hetzlemmingsworld

joined 1 year ago
MODERATOR OF
session
sorted by: new top controversial old
OPSEC question for exchanging XMR in c/monero@monero.town
[–] hetzlemmingsworld@lemmings.world 3 points 2 days ago

Some of your questions may be answered in the topics:

Maybe you should edit your post and explain in greater detail what is "instant exchange", how you would use it, which data you would provide to them.

Who the (heck) put ads in my proton pass in c/protonprivacy@lemmy.world
[–] hetzlemmingsworld@lemmings.world 7 points 3 days ago* (last edited 3 days ago)

My Pass desktop app (which shown an offer for Proton Duo) does not have such option. But the frequency of the popups does not bother me significantly and it is sometimes useful. I am Unlimited user.

Proton Pass on Linux forgets settings and ask on every launch/startup in c/protonprivacy@lemmy.world
[–] hetzlemmingsworld@lemmings.world 1 points 3 days ago

#Issue no longer happens:

OP is here. I do not know why, but now several times Pass remembered my settings. I suspect that I have used password for the 1st time to login Pass app, before I remember only scanning a QR code from my other device. Maybe that prevented the issue described in leading original post.

Proton Pass on Linux forgets settings and ask on every launch/startup in c/protonprivacy@lemmy.world
[–] hetzlemmingsworld@lemmings.world 2 points 1 week ago

Just a wild guess, but does it use your system keyring for credential storage?

$ dpkg-deb -I proton-pass_1.32.6_amd64.deb|grep -E "key|xts|sec"

 Section: utils
 Depends: libgtk-3-0, libnotify4, libnss3, libxtst6, xdg-utils, libatspi2.0-0, libdrm2, libgbm1, libxcb-dri3-0, kde-cli-tools | kde-runtime | trash-cli | libglib2.0-bin | gvfs-bin
 Suggests: gir1.2-gnomekeyring-1.0, libgnome-keyring0, lsb-release
  Open-source and secure identity manager.

applications in auto-start may query this service before it’s up

I have been starting Pass manually couple of minutes after booting, so this should not be the problem. I do not know why, but now several times Pass remembered my settings. I suspect that I have used password for the 1st time to login Pass app, before I remember only scanning a QR code from my other device.

abandonne #Linux 32 bits en 2025 : fin d’une époque in c/firefox@lemmy.world
26
Proton Pass on Linux forgets settings and ask on every launch/startup (lemmings.world)
 

I am downloading a .deb file from https://proton.me/download/PassDesktop/linux/x64/ProtonPass.deb and running it on Debian 13 (with KDE desktop environment, X11) app launcher menu which has:

Program: proton-pass

Command-line arguments: %U

Always when i run it (after it has been completely shutdown, no tray area icon)

it asks for selecting theme, setting protection for automatic locking, downloading phone app. So it is very annoying. Happens long time for all previous Pass and Debian versions I have tried.

What to try to fix this?

Lumo: the least open 'open' AI we've seen in c/protonprivacy@lemmy.world
Lumo: the least open 'open' AI we've seen in c/protonprivacy@lemmy.world
Monero appears to be in the midst of a successful 51% attack in c/monero@monero.town
[–] hetzlemmingsworld@lemmings.world 1 points 1 month ago (1 children)

I have seen that at same time the https://miningpoolstats.stream/monero shown a 42% (not 51%), so I would rather trust that 42% number (it can not be faked?).

I have started mining monero, you too, you can ;) in c/monero@monero.town
[–] hetzlemmingsworld@lemmings.world 2 points 1 month ago* (last edited 1 month ago) (1 children)

I think that you are wrong. My source is https://xmrig.com/benchmark/ Go somewhere to the middle of the page (to get rough middle performance CPU). For example I can see: 984 Intel® Core™ i5-10500T CPU @ 2.30GHz (6 threads CPU). I click it and mean hashrate is 1839. Divide that by 3, you have 613 hashes.

