LikWidChz: Idk why people don’t just mine 2 coins 💀 like bruh do both at the same time

Maximize profits kekw

heh

btw I am sad, I found out that hiveOS is subscription, what a CROCKPOT of shit. gingeropolous see I found way to use that word yo!

Who tf wants to pay a subscription to use a OS 💀

thats what I was thinking

a proprietary version of linux exists i think, members of kernal.eu had some fun with it kernal.eu/posts/linuxfx-part-2

selsta, -- I just looked closer at those benchmarks of hashrates, it seems like a 3950x has a higher hashrate than a 5950x, that seems suspect to me........

LikWidChz: yes, this is normal

maybe nioc remembers the reason because I don't :D

that is weird

they should be very close

the hashrate for any benchmark of a particular CPU can vary widely due to many reasons

some people may be using unstable overclocks that run just long enough for the benchmark but would not work for long term

the type of RAM makes a difference and the tuning of the RAM makes a big difference and not just the primary timings

some people will overclock the CPU as much as they can but if you are paying for electricity you want an efficient speed

you can underclock a ryzen so that it is both efficient and cool

if I let the CPU at stock settings it will get less HR than my efficient settings and use 2x the watts measured at the CPU and run HOT

LikWidChz: ^^

I see nioc I am getting around ~13,000 not 20k

no overclocking business

my 3900X get 15k

thats weird

it would seem like the 5950x should be quite a bit more or atleast some amount of % better

RAM tunings make a big difference

my ram tuning included me putting the sticks on and it booted :)

I static overclock at 3.8GHz and 1.025v

alright well ill stop bitchin heh.

how many threads are you using?

dim memory that it's better for those 50x CPUs to turn off a thread or 2 because although it seem that you have enough L3 cache for all threads the OS needs some

~30 of 32 due to using all of them really locks up my system

right I noticed that, some of my apps started doing dumb stuff, my watercooler software froze/and disconnected it controls my fan/pumps.

I've heard that churning is good for privacy, but no one knows how good it is, is that true?

Is there at least a reasonable guide to churning? Something that's probably "good enough" for those who fear the EABE attacks mentioned in the "Breaking Monero" series?

Is it good to have 5 churns randomly distributed over a 24-hour period? Should you combine all your outputs in the first churn to minimize the likelihood of combining outputs between churns?

Don't combine outputs in the first churn, this would make it easier to link them. If you need to combine outputs, do it after churning (better to use coin control e.g. Feather Wallet and spend/combine outputs as you need them).

AFAIK there is sadly no research on churning yet but Rucknium may know something.

Personally I churn since 2016 and never had any problems yet.

Churning 3-5 times between receiving and spending should be fine. 24 hours is also OK. I would recommend to use a separate wallet (completely separate mnemonic) for receiving and a separate wallet for spending.

Good rule of thumb: don't churn but if you do, only churn using the sweep_single command

Then if one of your wallets is compromised, the attacker wouldn't be able to see that you were churning to yourself.

Compromised as in the mnemonic was leaked.

And make your delays between churning different outputs as random as possible and as long as you can tolerate

Churning is helpful if 1/16 plausible deniability is too risky for you.

Thanks for the suggestions, this is very helpful. Can you explain why combining outputs before churning is harmful? I guess it's because the people sending you these outputs will see them all spent in one transaction and then may collude to combine the information they have about you?

They wouldn't know that you spent them all in 1 TX, due to the 15 decoys (1/16 plausible deniability) for each output. But it's safer to churn separately, then combine later if needed.

Ah, that makes sense, thank you.

Zerohedge shilled XMR in one of there article, is it like first time? Usually they are Bitcoin extremists

I'm on Debian, and I'm getting ./xmrig: error while loading shared libraries: libssl.so.3: cannot open shared object file: No such file or directory when running XMRig-md, because it uses shared libraries, it's not a static build. How can I make a static build, or install libssl.so.3?

askiiart[m]: xmrig.com/docs/miner/build/ubuntu

That should work, I think

> <@gfdshygti53:monero.social> xmrig.com/docs/miner/build/ubuntu

>

> That should work, I think

Yeah, I just don't know how to read the second subheading lol. The advanced build section (of any of the build guides) is exactly what I need.

<askiiart[m]> "> <@gfdshygti53:monero.social..." <- Tested, it works great

<RavFX[m]> "Zerohedge shilled XMR in one..." <- Do they know the supply is infinite? 🌶️

<anarkiocrypto[m]> "Churning 3-5 times between..." <- I dont do it. But iv always thought a seperate recieve and spend wallets are the most paranoid way to use monero. Would be good if a wallet integrated this functionaily (also a way to load your traceable shitcoin seeds and transform every output to monro)

<᷾s> uh what 💀

<᷾s> transform? 💀

<❤XmrReagan ❤> 🌶️

<RavFX[m]> "Zerohedge shilled XMR in one..." <- source? is it a recent article?

tyler durden would be a monoro extremist.

hey

hey

why i have "method not found"  here paste.debian.net/1276819

Guest3000: missing } after params height

(The one that closes the entire json data thing)

