Really interesting read about evolution of use of dead drops in DNMs.
The statement about cryptocurrency privacy tech is kind of cringe-inducingly wrong ("Cryptocurrencies like Beam and Grin both provide a reasonable amount of privacy while also supporting atomic on-chain swaps between them and widely accepted cryptocurrencies like Bitcoin and Ethereum.") but don't let that put you off, a strong recommend.
@waxwing very interesting
@waxwing I wonder how the dropgang model could be applied to cash delivery for p2p exchanges?
That it relies on trust and reputation worries me, but maybe that's ok when it's based on direct experience and security deposits.
What I think is most interesting is the idea of creating many compartmentalized 'cells'. This should substantially raise the cost for attackers.
Also, instead of geocaching the cash, you can just point to an accomplice teller at a mini-market.
Yes, cells; but also layering, i.e. general separation of concerns ideas as in e.g. software engineering.
I have doubts that anything described in the essay is going on at meaningful scale (or maybe at all), it seems to me there are significant practical limitations. But obv it's going to be hard to know for sure! I agree about reputation, but DNMs always had that problem I guess.
the premise was a pair units in a storage facility communicate with each other, the customer facing one contains some sort of hardened vending machine (more like deposit boxes), where buyers and sellers transact with bitcoin with some form of escrow, and the controller hires arbitrators and assayers to determine prices for contraband.
@waxwing @PaulTroon then once the controller unit, which has the computer controlling the funds, has made enough money, it orders a bunch of equipment online to a newly rented pair of storage units elsewhere, hires a people on services like taskrabbit to come set it up (enforcing 2 man rule & least privilege). the new storage unit pair then pays its parent unit until the initial investment is covered, and then they sever ties, from which point it owns itself, no human operators required...
Yeah I guess so .. istr stuff about bicycles and airbnbs and whatnot, but yeah.
I'm interested in the idea of if somehow a video feed could be installed in a safety box and have it be cryptographically proven genuine so you know that when you buy the key to the box, you buy the item.
There are some slight difficulties with this idea :)
@waxwing @nothingmuch @PaulTroon hmm, i wonder what is an equivalent of the fiat shamir heuristic in meat space. otherwise the buyer can provide some sort of challenge to include in the video, but all the benefits are gone... and the video must also commit to the specific closing of the box. an interesting Reddit comment i once saw described using fracturing glass and recent 35c3 talk used glitter nail polish to create a unique pattern which once handled is not really reconstructed
autouncorrection: not *easily* reconstructed, i should know better than to use my phone for this kind of discussion
correction: apparently ideadates back to 30c3 not 35c3: https://media.ccc.de/v/30C3_-_5600_-_en_-_saal_1_-_201312301245_-_thwarting_evil_maid_attacks_-_eric_michaud_-_ryan_lackey though i didn't hear it mentioned in the talk, only here: https://www.wired.com/2013/12/better-data-security-nail-polish/
i heard about it from this tweet: https://twitter.com/peterktodd/status/1079036019054235648
i haven't been able to find the reddit comment
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!