Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
GNU is Not Unix The Almighty Buck Bitcoin Privacy

Richard Stallman Speaks on Cryptocurrency, Blockchain, GNU Taler, and Encryption (libreplanet.org) 96

During a 92-minute presentation Wednesday on the state of the free software movement, Richard Stallman spoke at length on a wide variety of topics, including the need for freedom-respecting package systems.

But Stallman also shared his deepest thoughts on a topic dear to the hearts of Slashdot readers: privacy and currency: I won't order from online stores, because I can't pay them . For one thing, the payment services require running non-free JavaScript... [And] to pay remotely you've got to do it by credit card, and that's tracking people, and I want to resist tracking too.... This is a really serious problem for society, that you can't order things remotely anonymously.

But GNU Taler is part of the path to fixing that. You'll be able to get a Taler token from your bank, or a whole bunch of Taler tokens, and then you'll be able to use those to pay anonymously.

Then if the store can send the thing you bought to a delivery box in your neighborhood, the store doesn't ever have to know who you are.

But there's another issue Stallman touched on earlier in his talk: There is a proposed U.S. law called KOSA which would require mandatory age-verification of users -- which means mandatory identification of users, which is likely to mean via face recognition. And it would be in every commercial software application or electronic service that connects to the internet.... [It's] supposedly for protecting children. That's one of the favorite excuses for surveillance and repression: to protect the children. Whether it would actually protect anyone is dubious, but they hope that won't actually be checked.... You can always propose a completely useless method that will repress everyone....
So instead, Stallman suggests that age verification could be handled by.... GNU Taler: Suppose there's some sort of service which charges money, or even a tiny amount of money, and is only for people over 16, or people over 18 or whatever it is. Well, you could get from your bank a Taler token that says the person using this token is over 16. This bank has verified that.... So then the site only needs to insist on a 16-or-over Taler token, and your age is verified, but the site has no idea who you are.

Unfortunately that won't help if user-identifying age-tracking systems are legislated now. The code of Taler works, but it's still being integrated with a bank so that people could actually start to use it with real businesses.

Read on for Slashdot's report on Stallman's remarks on cryptocurrencies and encryption, or jump ahead to...
- Later during the question-and-answer session, Stallman was asked whether a GNU Taler account can be suspended or frozen? "No," Stallman answered. "Because it isn't really an account."


There are coins that carry signatures to show they're valid. But they're not associated with you. You're the one who happens to have them, but they're not in any way tagged as being yours, so there's no way to stop you from spending them.


- A later question asked Stallman's opinion on cryptocurrency and blockchain technologies -- and whether they could one day replace banking systems? "I don't think so," Stallman replied:


And there are things I don't like about cryptocurrencies -- the ones that are practical today. One is, I don't think it's good that the payee is anonymous, because that makes it easy to hide wealth and evade taxes -- and that is a tremendous global problem. You may have followed the news about scandals as data from banks are leaked -- various banks. (There was one in Switzerland recently, before that there was Panama, and I think there was some Caribbean Island.) And you find out people -- rich people -- are buying property in anonymous, secret ways so it doesn't get taxed, and essentially they get away with stealing it.

And some effort is being made to make that harder now, because Russian billionaires were discovered to be doing this -- of course, but it's not just them, it's billionaires from any country that want to impoverish the rest of society. So what we really need to do is change the legal systems that make it possible to own property and not tell the government who really owns it.

But aside from that, cryptocurrencies are not anonymous enough. With bitcoin -- you know, you don't have to say who a wallet belongs to, but all the transactions can be tracked, and so often someone can figure out -- because that information is all public -- who is the actual owner of that wallet.

Now with Taler, only the payer is anonymous. The payee has to identify itself for each transaction. And so Taler can't be used to hide wealth. However, Taler is really anonymous for the payer. The developers are quite confident: there's no way to figure out from Taler itself who made the payment. Now, if you're talking to a web site, you've got to check the rest of the system for purchasing to make sure it really is anonymous. Maybe you'll have to make the purchase through Tor. And of course, the site should not send any JavaScript, because JavaScript is a way to get more information.