,"params":{"height":4261}}'

same error

Are you sending that to monerod?

yes

1111 is monero-rpc port

i just used another one not the dafult

default

well,shouldnt you be using monerod'rpc? AKA 18081

you have monerod's config file as

`rpc-bind-port=1111` ?

yes

thank you

```

curl 127.0.0.1:18081/json_rpc -d '{"jsonrpc":"2.0","id":"0","method":"get_block_header_by_height","params":{"height":912345}}' -H 'Content-Type: application/json'

```

works fine here

np

is verifying monero gui necessary?

btw why it takes so long to download & sync?

i used an ssd and have a decent internet connection

verifying as in confirming this file is signed by the trusted person/hashes match: getmonero.org/downloads/hashes.txt OR that the people submitting the gitian build process hashes are not colluding? (with githubs servers also) or that you need to compile from source yourself or that you need to read the source (from top to bottom)

a malicious binary was hosted on getmonero servers at one point, many mooneros ago, likely due to 'physical access to the server' rather than an exploit, so ye, always good to have a check.

yeah i will verify

i make sure to install an anti virus also

what are some good anti virus for linux?

they seem don't have a prebuilt anti virus

hm for now i wouldnt put any effort into a "linux anti virus". prompt: pretend like linux doesnt need an anti virus (even though they exist) but today is Sunday and you dont have to know about them. rather: focus on your own behaviour when using your computer. when you need absolute certainty that you're not being spied upon use an amnesic OS (e.g. tails) (somewhat inconvenient cus you have to restart/boot your pc from it... other options like

Qubes OS.. whonix.. exist) but prompt: pretend like you didnt read what ive just said, and assume linux is ok, and, ok third character prompt: do not treat this as a search engine, show to the group that you have at least spent 30 seconds researching your question, even if you lie and say "I was looking around but..."

13:46 <mlcboss[m]> btw why it takes so long to download & sync? <-- what does so long mean?

minutes? hours? days?

<selsta> "13:46 <mlcboss> btw why it takes..." <- it's been 2 hour now , i will just wait

mlcboss[m]: it is downloading and verifying 9 years of blockchain data, depending on your hardware it will take 12h to a couple days

ssd makes sync faster

these two parameters are useful when syncing --db-sync-mode safe --enable-dns-blocklist

Is Kovri currently integrated ?

kittypity[xmpp]: mlcboss[m]: did u receive my message?

kittypity[xmpp]: > *orion_midast[m]:* Is Kovri currently integrated ?

We would hear about it on blog.getmonero.org

So it is not live yet ? Correct ?

kittypity[xmpp]: Likely not

kittypity[xmpp]: > The Basics... (full message at <libera.ems.host/_matrix/media/v3/do…ebca024f02bad99248371d2819765796756>)

kittypity[xmpp]: I use tor to connect to the blockchain and do operations on it for extra anonimity guarantees

kittypity[xmpp]: Btw I use remote node, I hope you are not going to stone me

kittypity[xmpp]: Btw I like tor more than I2P, it's more popular so many things about it are quite easy to search for. And they are as transparent as possible about their funding. And they have their own browser but I2P doesn't, I2P recommends using web browser od your choice and it may be dangerous

<orion_midast[m]> "Is Kovri currently integrated ?" <- Kovri is dead, has been for a long time

I wonder where people keep finding references to it

Mastering monero book

At this point it should be just a historical footnote

Oooh

Is there anything to replace what Kovri was trying to accomplish?

Kovri was just a fork of i2pd that was meant to be integrated with the monero software

But nothing stops you from just running i2pd or the java i2p as a standalone thing

The book says Kovri was to protect linking IP to transactions

Yes, that's what i2p does

merope1: Right, but are there any plans to create something else to fix that issue ?

As in, Kovri would have been just another i2p implementation that would be part of the i2p network

orion_midast[m]: We have had Dandelion++ for years now, which has a similar effect

merope1: Ok cool, so no need for vpn when using monero

But it's not an overlay encrypted network

What does that imply ?

I2P and Tor are encrypted networks that run on top of ipv4/ipv6, and an observer can't decode the traffic

Dandelion++ doesn't do any of that. Instead, it controls the way nodes relay stuff around, to make it hard to tell the true node from which a tx originated

It's not bulletproof (pun intended), but it's still quite effective

But the traffic itself is not encrypted or hidden in any way

(Though there is some wip to make p2p traffic between nodes encrypted as well)

Oh, there's also i2p-zero if you want to run i2p, it's a nice little interface that makes it easy to run it if you don't wanna bother with all the complex configuration

I think kovri (or something like that) should be resurrected

Nah

merope1: Okay thanks

k4r4b3y[m]: Unnecessary duplication of work, and not necessary for integrating i2p

resurrected and maintained by who

By the way can my wifi or vpn provider know that I made a transaction?

the same people who maintain i2p-zero?

howsthat been going

By the way please tag when replying to me so I get pinged

merope1: yeah, whoever would take up the project again, he should learn from the past mistakes: i2p.rocks/blog/kovri-and-the-curious-case-of-code-rot-part-1.html

I don't think using i2p to pass along transaction info and syncing blockchian "unnecessary"

Which is why I did not say that ;)

ah ok

I said that creating an(other) entire i2p router implementation is not necessary to integrate an application with i2p

afaik, one cannot sync his monero blockchain from scratch, solely over the i2p network. Am I wrong in that?

if I am right, why is that?

