundit, I value original content. But the article, below, on Bitcoin fungibility, and this one on the post-incentive era, are a well-deserved nod to inspired thinking by other writers on issues that loom over the cryptocurrency community.

This article at Coinidol comes from an unlikely source: Jacob Okonya is a graduate student in Uganda. He is highly articulate, has a  keen sense of market economics and the evolution of technology adoption. He is also a quick study and a budding columnist.

What Happens When Bitcoin Mining Rewards Diminish To Zero?

Jacob addresses this last issue with clarity and focus. I urge Wild Ducks to read it. My response, below touches on both issues 3 and 4 in the impromptu list, above.


Sunset mining incentives—and also the absence of supporting fully anonymous transactions—are two serious deficiencies in Bitcoin today.
I am confident that both shortcomings will be successfully addressed and resolved.

Thoughts about Issues #3 and #4: [Disclosure] I sit on the board at CRYPSA and draft whitepapers and position statements.*

Blockchain Building: Dwindling Incentives

mining-incentive-02Financial incentives for miners can be replaced by non-financial awards, such as recognition, governance, gaming, stakeholder lotteries, and exchange reputation points. I am barely scratching the surface. Others will come up with more creative ideas.

Last year, at the 2015 MIT Bitcoin Expo, Keynote speaker Andreas Antonopoulos expressed confidence that Bitcoin will survive the sunset of miner incentives. He proposed some novel methods of ongoing validation incentives—most notably, a game theory replacement. Of course, another possibility is the use of very small transaction fees to continue financial incentives.

Personally, I doubt that direct financial incentives—in the form of microcash payments— will be needed. Ultimately, I envision an ecosystem in which everyone who uses Bitcoin to buy, sell, gift, trade, or invest will avoid fees while creating fluidity—by sharing the CPU burden. All users will validate at least one Blockchain transaction for every 5 transactions of their own.

Today, that burden is complex by design, because it reflects increasing competition to find a diminishing cache of unmined coins. But without that competition, the CPU overhead will be trivial. In fact, it seems likely that a validation mechanism could be built into every personal wallet and every mobile device app. The potential for massive crowd-sourced scrutiny has the added benefit of making the blockchain more robust: Trusted, speedy, and resistant to attack.

Transaction Privacy & Anonymity

Bitcoin’s lack of rock-solid, forensic-thwarting anonymity is a weak point that must ultimately be addressed. It’s not about helping criminals, it’s about liberty and freedoms. Detectives & forensic labs have classic methods of pursuing criminals. It is not our job to offer interlopers an identity, serial number and traceable event for every transaction.

Anonymity can come in one of three ways. Method #3 is least desirable:

  1. Add complex, multi-stage, multi-party mixing to every transaction—including random time delays, and parsing out fragments for real purchases and payments. To be successful, mixing must be ubiquitous. That is, it must be active with every wallet and every transaction by default. Ideally, it should even be applied to idle funds. This thwarts both forensic analysis mining-incentive-03and earnest but misguided attempts to create a registry of ‘tainted’ coins.
  2. Fork by consensus: Add anonymizing technology by copying a vetted, open source alt-coin
  3. Migrate to a new coin with robust, anonymizing tech at its core. To be effective, it must respect all BTC stakeholders with no other ownership, pre-mined or withheld distribution. Of course, it must be open, transparent and permissionless—with an opportunity and incentive for all users to be miners, or more specifically, to be bookkeepers.

That’s my opinion on the sunset of mining incentives and on transaction anonymity.
—What’s yours?


* Philip Raymond is co-chair of the Cryptocurrency Standards
  Association. He was host and MC for the Bitcoin Event in New York.

]]>
Bitcoin Fungibility: A Benefit of privacy & anonymity https://lifeboat.com/blog/2016/10/bitcoin-fungibility-a-benefit-of-privacy-anonymity Mon, 31 Oct 2016 15:33:43 +0000 http://lifeboat.com/blog/?p=31546 I was pointed to this article by Jon Matonis, Founding Director, Bitcoin Foundation. I was sufficiently moved to highlight it here at Lifeboat Foundation, where I am a contributing writer.

On Fungibility, Bitcoin, Monero and ZCash … [backup]

This is among the best general introductions I have come across on traceability and the false illusion of privacy. The explanation of coin mixing provides and coin_mixing-03excellent, quick & brief overview.

