<k​ewbit:matrix.org> I will reverse engineer it in a sandbox if it’s an exe and find his IPs

<k​ewbit:matrix.org> Tbf it’s people like this are keeping Monero in business sadly, but thankfully 😂

<p​lowsof:matrix.org> thanks kewbit. that site is just "open the command prompt and ctrl+v' presumably to paste something the site in your clipboard, not worth your time

<k​ewbit:matrix.org> A clip board RCE exploit is worth my time

<k​ewbit:matrix.org> But if they need to paste it into cmd

<k​ewbit:matrix.org> That’s just stupidity

<k​ewbit:matrix.org> Ahhh my ADHD meds do that if I just keep taking them 😂 the toothpick option sounds painful

<k​ewbit:matrix.org> The temptation overcame me, my CCS proposal was at 6 likes, I topped it up to 7 myself, does that still count? 🤭

<3​21bob321:monero.social> matrix.monero.social/_matrix/media/…ero.social/JtUyxpMePFaigvNrhwfExSnn

nope lol

<k​ewbit:matrix.org> Damn

<k​ewbit:matrix.org> Well I’m going to remove it then!

<m​onerobull:matrix.org> i bet r/monero has the most instances of this happending

<m​onerobull:matrix.org> i bet r/monero has the most instances of this happening

<m​onerobull:matrix.org> matrix.monero.social/_matrix/media/…matrix.org/HrQJQdYHTBGnobzsPwMIWxje

<m​onerobull:matrix.org> matrix.monero.social/_matrix/media/…matrix.org/WnAtDiXwaQnMdLRDNAEKGmMp

<r​brunner7:monero.social> Also received such a "github-scammer dot com" mail today.

<r​brunner7:monero.social> > something the site in your clipboard, not worth your time

<r​brunner7:monero.social> What it pastes is a line of Powershell commands. Looks like one those commands *does* reach out to the Internet that way to download something. I did not execute however ...

<r​brunner7:monero.social> Lol, Freudian typo, of course it was "github-scanner dot com" :)

<r​ucknium:monero.social> Me too. A "security vulnerability" in a random repo of mine.

<o​frnxmr:monero.social> "It was, and still is, a hack to allow users hold their own keys and transact on the monero network without downloading the blockchain. This is obviously useful for those using wallets on their phones or other low-storage, not-always-on devices. However, there are clear downsides as demonstrated by the chainalysis intrusion – anyone can operate a remote node, including spies."

<o​frnxmr:monero.social> ginger - this is seemingly very much by design, not a hack

<o​frnxmr:monero.social> monero wallets are separate software from the blockchain, unlike bitcoin

<o​frnxmr:monero.social> monero-project/meta #1079

<o​frnxmr:monero.social> context

<o​frnxmr:monero.social> I dont even want to respond tbh

<o​frnxmr:monero.social> Pretty all options seem pretty wrong

<o​frnxmr:monero.social> If i want to connect to my own node over clearnet, i should be able to

<o​frnxmr:monero.social> Yes, gui should RIP simple mode

<o​frnxmr:monero.social> Also - youre not taking enough credit

<o​frnxmr:monero.social> "As the one semi-responsible for the proliferation of the use of remote nodes, I feel I should take it upon myself to try and stir up our approach to this infrastructure hack that is the remote node network."

<o​frnxmr:monero.social> you were literally the/a spy node

<o​frnxmr:monero.social> For like 7yrs

<o​frnxmr:monero.social> The obly infra hack is you creating a proxy to send my connections to chainalysis

<o​frnxmr:monero.social> Even though i'm quite sure you have a local node of your own that is used for xmrchain

<o​frnxmr:monero.social> You also tried to hide the ip of the nodes that you proxied to

<o​frnxmr:monero.social> I cant take you seriously when you write such bad suggestions and pretend like you werent the middleman fwding our traffic to the feds

<o​frnxmr:monero.social> Using local nodes isnt a pancea either

<o​frnxmr:monero.social> Especially if your behind nat

<o​frnxmr:monero.social> Localnodes behind nat are easy to figure out if they are the originator of the tx bcuz of the way dandelion works

<o​frnxmr:monero.social> Onion remote nodes are better for orivacy than relaying your own tx from behind a nat

For people who must(tm) use a remote node (RM) due to storage capacity , "light nodes" sound like the best option (not implemented), for those that need a RM but dont want to wait for a wallet to sync a good option is to use their friends LWS (the wallets that support lws are not great. And carrot isnt here yet)

For those that do not want the node to try and guess the real spend, but cant/wont host a node they have to wait for fcmp or carrot+lws+wallets right?

