It looks like blockchain solutions weren't terribly helpful to 8chan operators in getting their site back online -- despite the high hopes the operators had that it would be useful in making the site more resistant to attacks. https://t.co/AVQBcpl1QD
Great, balanced coverage by @danielgkuhn of 8kun's (ex-8chan) new effort to avoid deplatforming. Wherever you stand on this contentious issue, it's vital reading on the challenge decentralized tech poses to how we deal with free speech and public interest https://t.co/jbbDtJeymk
Ah, lovely, not only are we dealing with occasional brigaders, now we have Dunning-Krugerrand promotion :D
Just so you know:
a) Much like "the cloud" is actually Someone Else's Computer, "the blockchain" is literally just a series of crypto-signed timestamps.
b) Cryptocurrencies, in general, are (with some exceptions, namely, those specific cryptocurrencies actually pegged to a convertible currency on world markets) entirely too dynamic and erratic in real value to really be useful as currency save for some specific cases where the cryptocurrency is being effectively used as a form of money laundering; in addition, with a few exceptions (Dogecoin--actually meant as a parody--and non-mineable cryptocurrencies) cryptocurrency generation rapidly reaches a point of diminishing returns such that specialized equipment (the use of GPU and FPGA/ASIC mining) becomes necessary. Certain well known cryptocurrencies (Bitcoin and its forks) are, for all intents and purposes, unmineable for most people; likewise, Monero (from which the cryptocurrency portion Loki was forked) reached a point of Casual Unmineability (cannot be mined except through GPU mining) 2-3 years after its introduction in 2014 and is at, or approaching, Generalist Unmineability (requiring ASIC rigs--approximately 85% of Monero is in fact now generated via FPGA/ASIC rigs and it's now recognised Monero is not ASIC resistant).
c) In general, the claims about cryptocurrency being a source of wealth are very similar to claims re "goldbug" schemes, but arguably worse, considering the volatility of cryptocurrency markets.
d) The specific laws on the basic legality of cryptocurrencies vary wildly (with some countries considering it a de facto replacement for national currencies and/or a method of avoiding capital controls and thus illegal, some countries treating it as currency, some countries treating it in the same view as the Pokedollars in your average children's fantasy RPG where Meowth is literally your miner via Pay Day, and some countries (such as the US, notably) considering it a specific type of securities exchange. The US in particular fairly severely restricts IPOs for new cryptocurrency offerings, has specific "Know Your Customer" requirements for cryptocurrency traders, and specifically requires licensing (on a federal level, and also on state levels in many jurisdictions) to engage in cryptocurrency trade (such that a number of crypto exchanges have actually blocked US customers) and the IRS has even issued statements to the effect that capital gains resulting from hard forks in cryptocurrencies are taxable income. (This is important, notably, as the US is also one of exactly two countries world wide that explicitly claims transnational tax jurisdiction on its citizens; income earned overseas above a certain threshold, as well as investment and securities income, is considered to be taxable even with expats, and literally the ONLY way to escape US jurisdiction in this regard is to renounce US citizenship overseas.)
e) Certain cryptocurrencies can, in certain circumstances, be seen as enough evidence of illicit activity to grant probable cause. (Monero, and especially the cryptocurrency components of Loki, could qualify--Monero is, alas, best known as a cryptocurrency that is designed to specifically obfuscate the source and destination of transactions (essentially using ring signatures as a sort of "signature tumbler" similar to bitcoin mixers and tumblers) and as a result has become the preferred cryptocurrency in many a darknet market.)
f) Monero and derivatives (due to the use of ring signatures and the nature of ring signatures relying on additional signatories being chosen at random from the blockchain) could potentially open up users to legal liability if a particular blockchain transaction is found to be linked to illegal activity (i.e. via a darknet market that law enforcement has taken over via warrant and which is being operated as a honeypot).
