Have you created a ShazzleMail account on your smartphone? This is a required first step.

Yes No

Free Encrypted Email

privacy-coins-and-bitcoin-dominance-guide

Privacy Coins and Bitcoin Dominance Guide

August 7, 2018

The advent of Bitcoin has proved to be a key landmark in the way that money is thought about because it has demonstrated that it is possible to create an entirely decentralized incorruptible and spendable digital currency. However, while taking into account all the successes that Bitcoin has managed to achieve, the digital currency has shown itself to be weak in one area in particular: privacy. This has resulted in the emergence of privacy coins that threaten Bitcoin’s market dominance.

Privacy and fungibility
One attribute that is often credited to Bitcoin is being an anonymous digital currency, however, this is incorrect. Bitcoin, at best, is more pseudonymous than it is anonymous. It is pseudonymous because user identity on the Bitcoin blockchain is obscured, as users’ names are substituted for public addresses. This protection is not one that can be described as being truly anonymous, because if an individual can attach a Bitcoin address to a user, then it suddenly becomes possible to monitor the transactional activity of that user.

The privacy weaknesses found in Bitcoin also produce issues about fungibility. Fungibility is a concept that can be defined as the ability to exchange a unit of a commodity or good. For example, the U.S. dollar is a fungible fiat currency because one unit e.g. one dollar can be exchanged for another dollar bill. The problem of fungibility becomes more acute when one considers the below example:

Within the Bitcoin ecosystem, if it becomes known to network participants that a Bitcoin address is engaging in illegal activity, then the Bitcoin housed within that wallet address may be regarded as being “tainted” by the wider community. This might create a situation in which other participants i.e. merchants refuse to accept that tainted Bitcoin, so as not to fund further illegal activities.

Therefore, in this scenario, Bitcoin would effectively be less fungible, as it would become considerably harder to exchange one unit of Bitcoin. More robust privacy features would resolve this fungibility concern, because if an individual cannot determine the origins of received funds on the blockchain then they have no knowledge as to its history.

Privacy coins: Monero, PIVX, Zcash, and Dash
Bitcoin’s privacy weaknesses have encouraged the development of privacy-focused cryptocurrencies, with the popular privacy coins being: Monero, Zcash, and Dash.

Monero
Monero was launched in 2014 and utilizes three distinct technologies to achieve true user anonymity on the blockchain.

Ring Signatures – Monero ring signatures are intended to protect user privacy on the input side of a transaction. Ring signatures operate by fusing a group of possible signers to produce a distinctive digital signature that possesses the capability of executing a transaction. The result is a scenario in which it is extremely difficult for third-parties to determine the individual that actually initiated the transaction.

Ring Confidential Transactions (RingCT) – Monero RingCT functions by obfuscating the value of funds on the Monero blockchain. Monero achieves this by employing a cryptographic proof, which shows that the input of a transaction is equivalent to its output. It is important to note that this is accomplished without revealing the value of the actual transaction.

Stealth Addresses – This third privacy feature provides anonymity to user addresses on the Monero blockchain. Stealth addresses necessitate that a sender in a transaction creates one-time addresses for every transaction on the recipient’s behalf. This then makes it difficult for third-parties to link transactions to the recipient’s actual address.

PIVX
PIVX, which stands for Private Instant Verified Transaction(X), is another privacy coin that utilizes Zerocoin, a protocol that provides transactional privacy for users on the PIVX blockchain. PIVX’s implementation of Zerocoin makes viewable PIV coins anonymous, to preserve user privacy and fungibility of the native asset. This is achieved via the use of the second-tier PIVX masternode.

Zcash
Zcash is another privacy-centric cryptocurrency that was founded by Zooko Wilcox. The privacy feature that Zcash is known for is the cryptographic zero-knowledge proof that it employs, also known as zk-SNARKs. This privacy feature operates by encrypting transaction data on the blockchain. The feature can determine the accuracy of the encrypted transactional data without having to reveal it.

Dash
Dash is another popular privacy-focused digital currency that is intended to provide privacy functionalities to users on its blockchain. It does this primarily through the use of its PrivateSend function. This operates as a coin-mixing service that mixes a user’s funds with others on the network, which then makes it difficult to identify where mixed funds originated from.

