03:11:02 <m-relay> <m​ichael:monero.social> Do you midipoet: have a couple highlights on the meeting for those of us who missed it?
06:46:46 <midipoet> michael: work on the draft consultations is continuing, with a lot of intial thoughts being provided excellently by andrea_togni. There was a discussion about considering to offer a reply to a call for evidence on an evaluation for a specific AML Directive in Europe, but it was decided we would wait until further opportunity, due to the impracticability of replying to all of these consultations at the same time. Minutes 
06:46:46 <midipoet> of the meeting are here: https://github.com/monero-project/meta/issues/869 . Next meeting is 22nd August.  
15:07:58 <m-relay> <m​ichael:monero.social> Good summary midipoet: dankon very much.
17:29:43 <m-relay> <n​igger666:buyvm.net> https://matrix.monero.social/_matrix/media/v1/download/buyvm.net/TNBOYqBiBeFzZyHcElbMWGJd
17:29:51 <m-relay> <n​igger666:buyvm.net> Not traced 'p
18:14:10 <m-relay> <n​igger666:buyvm.net> https://matrix.monero.social/_matrix/media/v1/download/buyvm.net/xDgrhsUFmIzEXmzfbDBiGJRe
18:18:19 <m-relay> <m​onerochad> Tf
18:19:24 <m-relay> <n​igger666:buyvm.net> >>monerochad Tf
18:25:23 <m-relay> <c​trej:matrix.org> plowsof Banhammer:  BanhammerMonero:
18:25:39 <m-relay> <c​trej:matrix.org> sgp: ofrnxmr:
18:26:11 <m-relay> <c​trej:matrix.org> cleanup pls?
18:27:29 <m-relay> <s​gp:magicgrants.org> done, thanks for the ping
19:16:40 <m-relay> <x​mrscott:monero.social> (Also in the process of reporting to their home server admins to spare other FOSS communities having to deal with this one)
19:29:45 <m-relay> <1​23bob123:matrix.org> Do you guess use cme-list?
19:29:45 <m-relay> <1​23bob123:matrix.org> Do you guys use cme-list?
19:31:59 <m-relay> <d​reamcityx:matrix.org> No, I'm not familiar with the CME-list. Could you provide more information about it?
19:33:26 <m-relay> <1​23bob123:matrix.org> Community ban list. So if your room uses it, if i ban in another room ie gos it pushes across to who is apart of it.
20:29:19 <m-relay> <z​arter:matrix.org> Is there a way to improve my knowledge of monero after reading mastering monero reading zero to monero due to it being to advanced?
20:46:13 <m-relay> <d​reamcityx:matrix.org> Are there specific parts of Monero's ecosystem, like wallet usage or mining, that you find challenging?
20:47:08 <m-relay> <z​arter:matrix.org> Do you mean from zero to monero? Or just what I wish to learn more of?
20:47:10 <m-relay> <d​reamcityx:matrix.org> What you wish to learn
20:47:56 <m-relay> <z​arter:matrix.org> Well not sure, just generally. Maybe not the cryptography specifically, that would require me to actually study maths
20:56:41 <m-relay> <d​reamcityx:matrix.org> Well, to give a few ideas you could learn about ring signatures, stealth addresses and ring confidential transactions. You could learn about 51% attacks and how how Monero tries to mitigate these risks.
20:56:41 <m-relay> <d​reamcityx:matrix.org> How Monero can be used for online purchases or donations is cool as well; Its practical usage
20:57:37 <m-relay> <z​arter:matrix.org> I have read slight about all of the points mention in the "Mastering Monero" book
20:58:15 <m-relay> <z​arter:matrix.org> But nothing I can think of being possible to go deeper into without being required to learn to much new cryptography
20:59:06 <m-relay> <z​arter:matrix.org> Moreover, how do you protect it from botnets? For example as there is at this moment among the monero miners
21:02:21 <m-relay> <r​ucknium:monero.social> Zarter(Please ping me): Maybe read current research issues: https://github.com/monero-project/research-lab/issues
21:02:30 <m-relay> <r​ucknium:monero.social> And Seraphis: https://github.com/UkoeHB/Seraphis
21:02:44 <m-relay> <r​ucknium:monero.social> Idea that could reduce profitability of botnets: https://github.com/monero-project/research-lab/issues/98
21:04:01 <m-relay> <z​arter:matrix.org> Will definently looks in to it
21:04:16 <m-relay> <z​arter:matrix.org> But is there a way to contribute without maybe programming myself?