Regarding transaction privacy, a few alt-coins provide enhanced immunity or deniability from forensic analysis. But if your bet is on Bitcoin (as it must be), the future is headed toward super-mixing and wallet trading by desgin and by default. Just as the big email providers haved added secure transit,
Bitcoin will eventually be fully randomized and anonymized per trade and even when assets are idle. It’s not about criminals; it’s about protecting business, government and individuals. It’s about liberty and our freedoms. [Continue below image]

coin_mixing-04

How to thwart forensic investigation: Fogify explains an advanced mixing process

The next section of the article explains the danger of losing fungibility due to transaction tracing and blacklisting. I can see only ONE case for this, and it requires a consensus and a hard fork (preferably a consensus of ALL stakeholders and not just miners). For example, when a great number of Etherium was stolen during the DAO meltdown.

My partner, Manny Perez, and I take opposing views of blacklisting coins based on their ‘tainted’ history (according to “The Man”, of course!). I believe that blacklists must ultimately be rendered moot by ubiquitous mixing, random transaction-circuit delays, dilbert-060219and multiple-transaction ‘washing’ (intentionally invoking a term that legislators and forensic investigators hate)—Manny feels that there should be a “Law and Order” list of tainted coins. Last year, our Pro-&-Con views were published side-by-side in this whitepaper.

Finally, for Dogbert’s take on fungible, click here. I bought the domain fungible.net many years ago, and I still haven’t figured out what to do with it. Hence this Dilbert cartoon. smile
____________
Philip Raymond is co-chair of The Cryptocurrency Standards Association.
He also presents on privacy, anonymity, blind signaling & antiforensics.

]]>
Ex-NSA Boss Says FBI is wrong on Encryption https://lifeboat.com/blog/2016/01/ex-nsa-boss-says-fbi-is-wrong-on-encryption Thu, 14 Jan 2016 19:53:55 +0000 http://lifeboat.com/blog/?p=20753

Ex-NSA boss says FBI director is wrong on encryption

encryption

Encryption protects everyone’s communications, including terrorists. The FBI director wants to undermine that. The ex-NSA director says that’s a terrible idea.

The FBI director wants the keys to your private conversations on your smartphone to keep terrorists from plotting secret attacks.

But on Tuesday, the former head of the U.S. National Security Agency…

Read the full article at CNN Money
http://money.cnn.com/2016/01/13/technology/nsa-michael-hayden-encryption/

]]>
Drone ‘Angst’ extends beyond backyard spying https://lifeboat.com/blog/2015/10/drone-angst-extends-beyond-backyard-spying Tue, 20 Oct 2015 10:38:44 +0000 http://lifeboat.com/blog/?p=18569 http://aviationweek.com/defense/drone-angst-extends-beyond-backyard-spying

]]>
Justice Beyond Privacy https://lifeboat.com/blog/2014/09/justice-beyond-privacy Thu, 11 Sep 2014 11:49:53 +0000 http://lifeboat.com/blog/?p=12319 As the old social bonds unravel, philosopher and member of the Lifeboat Foundation’s advisory board Professor Steve Fuller asks: can we balance free expression against security?

justice

Justice has been always about modes of interconnectivity. Retributive justice – ‘eye for an eye’ stuff – recalls an age when kinship was how we related to each other. In the modern era, courtesy of the nation-state, bonds have been forged in terms of common laws, common language, common education, common roads, etc. The internet, understood as a global information and communication infrastructure, is both enhancing and replacing these bonds, resulting in new senses of what counts as ‘mine’, ‘yours’, ‘theirs’ and ‘ours’ – the building blocks of a just society…

Read the full article at IAI.TV

]]>
The Impending Crisis of Data: Do We Need a Constitution of Information? https://lifeboat.com/blog/2013/06/the-impending-crisis-of-data-do-we-need-a-constitution-of-information Thu, 06 Jun 2013 04:38:16 +0000 http://lifeboat.com/blog/?p=8216 The recent scandal involving the surveillance of the Associated Press and Fox News by the United States Justice Department has focused attention on the erosion of privacy and freedom of speech in recent years. But before we simply attribute these events to the ethical failings of Attorney General Eric Holder and his staff, we also should consider the technological revolution powering this incident, and thousands like it. It would appear that bureaucrats simply are seduced by the ease with which information can be gathered and manipulated. At the rate that technologies for the collection and fabrication of information are evolving, what is now available to law enforcement and intelligence agencies in the United States, and around the world, will soon be available to individuals and small groups.