Conclusion
It is undoubtedly the case that Bitcoin is the most dominant digital currency currently operating in the space. However, this dominance has seen erosion, as more digital currencies offer innovative features that cannot be found in Bitcoin. This is a scenario that has played out, with privacy coins such as Monero, PIVX, Zcash, and Dash achieving some levels of success.

Tags: , , ,

Web threat

Privacy Coins Fall Through The Ranks As Market Caps Decline

July 30, 2018

Bitcoin.com has reported that the market caps for many privacy coins have decreased significantly over the course of 2018. Although privacy coins are still among the leading cryptocurrencies, they no longer occupy a single position in the top ten list.

Bitcoin makes its transactions viewable on a public blockchain, and those transactions could (in theory) be connected to deduce an address holder’s identity. The desire to find a solution to this problem has led to the creation of privacy coins like Monero, DASH, and Zcash, which gained popularity in April 2017.

Each coin was once prominent, but now, the market cap of each is falling. There are various possible reasons for the decline of each: Monero‘s recent conflict over ASIC mining has led to four different forks and contributed to the coin losing 64% of its market cap. DASH is facing accusations of instamining and has lost 84% of its market cap. ZCash has a rapidly fluctuating price, but has lost 56% to 67% of its market cap according to Bitcoin.com.

It is worth noting that Bitcoin.com is measuring the decline starting from the high market caps that many coins had last December. Immediately after this, there was an overall market crash, which means that the privacy cryptos in question are not the only coins suffering. Bitcoin itself has had its market cap fall by approximately 40% since December, meaning that, relatively speaking, the numbers are not as dramatic as they seem.

Additionally, the fact that coins are falling through the ranks is not solely due to falling market caps: the ascension of new coins is also a factor. The past year has seen coins successfully market themselves on other non-privacy features. EOS popularized the designated proof of stake model, which propelled it to the top 10 in January. More recently, Tether surged as a stability coin with a market value tied to the US dollar, and entered the top 10 in July.

Tags:

venmo_pub_priv

SECURITY NEWS THIS WEEK: MAYBE GO AHEAD AND MAKE YOUR VENMO PRIVATE

July 25, 2018

THIS WEEK STARTED with a controversial, widely derided meeting between President Trump and Russian leader Vladimir Putin, and ended with… an invite for round two! And yes, all manner of craziness managed to happen in between.

That includes yet more denials on Trump’s part that Russia interfered—and continues to—with US democracy, a stance that has serious repercussions, however many times he walks it back. The Putin press conference performance also prompted concern across the aisle, as senators Marco Rubio and Mark Warner cast it as a major setback in efforts to safeguard the election. For what it’s worth, here’s what special counsel Robert Mueller’s been up to lately, and where he’ll likely go next.

The week wasn’t a total Trumpapalooza. RealNetworks offered a new facial recognition tool to schools for free, introducing a host of privacy-related concerns. And a company called Elucd is helping police better gauge how their precincts feel about them by pushing surveys out through apps.

Good news could be found as well! We talked to the Google engineers who built Secure Browsing, a suite of technologies that underpin security for a huge amount of the modern web. We profiled Jonathan Albright, the academic who has shined the brightest spotlight on Russian influence campaigns in the 2016 election and beyond. And we took a look at two tools Amazon has tested that could help its leaky cloud problem.

There’s more! As always, we’ve rounded up all the news we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.

Venmo’s Public Defaults Start to Cause Problems
Privacy advocate and designer Hang Do Thi Duc this week brought attention to payment app Venmo’s lack of built-in privacy. Her site, Public by Default, taps into Venmo’s API to show the latest transactions taking place on the platform. In fact, the nearly 208 million public Venmo transactions that took place in 2017 can all be viewed at this URL. But while Public by Default explores the inherent privacy issues with Venmo’s opt-in privacy in largely anonymized fashion, a bot emerged Thursday that tweets the usernames and photos of any users that appear to be buying drugs. Not ideal!

Ideally, Venmo would go ahead and make transactions private by default. But because it’s structured as something of a social network—peeping other people’s emoji transaction descriptions is part of the appeal—that’s unfortunately unlikely. Instead, to better protect yourself, open the app, tap the hamburger menu in the upper left corner, tap Privacy, and select Private. You’re welcome!