- And finally, Stallman also had some thoughts about security, VPN apps and the larger world of encryption:


One area where we find a lot of threats is in the right to use encryption end-to-end. Well, there is something called the Digital Markets Directive in the European Union which requires interoperable encryption. In other words, various different services for communication would have to be able to use the same encryption method so that they could talk with each other end-to-end encrypted.

This is being called by commercial services a disaster -- but is it really? The services that offer end-to-end encryption to their users, through their own proprietary encryption software, can't be trusted anyway! You can never trust a non-free program! There's always somebody who's in a position to screw you over secretly. And it's very very hard for you to check. And that is true for any web site that does encryption, and sends software to your browser to do it -- the encryption and the decryption -- because that software is totally under the control of the site. People who study the issue of encryption say you should only be using free software to do that, because that way it can be studied carefully by experts to make sure it really works reliably, and safely. But in addition, when that program is free software, it means that no one company is in a position to do something nasty. Security, as we understand it, needs to include security against the developer of any program, and only free software can do that.

Well, that means you shouldn't be using encryption and decryption software provided to you in an app. Oh no. You have to use a free encryption and decryption program that's installed into your machine, so that all the various apps and sites can use it, and that way they can be interoperable. The solution for the interoperability is also the solution for your freedom. Let the user install the encryption program to use, and choose which one -- and then we can choose free encryption programs that work interoperably with all the sites.

Now, of course, it's not trivial to make sure things really turn out this way. We are probably going to have to push for it. But properly understood, if you understand what secure end-to-end encryption means, then you realize that it's the friend of interoperability. It's the friend of using the same secure, free encryption program for every service or communication program.
This discussion has been archived. No new comments can be posted.

Richard Stallman Speaks on Cryptocurrency, Blockchain, GNU Taler, and Encryption

Comments Filter:
  • by DarkOx ( 621550 ) on Monday April 18, 2022 @06:50AM (#62456054) Journal

    Expect they still do need to know who you are. Depending on where you live merchants have to ID you for purchases from everything booze, to cans of spray paint, motor fuel etc. Folks doing funds transfers have to know their customer etc.

    if you actually want to be able to do anonymous commerce inside anything resembling our current legal framework. (By the way no large commercial operators want this; so it WONT HAPPEN). Is some system of assertions by a trusted authority.

    IE you could go to SomeBank, that you have a relationship with. Some bank can issue you wither a wallet with some type of token in it or tokens directly that carry assertions (you'd select the ones required to minimize the information exposure) Somebank would verify them and issue the tokens. Assertions would be like (Lives in NY, Is over the age of majority, has not felony convictions, etc); then present the tokens to the merchant or pay out of the appropriately certified wallet.

    The merchant would than redeem the token at SomeBank. SomeBank of course has all the details but they *could* in theory be legally constrained against sharing them with other commercial entities. Dear old Uncle Sam should be alright with it because he can force SomeBank to data mine and flag you if it looks like you are trafficing opiates or buying to much diesel oil and nitrogen fertilizer for your .25 acre lot, don't seem reporting transactions at tax time etc.

    • by Anonymous Coward

      There is a difference between not being able to and not being allowed to. Everything "due to legal reasons" is in the latter category. Human laws are arbitrary (and often petty, ill-thought-out, and otherwise not very good at all), and so can (and often should) be changed.

      There's no reason other than petty politicians and whiny "law enforcement" why you couldn't come up with electronic cash that's actually really quite like physical cash. There are actually ways to prove you're old enough for booze or have

      • Re: (Score:2, Insightful)

        by dowhileor ( 7796472 )

        the problem is that it makes no sense to have a digital wallet in the first place. something that can be taken from you and cracked. banks are meant to hold your money for you then you gateway to that institution when a transaction is required. and you cannot trust any system that refuses to verify the at least that parties involved in a transaction are who they say they are. now, physical money has these problem but is still traceable if an institution chooses to do so and smaller denominations are too inc

        • by Anonymous Coward on Monday April 18, 2022 @07:43AM (#62456198)

          You're saying that it makes no sense for you to hold your coins so we just have to rely on some trusted third party to hold them for you. And then you can't trust them unless they distrust you enough to make you "verify" yourself. That makes even less sense twice over.