I have started mining monero, you too, you can ;) in c/monero@monero.town
[–] hetzlemmingsworld@lemmings.world 2 points 1 month ago (1 children)

it’s practically free to run the miner

I mostly agree, except no PoW mining is free. It requires to pay electricity, which is obvious.

Monero appears to be in the midst of a successful 51% attack in c/monero@monero.town
[–] hetzlemmingsworld@lemmings.world 2 points 1 month ago* (last edited 1 month ago) (3 children)

According to the attacking pool statistics (can be wrong and faked), their pool reeched 51% of the XMR hashrate, but at same time, https://miningpoolstats.stream/monero shown a 42% share of that pool. So the difference is pretty big. I would rather trust that 42% number (it can not be faked?). We should mine and do not promote that selfish mining pool.

I have started mining monero, you too, you can ;) in c/monero@monero.town
[–] hetzlemmingsworld@lemmings.world 1 points 1 month ago* (last edited 1 month ago) (6 children)

1/3 of the regular CPU resources is around 1000 hashes per second according to my calculation. We would need 1 million such users to produce 1 gigahash per second. The 51% attack currently needed around 3 gigahash per second.

1
Unable to subscribe to a RSS feed of the Lemmy home instance homepage (https://lemmings.world ) (lemmings.world)
 

When i click a RSS reader icon on the homepage https://lemmings.world/ then the URL is like https://lemmings.world/feeds/front/......long string here.....xml?sort=Active and it triggers a download, not display of my Firefox-ESR RSS reader extension (called "Brief"). Other RSS feed like one linked from sub-lemmy https://lemmings.world/c/protonprivacy@lemmy.world is displayed properly.

When I click a Brief icon in address bar of a https://lemmings.world/, then I get correctly subscribed.

When I compare subscribed feed URL with the URL of the on-page button, they are identical.

How this issue can be fixed?

20
Proton.me will accept Monero for a VPN payments by the end of this Summer (2025) (protonmail.uservoice.com)
 

Proton.me: "We will be adding Monero as a payment option for our VPN plans by the end of Summer 2025. Source: https://x.com/davidgpeterson/status/1941500514803548636" https://protonmail.uservoice.com/forums/935538-accounts-payments/suggestions/33188971-monero-payment-option

8
Proton Pass as a storage for a very sensitive data in readable format? (lemmings.world)
submitted 4 months ago* (last edited 4 months ago) by hetzlemmingsworld@lemmings.world to c/protonprivacy@lemmy.world
4 comments fedilink
 

For example cryptocurrency wallet seed phrase. One can add it to the notes field (password field is occupied by my wallet password).

I can also add new field of type "hidden" to the login entry, where i need to click eye icon in order to reveal the content.

Beside login items, there are also Notes items, which does not seems to feature hidden field.

I assume that in terms of security all field types (password, note) and all entries (login, note) are equally secured.

But the field which is not password or a hidden note of the login item, are more vulnerable due to someone look behind your back or due to a computer client-side scanning (spyware third party or built in OS made to screenshot ones screen)?

What is your suggestion on storage of a super-sensitive data like crypto. wallet seeds?

3
How to avoid duplicity caused by retweets on X? (lemmings.world)
 

When I am following a person A on social network X and person B retweets person A post, it means that on my timeline is that post 2 times, a duplicity. How can i fix this issue in X settings, if that is possible?

1
X/Twitter: My comments/replies gets no reactions/likes - Am I shadowbanned? (lemmings.world)
submitted 8 months ago* (last edited 8 months ago) by hetzlemmingsworld@lemmings.world to c/twitter@lemmy.world
0 comments fedilink
 

On my years old free X account, I have been active in last days posting replies to other people (important politicians which gets many replies to their posts) comments (I mean politician posts, other person reply it and I reply to this reply), me adding around 30 replies in maybe 36 hours.

Interesting is that after these few days, when I go to https://x.com/me/likes I can not see a single like or a reply, yet my replies were thoughtful and opposing other people opinion. I have used secondary browser where I am not logged-in (Tor browser) to check couple posts if I can see my replies and I could see it. When I have been last active on X, before around 7 months, I see that I have got a reply to my comment.