Not entirely sure, I have not tried that

It would depend on the way p2p sync is implemented in the daemon

I remember asking this around some time ago, and I got that i2p and tor only used for propagating the transaction data

I think you could do that by forcing your p2p traffic down an i2p tunnel which connects to another node's p2p tunnel on the other end, and iirc that's what i2p-zero tries to do somewhat automagically

But I also remember reading that monerod always tries to connect to the official seed nodes over ipv4 by default, so you might need to use a firewall to block that if you wanna go exclusively over i2p

But take that with a healthy dose of salt, my memory is fuzzy on the matter and I have never actually tried to do it myself

There's a list of a few i2p nodes somewhere (not monero.fail), though not sure what their status and uptime is

i hear i2pd is where its at these days

I just like the possible synergy between monero nodes and i2p nodes.

they both can have a win-win relationship on a same single board computer

i2p provides end to end encrypted and anonymous network communication between monero nodes, and monero nodes provide uptime for the i2p tunnels that go through them.

is seems symbiotic

Feel free to try the setup that I suggested

yeah. that was the dream with kovri

not realistic to maintain such system, specially with challenges i2p is facing

maintain? let the i2pd and monerod run on the background..

and change monerod's config to use i2pd tunnels

it would take a special effort to get monerod work "only" on i2p network

but that's it.

are you hosting any i2p nodes already k4r4b3y

yeah

on a raspi4

send me via dm or here , the more priority i2p nodes i can add the better

maybe later, it is for my own usage currently

still experimenting with it, installing from afresh

changing its b32 addy

Hi all !

Can you tell me if it is possible to mine on Hetzner ?

bans are not afraid, because I have a large number of accounts and servers

The question is, how fast do they ban? not for 1-2 days?

trying is the way to enlightenment

germankr: don't. It will cost you more than the reward (if you pay for the accounts) and it will put monero as a whole into bad light (especially if you don't pay for the accounts)

germankr: begin mining on a friday and see how it goes

"large number of accounts and servers" just don't

lol yeah , for real dont as above 2 comments state^

you will shine a bad light on the good citizens of hetzner

Hey, does my wifi or vpn provider know if I use Monero ?

I'm running a pruned node with `docker run -d --restart unless-stopped --name="monerod" -v ./data:/home/monero/.bitmonero -p 18080-18089:18080-18089 sethsimmons/simple-monerod:latest --rpc-restricted-bind-ip=0.0.0.0 --rpc-restricted-bind-port=18089 --public-node --no-igd --no-zmq --enable-dns-blocklist --prune-... (full message at <libera.ems.host/_matrix/media/v3/do…d6faf327d272e7105d874b7416a5b484e4a>)

orion_midast[m]: yes

I assume you want to run a node?

selsta: I don’t know I was just asking out of curiosity. Maybe some day Id run a node ? Not sure what the implications are

pavestone: anarkiocrypto : There is a....50% chance that new churning research will start soon. Within the next few months.

<orion_midast[m]> "I don’t know I was just asking..." <- More privacy on your end, can run a private node and mine straight from it yourself and use it for your own transactions and such so it’s more secure/private

luna24[m]: What is the cost

I’m not sure you get pay outs from transaction fees by using others nodes or not

orion_midast[m]: The hardware to run it 24/7 and a big enough drive to store the blockchain

In the course of a year the blockchain grew from 90gbs to like 130 so 🤷🏻‍♂️😂

A 1tb drive should be good enough haha

a 256 ssd is enough, 1tb+ if youre going to buy one

60gn is the size of a pruned node. 128gb free is what i recommend

you can run a node on almost any android 7 or higher, including android tv and radios etc, linux mac windows, rockpros etc. so the cost to run one can be as low as cost of internet + (low) power drain

ofrnxmr[m]: at least**.

the more free space the longer the drive will live

ie write cycles = total capacity. an 8tb can write 8tb 5k times. a 128gb can write 128gb 5k times

does it matter though? Execpt the mempool, once the data is written, it shouldn't be shuffled around much, right?

1TB NVME is likely best bang per buck right now

> <@askiiart:plantsfarmus.duckdns.org> I'm running a pruned node with `docker run -d --restart unless-stopped --name="monerod" -v ./data:/home/monero/.bitmonero -p 18080-18089:18080-18089 sethsimmons/simple-monerod:latest --rpc-restricted-bind-ip=0.0.0.0 --rpc-restricted-bind-port=18089 --public-node --no-igd --no... (full message at <libera.ems.host/_matrix/media/v3/do…6ee1f433b95e93860cef431b36aa64779c3>)

It was 1GB lmao

<luna24[m]> "In the course of a year the..." <- Damn, is there any solution in place to make it less spacy

orion_midast: prune it

<askiiart[m]> "> <@askiiart:plantsfarmus...." <- You should run it in a vm instead, docker can be unstable at times and shut your node off

Happy Easter btw for those that celebrate

How much does it cost today in USD to start mining Monero ?