          In cryptocurrencies, he who holds the keys to the coins has the power to spend them. Most crytocurrency scams arise when you give those keys to an exchange and then the exchange "gets hacked" (someone, possibly the exchange themselves, absconds with the coins, either way, they betrayed your trust). No amount of "KYC/AML" ("dick pix" in the lingo) is going to protect you against that. If, on the other hand, you hold your keys yourself in some off-line safe place, it's just about as safe as physical cash held there. How safe is that? Well, that depends.

          But ask yourself, why do we use banks at all? Again, look at the history. It was more convenient for merchants to store their gold coins with a gold storing service and exchange the receipts around, than to get the gold out, give it to another merchant, and they'd put the gold right back in storage. But notice that these receipts were "to bearer", just like paper money. There's no verification bullshit going on there at all.

          So for you to insist that any time I want to give you money to you, both you and I need to be carefully vetted, why the fuck do you do that?

          That's only good for third parties, like the government, the taxman and the lawman both, or banks or other "transaction facilitators" who really quite like to take a cut from every transaction and then sell the aggregate (or not so aggregate) data to the highest bidder. Who am I kidding, to every bidder that meets their price.

          Again, why the fuck do you insist on being fucked over by third parties? "For your and our safety", my arse.

        • How is physical money traceable? Sure money through direct banking transactions, but a physical dollar you have no idea how may hands it went through to get to you. When you spend cash you do not need to know in the slightest who the person spending the cash is, just that they have the cash. On the merchant side I don't need to know the name of the sales person, or the CEO I need to have a level of assurance they are a legitimate business. I don't know who the person at the checkout is and if I made any sig

    • KYC for porn and booze maybe, but not for books or toilet paper FFS.
    • by swillden ( 191260 ) <shawn-ds@willden.org> on Monday April 18, 2022 @08:37AM (#62456328) Journal

      IE you could go to SomeBank, that you have a relationship with. Some bank can issue you wither a wallet with some type of token in it or tokens directly that carry assertions

      Did you read the summary? This is exactly what Taler proposes to provide. They used the example of age-bound tokens, but this could obviously be extended to any sort of assertion, or set of assertions.

      I see various problems with this scheme, but the point you raise isn't one.

      • by DarkOx ( 621550 )

        I did. What I am proposing is a more like a system to automatically get bank checks issued, with a set of endorsements on the back. RMS is creating something of much greater complexity that will only make it less likely to be adopted, harder to use, and far more likely to drop opposition from regulators.

        • Can you elaborate on the difference? The schemes seem identical to me, assuming the Taler exchanges are the banks.
    • by Kisai ( 213879 )

      Stallman is of course, full of it again.

      Sure, it's great that he wants to promote free software, but he comes at it with a "everything non-free is morally bankrupt and evil." Free software can be just as evil too. The right "free" tools in the wrong hands is how the internet went from being relatively free to a security nightmare for absolutely everyone involved in network engineering.

      The right answer is to not deal with crypto bullshit at all. This is a three-prong strategy.
      Your country or state rewards yo

      • Sure, it's great that he wants to promote free software, but he comes at it with a "everything non-free is morally bankrupt and evil." Free software can be just as evil too.

        Claiming that software being free is a necessary condition for that software not being evil is not the same as claiming that software being free is a sufficient condition for that software not being evil. Observing the latter claim being false doesn't refute the former claim.

        (I won't comment on the bad social science fiction in the rest.)

    • All this misses the point that the digital super powers have had decades to amass huge amounts of data about everyone of us. At this point they can cross reference that data thousands of ways so that they can identify you on a dark night with a sack on your head by your heart rate, or your stride, or your voice, etc, etc. The stable door has been open a long time and the horse has well and truly bolted. We have lost our imagined privacy and it ain’t coming back. All this talk of security tokens is jus
    • Except they don't have to know. You go into a store to buy alcohol and you look old enough pay by cash they don't know your name and really had no way to track you. With the internet sure they maybe able to find out via a photo but is relatively new tech and we go along well for a long time without it.

      The thing is a merchant only need to know enough and no more. For example an id that is for proof alcohol buying age only needs to a photo and state you are over a certain age, anything else in frankly none of

    • Depending on where you live merchants have to ID you for purchases from everything booze, to cans of spray paint, motor fuel etc.