The DOJ Will Make Foreign Interference Public
In a departure from current policy, deputy attorney general Rod Rosenstein Thursday said that the government will let American groups and individuals know when they are the subject of an effort to subvert US democracy. The Obama administration notably didn’t do so in 2016, fearing that going public with Russia’s actions would appear politically motivated. It’s unclear exactly how the new policy will play out in practice, given that those sorts of disclosures will require a “high confidence” in attribution—tricky, especially in the digital sphere—and that the DOJ presumably won’t make any disclosures that would threaten ongoing investigations. Still, it would at least presumably prevent the current administration from trying to downplay or cover up any intrusions in the 2018 midterms and 2020 presidential campaigns.

Ransomware Attacks Plague Medical Companies
A pair of high-profile attacks hit sensitive health care targets this week. Ontario-based CarePartners got hit with ransomware that locked out medical histories and contact info for as many as tens of thousands of patients, and apparently credit card numbers and other sensitive information as well. And the same SamSam malware that hobbled Atlanta struck LabCorp, a major lab services provider. Hackers apparently demanded $52,500 to free up the affected machines, but LabCorp appears inclined to simply replace them instead. Either way, it’s a good reminder that ransomware targets hospitals and other health care targets disproportionally, precisely because the stakes are so much higher.

A Robocall Firm Exposed Data of Thousands of US Voters
As if the scourge of robocalls weren’t bad enough already, a company called Robocent left hundreds of thousands of voter records, spread across 2,600 files, exposed on the open web. The data appears to have comprised mostly addresses and demographic information, but if nothing else it’s a reminder that the cloud needs better tools to keep this sort of thing from happening basically every week.

Tags: , ,

4000

WhatsApp WARNING – Chat app blasted in damning new report on privacy

July 17, 2018

The Electronic Frontiers Foundation, EFF, has published its latest annual privacy audit, dubbed Who Has Your Back?

The report, which has been run annually since 2011, analyses the policies and public actions of 26 companies, ranking them based on five categories.

These include “follows industry-wide best practices”, “tells users about government data requests”, “promises not to sell-out users”, “stands up to NSL gag orders”, “pro-user public policy: Reform 702”.

According to the latest Who Has Your Back? report, nine companies earned full-marks, including Adobe, Pinterest, Dropbox, Lyft and Uber.

Apple, Google and Microsoft narrowly missed-out on the five-star rating.

Microsoft and Google dropped a star in the category “stands up to National Security Letter (NSL) gag orders”.

Twitter, Snap Inc, Airbnb, and Tumblr were each awarded three stars.

However, WhatsApp only managed to score a paltry two-stars – one of the lowest marks in the Electronic Frontiers Foundation report.

Amazon received the same score.

“We were disappointed that two technology companies fell short of other online services: Amazon and WhatsApp,” the latest Who Has Your Back? report states.

“While both companies have adopted industry-accepted best practices of requiring a warrant for content, publishing law-enforcement guidelines, and publishing a transparency report, and while we applaud both companies for advocating for reforms to over-broad NSA surveillance, these two companies are not acting as leaders in other criteria that we examine.

“They don’t have the strong public policies related to notifying users of government data requests that we have come to expect from tech companies; they don’t publicly promise to request judicial review of NSLs; and they aren’t meeting our criterion about not selling out users.

“We urge both Amazon and WhatsApp to improve their policies in the coming year so they match the standards of other major online services.”

This is not the first time Facebook-owned WhatsApp has been singled-out by the Electronic Frontiers Foundation.

Back in 2015, WhatsApp failed almost every category in the report – earning a single star out of five.Although the chat app has improved in the last two years, there is clearly still work to be done, according to the categories defined by the EFF.

The latest Who Has Your Back? report also acknowledges the progress made within the technology industry with regard to user protection.

All of the 26 companies evaluated in the EFF report have implemented at least some of the practices highlighted by the Electronic Frontiers Foundation.

EFF Senior Staff Attorney Nate Cardozo commented: “The tech industry as a whole has moved toward providing its users with more transparency, but telecommunications companies — which serve as the pipeline for communications and internet service for millions of Americans — are failing to publicly push back against government overreach.

“Both legacy telcos and the giants of Silicon Valley can and must do better. We expect companies to protect, not exploit, the data we have entrusted them with.”