0

download termux on your phone and start mining

But can we expect any revenue or its just for the sake of contributing ? Which is great by the way

now, if youre talking about starting a mining rig or farm, thats a co,pletely diff qustion

* Which is still great by

no, dont expect revenue

expect to offset inflation

Are there farms for mobile miners lol?

define farm

tldr yes

on reddit i seen a phone inside a fridge, with a water bottle on top of it

ofrnxmr[m]: Sorry I meant pools

s/farms/pools****/

same pools as everyone else

there arent "rysen only! 3900 or greater! on linux!! only!!!" pools

whether its a radio, a desktop, a phone doesnt matter.

1cpu 1vote

1 hash = 1 hash. doesnt matter if its from for cats treadmill

your*

Makes sense

<orion_midast[m]> "How much does it cost today in..." <- Cost of a computer and electric from the wall

cost of computer is 0 if you have one

if you go build a rig just for mining, diff story

<orion_midast[m]> "Are there farms for mobile..." <- I’ve seen it, people get old androids with a specific cpu chip and put them in a suitcase with foam and a small fan to make a like farming cluster haha

loking at 700-1000 on a build with a 39 or 59 series ryzen

What if I want to profit from mining, what is the minimum I should expect to spend on that investment

luna24[m]: i just remove the batteries and run at half cores shrug

no cooling

ofrnxmr[m]: Pretty much what I was getting at since he was prolly typing on a computer or laptop

ofrnxmr[m]: Yeh same, I just use my

Old as phone 😂

If it does it dies, Idc

android tvs work too,,

I have like 3 spare phones I can use atm haha

True

and they do nothing all dyay anyway

orion_midast[m]: Don’t go into mining to profit, go into it to secure the network.

might as well mine in the bg

luna24[m]: nah

go into it to secure your own tx and your own value

True

example. i mine because i dont want abc big guy taking all of my tx fees and the sub1% inflation

you dont get paid to secure a network, but it should offset your costs of participation

if youre getting rich mining, its becuse itsnot properly decentralized and there is more incentive to secure than there is security

xmr at 15k with the same hashrate makes us all grifters who know the network security is going to us poping champagne instead of adding rigs

example visa. visa PAYS a lot to run and secure their network. if visa uses xmr, the cost to run it are distributed. instead of visa requiring 2.5% to pay employees, everyone pays a small amount but is rewarded for it by not being affected by inflation

typical visa users are charged 5-10% over cost because visa charges the merchant 2.5% to process each tx.

if a merchants costs become just tx fees of their own, it makes sense to mine their own tx and recoup their (avg) customers fees + block reward

but if they can get rich, why sel pizza. just close the shop and make mining the entire business (clown bitcoin/asic/gpu world)

thats imo why "crypto" is so twisted. its largely unbalanced and designed to be a for profit game

companies want $$ so they mine and then lobby to or manipulate the price. its got nothing to do with technological progress, largely just reverse robin hood

lol i think im ranting now 🤔 lol

topic says be excellent to each other (including yourself) so don't say you are ranting.. _rooter taught me to love myself and my neighbour

thank you for the interesting perspective

you are always ranting ofrn 😂

haha haha

reported^ ignored^ and blocked^

<ofrnxmr[m]> "xmr at 15k with the same..." <- what are you trying to say here? Personally, I would appreciate if XMR was offering "more" financial incentive to mine on its network. We cannot rely on idealism when if comes to long term network security.

its not idealism

idealism: "I am helping secure my own monetary network with my 1000 H/s"

i think i stopped before i went down that rabbit hole

and ive had 20+kh from bundling 300h devices and made far more than ive spent

producers produce

okay based and all, but that is anecdotal evidence.

<ofrnxmr[m]> 1 hash = 1 hash. doesnt matter if its from for cats treadmill <<>> <3

vast majority of individual XMR miners earn peanuts.

thus, the financial incentive isn't there for them.

companys refer to the populous as consumers for a reason, but thats a long discussion

k4r4b3y[m]: nonsense

the people who mine btc dont mine it because they rather not pay visas 2.5%

merchants still pay visas 2,5% and dont mine

bro I was a miner on p2pool. I could only amass 5k H/s, and I it took me a long time to get to 0.1 XMR.

consumers consume

bro

im not a p2pol miner

it is peanuts.

orion_midast[m]> What if I want to profit from mining, what is the minimum I should expect to spend on that investment <<>> to get an ROI you need cheap electricity, My ROI is the heat death of the universe

what if mining was a hobby - and it made you happy, priceless <3

I do enjoy the heat produced when it is cold

i mine solo

with old broken phones

and hit blocks bro

peanuts like 500 a year for 10 a year in power

nioc: How much does the hardware cost was more what I was asking

plowsof11: this is a weaker incentive than greed.

you said profit which includes running costs so....

ofrnxmr[m]: good you earn 0.6 XMR. that will be what, 80 bucks?

what is your electricity bill my dude?

shut up mr doesnt know fuck all

10 a year

lol

i have all the knowledge and skills to set up 5 mobile phones to mine at 100k/s, this makes me happy, i also deliver pizzas on the weekend and buy monero with the profits

he gets his elec from cats on treadmills

^

> 5 mobile phones to mine at 100k/s,

Citation required.