On my recent comments, I can see a button with a vertical bars (like an analytics), yet it says that something went wrong, when I click it. Maybe some of my browser extensions blocks it.

In recent days, I have changed my account important/security settings and X not allowed me to change my email/password. Also my comments usually contains one or even two links to prove my claim, so that may also looks spammy.

Shadow ban? I have checked https://hisubway.online/shadowban/ and https://taishin-miyamoto.com/ShadowBan/ with no problem detected.

https://help.x.com/en/forms does not show any relevant contact category where I would ask. Any idea what to try please?

3
UnstoppableSwap makers offers currently too expensive service with 3% rates markup/fee (lemmings.world)
submitted 9 months ago* (last edited 9 months ago) by hetzlemmingsworld@lemmings.world to c/monero@monero.town
5 comments fedilink
 

https://unstoppableswap.net/ / https://github.com/UnstoppableSwap/core makers (i do not mean a SW developers, but swap providers) seems to have swap markup (assuming a fee) of around 3% which is too expensive and along with the limits on amount of traded coin pretty unusable IMO. Am I missing any makers or source for it which allows near zero fees/markup? Why such makers are not available (by default)?

I am currently using RetoSwap https://github.com/retoaccess1/haveno-reto which allowed me to place and complete the BTC and ETH exchange to XMR at 0% fee. (only paying regular Monero tx fee for a temporary custody)

How to setup an UnstoppableSwap maker? Is it this https://github.com/UnstoppableSwap/core/blob/master/dev-docs/asb/README.md . I do not see any easy to understand tutorial for layman which would tell me the requirements (evaluate the cost) + be easily understandable.

14
Is it wise to whitelist OR allow many sites storing cookies? (lemmings.world)
 

When You enable removal of all cookies upon web browser restart, is it wise to exempt tens of sites by adding them to the exception/allowed list:

about:settings#privacy -> Cookies... -> Manage exceptions "You can specify which websites are always or never allowed to use cookies and site data."

i am constantly bothered by the Stack Exchange Network which constantly keep me logged-out and when i login, it redirect me to a homepage instead of a previous page, when i go back, it shows as logged out, so i have to F5 the page. And this constantly repeats.

Am I rendering my attempt to reduce tracking near pointless by allowing many sites like Microsoft's Github, Stack overflow etc. to permanently store the data incl. cookies?

8
How to achieve good anonymity with Monero? My current layman conclusion from other people suggestions (lemmings.world)
 

cross-posted from: https://lemmings.world/post/12787893

  1. SEPARATE MONERO ACCOUNTS - For privacy reason, organize own funds into accounts like “cash”, “work”, “trading”, “mining”, “donations”, etc.. And in order to later combine these individual accounts funds, sweep/withdraw each of the account balance the way, that you do NOT sweep/withdraw multiple accounts balances in a single transaction, but one transaction per account. Feather wallet may do this thanks to its "Coin control" functions? Source: https://getmonero.dev/public-address/subaddress.html ; https://docs.featherwallet.org/guides/features

  2. WAIT/AGE XMR AFTER RECEIVING IT - After receiving Monero (XMR) from a 3rd party, wait some time (a few hours to a few days)

  3. CHURN/MIX XMR BY SENDING IT TO OTHER OWN ACCOUNT - Churning/mixing means to send your Monero/XMR to a different account/wallet in order to make it harder for others to track you: "So after 1 churn, there is a 1 in 16 chance (6.25%) that this transaction is yours. After 2 churns, it is a 1 in 16x16 = 1/256 = 0.39% chance that the final output of the route is yours. After 3 churns, 1 in 16x16x16 = 1/4096 = 0.0244%".

    A) Send your entire (or part of) your account's balance to a different account/wallet of yours, such secret destination account won't be used for receiving 3rd party XMR (only yours).

    B) Send your entire account's balance to same account (its own address - self). In case you would send partial, you would mix churned outputs with non-churned making your anonymization effort more or less pointless.