      I have never been ID'd for the purchase of any of these items. So, depending on where you live, merchants might not need to ID you for purchases of pretty much anything. (The *only* possible exception I can think of is firearms and ammunition, but since you already prove your identity when obtaining a license from the state, doing the same in a gun shop when purchasing a firearm is basically an idempotent operation for the state.)

  • Gift vouchers (Score:5, Insightful)

    by VeryFluffyBunny ( 5037285 ) on Monday April 18, 2022 @06:56AM (#62456074)
    So Stallman's reinvented the gift voucher?
    • Cash. He's reinvented cash. Everything else requires software to process, and it's probably proprietary.

      Honestly, I got lost in that ramble. I don't know what his "perfect solution" is.

      • by AmiMoJo ( 196126 )

        It's neither cash nor a gift voucher.

        The key difference is that the bank has verified the token holder to some criteria, e.g. over age 18 or resident of that country.

        Cash and gift vouchers don't do that, so the user will be required to provide additional ID if they want to e.g. buy alcohol or engage certain services. Taler allows them to do it anonymously.

    • Re: (Score:3, Funny)

      by Tablizer ( 95088 )

      > Stallman's reinvented the gift voucher

      But it has a snazzy new name: "freedom voucher".

  • by abies ( 607076 ) on Monday April 18, 2022 @07:02AM (#62456088)

    He pushes for using GNU Taler, but from the Taler doc:


    For easier browser-side processing, we restrict some integers to the range that is safely representable in JavaScript. Subset of numbers: Integers in the inclusive range 0 .. (2^53 - 1).

    So, even if his baby gets adopter by the world (big 'if'), he will be in same position of not being to pay online, if he rejects javascript...

    • by bluegutang ( 2814641 ) on Monday April 18, 2022 @08:00AM (#62456238)

      He says he objects to "non-free JavaScript", not all Javascript. It seems like a somewhat strange objection to me (why isn't he equally concerned by non-free HTML?) but if Taler uses Javascript it's not the gotcha you think it is.

      • by taustin ( 171655 )

        He says he objects to tracking, then says we should all get Taler tokens from our banks, who are required by federal law to identify their customers and track everything they do.

        He really needs to get a grown up to proof read his screeds before he publishes them. It's embarrassing to see someone deteriorate that far.

        • He says he objects to tracking, then says we should all get Taler tokens from our banks, who are required by federal law to identify their customers and track everything they do.

          You must have missed the token blinding. Banks issue the tokens but blind signing means that no one can later link the issued token to the issuance process, and therefore to the user. I haven't looked hard enough into the scheme to figure out how it prevents double-spend, but this is well-trod ground so I'm sure they have that covered.

          There are problems with the scheme, but this isn't one of them.

          He really needs to get a grown up to proof read his screeds before he publishes them. It's embarrassing to see someone deteriorate that far.

          Hmm.

      • He discusses it here: https://www.gnu.org/philosophy... [gnu.org]

        I believe he is primarily concerned with the user's ability to modify the page. With most HTML, that's rather simple. With compacted javascript (or other problems), that's not so simple.

    • What makes you think Taler is rejecting Javascript? According to the quote you posted, they are restricting integer ranges specifically so they would be compatible with Javascript. 2^53-1 is the largest integer size in Javascript per the ECMA guidelines.

      • by abies ( 607076 )

        I have written this in confusing way. I meant rms rejecting Javascript, while Taler is explicitly catering for it. Replace his/he by rms in last sentence.

    • by splutty ( 43475 )

      The fact that Taler is designed to work with Javascript does not in any way imply that Taler requires Javascript to work.

      Like 99% of ALL Javascript on 'the web' right now is not required, or even useful.

    • by AmiMoJo ( 196126 )

      He rejects non-free JavaScript, so as long as they use GPL code he will accept it.

  • by bill_mcgonigle ( 4333 ) * on Monday April 18, 2022 @07:05AM (#62456098) Homepage Journal

    He obviously never studied economics. Maybe some fantasy Marx version.

    I wish he would get back to what he does well. Emacs could use some work.
     