Tags: , ,

imrs

SECURITY NEWS THIS WEEK: CARRIERS STOP SELLING LOCATION DATA IN A RARE PRIVACY WIN

June 26, 2018

WHAT’S THAT? A week with nearly as much good news as bad in the world of privacy and security? It’s true! Especially the privacy part.

On Friday, the Supreme Court issued a hotly anticipated ruling in Carpenter v. United States, establishing that the government will need to get a warrant if it wants to track your location with cell sites. Meanwhile in California, it looks like residents might soon benefit from a privacy law that grants unprecedented power—in the US, anyway—over what data companies collect and what they do with it. And while this isn’t privacy related, strictly speaking, Apple’s new partnership with startup RapidSOS will push iPhone owners’ locations to dispatchers during 911 calls, saving first responders valuable minutes and almost certainly saving lives.

It’s not all sunshine and lollipops, of course. The same hacker group that meddled with the PyeongChang Olympics appears to be back, this time swinging at biochem labs in Europe. The hacking threat from China has escalated in step with trade war rhetoric. Pretty much every streaming device is vulnerable to the same type of DNS rebinding attack. Iran’s ban of encrypted messaging app Telegram has had a serious, layered impact on the country’s citizens. And deep fakes will make the already complicated issue of Twitter mob justice even more so.

But wait, there’s more! As always, we’ve rounded up all the news we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.

The Major Mobile Carriers Stop Selling Location Information
After a public blow-up around the sharing of location data with third parties—and pressure from senator Ron Wyden—all four major US carriers have pledged to stop the practice. The change won’t happen overnight; all of these companies have long-term contracts to unwind. But it’s a rare bit of good privacy news at a time when that has seemed increasingly hard to come by.

Alleged Vault 7 Leaker Indicted
Former CIA employee Joshua Adam Schulte was indicted this week; authorities allege that he was responsible for the devastating Vault 7 leak that revealed many of the agency’s hacking secrets. Schulte had previously been held on child pornography charges. The indictment also alleges that Schulte had surprisingly lax security practices for a CIA vet; he apparently reused a less secure password from his cell phone to protect the encrypted materials on his computer as well. He faces up to 135 years in prison.

VirusTotal Monitor Should Help Keep Apps From Getting Flagged as Malware
In 2012, Google acquired VirusTotal, a site that scans online malware and viruses. This week, it announced a new spinoff product, VirusTotal Monitor, that will help app developers avoid being accidentally flagged as malware. VirusTotal already aggregates what over 70 antivirus vendors consider malware, so devs can how compare their apps against that list for a little peace of mind.

Google Makes It Easier to Check Your Privacy and Security
While not exactly offering you higher levels of security, the new Google Account panel on Android—to be followed later on iOS and desktop—does make it easier to see exactly what your settings are, along with a “privacy checkup” and “security setup” that nudge you toward a more locked-down online experience. It also introduces a search function to make it easier to find whatever specific aspect of your account you want to vet.

Tags: ,

Introducing ShazzleMail Email and How it Works

Privacy is your Fundamental Human Right.

Our Daily Blog
privacy-coins-and-bitcoin-dominance-guide
Privacy Coins and Bitcoin Dominance Guide
August 7, 2018

The advent of Bitcoin has proved to be a key landmark in the way that money is thought about because...

Read more
Web threat
Privacy Coins Fall Through The Ranks As Market Caps Decline
July 30, 2018

Bitcoin.com has reported that the market caps for many privacy coins have decreased significantly ov...

Read more
venmo_pub_priv
SECURITY NEWS THIS WEEK: MAYBE GO AHEAD AND MAKE YOUR VENMO PRIVATE
July 25, 2018

THIS WEEK STARTED with a controversial, widely derided meeting between President Trump and Russian l...

Read more
4000
WhatsApp WARNING – Chat app blasted in damning new report on privacy
July 17, 2018

The Electronic Frontiers Foundation, EFF, has published its latest annual privacy audit, dubbed Who ...

Read more
imrs
SECURITY NEWS THIS WEEK: CARRIERS STOP SELLING LOCATION DATA IN A RARE PRIVACY WIN
June 26, 2018

WHAT'S THAT? A week with nearly as much good news as bad in the world of privacy and security? It's ...

Read more