  4. WAIT/AGE CHURNED/MIXED XMR AGAIN

  5. CHURN/MIX AGAIN BY SENDING TO SELF OR 3RD PARTY - In order to decrease chance (from above mentioned 6.25% to 0.39%) of output being attributed to you. When having various Monero accounts for various purposes (e.g. "work", "home"), possibly churn 2x before "merging" XMR from multiple accounts of yours, example: KYC'ed 3rd party -> MyWork -> MyWork2nd ......... 3rd party -> MyHome -> MyHome2nd -> MyHome3rd -> MyWork2nd

FAQ: Why it is not pointless to send Monero from/to self, meaning same account? Because sending to same account is effective in decreasing the chance of a transaction being traced (attributed to you), since "there is no way to see the address" and other person says "You can send to yourself as many times as you want, without anyone knowing you're actually doing it. Every such transaction (called "churn") puts you in a bigger crowd of possible senders." and another person claims similar "churn to your own wallet, as it is not possible to link the output to the wallet".

3
How to achieve good anonymity with Monero? My current layman conclusion from other people suggestions (lemmings.world)
 

cross-posted from: https://lemmings.world/post/12787871

  1. SEPARATE MONERO ACCOUNTS - For privacy reason, organize own funds into accounts like “cash”, “work”, “trading”, “mining”, “donations”, etc.. And in order to later combine these individual accounts funds, sweep/withdraw each of the account balance the way, that you do NOT sweep/withdraw multiple accounts balances in a single transaction, but one transaction per account. Feather wallet may do this thanks to its "Coin control" functions? Source: https://getmonero.dev/public-address/subaddress.html ; https://docs.featherwallet.org/guides/features

  2. WAIT/AGE XMR AFTER RECEIVING IT - After receiving Monero (XMR) from a 3rd party, wait some time (a few hours to a few days)

  3. CHURN/MIX XMR BY SENDING IT TO OTHER OWN ACCOUNT - Churning/mixing means to send your Monero/XMR to a different account/wallet in order to make it harder for others to track you: "So after 1 churn, there is a 1 in 16 chance (6.25%) that this transaction is yours. After 2 churns, it is a 1 in 16x16 = 1/256 = 0.39% chance that the final output of the route is yours. After 3 churns, 1 in 16x16x16 = 1/4096 = 0.0244%".

A) Send your entire (or part of) your account's balance to a different account/wallet of yours, such secret destination account won't be used for receiving 3rd party XMR (only yours).

B) Send your entire account's balance to same account (its own address - self). In case you would send partial, you would mix churned outputs with non-churned making your anonymization effort more or less pointless.

  1. WAIT/AGE CHURNED/MIXED XMR AGAIN

  2. CHURN/MIX AGAIN BY SENDING TO SELF OR 3RD PARTY - In order to decrease chance (from above mentioned 6.25% to 0.39%) of output being attributed to you. When having various Monero accounts for various purposes (e.g. "work", "home"), possibly churn 2x before "merging" XMR from multiple accounts of yours, example: KYC'ed 3rd party -> MyWork -> MyWork2nd ......... 3rd party -> MyHome -> MyHome2nd -> MyHome3rd -> MyWork2nd

FAQ: Why it is not pointless to send Monero from/to self, meaning same account? Because sending to same account is effective in decreasing the chance of a transaction being traced (attributed to you), since "there is no way to see the address" and other person says "You can send to yourself as many times as you want, without anyone knowing you're actually doing it. Every such transaction (called "churn") puts you in a bigger crowd of possible senders." and another person claims similar "churn to your own wallet, as it is not possible to link the output to the wallet".