<o​frnxmr:monero.social> The issue isnt who's node you use

<o​frnxmr:monero.social> its clearnet

<o​frnxmr:monero.social> If you connect over clearnet to your own node, the wallet traffic is still obvious to your isp

<o​frnxmr:monero.social> Using anonymity networks prevents anyone from knowing what services are actively being used. If i sent tx to muself over onion and then tx-proxy it to a peer, my isp wont know that my node relayed a transaction that originated on my node

<o​frnxmr:monero.social> I broadcast it to clearnet (without tx-proxy), it would appear as though the tx was first seen on my node

<o​frnxmr:monero.social> Problem with using onion/i2p nodes is the time it takes to sync. if it wasnt for that, they could be recommended for all use cases

is this still the guide to follow?

<n​ononynous:monero.social> Yes it is good

<n​ononynous:monero.social> But I'd add --tx-proxy tor,127.0.0.1 on the node config

<n​ononynous:monero.social> But I'd add --tx-proxy tor,127.0.0.1:9050 on the node config

<n​ononynous:monero.social> github.com/monero-project/monero/bl…b/master/docs/ANONYMITY_NETWORKS.md

<n​ononynous:monero.social> Why not just redirecting here ?

<n​ononynous:monero.social> Making a kind of index at the top hyperlinking parts user wants

<o​frnxmr:monero.social> That guide is not terrible, but also not good

<o​frnxmr:monero.social> (The former), the latter isnt as bad, but also not straight forward

<o​frnxmr:monero.social> I'll be putting up KISS config file templates on docs.getmonero.org at some point

<o​frnxmr:monero.social> --tx-proxy=tor,127.0.0.1.9050,disable_noise

<o​frnxmr:monero.social> And ideally you should run i2p and tor --tx-proxies. if you only have 1, and the network goes down, then your txs will stop broadcasting

<n​ononynous:monero.social> Nah you will create traffic correlation with two separate darknets

<o​frnxmr:monero.social> Lol?

<o​frnxmr:monero.social> I2p runs as a relay by default and is constantly sending traffic. Correlate what? That i'm an i2p and tor user?

<o​frnxmr:monero.social> Its hard to know whether im just running i2p or if im actually using it.

<o​frnxmr:monero.social> tor on the other hand is a lot easier to correlate traffic with usage

<o​frnxmr:monero.social> Either way, the point is to hide your usage of monero, not to hide your usage of anonymity networks

<o​frnxmr:monero.social> Hide the source of your monero transaction broadcasts**

Revuo Monero maintenance (2024 Q4) has moved to funding! ccs.getmonero.org/proposals/revuo-monero-maintenance-2024-q4.html

Were there any 51% attacks on monero? Is there a list of known 51% attack attempts (including succesful)?

<r​brunner7:monero.social> Not since I am into Monero, 2017. Not sure in earlier times, which much less hashpower securing the chain.

<r​brunner7:monero.social> Do we already know this brilliant scam? (Do **not** download and execute, did I say "scam"?) electrum-xmr dot org

download only from trusted sites (e.g. listed on wikipedia) if you want to use that file (not investigate)

<r​brunner7:monero.social> Trusted sites listed on Wikipedia? Not sure I follow.

of course it can be not enough, at least something to start with

CCS Coordinator has moved to funding! ccs.getmonero.org/proposals/ccs-coordinator-5-plowsof.html

i think its very noble of plowsof to make syntax errors in his ccs proposal front matter so others can learn from his mistakes. i highly doubt it wasn't intentional and a result of his broken proposal generator AND pre-parser