    • by e3m4n ( 947977 ) on Monday April 18, 2022 @07:18AM (#62456124)
      Look, RMS is a bit extreme, sure. Back in the 90s we would ask where his tinfoil hat was. Then around 2010 we began to learn just how much Facebook and Google were working with the government to spy on us. The Vault7 files got released, Snowden releases data and has to flee the country. After that I figured maybe a few RMSs hanging around might be good for privacy.
      • by redback ( 15527 ) on Monday April 18, 2022 @07:26AM (#62456148)

        We need people at the extreme to push us into the center.

      • Right, you can't fault his core privacy values but it lacks universality and it can't work that way. He wants privacy for a select few, the so called public, but not for anyone outside of the nebulous "public". If you're rich you don't get to participate, if you're a business you don't get to participate. Enforcing that requires strong, overly strong, government, with guns, jails, and lethal injections.

        • by jythie ( 914043 )
          This gets to the core problem with such extreme views. He wants freedom, he does not want other people to have freedom when it might conflict with his own. He does not want other people deciding if they want to do business with him, just him deciding what they must do in order to do business with others. Framed another way, he views freedom as a form of power, and that the problem is not power should decide things, but who should have power and who should not. He does not with to solve a problem, but in
      • by jellomizer ( 103300 ) on Monday April 18, 2022 @07:56AM (#62456226)

        In many stories, the villain, isn't really supporting an Evil Ideology, However they are so Fixated on the negatives of other ideologies, and only focuses on the good parts of his ideology. That they will do really bad things to push their ideology. (in the Marvel Movies, Thanos sees Over Population a problem, and is fixated on that. So his goal is to kill half of the population. Now this in itself creates a lot of problems, including how fast the population can double if needed, but also how a lot of the problems that overpopulation had caused, cannot be fixed with less people working on them)

        I am not trying to say RMS is a villain, but he is an extremist who is unwilling to look at the bigger picture of the problems. Yes is has been correct about privacy, and other profit motivated technologies. However, he is also ignoring how we now have access to a wealth of information that we never had before, and able to communicate with people from around the world with all walks of life. All because these companies found a way to make it profitable, where before it was just a tool for the few privileged, because of the expense of sharing your information was high, (early 1990's internet, your most information that you usually got, was access to colleges Card Catalogs, and able to request books being sent to your library, and some random undergrad or grad-school research paper on a topic). RMS life style is not a suitable model for a civilization, and we need companies to make money and grow, so we can have jobs and be able to have access to products. Progress without profit, is usually very slow progress. I don't like it, but it is the way it has to work.

         

        • by The Evil Atheist ( 2484676 ) on Monday April 18, 2022 @08:56AM (#62456376)
          What of RMS's philosophy on copyright has been extreme?

          Look at the FSF's FAQ about GPL, it is entirely big picture, and not extreme at all. There's a lot of pragmatic discussion.

          BSD ideology, on the other hand, IS extreme. Freedom at all costs, including the freedom for some to trample on the rights of others.
          • The GPL is fine as a Copyright philosophy, however it has an issue that it works best when it would be the only Copyright license. However real live it isn't a one size fits all in terms of Copyright needs.

            The GPL greatly reduces the Business models available to open source software, and put those who incorporate GNU software at a possible legal risk. In which organizations who may have the funds and resources to help expand and grow the GPL program, to avoid it and focus on their own development, or use

            • The GPL greatly reduces the Business models available to open source software, and put those who incorporate GNU software at a possible legal risk.

              On the contrary, the GPL greatly increases the number of business models available to open source software, because it allows for dual-licensing.

            • however it has an issue that it works best when it would be the only Copyright license. However real live it isn't a one size fits all in terms of Copyright needs.

              Not true. I don't know where you get this idea from. Sounds like something you just made up ad-hoc, or just something you believe because other people said it in emotive terms. Like I said - read the FSF GPL FAQ. They very pragmatically don't think there should be one license. The fact that they maintain a list of GPL compatible licenses means that they don't see GPL as the only valid licensing option. The BSD licenses are completely advertized by the FSF to be compatible with GPL.

              On the other hand, it i

          • What of RMS's philosophy on copyright has been extreme? Look at the FSF's FAQ about GPL, it is entirely big picture, and not extreme at all. There's a lot of pragmatic discussion. BSD ideology, on the other hand, IS extreme. Freedom at all costs, including the freedom for some to trample on the rights of others.