^

> <@k4r4b3y:halogen.city> > 5 mobile phones to mine at 100k/s,

>

> Citation required.

50

plowsof11: Damn, what if monero ded

and exaggeration obv

i will put my skills into wownero

but 20-25kh easy af

plowsof11: What if all crypto ded

ofrnxmr[m]: wut? with how many samsung galaxy s20 devices are you getting 20kH/s??

monero dies when morbs take over

ofrnxmr[m]: What if internet ded ? World war 3 happens and no more wifi or internet for anyone

k4r4b3y[m]: 300-599h per device

android tvs and my old broken phones

that will be like 40 phones

i dont have that hr anymore

k4r4b3y[m]: mhm

and if i run at max hr is double

ive seen an actual enclosure for multiple phones, cant find it atm

ty for a scalable example lol perfect

1,2kh/4devices=300h/device

the complaint was about battery safety - but its possible to hard wire phones from a UPS or something,

k4r4b3y: Free entry causes zero economic profits. It is not really possible to make Monero mining profitable if there is free entry.

This is basic microeconomic theory

if money where falling from the sky

some phones dont need a battery to turn on, others only need it during boot

so once booted, batteries are removesa

ndroid tv doesnt have batteries tho

good point

and yes. bitcoins price has to have an roi

It always makes me laugh when people talk seriously about mining on phones

otherwise asics dont get produced

merope1: shrug

i laugh at solopt

but to each his own

ofrnxmr[m]: So each device earns 0.008 $/day

i also solo

with my measly hr

Rucknium[m]: one can also argue there is free entry to mining with Bitcoin (mining on a CPU and all, you still get hashes, hey)---but I see what you are saying.

However, that still doesn't make a point against the fact that greedy mining is a better long term network security provider than hobbyist mining.

ofrnxmr[m]: oooh.. shots fired...

"be excellent to each other" smh..

consumers consume

i spoke of producers mining, not hobbyists

> <@k4r4b3y:halogen.city> oooh.. shots fired...

> "be excellent to each other" smh..

he who threw the first stone

ofrnxmr[m]: are there such a thing as "monero producers" ? All I see are neckbeard hobbyists..

yes, cake mines lol

ofrnxmr[m]: wut? really? what is their rig?

as do a lot of us who accept xmr for our sevices

"Greedy" and "hobbyist" are just high-level descriptors of two different strategies, at the end of the day

k4r4b3y[m]: was posted on twitter last year. dont remember

undisclosed location

Some people can afford to mine at a (small) loss today and hope for a price bump tomorrow

Others need to pay the bills right now

merope1: I don't agree. There are lots of bitcoin miners who know jackshit about Bitcoin's culture/history/etc.

yeah, grifters

who rely on price and nothing else

Ultimately the only difference between the two is the coin price you use when calculating profitability

k4r4b3y[m]: I'm strictly talking about the mathematical formulation of profitability

ofrnxmr[m]: yes

A lot of industries make zero economic profits on average. Does that mean that the industries will disappear someday? No.

Rucknium[m]: can you give an example for such an industry?

the universe will disappear some day

bitcoin exports energy

If miners don't make a profit, then they are deliberately paying out of their own pockets to secure the network. And you can't expect to reasonably secure a global decentralized network from donations alone

2018 : the money that Uber collects from fares isn't enough to pay for its revenue and operating costs; therefore, Uber loses money each quarter.

merchants pay 2.5% out of pocket and comers pay mor

Exactly. So are you makinga point for "my" argumentative position?

Trucking. Transport. Very low margins. Not much differentiation in product/service quality.

visa pays mutiples more % to keep their own networj up

k4r4b3y[m]: Grab the balance sheet or 10-K filing of any tech startup.

plowsof11: Uber is a scam. They brand themselves as a tech company with running goal posts each year. Decentralized taxi sharing company, self driving car company, food delivery company, etc. etc.

Siren[m]: Or any big tech company that was founded in the past 5 years

plenty of industries run at net losses yoy

corps*

k4r4b3y[m]: It's not a scam. Investors don't care about net profits. They care about growth.

k4r4b3y[m]: Monero isn't this.

monero development runs at a net loss

undergound

ofrnxmr[m]: well that's not good, if true.

> <@k4r4b3y:halogen.city> >And you can't expect to reasonably secure a global decentralized network from donations alone

>

> Exactly. So are you makinga point for "my" argumentative position?

I was pointing out that "greedy"/speculative mining comes with risks attached, and while some people can afford to take them, you can't claim that it's a better strategy

or expect people to choose it

(Emphasis on "expect")

okay, let's see: the risk with greedy mining is that miners simply stop mining it. And as less miners is there, the difficulty adjusts and remaining miners get more coins and thus the mining activity becomes again profitable for them. I am sure we all know about this. Is there any other risks with this greedy mining scheme?

I am of the opinion that if a human activity is expected to go on for a long time, it should have economic profitability.

