so it sounds like this is more for group chats, to ensure at least one member is online at all times. Otherwise, if it were just 1-1 messaging, and one person’s phone went offline, the other person would have to wait until it was back online to send a message, right?

It’s important to not go down that route because if you can’t ever trust then you can’t believe you can ever have privacy or anonymity except when you completely retreat from all communication or interaction both electronically and physically.

I do agree that it’s an extreme threat model, so it’s not one I use personally. I guess some people may try anyways though 😅

here’s an article about the proton case: https://www.schneier.com/blog/archives/2021/09/protonmail-now-keeps-ip-logs.html

That was a colorful and fun read, can’t say I can match that. But I think if you are against the feds the assumption has to be that they infiltrated the other party. This is the whole reason why canaries exist. Because many jurisdictions allow the feds to force companies to do things and keep silent about it (gag order). For example, Protonmail was once forced to log IPs to track down the owner lf an email account.

By the same token, if Posteo is able to associate a nonce to an account, then they’re also able to tell the feds. Even if you are in a different jurisdiction from Posteo, feds can work across state lines through international agreements (which I think was also the case in the Protonmail case).

“they know you care about privacy” as opposed to the actual thing they know, which is simply that you mailed a letter

I should have been more specific. They are looking for somebody that mailed cash to an email service for account X. They know the mail came from postbox Y. They use surveillance footage and other factors to find the 10 people that used postbox Y that day. etc.

And yes the Monero blockchain is public, just like Tor traffic, but it’s all encrypted.

The opponent still has orders of magnitude more resources than you

Except with Tor and Monero, it’s not them vs you, its them vs everybody using Tor and Monero. That’s way harder. My point was that targeted surveillance is game over. Trying to break Monero is not a targeted attack. And the number of exploits on Tor and Monero are much more known than the number of exploits known for physical methods. You can look them up. Again, the fact that all this information is public is a good thing. It means security can improve over time. Hackers get better too, but if we look at history, in general computer security gets the upper hand over time. For example look at how hard it is to jailbreak an iPhone nowadays.

Physical methods is where there actually might be a million exploits. Nobody knows how secure they are, and anybody who claims to know is probably overconfident, with very little rigorous evidence.

Better the devil you know than one you don’t. Physical methods involve too many unknowns, and chances are the people using them are overconfident, victims of dunning-kruger effect. The weaknesses of cryptography can be publicly studied. The blind spots in the surveillance network of your neighborhood are a big unknown. I’ve made enough security mistakes in the past to know that the biggest risk is the user, and the more you can offload to professional tools like Tor and Monero, the better.

Perhaps they find out they have a surveillance video of you going to the restaurant and getting lunch then mailing a letter and try to use it as evidence that you conducted a cash transaction using a nonce.

It’s not that simple. They have a rough idea of your location past on the post office box. They use surveillance footage to narrow down the list of suspects. They know that the suspect cares enough about privacy to mail cash to an email service. That’s at most 1/1000 individuals. So in a city of a million residents, that’s about 1000 people. Combined with surveillance footage, traffic cameras, and phone tracking to determine the movements of all citizens, as well as cameras around the post office box to get the height and build of the suspect, they can probably narrow it down to 5-10 people. Then they monitor those 5-10 people individually. Even using illegal methods like breaking in and installing mics, cameras, bugged hardware. Once they confirm who the suspect is, and find evidence, they use parallel construction to come up with some legal rational for how they found the evidence, hiding their illegal methods.

Imo targeted surveillance is game over. The enemy has magnitudes more resources on you, and you’ll never even know that it’s happening. The best you can do is avoid it in the first place. Hide amongst a million others, using Tor or Monero.

What do you mean the space for digital is unlimited and infinite? There’s finite resources on the planet. 2048-bit RSA is not getting brute-forced in our lifetime (without quantum). And if you are talking about password strength, all of what you mentioned should be factored in. Take the combined compute of all GPUs of the world, factor in Moore’s law with a 50 year horizon, and figure out how strong your password should be. I know some people use 128 bits of entropy but I think 100 bits is plenty. Use a word-based passphrase for easy memorization. Or just use a hardware key.