-1
How to achieve good anonymity with Monero? My current layman conclusion from other people suggestions (lemmings.world)
 

  1. SEPARATE MONERO ACCOUNTS - For privacy reason, organize own funds into accounts like “cash”, “work”, “trading”, “mining”, “donations”, etc.. And in order to later combine these individual accounts funds, sweep/withdraw each of the account balance the way, that you do NOT sweep/withdraw multiple accounts balances in a single transaction, but one transaction per account. Feather wallet may do this thanks to its "Coin control" functions? Source: https://getmonero.dev/public-address/subaddress.html ; https://docs.featherwallet.org/guides/features

  2. WAIT/AGE XMR AFTER RECEIVING IT - After receiving Monero (XMR) from a 3rd party, wait some time (a few hours to a few days)

  3. CHURN/MIX XMR BY SENDING IT TO OTHER OWN ACCOUNT - Churning/mixing means to send your Monero/XMR to a different account/wallet in order to make it harder for others to track you: "So after 1 churn, there is a 1 in 16 chance (6.25%) that this transaction is yours. After 2 churns, it is a 1 in 16x16 = 1/256 = 0.39% chance that the final output of the route is yours. After 3 churns, 1 in 16x16x16 = 1/4096 = 0.0244%".

    A) Send your entire (or part of) your account's balance to a different account/wallet of yours, such secret destination account won't be used for receiving 3rd party XMR (only yours).

    B) Send your entire account's balance to same account (its own address - self). In case you would send partial, you would mix churned outputs with non-churned making your anonymization effort more or less pointless.

  4. WAIT/AGE CHURNED/MIXED XMR AGAIN

  5. CHURN/MIX AGAIN BY SENDING TO SELF OR 3RD PARTY - In order to decrease chance (from above mentioned 6.25% to 0.39%) of output being attributed to you. When having various Monero accounts for various purposes (e.g. "work", "home"), possibly churn 2x before "merging" XMR from multiple accounts of yours, example: KYC'ed 3rd party -> MyWork -> MyWork2nd ......... 3rd party -> MyHome -> MyHome2nd -> MyHome3rd -> MyWork2nd

FAQ: Why it is not pointless to send Monero from/to self, meaning same account? Because sending to same account is effective in decreasing the chance of a transaction being traced (attributed to you), since "there is no way to see the address" and other person says "You can send to yourself as many times as you want, without anyone knowing you're actually doing it. Every such transaction (called "churn") puts you in a bigger crowd of possible senders." and another person claims similar "churn to your own wallet, as it is not possible to link the output to the wallet".

17
VPN DNS leak - DoH and network.trr.mode in Firefox (lemmings.world)
submitted 1 year ago* (last edited 1 year ago) by hetzlemmingsworld@lemmings.world to c/protonprivacy@lemmy.world
3 comments fedilink
 

Some feedback regarding Proton VPN documentation and some confusion regarding Firefox DNS configuration:

https://protonvpn.com/support/browser-extensions#firefox says:

"By default, Firefox does not route DNS queries through the HTTPS connection to our VPN servers" and then is mentioned a workaround to fix it.

That suggest alarming thing, that ProtonVPN Firefox user has to do some custom workaround in order to be private (prevent a DNS leak).

On another hand, https://protonvpn.com/support/dns-leaks-privacy says:

"DNS queries are routed through the VPN tunnel to be resolved on our servers"

these statements are a bit confusing/contradicting (though Proton later explains that this latest statement does not apply on a browser extension VPN apps) and Proton further adds at https://protonvpn.com/support/dns-leaks-privacy/#dns-over-https that the DNS leak can happen also due to enabled DoH feature in web browser.

Solution: ProtonVPN browser extension should (if possible) warn user in case it fails to process DNS and as a result, it is leaked. Vote for this feature request

Another "issue" is with the above mentioned/linked workaround (here I am speaking only about Firefox), this workaround: go to "about:config into the URL bar and hit . At the warning, click Accept the risk and continue → search for network.trr.mode"

In my case I had this set that variable to 5 which means DoH "Off by choice", Proton in said tutorial suggest value 3 instead, which means (According to https://wiki.mozilla.org/Trusted_Recursive_Resolver#DNS-over-HTTPS_Prefs_in_Firefox ) "Only use TRR, never use the native resolver.".

This confuses me since it looks like an opposite to what i have now, while any DNS leak site:

https://www.dnsleaktest.com

https://ipleak.net

does NOT report leak in my case nor in case i set network.trr.mode to 3. A bit weird but i guess no big deal?

Thanks for your feedback in advance.

view more: next ›