I'm talking about the financial risk. If you mine at a loss today, it means that you are actively losing money today while hoping that the price goes up enough to put you back in the net positive tomorrow when you actually sell your coins

If the price never goes up, or doesn't go up enough, then you've lost money

And obviously you can't afford to keep losing money forever

There have already been a bunch of large-scale btc farms that have gone bust for this exact reason

Right now unless you have almost free electricity it's better to just buy coins

obviously---hence, pure hobbyist mining cannot keep monero afloat.

k4r4b3y[m]: Sure it can. Profitability is about electricity cost vs hardware efficiency

So if you have cheap enough electricity, or efficient enough cpus, you can break even

If you have solar panels at home, it can be nice to mine during the day

And the system has a tendency to stabilize around this breakeven point

(Averaged out across all miners)

merope1: No, you said "you can't afford to keep losing money forever."

it's mostly free money, since electricity sold to the grid is definitely underpaid (IF they accept it)

I did not contradict myself, and I have formulas at hand

okay, okay.

Obviously, I am immensely happy with the route monero has taken: randomx + cpu centric mining. I am just a bit unsatisfied about how little the mining activity brings profits.

Have a look at this, play with the numbers a bit. There's also a table at the bottom with a bunch of cpus for reference

merope1: I will take a look at this.

k4r4b3y[m]: It brings low profit because anybody can mine it, and there are a lot of miners :)

Ah dang, it's still the old version that doesn't include the column with the $/kWh earned by each cpu

Should look like this:

some people in third world countries still have electricity for under €0.10 per kWh so XMR mining is profitable for them

"Low profitability" means that users are getting a great deal for blockchain security (higher security relative to lower cost in new coin emission). The blockchain exists for the users.

one of the parts that made btc possible was greedy mining

xfedex[m]: so monero is over-selling its network privacy to the miners who produce it. And thus most miners make little to no profit.

security

k4r4b3y[m]: I meant to say, "network security"

the definition of greed may vary

Don't worry, nobody is greedy about BTC anymore hehe

saylor :D

xfedex[m]: THIS.

bitshit is going out!!

k4r4b3y[m]: It means that there are many miners who are willing to mine at a loss

I can't find the hashrate share of Bitmain ASICs, but I guess it's more than 50% of the nethash

The other thing that throws a wrench in the gears are botnets

Because they don't have to pay for electricity, so their profitability is effectively infinite

is the 1 GH/s botnet already running?

(At least from an energetic standpoint)

*still

merope1: I contest the "willing" part. There are many miners who are unaware that they are losing money after the calculations evens out. And I would argue that there is a fresh class of optimistic miners replacing the old, burnt out mining people.

the other benefit of mining is obtaining those coins without the need to use other channels which may not suit the person

So while they add hashrate to the network, they also take money away from legitimate miners who need to pay their bills

merope1: do we have ANY proof that there are active large botnets out there mining monero?

k4r4b3y[m]: Absolutely, there has been in the past an 1 GH/s botnet (i don't know if it's still running) which had HUGE hashrate fluctuations

k4r4b3y[m]: Anecdotally, I see "many" people who choose to mine even when they look at the numbers (or at least - claim to do so)

Pool ops deal with botnets all the time. Typically they're relatively smaller (1-50 MH/s range-ish) and spread out

merope1: what is the plural of anecdote?

xfedex[m]: can I get a source on this one?

k4r4b3y[m]: Look at network hashrate spikes

more of a question for Rucknium[m] lol

alright. interesting.

k4r4b3y[m]: Yes, me. I remember clearly seeing that botnet with >1GH/s mining on hashvault.pro

That huge botnet even shows up in the block nonces

Plenty of reddit posts about it as well, they even found out its mining addy I think?

yes, the mining address was found

xfedex[m]: Is this the recent huge spike we talking about? Are we sure that it was a "botnet" and not a rogue technician re-machining the supercomputer cluster of his university one night?

IIRC r/MoneroMining had specific evidence of a huge miner occasionally mining on a pool. The pool publishes IP address and XMR address of miner (hard to understand why they do that).

there is a whole history over the years, they exist

look, we all know there are huge spikes to mining hashrate. I am asking do we know if the cause of this spark is botnet related and not a dedicated farm/supercomputer/etc.

Plus, pool admins have issues with botnets because they tend to ddos pool servers

k4r4b3y[m]: Only God knows what the frick it was. But it was using a few xmrig-proxies, and it had ondulatory hashrate which had a peak of >1GH/s every 8 hours or so, and a much lower bottom (<300 MH/s)

merope1: ddos'ing a pool operator with botnets is different from mining on his pool with botnets.

xfedex[m]: OK. But I was asking for an evidence of a large xmr mining botnet. I am not interested, for the moment, in other stuff.

No, it's specifically ddosing through the mining activity. When you slam a pool with connections and shares from 10k-100k devices, it tends to break stuff

Source: talk to pool ops

merope1: hmm, yeah, I give you that point. You are right.