21:06:43 <m-relay> <r​ucknium:monero.social> Zarter(Please ping me): https://monero.observer/ultimate-guide-new-monero-contributors/
21:12:45 <m-relay> <z​arter:matrix.org> It appears as if the only solusion they came up with was increasing the bandwith for miners... Doesn't feel like a good solution
21:13:31 <m-relay> <r​ucknium:monero.social> Zarter(Please ping me): It only increases the bandwidth for miners who don't run their own nodes on their machines
21:13:51 <m-relay> <r​ucknium:monero.social> Anyway, it's obviously a hard problem since mining is permissionless
21:14:48 <m-relay> <z​arter:matrix.org> Yeah, definently
21:17:13 <m-relay> <d​reamcityx:matrix.org> It's an industry-wide problem... I mean the community can try to monitor suspicious activity, but we are playing catchup at this point
21:17:13 <m-relay> <d​reamcityx:matrix.org> We can't prevent people from sending malware to other computers...
21:19:31 <dukenukem> Can't we?
21:20:24 <m-relay> <z​arter:matrix.org> The only one I can see myself doing is 30. Guerilla marketing, however I already see monero stickers everywhere
21:21:08 <m-relay> <z​arter:matrix.org> We can just create an antivirus, then make everyone install it. That problem solved!
21:22:04 <m-relay> <d​reamcityx:matrix.org> If only...
21:37:54 <m-relay> <e​ndor00:matrix.org> Marketing is much more than just stickers though
21:38:41 <m-relay> <e​ndor00:matrix.org> Then a new vulnerability drops, and your antivirus is outdated
21:40:36 <m-relay> <e​ndor00:matrix.org> Actually, there already is a program specifically designed to detect RandomX mining activity on a cpu. But I don't know if anyone has integrated it into some intrusion detection system, or antivirus
21:41:30 <m-relay> <z​arter:matrix.org> Please elaborate, I feel like this is a project I really want to be a part of and improve
21:42:09 <m-relay> <z​arter:matrix.org> It feels like a very specific issue
21:43:15 <m-relay> <e​ndor00:matrix.org> There are many ways to advertise a project, from going door-to-door and trying to convince merchants/shop owners to adopt Monero, to creating all kinds of advertising material for different platforms. It all depends on the kind of time and resources you are willing to invest
21:43:54 <m-relay> <e​ndor00:matrix.org> Given how widespread the problem of botnets is, I think it would definitely be a worthwile tool to include
21:44:33 <m-relay> <e​ndor00:matrix.org> Especially considering that botnet mining is basically a free intrusion alert
21:44:42 <m-relay> <z​arter:matrix.org> I feel more like it would be more efficient if I were to learn cryptography and some programming to simply try to improve the project that way
21:45:01 <m-relay> <z​arter:matrix.org> Wouldn't the only solution basically be if windows defender integrated it?
21:45:53 <m-relay> <e​ndor00:matrix.org> There's more than just windows defender, but yes that would be a step in the right direction
21:46:34 <m-relay> <e​ndor00:matrix.org> Lots of botnets target servers and other kinds of devices, which don't run Windows
21:47:18 <m-relay> <z​arter:matrix.org> I would presume the majority of them were windows devices, or am I incorrect?
21:47:27 <m-relay> <z​arter:matrix.org> Does it affect phones as well?
21:47:55 <m-relay> <e​ndor00:matrix.org> Most servers run linux variants
21:48:41 <m-relay> <e​ndor00:matrix.org> And when I say "servers", don't think just a handful - think thousands, up to hundereds of thousands
21:49:12 <m-relay> <e​ndor00:matrix.org> *per botnet*
21:50:09 <m-relay> <z​arter:matrix.org> Do they attack the servers or simply host a vps and build the botnets?
21:50:57 <m-relay> <z​arter:matrix.org> It feels as if someone where to notice if someone ran miners of off their servers
21:51:27 <m-relay> <e​ndor00:matrix.org> And yet...
21:53:33 <m-relay> <e​ndor00:matrix.org> Apparently there are many servers with poor security setups, or exposing vulnerable applications. Ripe targets with little to no monitoring
21:53:35 <m-relay> <z​arter:matrix.org> The miners use a spefic port IRRC from the book, somethingikr 18000. But would most servers block all the ports and only allow the ones required by the server such as tps and UPC or whatever? Or do they porport the data via open ports and try to obfuscate the mining?
21:54:01 <m-relay> <z​arter:matrix.org> Ohh
21:54:10 <m-relay> <z​arter:matrix.org> The miners use a spefic port IRRC from the book, somethingikr 18000. But would most servers block all the ports and only allow the ones required by the server such as tps and UPC or whatever? Or do they port the data via open ports and try to obfuscate the mining?
21:54:59 <m-relay> <z​arter:matrix.org> I'll be honest, I've been told to setup iptables on my PC, I just haven't had the energy to neither learn nor set it up
21:55:31 <m-relay> <e​ndor00:matrix.org> Are you referring to the monero node's rpc port 18081? That's hardly relevant - miners typically connect to pools, and most of them offer port 443 with ssl specifically to bypass firewalls
21:56:03 <m-relay> <z​arter:matrix.org> Very possible, I must've mixed them together
21:57:08 <m-relay> <e​ndor00:matrix.org> So unless you use tools that monitor all your connections and report unusual activity, you won't really notice
21:57:47 <m-relay> <z​arter:matrix.org> This is a really difficult issue...