g) Onion-based routing in general (and particularly the implementation in Tor, which Loki is in part based on) is honestly best described as "Mixmaster but with transit and possibly exit/entry nodes"; there are functionally multiple ways in which a particular user can be traced via onion routing (including hostile transit/entry/exit nodes, browser vulnerabilities (which frankly are a regular problem), compromise of onion services (everything from a one-pixel tracker GIF that can log accesses by IP to overt and covert hostile takeover of the onion service itself for use as a honeypot), and so on. Tor (and in fact ALL low-latency anonymity networks) are also vulnerable to traffic analysis at exit and entry nodes, AS eavesdropping (if an exit and entry node happen to be on the same autonomous system "hop" in a BGP route), exit node eavesdropping (and in fact there is proof-of-concept of actual decrypting and MITM attacks on Tor exit nodes), traffic-analysis attacks, exit node blocks (to "herd" users to a compromised exit node or blocking access to known exit nodes), "bad apple attacks" (specifically involving not only hostile exit nodes but attacks against tracker responses in one approach and distributed hash table tracking on the other--this is especially effective in tracking users of P2P apps like torrent applications), vulnerabilities in protocols used on onion networks (again, torrent apps are bad for this), DDoS attacks against nodes, a variant of Heartbleed, relay early confirmation attacks (effectively networks of hostile entry and certain types of transit nodes--there is speculation this has been used in some busts of darknet markets), specific fingerprinting of mouse movements, circuit fingerprinting (in that traffic is in fact identifiable during essentially the handshaking phase between a Tor client and hidden services to establish the hops between transit nodes), and vulnerabilities that exist universally across all anonymity networks including the possibility of compromise of sufficient nodes in a network by a particularly dedicated adversary such that effectively the entire network is compromised (Tor and related onion networks would only need about 40% of nodes to be compromised, possibly via zero-day vulnerabilities; there actually is a proof of concept this is possible via the experiments showing a Tor user could be deanonymized via relay early confirmation attacks). Some of the specific revelations from Snowden et al do reveal that at least some state actors (whom have also expressed that sites promoting white nationalist stochastic terrorism are targets of interest) do in fact actively research zero-day vulnerabilities in onion routing and actively exploit them.
h) Similarly to Monero, onion routing clients and servers do in fact serve as "red flags possibly indicating probable cause" to law enforcement; this is especially true with more obscure onion-routing protocols, particularly if combined with Monero-derived cryptocurrency like Loki is. Likewise, people running onion routing servers (not only entry or exit but transit nodes) do open themselves up to significant legal liability due to the specific types of traffic that do get passed on onion routed networks (including, but not limited to, CP--and no, claiming common carrier status will not save you).
i) Loki [attempts to implement a fix against a "Sybil attack"](https://docs.loki.network/Advanced/SybilResistance/) (the aforementioned "hostile takeover or compromise of a critical mass of the network infrastructure such that traffic analysis becomes trivial) but--both due to the small size of Loki's network versus more established networks and the actual network infrastructure changes in Loki itself--would not only make the network more vulnerable to a Sybil attack but would also open up new possibilities for attack. (In essence, Loki is functionally [a variant of Tor in which a Monero-like currency and the blockchain involved therein is used in part of the handshaking process; pretty much the ENTIRE approach is based on the equivalent of exit, entry, and transit nodes as well as onion service providers having to mine and/or have reserves of a Monero-forked cryptocurrency to do basic transactions](https://docs.loki.network/ServiceNodes/SNOverview/) in the hope that somehow a dedicated state actor (who has the resources to take over 30-40% of a network via zero-days) is not going to *also* have ways of getting large amounts of crypto to do the transactions; it also does not mitigate at all the *substantially more likely type of Sybil attack* in which the compromised nodes are operated as normal but traffic analysis is done on these nodes to trace operations, etc.) Sybil attacks are effectively non-mitigatable in the face of a Sufficiently Interested And Determined state-level adversary (completely aside from zero-days in onion routing tools or pseudonymous cryptocurrency, state-level actors can use vulnerabilities in the networking stack of an operating system, potentially other nasty forms of targeting like BGP hijacking to conduct AS eavesdropping, actual attacks on web servers/onion-routing clients/underlying applications, operating systems used to host the Loki service nodes, and even hardware and firmware before the OS stage and routers/switches transmitting/receiving network traffic...and that's before we get to the legal equivalent of Crowbar Cryptoanalysis in which the [friendly man from the three-letter agency hands the hosting provider (where a known entry/exit node for Loki exists) a nice FISA warrant and start operating it as a honeypot](https://www.dw.com/en/details-emerge-of-the-german-administrators-of-hansa-market-on-the-darknet/a-39804272), and proceed to do this with other exit and entry nodes until they get a critical mass of sources of intel).