            If you're "pro-freedom", but only as long as it is used in ways you approve of, then you're not pro-freedom at all, you're just as much of an authoritarian asshole as everyone else.

            • The GPL only prevents you from removing the rights that you yourself had when receiving the code. The GPL does not place limits on any other kind of usage.

              Just like in real life, we take away people's rights to murder. Are you going to claim that people should have the right to take other people's rights to live for ultimate freedom?

              This is the kind of nonsensical extremist ideology of freedom that I'm talking about.
        • In many stories, the villain, isn't really supporting an Evil Ideology, However they are so Fixated on the negatives of other ideologies, and only focuses on the good parts of his ideology. That they will do really bad things to push their ideology.

          I would argue that their evilness derives from the fact that they want to force other people to go along with their plan. So "cut the population in half" is not inherently evil (lots of people agree with it), but forcing the implementation is evil. Likewise, a philosophy like "I want to be rich" is fine, many people have it, but when you force other people to obey your will to make it happen, that is evil. Finally, merely forcing someone to obey your will (a slaveholder), even if there is no other reason be

        • by ediron2 ( 246908 )

          " we now have access to a wealth of information that we never had before, and able to communicate with people from around the world with all walks of life. All because these companies found a way to make it profitable, "

          That's the dumbest thing I've ever heard. Internetwork communication didn't need to be monetized to succeed. From bangpaths to fidonet and academic connections, communication happened without commerce. It still does, if one strives to avoid commercial providers.

    • by Anonymous Coward

      He obviously never studied economics. Maybe some fantasy Marx version.

      I wish he would get back to what he does well. Emacs could use some work.

      Linking /usr/bin/emacs to /usr/bin/vi is all the work that is required.

    • I wish he would get back to what he does well. Emacs could use some work.

      He's been proven correct on almost every digital rights issues.

      On the other hand, RMS has always been noted as a poor developer, poor technical director, and poor community manager.

      • RMS has always been noted as a poor developer

        Does that include the period where he was single-handedly keeping up with the whole team at Symbolics when porting their features to LMI out of spite?

  • by Smidge204 ( 605297 ) on Monday April 18, 2022 @07:09AM (#62456104) Journal

    It's a digital transaction, right? Which means there must be some mechanism to verify that you actually have sufficient {asset} to complete the transaction. That means you have an account and a third party that the seller trusts to give them truthful information about the contents of that account.

    In this specific case, the "account" are digital wallets managed by an "exchange." Buyers and sellers interact with the exchange to arrange the transfer of funds from one digital wallet to another, and the exchange is responsible for tracking the actual underlying monetary value, with the funds in an escrow account ready to be withdrawn/converted when the buyer wishes to cash out of the system.

    So the exchange is able to track who the buyer is. It needs to, in order to ensure the buyer actually has the money to give to the seller. This is not anonymous, it's just obfuscated... and if anyone should know the real world value of "security through obscurity" you'd think it'd be the open source community...
    =Smidge=

    • Obscurity in the modern age isnt so obscure anymore. Look at the controversy of Meta Data even as far back as protect carnivore. With enough data samples they can figure out who the hell you are.
    • > https://taler.net/en/faq.html [taler.net]

      Blind signatures of coins. So yeah, the potential for tracking is there.
      OTOH if you go through a cash-> taler coin exchange, unless it explicitly asks for your ID, the tracking risk is quite minimal.

      • by taustin ( 171655 )

        If they banks can't track you, their participation would be illegal under current laws.

        Stallman is a whackadoodle nutcase, and always has been, and always will be.

        I can't help but wonder if he's got some financial interest in Taler.

        • > If they banks can't track you, their participation would be illegal under current laws.

          Then how does that work with cash? This is a serious question, as I know nothing about financial laws pretty much anywhere... And I pay cash almost all the time.

          I know there are some artificial limits on cash transactions, and it is up to the merchant to enforce them. Same story with this. Just define these coins as cash, impose same limit, and you're no worse off than before.

