sethforprivacy: if my btc will get lost, i will hold you liable because i used your site.

bc1q52ta9l354gz2z3hfucl5ls9zd9waretmnm9lkz - address shown in swap.exe for btc-xmr atomic swap

#comit-monero:matrix.org inlight

plowsof[m]: just wrote there

lets see if someone replied

#unstoppableswap:matrix.org worth a try too

ok- wrote there, thanks

btc sent to /dnsaddr/battery.commitcri.me - was the provider

plowsof[m]: their channel is dead- barely any reply

inlight: have you tried those steps

<ian.niculescu> guys the night is going to be rough check out Monero: reddit.com/r/place/?cx=1025&cy=492&edit=&fullscreen=&px=65 maybe give us some help, come to our r/place.

Will the /r/place ever stop?

We get it, cool Discord, reddit fellas. After the 19th post or comment about it, we heard loud and clear.

If you're a Trezor user read this immediately:

Massive breach.

is it real though

what is real?

some fools fooling around with pixels on reddit? totes.

seems to be a phishing email / not real according to some comments ( i mean, how can you 'steal my crypto' if im using a hardware wallet )

<luigi1111w> "is it real though" <- Yes, it must be (or their email list was hacked/shared and phished)

I use a unique email alias for them which no one else could know/guess.

im going to back up my seed on my iCloud and use the wallet migration service the email linked me to just to be safe 😛

It's a phish

But Trezors email list was hacked/leaked for sure. No way this email alias was gotten any other way.

yeah email list hack seems most likely answer

<luigi1111w> "yeah email list hack seems..." <- Yes.

More info and example of the phish:

do we have some templates for the monero place drawing?

sorry i should prolly have scrolled up

sethforprivacy: there is a great way to help monitor emails that have been leaked. When signing up for accounts use Gmail (I know, bear with me). You can you + extensions on your Gmail account as aliases, to keep track of what account sign up emails get leaked. So for trezor you email sign up is normalemail+trezor⊙gc, which still redirects to normalemail⊙gc might work for other email services as well.

That way, if that email ever gets leaked it's obvious it is from Trezor

midipoet scammers know this too and remove +... part is easy

hi in eedh elp

plowsof[m]:

plowsof[m]: i tried swap withdraw-btc

nad it published a transaction, which goes to same address check, not mine

46ab3c269c7c9443eec2fa30bf2820f0a1e160556e9ea674b8d00884aa159a8d

what?

oh i had put the address wrong- had to put my address there

thanks, shall refund now!

exit

<midipoet> "Seth For Privacy: there is a..." <- I used a unique alias and that was one of the reasons I thought it was real, actually.

The alias is only known by Trezor themselves (until this hack), and could not have been guessed etc.

perfect example how mindset > tools when dealing with privacy/security

anyone reading that email should have known its a scam straight away

<Encore> indeed, tools alone will not help you if you log into facebook using tails

bridgerton[m]: perfect example

> <@bridgerton:matrix.org> <Encore> indeed, tools alone will not help you if you log into facebook using tails

* another great example

when people mindless follow guides/recommendations it gives them false sense of security

giving a fuck about your own privacy isnt something you can teach some one on a podcast

s/mindless/mindlessly/

this meme sums up everything that is wrong with the privacy/security scene in crypto

<r4v3r23[m]> "this meme sums up everything..." <- exactly, shred your data or hide it somewhere physically without anyone ever knowing it.

netrik182: Do you know anything about the German/Spanish/Italian ccs 'work in progress' proposals that seem to be inactive ( without about 50XMR raised for them)

plowsof: I’d like to complete the CCS translation’s proposal in Italian which seems currently inactive

That would be nice errm not sure of the process here, im assuming to contact luigi1111 and / or have it discussed in a community meeting. netrik182 is/was the 'coordinator' but.. ccs.getmonero.org/proposals/netrik-translation-coordination-2.html

<r4v3r23[m]> "this meme sums up everything..." <- My favorite are the people who go even beyond that: biometric fingerprint of faceID or a yubikey instead of passwords. Really secure data you have there, would be a shame if I just held your phone in front of your face.

plowsof[m]: there were some suspicious CCS months ago that used auto translate

machine translations*

are you talking about them?

