-
m-relay
<jk:vin.ovh> henlo
-
m-relay
<zarter:matrix.org> Hi
-
m-relay
-
m-relay
<louis.signet:monero.social> Somebody salty about XMR-BTC swaps
-
m-relay
<louis.signet:monero.social> I member when fiatjaf asked for funding to specifically attack the Monero network
-
m-relay
<louis.signet:monero.social> Seeing bitcoiners support Samourai is probably hurting his soul
-
m-relay
<k4r4b3y:karapara.net> Has there been a recent drama between fiatjaf and based samourai?
-
m-relay
<bobbedbort> did fiatjaf get that founding? I thought we welcomed a stress-test, the problem must've been on their side.
-
m-relay
<k4r4b3y:karapara.net> Yeah.. Free pentest is good.
-
m-relay
<bobbedbort> sadly he didn't follow up, he was probably denied and kept silent about it
-
m-relay
<ofrnxmr:monero.social> He was paid for something else
-
m-relay
<k4r4b3y:karapara.net> Anybody else finding CalyxOS 's "Work Profile" useful in isolating their mobile Monero wallets from all their other apps?
-
m-relay
<k4r4b3y:karapara.net> One can enable/disable work profile on tge same app drawer of their CalyxOS
-
m-relay
<karano:poddery.com> its a feature in all androids
-
m-relay
<ctrej:matrix.org> Work profile is a standard android feature, accessible with apps like shelter
-
m-relay
<karano:poddery.com> very useful though
-
m-relay
<ctrej:matrix.org> I think its best to isolate information grabbing apps you need to have for some reason
-
m-relay
<karano:poddery.com> thoughi consider user profile more isolated , than a work profile.
-
m-relay
<karano:poddery.com> though i consider user profile more isolated , than a work profile.
-
m-relay
<k4r4b3y:karapara.net> Cool. However, one can have calyxos without the google spyware (to some extent)
-
m-relay
<k4r4b3y:karapara.net> That's right. But you have to change users. Work profile works without leaving your current user, and still isolates the apps from each other
-
m-relay
<karano:poddery.com> i suspect , some apps can still communicate across work profile
-
m-relay
<karano:poddery.com> so i don't consider it a fool-proof solution
-
m-relay
<karano:poddery.com> anyways this group is not for discussing this topic
-
m-relay
<k4r4b3y:karapara.net> What makes you suspect that?
-
m-relay
<karano:poddery.com> there are individual app services , which can hook onto other apps on the phone.
-
m-relay
<karano:poddery.com> there is also a setting which allows work apps to look for non-work apps directory.
-
m-relay
<k4r4b3y:karapara.net> Can you give an example
-
m-relay
<karano:poddery.com> like if you use a password manager app it can intercept what app you are using on screen currently ,and provide relevant data to you.
-
m-relay
<karano:poddery.com> of course the password manager would be one that you trust , so it won't harm your privacy.
-
m-relay
<karano:poddery.com> but you can just guess from it how much android apis are complicated for us to conclude everything is isolated.
-
m-relay
<karano:poddery.com> other examples are facebook services , which can detect any other app using the same code , and can share the unique advertising id across apps.
-
m-relay
<ctrej:matrix.org> work profile behaves exactly like user profiles, with the exception that the profile is loaded in parallel to your primary one
-
m-relay
<k4r4b3y:karapara.net> Yes.and it adds to its usability
-
m-relay
<k4r4b3y:karapara.net> I like the fact that I can start/stop the Profile in parallel to my primary user
-
m-relay
<seikoqq1:matrix.org> hello
-
m-relay
<seikoqq1:matrix.org> what could go wrong if you publicly listend monero daemon for your wallet rpc ?
-
m-relay
<seikoqq1:matrix.org> what could go wrong if you use publicly listend monero daemon for your wallet rpc ?
-
m-relay
<seikoqq1:matrix.org> what could go wrong if you use publicly listed monero daemon for your wallet rpc ?