          • Once you take the cash out of the bank, it's not the Bank's problem anymore. They track the cash as it comes in and out of your account, and can report on anything that triggers certain criteria (e.g. amount thresholds, suspicious transactions etc) but that's it.

            The thing is, though, with Taler there is an actual, traditional bank handling the money behind the curtain. You can't "define the coins as cash" because they don't physically exist and require a digital processing component. Cash is anonymous becau

            • The tokens work exactly like u described cash - bearer instruments with no memory of who owned them earlier. Simpler way to understand - there's this usb stick called opendime. You put a new bitcoin wallet on it (basically just the private key that will decrypt said wallet) and out say $100 on it. Then instead of transacting online you physically give the usb key to someone and get $100 worth of stuff from them. So the transaction is NOT on the blockchain. There is no txn as.per the blockchain. You sorta
          • by taustin ( 171655 )

            Banks, and most retailers, if you ask politely, will exchange cash for other cash and not give a damn about who you are.

            But it is illegal for a bank to open an account for you without verifying your identity in various ways. What Stallman is shilling for hits into those laws, and banks have security cameras. Lots of security cameras.

          • You can only get cash from a bank if you either have an account with them which means they identify you, or if you bring an instrument like cheque, payorder etc from their account holder in which case they can identify him (and govt can beat him up so he gives up your info. Presumably) Once you have taken out cash you may pass it on to someone against good services or gold etc (which for formal businesses means they are identifies for tax vat etc. For low volume low frequency or small individual transact
    • No you have got it wrong. Zero knowledge proofs and blind signatures enables you to not have any central exchange type of figure. You get a digitally signed token issued by some bank and u gove to to some seller who cerified the banks signature and that's all. The on-ramp where u buy such tokens from a bank by paying cash is more of a weak point as in you would usually prefer to pay from your bank account rather than physically go to the bank. But if u need anonymity you CAN buy with cash. On top of that si
  • by zerosomething ( 1353609 ) on Monday April 18, 2022 @07:31AM (#62456164) Homepage

    Stallman has a particular ideology that is completely alien to how people actually interact with each other and he'd like to require everyone to use and that ideology when transacting. This is no different, at its core, then those that want to track your every move. Tracking the vendor is just as much a broken philosophy as tracking the purchaser and it's a dead end. Before crypto, credit cards, banking rules, etc all exchanges for goods were essentially anonymous and we've traded that away for convenience. There is no crypto, not even Taler, that can get us back to that systems. Taler is just another way to exchange goods and services that's half backed.

    • by Bert64 ( 520050 )

      They were not anonymous at all, you generally had to turn up in person and hand over physical goods or cash where you will be witnessed by the party you're trading with at the very least.

      • True but neither of you have to show an ID.

        • by Shinobi ( 19308 )

          Only in the shadier areas. Open trade heavily relied upon personal knowledge, personal reputation, contact networks, letters of introduction, letters of credit etc. Basically, doing everything to establish an identity that could be verified, for trust reasons.

    • Before crypto, credit cards, banking rules, etc all exchanges for goods were essentially anonymous and we've traded that away for convenience.

      Sort of, maybe, but putting aside modern tracking stuff like having your purchase history profiled, knowing something about who you're doing business with has always been the default. Like for the most part you handed another human being your money and mailing envelopes of cash never became the predominant form of exchange for anything legal. Before credit cards, checks weren't anonymous. What you bought at the corner store with cash wasn't ever really anonymous. What crypto promises to bring us back to

    • Ya the biggest problem with such solutions or with CBDCs (this is a type of CBDC categorized as public-private-partnership CBDC if u read the US gov whitepaper on e-dollar or some such name. It's not by the Fed by by secy of finance I think) is that there is NO problem they are solving AT ALL, except govt alternative to crypto currency like the digital rmb meant to reduce the $ trillion transaction volume in cryptos) All fiat currencies are already digital and with way better efficiency than crypto. USP o
  • by NotEmmanuelGoldstein ( 6423622 ) on Monday April 18, 2022 @07:57AM (#62456230)
    "KOSA would require the following:
      • A new legal duty for platforms to prevent certain harms: KOSA outlines a wide collection of content that platforms can be sued for if young people encounter it, including “promotion of self-harm, suicide, eating disorders, substance abuse, and other matters that pose a risk to physical and mental health of a minor.”
      • Compel platforms to provide data to researchers
      • An elaborate age-verification system, likely run by a third-party provider
      • Parental controls, turned on and set to their highest settings, to block or filter a wide array of content"

    "And in order to avoid liability for causing the listed harms, nearly every online platform would hide or remove huge swaths of content. And because each of the listed areas of concern involves significant gray areas, the platforms will over-censor to attempt to steer clear of the new liability risks. "

  • Not sure how he thinks buying something and having it shipped to you has any level of anonymity.
    • Came to say this - wait until he finds out they want your address to send your what you bought.