We must come to terms with the current information revolution and take the first steps to form global institutions that will assure that our society, and our governments, can continue to function through this chaotic and disconcerting period. The exponential increase in the power of computers will mean that changes the go far beyond the limits of slow-moving human government. We will need to build new institutions to the crisis that are substantial and long-term. It will not be a matter that can be solved by adding a new division to Homeland Security or Google.

We do not have any choice. To make light of the crisis means allowing shadowy organizations to usurp for themselves immense power through the collection and distortion of information. Failure to keep up with technological change in an institutional sense will mean that in the future government will be at best a symbolic façade of authority with little authority or capacity to respond to the threats of information manipulation. In the worst case scenario, corporations and government agencies could degenerate into warring factions, a new form of feudalism in which invisible forces use their control of information to wage murky wars for global domination.

No degree of moral propriety among public servants, or corporate leaders, can stop the explosion of spying and the propagation of false information that we will witness over the next decade. The most significant factor behind this development will be Moore’s Law which stipulates that the number of microprocessors that can be placed economically on a chip will double every 18 months (and the cost of storage has halved every 14 months) — and not the moral decline of citizens. This exponential increase in our capability to gather, store, share, alter and fabricate information of every form will offer tremendous opportunities for the development of new technologies. But the rate of change of computational power is so much faster than the rate at which human institutions can adapt — let alone the rate at which the human species evolves — that we will face devastating existential challenges to human civilization.

The Challenges we face as a result of the Information Revolution

The dropping cost of computational power means that individuals can gather gigantic amounts of information and integrate it into meaningful intelligence about thousands, or millions, of individuals with minimal investment. The ease of extracting personal information from garbage, recordings of people walking up and down the street, taking aerial photographs and combining then with other seemingly worthless material and then organizing it in a meaningful manner will increase dramatically. Facial recognition, speech recognition and instantaneous speech to text will become literally child’s play. Inexpensive, and tiny, surveillance drones will be readily available to collect information on people 24/7 for analysis. My son recently received a helicopter drone with a camera as a present that cost less than $40. In a few years elaborate tracking of the activities of thousands, or millions, of people will become literally child’s play.

At the same time, increasing powerful technology will make the fabrication of texts, images, and, increasingly, videos and sounds easy. We can see already in the latest generation of virtual reality sophisticated forms of mimetic representation that promise to be indistinguishable from reality in the near future. The drastic drop in the cost of computation will make it possible to create elaborate histories for virtual events, and biographies for virtual people, that will make those realities entirely convincing. Once a virtual person has forty years of complex memories and records (from credit records to medical records and diaries), the challenge of distinguishing him from an actual individual will be difficult. In addition, as virtual reality merges with social networks, the chaos will be extreme. Facebook friends may end up being partially, and then primarily, avatars controlled by supercomputer networks without the individual being aware.

The impact of the information revolution does not stop there. The use and misuse of DNA material in genetically modified organisms, or for other applications, is becoming exponentially cheaper. Whereas a single human genome was once prohibitively expensive, the cost of sequencing is falling at a rate far faster than Moore’s Law.

As the cost approaches zero for sequencing, Professor John Burn of Newcastle University is one of a growing number who advocate for creating genomes for every single human on earth. Doing so will be easy in five years or less, and the benefits could be tremendous. But imagine an age in which one’s DNA can be picked up off of a glass and duplicated into clones, or combined with other DNA to form payloads for viruses, or employed to manufacture off-the-shelf organs, there will be a desperate need for a set of rules and regulations on the collection and use of genetic information.

There are a host of other threats on the horizon that call out for some international system of regulation and control beyond simple market forces and gentleman’s agreements. Some can be predicted, others we can only speculate about. For example, we will face serious challenges when it comes to the function of money as it becomes entirely digitalized and its value is subject to imperceptible manipulations and alterations on a global scale. So also the rise of micro-drones beyond the control of even governments that can spy and wage invisible wars will require new institutions to contain them. For that matter, the next generation of 3D printing not only promises breakthroughs such as organ fabrication and the synthesis of edible hydroponic meat tissues, but also threatens to make possible the unlicensed production of weapons according to designs. These developments will require new legal and ethical structures before they can be adequately addressed.