-
m-relay
<seikoqq1:matrix.org> can daemon owners see wallet addresses ?
-
m-relay
<oldmancoffee:matrix.org> yeah, they'd be able to see every request you send their way
-
moneromooo
They cannot see your wallet address (if you use monero normally).
-
moneromooo
They can certainly fuck with you though. Public daemons are likely mostly spies. Some are good guys, but I suspect spies are the vast majority.
-
moneromooo
Monero splits its code beteewn daemon (which handles the chain/consensus) and wallet (which manages keys). The wallet generally assumes hte daemon did itsjob
-
moneromooo
Various leaks were fixed (maybe misguidedly) but it's unlikely everything will ever be, because it's not designed that way.
-
moneromooo
It's like your money. You may put it in a bank, but if you do, the bank can steal it.
-
moneromooo
Especially if it's paypal.
-
m-relay
<sgp:magicgrants.org> Monero background sync is now on by default in Cake Wallet and Monero.com! We also added Cake 2FA access control features, Ethereum + ERC-20 storage, Monero node proxy settings, and more!
reddit.com/r/Monero/comments/15ksld…ero_background_sync_ethereum_now_in
-
moneromooo
It might end up ok though. Until it's not.
-
moneromooo
Note to all who read that: monero.com is NOT monero. It's a private company that's squatting the name for their wallet. It's been a honest wallet so far, but it's still not what it tries to pass itself as.
-
m-relay
<seikoqq1:matrix.org> thank you, oneromooo
-
m-relay
<seikoqq1:matrix.org> thank you, moneromooo
-
moneromooo
I take back "It's like your money. You may put it in a bank, but if you do, the bank can steal it.", because a hostile dameon can't steal your monero, so that's not quite the best comparison.
-
moneromooo
The bank can see what you're doing, at least. A hostile daemon can't see as much as a bank would, but can still see things.
-
m-relay
<seikoqq1:matrix.org> I've got that, but they can get my wallet addresses and then do some cross-checks right ?
-
moneromooo
They cannot.
-
moneromooo
Unless you do something stupid, like asking them to mine to your address :D
-
m-relay
<seikoqq1:matrix.org> I'm using tx-notify on wallet rpc. How does that work ?
-
moneromooo
At what level of abstraction ?
-
m-relay
<seikoqq1:matrix.org> I mean, If I use a publicly listed monero daemon rpc, and also use tx-notify in my wallet rpc
-
m-relay
<seikoqq1:matrix.org> Does that mean my wallet addresses can compromise ?
-
m-relay
<seikoqq1:matrix.org> Does that mean my wallet addresses can be compromised ?
-
m-relay
<seikoqq1:matrix.org> like they can see my wallet addresses, right ?
-
moneromooo
Your wallet address will not be. However, given a fork+execve is slow, a daemon might be able to see a pause a dedice you received at least one output in a tx from a block you recently requested.
-
moneromooo
s/a dedice/and deduce/
-
m-relay
<seikoqq1:matrix.org> but daemon and wallet rpc are on different computers, how could it detect the timing for fork+execve ?
-
moneromooo
Well, statistics... luck... guesses...
-
moneromooo
If you sync lots of blocks, the daemon can get an idea of your tx processing time.
-
moneromooo
I have no idea how feasible it is in practice.
-
moneromooo
But generally, it tends to be "more than you'd expect".
-
m-relay
<seikoqq1:matrix.org> I see, so my wallet rpc does not send wallet addresses to the daemon whether to fire tx-notify or not, right ?
-
moneromooo
Right.
-
m-relay
<k4r4b3y:karapara.net> We have a simplex group chat for Turkish speaking Monero users:
-
m-relay
-
m-relay
<k4r4b3y:karapara.net> BPCRJOfEcdXCRWRrw%3D%3D%22%7D)
-
m-relay
<ofrnxmr:monero.social> Monero Community
-
m-relay
<ofrnxmr:monero.social> Monero Outreach