    • Actually. I can imagine a process. The token you use to purchase the item could have an encrypted address with it. Print that encrypted address on the package and enter it into the shipping system. Then shipping system takes the package and routes it. The vendor doesn't get the address but the shipper does but even that could be kept encrypted. It's a lot of code and complexity, it could be made fully anonymous but the simplest process, and cheapest, isn't this.

      • If the vendor can't know the address, how would they respond to customer complaints of "My package wasn't delivered". The customer knows his address, but not his encrypted address; the vendor knows the encrypted addresses but not the actual addresses.

      • Isn't there a key management problem in this? If the shipper has a static key it will quickly copied by third parties and thence to the public in short order. If there are per-shipment keys you have a key management nightmare.
  • Suppose there's some sort of service which charges money, or even a tiny amount of money, and is only for people over 16, or people over 18 or whatever it is. Well, you could get from your bank a Taler token that says the person using this token is over 16. This bank has verified that.... So then the site only needs to insist on a 16-or-over Taler token, and your age is verified, but the site has no idea who you are.

    Then suppose somebody learns they can resell these Taler tokens for a hefty profit to people under 16. It will happen. If 16 year olds can get their hands on alcohol and drugs, they can get their hands on Taler tokens. So your age is not verified, precisely because the site has no idea who you are, because the tokens aren't linked to you. Problem NOT solved.

    • Or, even if the assertion tokens are non-transferable, and can only be presented from your digital wallet as proof of whatever condition the token asserts, it only addresses the widespread reselling of assertion tokens -- if the transactions with the banking institutions don't care what wallet you're making transactions into, then the system can't prevent you from using someone else's wallet to obtain an assertion token, which they would be able to use as you describe, since the assertion token would simply
  • Government issued public/private key pairs could solve so many problems on the internet. Why is no one talking about this?

    • You're right. That would be amazing. However, do you think the government agencies recently revealed to have been snooping on as much internet traffic as possible want some other branch of the government to enable widespread use of strong asymmetric crypto with a solid chain of trust?
      • I don't think a government issued key pair would make private communications any easier or harder, necessarily. My thought is that this is a thousand times better than a social security number, drivers license number, passport, etc.

    • If someone issues you a private key, it isn't private. You have to generate the key pair yourself and then register the public key with the key authority. You must never ever share the private key with anyone.
      • That's very true. But even if the government generated the private key (which doesn't seem necessary) it would be a major upgrade for identity management. Goodbye bots, goodbye identity theft. So long, revealing your social security number to dozens of doctors, employers, and others.

  • ... of a new black market.

    That is all.

  • It's a digital version of banker's cheque /demand draft which earlier used to be beater instruments so were exchanged in the market just like cash
  • It is already possible, and they are called "gift cards"

    Buy Amazon gift cards from CVS with cash, order online to local seven-eleven store, pick it up from there.

    Of course you would be on camera at both CVS and 7/11, but other than that, there would be no digital tracking.

  • To be honest, I don't think that with services like https://4irelabs.com/smart-contract-audit/ [4irelabs.com], it'll be hard for people to come up with a secure crypto wallet, and it'll be just as safe as the token you're talking about. In general, the blockchain technologu has a pretty promising future, and I'm sure that it won't take long before even companies start using it as a payment method.
  • Today, the use of crypto in everyday life is not so common and that is why it does not matter to me as a small business owner in sales. I'm more worried about things like fees and taxes. By the way, if you do not want to pay fees for card processing, then I advise you to merchant account [merchantindustry.com] from the best company.

You know you've landed gear-up when it takes full power to taxi.

Working...