10:34:14 I will reverse engineer it in a sandbox if it’s an exe and find his IPs 10:35:50 Tbf it’s people like this are keeping Monero in business sadly, but thankfully 😂 10:36:00 thanks kewbit. that site is just "open the command prompt and ctrl+v' presumably to paste something the site in your clipboard, not worth your time 10:36:40 A clip board RCE exploit is worth my time 10:36:51 But if they need to paste it into cmd 10:36:59 That’s just stupidity 10:40:49 Ahhh my ADHD meds do that if I just keep taking them 😂 the toothpick option sounds painful 10:43:12 The temptation overcame me, my CCS proposal was at 6 likes, I topped it up to 7 myself, does that still count? 🤭 10:44:16 <3​21bob321:monero.social> https://matrix.monero.social/_matrix/media/v1/download/monero.social/JtUyxpMePFaigvNrhwfExSnn 10:44:24 nope lol 10:44:47 Damn 10:45:42 Well I’m going to remove it then! 12:39:31 i bet r/monero has the most instances of this happending 12:39:33 i bet r/monero has the most instances of this happening 12:39:36 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/HrQJQdYHTBGnobzsPwMIWxje 12:39:45 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/WnAtDiXwaQnMdLRDNAEKGmMp 13:46:05 Also received such a "github-scammer dot com" mail today. 13:46:09 > something the site in your clipboard, not worth your time 13:47:49 What it pastes is a line of Powershell commands. Looks like one those commands *does* reach out to the Internet that way to download something. I did not execute however ... 13:49:06 Lol, Freudian typo, of course it was "github-scanner dot com" :) 13:51:09 Me too. A "security vulnerability" in a random repo of mine. 13:56:50 "It was, and still is, a hack to allow users hold their own keys and transact on the monero network without downloading the blockchain. This is obviously useful for those using wallets on their phones or other low-storage, not-always-on devices. However, there are clear downsides as demonstrated by the chainalysis intrusion – anyone can operate a remote node, including spies." 13:56:51 ginger - this is seemingly very much by design, not a hack 13:57:27 monero wallets are separate software from the blockchain, unlike bitcoin 13:57:53 https://github.com/monero-project/meta/issues/1079 13:57:55 context 14:00:18 I dont even want to respond tbh 14:00:46 Pretty all options seem pretty wrong 14:01:05 If i want to connect to my own node over clearnet, i should be able to 14:01:16 Yes, gui should RIP simple mode 14:04:48 Also - youre not taking enough credit 14:05:19 "As the one semi-responsible for the proliferation of the use of remote nodes, I feel I should take it upon myself to try and stir up our approach to this infrastructure hack that is the remote node network." 14:05:21 you were literally the/a spy node 14:05:35 For like 7yrs 14:06:55 The obly infra hack is you creating a proxy to send my connections to chainalysis 14:07:54 Even though i'm quite sure you have a local node of your own that is used for xmrchain 14:08:36 You also tried to hide the ip of the nodes that you proxied to 14:09:13 I cant take you seriously when you write such bad suggestions and pretend like you werent the middleman fwding our traffic to the feds 14:09:34 Using local nodes isnt a pancea either 14:09:47 Especially if your behind nat 14:10:20 Localnodes behind nat are easy to figure out if they are the originator of the tx bcuz of the way dandelion works 14:11:00 Onion remote nodes are better for orivacy than relaying your own tx from behind a nat 14:15:14 For people who must(tm) use a remote node (RM) due to storage capacity , "light nodes" sound like the best option (not implemented), for those that need a RM but dont want to wait for a wallet to sync a good option is to use their friends LWS (the wallets that support lws are not great. And carrot isnt here yet) 14:17:54 For those that do not want the node to try and guess the real spend, but cant/wont host a node they have to wait for fcmp or carrot+lws+wallets right? 14:17:56 The issue isnt who's node you use 14:17:59 its clearnet 14:18:21 If you connect over clearnet to your own node, the wallet traffic is still obvious to your isp 14:20:05 Using anonymity networks prevents anyone from knowing what services are actively being used. If i sent tx to muself over onion and then tx-proxy it to a peer, my isp wont know that my node relayed a transaction that originated on my node 14:20:38 I broadcast it to clearnet (without tx-proxy), it would appear as though the tx was first seen on my node 14:21:34 Problem with using onion/i2p nodes is the time it takes to sync. if it wasnt for that, they could be recommended for all use cases 14:36:18 https://www.getmonero.org/resources/user-guides/tor_wallet.html 14:37:07 is this still the guide to follow? 