@selsta oooo 🍿 interesting,, i had no idea of this. i was just looking through the work in progress and noticed these translations seem inactive. seems that 1 person has volunteered to handle the italian translations

i think as a result we changed the rules for translation CCS

i sort of finished the translation from english to portuguese of ztm v2.

there is lots of i dont understand in the extensions part. Therefore the translation must be faulty in many parts...

I wanted to finish it before i explain the randomx and the bulletproofs.

tomorrow i will start my job so i will only have time on the weekends...

i only want to rant at the konferenko about slave blocks :)

im from portugal and my mom does not let me visit her if i dont get that thing in the arm that makes clotty...

smh

she Trusts The Science

<Kivojo[m]> "exactly, shred your data or hide..." <- bingo. treat your digital shit like physical property

keeping your shit offline beats any encryption out there

<Encore> not really, physical theft is one of the scenarios where encryption helps a ton

thats why not all the blocks should be on the blockchain at all time just their hashes.

not if you do it properly

big blockers, small blockers whatever!

<Encore> I don't think you understood my sentence

bridgerton[m]: i did. the same way you dont keep all your valuables in one place, you do the same with digital assests

<Encore> Encryption makes theft useless

<Encore> if you encrypt whatever drive was stolen, the data is at least not in the wrong hands

bridgerton[m]: see meme posted above

<Encore> I don't see any

<Encore> Not all encryption involves a password, and theft rarely ever follows up with kidnapping

<Encore> if they find out the drive is encrypted they'll format it and resell the laptop or phone

not if its a targetted attack

aka they know your a crypto users

s/users/user/

<Encore> get better opsec in that case, not relevant to pure theft

<Encore> also xkcd is gay

if someone just steals your phone you have nothing to worry about regardless

<Encore> don't use password based encryption

thats not what were talking about here

if they want whats in the phone youve got a problem

like govt agencies or thugs

but im being redundant

<Encore> are you saying encryption does not help in this scenario

yes

encryption doesnt protect against physical attacks

<Encore> Encryption does not protect against data destruction, yes

<Encore> but it protects in data reveal

no it doesnt

not if i want to force you to decrypt it for me

or i bash your head in

funnily enough a bank is one of your safest bets in this situation

<Encore> can't force me if I don't have the means to decrypt

<Encore> if you kill me then no coin

i dont think you understand how torture works

<Encore> In that case, better not encrypt anything incase someone gives you ouchie

again, refer to the meme

<Encore> Yes, refer to what I said

with a gun to your head or to your family it wont matter what encrpyiton you used

yeah youre just wrong

<Encore> Yes, purely relying on password based encryption is not good opsec against threat models that high value targets may face

<Encore> which is not at all what I said

any encryption

youre options are give me what i want or suffer physical harm

s/youre/your/

<Encore> you are adding to my points

you just think i am

go ahead and write a guide on how to succesfully escape a crypto kidnap scenario free of harm using encryption

with all your coins untouched

<Encore> You are still not arguing against my point

<bridgerton[m]> "<Encore> In that case, better..." <- youre talking about encryption

so either make your point or lets wrap this up

<Encore> I already made my point, scroll up

so were done here

<Encore> Very mature

i mean you could make the same argument with lots of things..

why have a car key when someone can point a gun at your face and force you to give them your car key?

the answer is simple, for the times when you need the door to be locked and the attacker isnt using the method mentioned above.

why have locks on your front door to your house when someone can just wait for you to leave and force you to give up the house key at gunpoint.. and etc. why have locks on anything maaan.

its kind of a dumb argument.

you are both dumb because r4v3r23 presented the dumb argument and

Encore argued against it very poorly.

> <@unscottable:antioptic.com> i mean you could make the same argument with lots of things..... (full message at libera.ems.host/_matrix/media/r0/do…5c5bb0ac1d65b8e74ccc7e79ca8f964ca28)

* cars can have gps tracking and license plates/VINs

theyre not fungible. now try again

so? all of those can be interfered with or altered. cars are stolen and resold all the time.

my point is that the reason you have locks of any kind is that there are times when attackers are not using the method you described.

try tackling the broader point i made instead of trying to sound smart by pointing out that crypto and cars arent the same thing.

imagine actually arguing with r4v3r23[m].

it's like having a conversation with an 13 years old kid from high school.

the pretentiousness and dullness required to say "try again" after having not addressed the point I made at all.

<onions> "it's like having a conversation..." <- Yeah Id agree with that description.

Just hit the ignore button.