21:58:17 <m-relay> <z​arter:matrix.org> Is there a solution to this or might this just end up a chasing game?
22:00:45 <m-relay> <e​ndor00:matrix.org> The solution is making these tools as ubiquitous as possible, and shipping software and devices with sane default configurations that don't expose you to trivial attacks
22:01:45 <m-relay> <e​ndor00:matrix.org> If your password is "password", you've already lost from the start
22:02:07 <m-relay> <z​arter:matrix.org> So basically the rest of the world must get better security?
22:02:20 <m-relay> <e​ndor00:matrix.org> Pretty much, yes
22:02:56 <m-relay> <z​arter:matrix.org> I guess that's not completely impossible
22:03:28 <m-relay> <z​arter:matrix.org> Anything we could do to just improve it without needing to wait on the rest of the world
22:04:06 <m-relay> <e​ndor00:matrix.org> A lot of stuff is relatively trivial, e.g. not exposing your router's control panel to the internet, and changing its default password
22:05:31 <m-relay> <e​ndor00:matrix.org> There are programs like Glasswire (I think) that monitor your network activity in real time and warn you if there's anything unusual/suspicious going on
22:05:57 <m-relay> <z​arter:matrix.org> Is there a big risk of a 51% attack?
22:08:50 <m-relay> <e​ndor00:matrix.org> Hard to quantify. A 51% attack can only do a specific thing (ie rewrite history), which has a limited number of applications (ie a double spend attack, and general disruption). There's a whole cost vs. incentive analysis that gets rather complicated
22:10:21 <m-relay> <e​ndor00:matrix.org> Which is probably why we have not yet seen any actual attacks, even in moments like this when a pool gets close to (or slightly exceeds) the 50% threshold
22:11:43 <m-relay> <e​ndor00:matrix.org> What we can say is that Monero has a pretty big mining network, which is squeezing every last drop of that mining incentive (aka security budget). But we're nowhere near Bitcoin's levels unfortunately
22:13:10 <m-relay> <e​ndor00:matrix.org> (For reference: BTC is currently paying 314 $/s to its miners, while Monero is paying 0.787 $/s)
22:14:15 <m-relay> <z​arter:matrix.org> And we can't improve that without increasing the fees or tail emission...
22:15:35 <m-relay> <z​arter:matrix.org> But I guess there isn't something we can directly do except mine oursleves
22:15:38 <m-relay> <e​ndor00:matrix.org> ...or increasing marketing efforts, which would drive up the usage of Monero, and thus the market demand, and thus the price, and thus the security budget
22:16:14 <m-relay> <e​ndor00:matrix.org> 😉
22:16:18 <m-relay> <z​arter:matrix.org> Does the monero project spend money to host their own mines?
22:16:30 <m-relay> <e​ndor00:matrix.org> Do you mean mining pools?
22:17:23 <m-relay> <z​arter:matrix.org> You said security budget
22:17:26 <m-relay> <z​arter:matrix.org> Is it something the project has to host a vps or whatever to mine?
22:18:29 <m-relay> <e​ndor00:matrix.org> No, it's the value of the block rewards earned by the miners (0.6 xmr + tx fees every ~2 minutes on average)
22:18:32 <m-relay> <z​arter:matrix.org> Ohh, makes a lot more sense
22:19:24 <m-relay> <z​arter:matrix.org> But isn't this basically the main issue with monero at the moment?
22:19:27 <m-relay> <e​ndor00:matrix.org> I sometimes call it security budget because I've seen people throw that expression around to try to justify all kinds of bs without giving it an actual meaning, or associating it with nonsense metrics
22:20:24 <m-relay> <e​ndor00:matrix.org> What are you referring to?
22:20:34 <m-relay> <z​arter:matrix.org> Botnets and thus making it possible for 51% attacks, not that it's a privacy issue but still
22:22:22 <m-relay> <e​ndor00:matrix.org> That's a slightly different issue, i.e. that of mining centralization. If the botnet had spread its hashrate across multiple pools, things would have been just fine (aside from the reduced profitability for the other miners)
22:23:12 <m-relay> <e​ndor00:matrix.org> Since they chose to put it all on one pool, that pool has the *potential* to use that hashrate to attack
22:24:05 <m-relay> <e​ndor00:matrix.org> But it's not an automatic on/off thing, it requires an active effort to specifically do something malicious with it
22:24:13 <m-relay> <z​arter:matrix.org> I guess it's just a theoretical issue that could be possible still
22:24:30 <m-relay> <e​ndor00:matrix.org> Until then, it's just a slightly bigger mining pool
22:24:38 <m-relay> <z​arter:matrix.org> True