There have been a few semi-academic papers about botnet activity: moneroresearch.info/index.php?actio…n=resource_RESOURCEVIEW_CORE&id=143

And the complementary piece of evidence is the fact that mining malware is eventually found by the victims, and from that we can see their mining addresses, and thus we can assume that all other devices mining to the same addy are also botnet victims

thanks for the links ruck. I will see them.

It's not a difficult pattern to spot, once you know what to look for

>And the complementary piece of evidence is the fact that mining malware is eventually found by the victims

Where are the news of these victims? (I am looking at the links that ruck has sent now)

Ironically, if most botnet owners weren't skiddies, they'd know how to set up a proxy and hide their tracks to look like a regular mining operation

I don't think the papers attempt to estimate the prevalence of mining botnets. It's more discussing defenses against them. The fast that defenses are worth so much electronic ink suggests the issue is "big enough".

Just search for news about "mining malware"

Filter out all the fluff articles, and look for the ones that try do to some analysis on the malware behaviour

i wonder why botnets usually mine on pools, instead of solo mining

Because they'd have to run a node, which takes storage space and cpu/ram resources

yeah why not they form a pool of their own, right?

Can't run it yourself because it would be a direct link to you

And can't really run it on a victim device because it would be very easy to spot a 60GB blob and your cpu and network getting slammed

(Even more than the miner alone already steals)

merope1: you would need a server anyway, because otherwise you can't update the botnet miners

(By "run it yourself" I mean on a device/ip thay's linked to you)

But the C&C server can be very light. A node is not

merope1: I am sure there would be ways to obfuscate this link

Not without compromising on performance or significant technical hurdles

And most botnets speficically go for the low hanging fruit

run it on a mullvad vpn lol

And get blocked immediately as soon as someone reports their machine being infected?

And/or not even start because network admins start blocking mullvad ips preemptively

victim sees his machine is making connections to a vpn

how is the perpetrator getting his server blocked?

Not his server, just the victim's connection

But if all victims block you, then you have no more victims

but now you moved the goal post from "VPN/VPS provider blocking you" to "victims blocking your malware"

Again: assume low technical competence on the botnet owner's side, many of them tend to be script kiddies

which case are we talking about?

alright alright. I am making a stretch.

k4r4b3y[m]: One victim reports a malicious connection associated with your account -> mullvad blocks all your connections and your account

merope1: but mullvad doesn't keep logs! (TM)

Doesn't have to

that would out their company as fraudulent and would cause some damage to their reputation, losing other customers blah blah

Again, that's not strictly necessary. They can still look at your account in real time - and obviously some of their software has to be aware of your account, in order to manage it

So all it takes to out you is one report of malicious activity and a "no illegal activity" usage policy

ggwp

... until you rotate accs/keys and then it's back to square one

But that becomes a cat and mouse game, and generally speaking (TM) you can assume many won't bother with that

merope1: it depends on the costs to attacker versus to defender.

cat can't keep on running if the excess energy he spends to catch the faster running mouse leaves him dead

A similar thing already happens with pools even: many pools have a no botnets policy, so when they get a report of botnet activity they will ban the account and the botnet will be forced to change pool

The "solution" in this case is picking a pool that doesn't care

merope1: or, botnet operators registering a new wallet address per botnet miner

This was a big reason why minexmr had so much hashrate: the owner did not care

k4r4b3y[m]: this would avoid detection by the pool ops

k4r4b3y[m]: Typically they also get ip banned

hmm

but the machines comprising the the botnet are generally geographically dispersed?

so one fridge from the USA mines some, and one car radio from the europe mines some, they register different 4... accounts, but in fact the same hacker controls those wallets

But they will have the same ip address (particularly servers), so if you ban the wallet and the ip, the victim won't be able to mine even after you rotate addresses

how is it the same IP address? I am telling you, one machine is located in the US, the other in EU.

Of course, things are a bit more messy with residential users with dynamic ips

k4r4b3y[m]: infected machines are many andnot necessarily restricted to the same geographical area

k4r4b3y[m]: I'm talking about the individual machines keeping the same ip over time, not that they have the same ip

You don't ban one ip address, you ban all ip addresses associated with the address on the pool side

*with the wallet address

merope1: well, why would a pool operator ban a machine that mines on its pool? you think some of the victims will notice, take a look at the botnet's outgoing connections, decypher the IP and alert the pool operator? too much work for the average joe..

You are making a mess lol

merope1: I am telling you, the botnet master can create a new monero wallet payout address per infected machine

how would the pool operator understand that this 300 H/s miner is connected to a larger botnet ops?

merope1: a mess that can be managed, algorithmically, can be scripted, etc. It is not that difficult, I would say.

k4r4b3y: Not feasible in the slightest. Mining pools have minimum payout thresholds for every XMR address.

Rucknium[m]: Ah, that is one real hurdle, right.

k4r4b3y[m]: I mean you are getting confused on who does what

We will do it on the p2pool then.

Victim says "hey pool op, i found a virus on my server and it's mining on your pool. This is my ip and the wallet it's mining to"

merope1: OK. One wallet address and one machine got burnt. Out of what, other hundreds? Also, again, the average joe isn't going to have the knowhow to alert the pool op. The average joe will only run an antivirus and get rid of the virus that infects his machine.