14:39:23 Yes it is good 14:39:47 But I'd add --tx-proxy tor,127.0.0.1 on the node config 14:39:58 But I'd add --tx-proxy tor,127.0.0.1:9050 on the node config 14:41:30 https://github.com/monero-project/monero/blob/master/docs/ANONYMITY_NETWORKS.md 14:41:40 Why not just redirecting here ? 14:42:56 Making a kind of index at the top hyperlinking parts user wants 14:48:35 That guide is not terrible, but also not good 14:51:21 (The former), the latter isnt as bad, but also not straight forward 14:52:01 I'll be putting up KISS config file templates on docs.getmonero.org at some point 14:52:33 --tx-proxy=tor,127.0.0.1.9050,disable_noise 14:55:45 And ideally you should run i2p and tor --tx-proxies. if you only have 1, and the network goes down, then your txs will stop broadcasting 15:07:13 Nah you will create traffic correlation with two separate darknets 15:22:45 Lol? 15:23:24 I2p runs as a relay by default and is constantly sending traffic. Correlate what? That i'm an i2p and tor user? 15:24:33 Its hard to know whether im just running i2p or if im actually using it. 15:24:35 tor on the other hand is a lot easier to correlate traffic with usage 15:25:16 Either way, the point is to hide your usage of monero, not to hide your usage of anonymity networks 15:25:57 Hide the source of your monero transaction broadcasts** 15:50:04 Revuo Monero maintenance (2024 Q4) has moved to funding! https://ccs.getmonero.org/proposals/revuo-monero-maintenance-2024-q4.html 16:00:56 Were there any 51% attacks on monero? Is there a list of known 51% attack attempts (including succesful)? 16:13:46 Not since I am into Monero, 2017. Not sure in earlier times, which much less hashpower securing the chain. 16:15:26 Do we already know this brilliant scam? (Do **not** download and execute, did I say "scam"?) electrum-xmr dot org 16:16:57 download only from trusted sites (e.g. listed on wikipedia) if you want to use that file (not investigate) 16:18:06 Trusted sites listed on Wikipedia? Not sure I follow. 16:18:36 of course it can be not enough, at least something to start with 16:25:03 CCS Coordinator has moved to funding! https://ccs.getmonero.org/proposals/ccs-coordinator-5-plowsof.html 16:25:57 i think its very noble of plowsof to make syntax errors in his ccs proposal front matter so others can learn from his mistakes. i highly doubt it wasn't intentional and a result of his broken proposal generator AND pre-parser 16:33:24 kewbit: merged merge request #489: Haveno Multi-Platform Native App For Every OS https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/489 16:35:42 cc woodser : merge request #497: Close/Repurpose Haveno frontend https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/497 16:37:38 thanks for merges luigi, the general fund just gained some monteros, sorry ofrnxmr :( 17:52:12 congratz 17:58:17 many goverments have enough money to destroy any cryptocurrency with 51% attacks? 18:00:16 governments lose trillions of dollars to accounting errors, so yes 18:02:25 but you also need to look at their incentives to do it, a typical 51% attack doesn't destroy the currency forever 19:43:38 congrats kewbit! 20:15:40 Just found out: That electrum-xmr scam wallet refuses to install in a VM. Totally legit. 20:29:21 I’m just hoping all the extra liquidity this provides doesn’t unleash the kraken of the sell pressure 😂 20:31:40 What is m-relay? 20:32:30 Run a 51% attack on testnet 20:54:13 We did / do 21:45:08 PoW have a problem what mining is sensible only for miners with cheapest electricity/most suitable software/hardware/location/cheapest rent? 21:48:35 I use this formula: if mining is profitable (at least pays for itself) for a typical PC then some mining farm with better conditions can be enlarged (it will be profitable) 21:51:03 Mining is already widely known, so I doubt what mining farms size/count isn't maximized 21:52:07 and if it is not profitable for a farm to enlarge even more then mining for a typical PC is obviosly unprofitable 22:00:01 IDK, this looks like a fatal flaw for me 22:05:50 because mining farms conditions race naturally tend to centralization 22:06:09 its like small data center vs big data center 23:29:47 we know the limitations but we dont have a better battle tested solution for now 23:52:06 https://www.theverge.com/2024/9/18/24248391/youtube-pause-ads-widely-rolling-out