Now I’d love to know how to calculate what level of security is enough for physical methods. Anything rigorous?

I believe the UK too

I remember hearing the opposite, that strikes with a set duration were ineffective because management could just wait it out…

how many countries has Signal pulled out of so far? I keep hearing about it

If they got their hands on a machine would they be able to replicate it? If it was such a massive advantage I imagine they would just take one by force, I mean look at how the US just took out two national leaders

I’m surprised they can’t just smuggle the chip designs and factory designs from Taiwan, they’re so close

I think this comment is a good example of why people don’t like physical methods. It just seems so hand-wavy, like homeopathic medicine. How do you judge how well it will work in a given situation? Physical privacy is just dependent on too many unknowns. And privacy techniques for the user have not improved in the past 100 years, meanwhile surveillance and location tracking algorithms for the authorities have progressed.

Digital privacy continues to improve every year. Andbody can use Tor and Monero, and benefit from the research and development behind them. Anybody can audit the tech, and build on top of it. Right now darknet markets are clunky to use, but they definitely feel better than they did 5 years ago, and they’ll keep getting better.

Anyways thanks for engaging in this discussing with me, it definitely helped me explore these ideas deeper.

Keep your nose clean out there, you never know whose gonna be looking in 20 years…

depending on your juridiction, the statute of limitations should save you after 20 years :)

yes, in this case it wouldn’t be obvious. Unless you can figure out a clear way to distinguish between a person who made an account and then started using it with Tor, vs somebody who made an account, sold it on the darknet, and the buyer started using it with Tor

You can’t just throw a 30 minute youtube link and expect people to watch it. At least give a gist of your point, and provide the video as extra context/depth.

This is why I just use darknet markets instead. Buying a new account takes only a few minutes, without leaving the house

I mention “anonymous” in the title, and many times in the post, and explained the scenario at the start of the post. It’s true that the mainstream does not need anonymity, but anonymity was clearly the goal of the post.

And I agree that this method alone won’t save you from the feds. It’s just one tool in the arsenal

Regulation means nothing, if the feds want to track people there’s endless strings they can pull. Plenty of evidence online of feds intercepting packages and bugging devices. They can even use illegal means and then use parallel construction.

On the other hand, just because the feds collect a bunch of dsta to be decrypted later, doesn’t mean they actually will. Encryption is very rarely cracked, it’s far more difficult than tracking people down via camera footage. Not to mention, statute of limitations means that even if they crack it 20 years later, the data might be useless by then.

Fact is, I can send some monero to somebody today and know it won’t be cracked within the year. But if I put on a mask and gloves and try to send a letter in the dead of the night, I know there’s still a chance that I’m caught.

There’s a reason why hackers today choose to use crypto and mixers rather than cash. Same reason why the US criminalized tornado wallet. Turns out, Monero and mixers are incredibly effective.

In the case of buying Protonmail accounts, I don’t think it’s obvious that it changed hands, since again, it just looks like the account user started using Tor, nothing more. The use of Tor is suspicious, but so is any anonymous methods. For example, mailing cash to a email provider is also extremely suspicious, given how much effort one is going through to pay anonymously, and thus it may trigger a cop to immediately start reviewing security camera footage around the mailbox. Any type of anonymity is going to raise eyebrows, but buying accounts from the darknet is imo the safest and most secure method.

But being aware of the tradeoffs is important so thanks for sharing

Fair enough. This is why I mentioned that the darknet method was the most reliable method I found. So far it hasn’t failed me

I’m confused at your point here. First off, there’s very little initial metadata. The seller uses their ip address to make the account, and then you buy the account and start using Tor to access the account. From Protonmail’s perspective, this just looks like somebody made an account and started using it with Tor.

But let’s say there was some usage difference that could be detected. Maybe the seller used the email for Github, and then you started using it for Discord. So what? I think you’re going to have to be more specific about the threat here.