In other words, any actually determined actor isn't going to *bother* buying shitloads of NotMonero or mining it--they're just going to hack and own the servers or seize them with a warrant and carry on business like usual while slurping up IP addresses and conducting traffic analysis with users none the wiser.
(Of particular note: This would still not save 8chan/kun/tan/nyan/sempai/(INSERT JAPANESE HONORIFIC OR DIMINUTIVE HERE). Pretty much [the preferred approach by law enforcement in dealing with darknets is in fact to effectively seize them at the hosting provider level via warrant and operate them as honeypots before letting the warrants fly](https://bitcoinist.com/darkweb-dream-market-now-a-bitcoin-payment-fbi-honeypot/); 8chan (before its shutdown) [actually has been the target of the specific type of FBI warrant](https://www.thedailybeast.com/poway-synagogue-shooting-8chan-served-search-warrant-for-alleged-shooters-posts-data-on-other-users) that tends to be served on a site before it becomes a honeypot, apparently [conducted the type of intelligence that explicitly is done against darknet markets before they are seized and turned into honeypots, and the FBI reportedly also did a forensic copy of the entirety of the servers](https://www.courtlistener.com/recap/gov.uscourts.casd.626722/gov.uscourts.casd.626722.1.0.pdf). It's precisely THIS why I laugh at...the trust inherent in Qultists re 8kun; literally the average user of a darknet drug market knows not to trust the sudden revival of a site because it's (likely) a law enforcement honeypot, and that's just people wanting to buy drugs online, not some supposed Rebel Alliance against what (per Qultist mythos) is a (potentially alien if not outright diabolic) reality-warping multinational Illuminati which has existed since the days of Babylon, has effectively unlimited resources due to being an International Shadow Government of Evil, and can literally gain superpowers by the consumption of drugs rendered from babies ritually raped and murdered in the name of Satan.)
j) The "Plan B" involves essentially creation of a fast-flux botnet (well, that certainly explains why they were looking at hosting at known Russian pink providers known for malware of this sort as well as the occasional gross BGP hijack of the sort that actually eventually got the prime ISP for the Russian Business Network cybercrime org effectively blackholed). Pretty much all of these are vulnerable to traffic analysis, also present substantial legal risks, and probably would be rapidly flagged as malware by antimalware apps (if they aren't already--this is likely a bit beyond the Watkins' pay grade, and I'd not be shocked to see them effectively turning to a Kelihos variant).
k) Pretty much going to a small, highly experimental onion network (that effectively operates as a mining pool for a Monero-derived cryptocurrency/crypto-token) rather than an established onion network or other anonymity network (like Freenet or I2P, both of which are smaller in use base versus Tor but have substantially larger userbases versus Loki) makes it pretty obvious the actual goal is mining crypto and eventually becoming a cryptocurrency market player, considering the same article has noted 8chan's founders had worked on their own cryptotoken (which went absolutely nowhere, because in general cryptocurrency being required for basic things like posting on an imageboard is Not Going To Be Popular--yeah, they pretty much were promoting it for access to a specific subsection of 8chan with a Very Anti-Semitic Nickname). Which leads to...
l) This effectively in toto means probably the main goal is for 8chan/kun/tan/nyan/sempai's owners to eventually monetize the site *de facto* and maybe get into cryptocurrency trading, which...well...one of the real downsides to crypto trading not being terribly well regulated in most countries is the fact that both cryptocurrency exchange heists (where most or all of the money from public wallets is stolen; a lot of the same Russian cybercrime gangs responsible for ransomware and botnet production and pharma spam are also responsible for cryptocurrency exchange heists) and outright exit scams (in which an unscrupulous operator of a crypto exchange shuts down and steals the cryptocurrency in people's public wallets). We wonder when the inevitable exit scam will occur, and have already prepared ourselves for the inevitable wailing and gnashing of teeth thereby.
Sorry I didn't manually delete anything. I had to come in and approve a comment- nothing I set up just something reddit decided on its' own.
If anyone has a comment or that doesn't get submitted try to "contact the moderators" or pm me. I might be slow getting to it anyways but at least I'll get an icon that gets my attention the next time I'm on reddit.