Pool op says "oh shit, thanks for the report". Then the look in the pool database for all the ip addresses sending shares for the botnet's wallet address (because they have it) and ban all the ip addresses associated with it

and that's until the botnet clients start using proxies, VPNs, and Tor

>Then the look in the pool database for all the ip addresses sending shares for the botnet's wallet address (because they have it) and ban all the ip addresses associated with it

Man, I am saying that each machine on the botnet mines to a new 4... address

no address reuse

> <@k4r4b3y:halogen.city> >Then the look in the pool database for all the ip addresses sending shares for the botnet's wallet address (because they have it) and ban all the ip addresses associated with it

>

> Man, I am saying that each machine on the botnet mines to a new 4... address

But if the same machine has the same ip address, then the pool will refuse connection when the miner tries to connect

the only credible hurdle is the one that Rucknium posed: the 300 H/s miner will have a long while to get a payout.

but again, the botnet operator doesn't care. It is not his machine that is slaving away countless weeks.

then they will use any combination of a different pool and / or an IP obfuscation

k4r4b3y[m]: Which is why all botnet victims mine to the same addy, or at best a small handful of addys for the most elaborate cases. You will see that if you look at the breakdowns of how this type of malware operates

merope1: Again, I am saying, OK, one machine got busted out of hundreds. How is the pool operator going to locate the other botnet miners in his pool, if the per machine the botnet master is using a new 4.. address and the infected machines are geographically dispersed (no same IPs).

k4r4b3y[m]: .

k4r4b3y[m]: Because you are making a wrong assumption about the initial setup: all botnet victims will be mining to the same addy

So you can immediately find all ip addresses associated with each wallet address

merope1: Well, that is YOUR assumption. My botnet master in MY scenario is a bit more sophistocated, and he makes each infected machine create a new wallet address to mine to.

lol fastasy

Like I said: go read up on real case studies and you will see that pretty much nobody goes to that level of sophistication

merope1: well lack of evidence just yet doesn't strike the hypothetical scenario as unfeasible.

In fact, they have an incentive against it

the moon could be made out of cheese in my scenario, so youre wrong endor

ofrnxmr[m]: lol go away dude

maybe when you go do some research

just a parrot

Since malware miners can be considered "ephemeral", you want to make as much as you can before they get busted. So you want to cluster them up to reach payout as quickly as possible

merope1: OK. That is credible. I understand this.

Much easier to change pool once you get banned, until you find one that doesn't ban you

much easier to change the addres for all miners too

botnets dont even use wallet addresses

nah, you can algorithmically generate new wallets

they just use xmrig proxy

I don't believe wallet address generation is a hurdle for a "sophisticated" botnet master

why?? all bots mine to a proxy

why would someone ddos a pool like an idiot

Here's one example of a fairly sophisticsted botnet: blog.talosintelligence.com/prometei-botnet-improves

k4r4b3y: Most reasonable #monero debater 😎

Most people don't change their minds about anything

i dont make blind assumptions and then force others to prove me wrong

using things that are already proven

not even assumptionsm, but hypothesising situations that are what people did long before effeciencies came about

Here's another clue for the lack of sophistication: the official releases of xmrig are almost always reported as malware by antivirus software, because most botnets don't even bother compiling their own version of xmrig (not even removing the dev fee). So antivirus software doesn't even need to do a deep analysys of the software, just do a byte-for-byte comparison and look for matches

they seem like all amateurs.

time is ripe for a better botnet master.

go show them how it done lmao

heres a recent one

this one even highjacks your clipboard to replace the send address iirc

amateurs frfr

<merope1> "Here's another clue for the lack..." <- Wow. The lack of effort... It takes 5 minutes!

What is SHA3??

sha2+1

:P

ofrnxmr[m]: Whats that?

I don’t know if its a joke

yeah a joke.

chatgpt /bing "what is sha3"

SHA-3 (Secure Hash Algorithm 3) is the latest member of the Secure Hash Algorithm family of standards, released by NIST on August 5, 2015¹. It is a subset of the broader cryptographic primitive family Keccak (/ ˈkɛtʃæk / or / ˈkɛtʃɑːk /), designed by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche¹.... (full message at

<libera.ems.host/_matrix/media/v3/do…e81d535e98089c7291e7e5e46c673cf011d>)

Sha1 or gfto ;)

Just use MD5 and be done!

Cleartext less problems

Anyone know why whonix removed monero-gui from their default installation? Whonix/anon-meta-packages b38990f

The monero-gui repo on their github is gone too. Is there a replacement coming?

Ah I found it, they're recommending flatpack now: forums.dds6qkxpwdeubwucdiaord2xgbbe…-for-virtualbox-point-release/16469

BusyBoredom: yep, thats where the flatpak ccs came from , seems to be the successor

Got it, I didn't connect those dots until now

so the whonix maintainer has a custom debian APT repository @ deb.whonix.org (which people have to manually add to access) - and, is it "gone" from there now? i dont know, had a quick look but couldnt find it, noticed some ctrl+f electrum things still though

thanks BusyBoredom for confirming , so yeah, electrum ok , monero not