The Constitution of Information

I propose that the first step in responding to the information crisis is the drafting of a global “Constitution of Information” that sets down concrete rules concerning the use of information and the maintenance of accuracy of information, thereby establishing a reliable system that is founded on a strong set of checks and balances to make sure that attempts to control information does not lead to even greater abuses.

Although the gathering and manipulation of information has become a major issue, the existing national constitutions on which we base our laws and our governance (in the United States or elsewhere) have little to say about this problem. Moreover, many of us have trouble grasping the seriousness of the information crisis: it remains largely invisible because it alters the very means by which we perceive the world.

We need to hold an international constitutional convention in which we can draft a binding global “constitution of information” that will address the consequences of the information revolution. It would be meaningless simply to propose a text for a constitution at this point because a living constitution is not a written text but rather an institution created through a series of negotiations and compromises. At this point we can only identify the need and the general issues that must be addressed within such a constitution and by institutions created by that convention.

Those who object to such a constitution of information as a dangerous form of centralized authority that will encourage abuse are not fully aware of the problems we already face. The abuse of information has already reached epic proportions and we are just at the doorstep of exponential increases.

In his dystopian novel 1984, George Orwell foresaw the dangers of a centralized clearinghouse for official propaganda named “The Ministry of Truth” in which the imperative to promote veracity is perverted into a factory for manufacturing fiction in the tradition of Stalin. The dangers of such a distortion of any attempt to rectify the tremendous amount of disinformation and misinformation in circulation should be foremost in our minds.

We are proposing a system that will bring accountability and institutional transparency to the institutions that are already engaged in the control, collection, and alternation of information. The point is to give an ethical imperative and a vision for the future. Failure to establish institutions like this constitution of information will not assure preservation of an Arcadian utopia, but rather will encourage the emergence of even greater fields of information collection and manipulation that are entirely beyond the purview of any institution. The result will be increasing manipulation of human society by shadowy and invisible forces for which no set of regulations has been established.

One essential assumption behind the constitution of information should be, following David Brin’s argument in his book The Transparent Society (1998) that privacy will be extremely difficult, if not impossible, to protect in the future in light of technological evolution. We must accept, paradoxically, that information must be made part of the public commons in order to preserve its integrity and its privacy. That is to say that simply protecting privacy will not be sufficient granted the overwhelming development of new technologies for gathering and altering information that will emerge in the years ahead.

Within a future constitution of information, and the institutions that it proposes, there must be a complex separation of powers wherein information is monitored, and its abuses controlled, or punished, according to a meticulous, painfully negotiated, agreement that follows the principles of transparency, accountability and the maintenance of a commons for the benefit of ordinary people. Information could be governed by three branches of government, something like the legislative, executive, and judicial systems that have served well in constitution-based governments following the proposals of Montesquieu for a tripartite system. The branches could be assigned different tasks and authorities within this system for monitoring information. The branches within government of information would have built into their mandates competing interests that would motivate them to limit the power of the other branches. Currently, there is little such balance of power within the global intelligence community or the large IT companies that have such influence globally.

For this reason, I suggest that as part of the three branches of government, a “three keys” system for the management of information be adopted. That is to say that sensitive information will be accessible — otherwise we cannot assure that information will be accurate — but that the information can only be accessed when the three keys are present that represent the three branches of the system. That process would assure that accountability can be maintained because three institutions whose interests are not necessarily aligned must be present to access that information.

The need to both assure privacy and to insure accuracy and reliability will require complex institutional changes and reinterpretations of the constitutional systems that exist already. But as we are already entering into a “post-constitutional” age in countries like the United States, it is imperative that we reaffirm the value of such public contracts so that to keep them from becoming mere ornaments.

The challenges of maintaining a balanced and reliable ecosystem for information cannot be dictated in a single article, but we can set the goal and start to bring together both practitioner and visionaries to put forth a direction and an encapsulation of the central tenets for a system based on transparency and accountability.

(based on article originally featured in The Hankyoreh, June 3, 2013)

]]>