The UK Treasury has opened an account on Discord to a torrent of abuse from users of the gamer-focused chat app -- abuse they managed to send despite the government blocking all comments on the service. The Guardian reports: With its community-focused approach, where servers encourage tight-knit groups to form and discuss issues related to the overall focus of the topic, Discord may seem an odd fit for the strait-laced world of government communications. But the app has a lot of users interested in finance, thanks to solid take-up among day traders and crypto fans, two groups the Treasury is eager to connect with. The result: a read-only Discord server, where the only user who is allowed to post is the snappily named HMTreasurySocialAdmin1, who shares tweet-length news about the Treasury and chancellor.

But trolls will always find a way. Although posting is banned, emoji reactions are enabled, letting any user respond to a post from the Treasury with a single emoji, and new users are cheerily announced in a "welcome" channel. That means the Treasury's server has been eagerly posting automated messages such as, "Welcome, LOCK UP PRINCE ANDREW. We hope you brought pizza," and "Welcome Jeremy Corbyn. Say hi!". The latter does not appear to be the real account of the former leader of the opposition. [...] UPDATE: Emoji reactions and the welcome channel vanished but eventually returned. According to the HM Treasure admin, Discord is the reason to blame for the issues.

"Due to the rapid growth of today's channel which has seen over 7,000 members join, a technical difficulty has led to reactions being paused," a post in the news channel read. "We are working with Discord to get reactions turned back on." The trolling can be continued here.

The Linux Foundation Europe (LF Europe) -- the recently launched European offshoot of the open source Linux Foundation -- today announced the launch of Project Sylva, which aims to create an open source telco cloud framework for European telcos and vendors. TechCrunch: This is the first project hosted by LF Europe and is a good example of what the organization is trying to achieve. The project aims to create a production-grade open source telco cloud stack and a common framework and reference implementation to "reduce fragmentation of the cloud infrastructure layer for telecommunication and edge services." Currently, five carriers (Telefonica, Telecom Italia, Orange, Vodafone and Deutsche Telekom) and two vendors (Ericsson and Nokia) are working on the project.

"There's a whole bunch of Linux Foundation networking projects already that have taken telecommunications into the open source era," Arpit Joshipura, the general manager for Networking, Edge and IoT at the Linux Foundation, told me. "All those projects are under what is called the [LF] Networking foundation. [â¦] So whatever that work is that is done by the telcos, Sylva is going to leverage and build on top of it with these European vendors to solve EU specific requirements. Those are security, energy, federated computing, edge and data trust." At the core of Sylva is a framework for a compute platform that can be agnostic to whether a workload is running on the telco access network, edge or in the core. The project aims to build a reference implementation, leveraging all of the work already being done by LF Networking, the Cloud Native Computing Foundation (the home of Kubernetes and other cloud-native infrastructure projects), LF Energy and others.

Apple on Tuesday announced that Emergency SOS via satellite is officially available to iPhone 14 users in the US and Canada. Next month, Apple will launch Emergency SOS via satellite in France, Germany, Ireland, and the UK. Apple is enabling the feature on all iPhone 14 models that are running iOS 16.1, which was released near the end of October. From a report: If you have the feature, you'll see a new section detailing your phone's new capability of connecting to satellites, and offering a demo mode for you to get a feel for what the process is like should you ever have to use it. For those unfamiliar, Emergency SOS via Satellite will allow an iPhone 14 owner to contact emergency services when in an area without cellular or Wi-Fi coverage. The feature is triggered by calling 911 when "SOS" is shown at the top of the iPhone's screen where the cellular coverage bars are normally visible. Once you're connected to a satellite, you'll either directly exchange messages with a local dispatcher if they accept text messages, or talk with local emergency services using an Apple-trained emergency specialist as a go-between.

Microsoft has released its first Digital Transparency Report for the Xbox gaming platform, revealing that the company took proactive action against throwaway accounts that violated its community guidelines 4.78 million times within a six-month period, usually in the form of temporary suspension. The Verge reports: The report, which provides information regarding content moderation and player safety, covers the period between January 1st and June 30th this year. It includes a range of information, including the number of reports submitted by players and breakdowns of various "proactive enforcements" (i.e., temporary account suspensions) taken by the Xbox team. Microsoft says the report forms part of its commitment to online safety. The data reveals that "proactive enforcements" by Microsoft increased almost tenfold since the last reporting period and that 4.33 million of the 4.78 million total enforcements concerned accounts that had been tampered with or used suspiciously outside of the Xbox platform guidelines. These unauthorized accounts can impact players in a variety of ways, from enabling cheating to spreading spam and artificially inflating friend / follower numbers.

A further breakdown of the data reveals 199,000 proactive enforcements taken by Xbox involving adult sexual content, 87,000 for fraud, and 54,000 for harassment or bullying. The report also claims that 100 percent of all actions in the last six-month period relating to account tampering, piracy, and phishing were taken proactively by Xbox rather than via reports made by its player base, which suggests that either fewer issues are being reported by players or the issues themselves are being addressed before players are aware of them. As proactive action has increased, the report also reveals that reports made by players have decreased significantly despite a growing player base, noting a 36 percent decline in player reports compared to the same period in 2021. A total of 33.07 million reports were made by players during the last period, with the vast majority relating to either in-game conduct (such as cheating, teamkilling, or intentionally throwing a match) or communications.

A report from the Georgetown's Center on Education and the Workforce found that Bachelor's degree holders generally earn 84% more than those with just a high school diploma, reports CNBC.

"Still, 44% of all job seekers with college degrees regret their field of study." Journalism, sociology, communications and education all topped the list of most-regretted college majors, according to ZipRecruiter's survey of more than 1,500 college graduates who were looking for a job. "When you are barely managing to pay your bills, your paycheck might become more important." Of graduates who regretted their major, most said that, if they could go back, they would now choose computer science or business administration instead.

All in, the top-paying college majors earn $3.4 million more than the lowest-paying majors over a lifetime.

Graduates entering the workforce with good career prospects and high starting salaries are the most satisfied with their field of study, job site ZipRecruiter also found. Computer science majors, with an average annual starting salary of almost $100,000, were the happiest overall, according to ZipRecruiter. Students who majored in criminology, engineering, nursing, business and finance also felt very good about their choices.

In a statement in February, America's Federal Bureau of Investigation "confirmed that it obtained NSO Group's powerful Pegasus spyware" back in 2019, reported the Guardian. At the time the FBI added that "There was no operational use in support of any investigation, the FBI procured a limited licence for product testing and evaluation only."

"But dozens of internal F.B.I. documents and court records tell a different story," the New York Times reported today: The documents, produced in response to a Freedom of Information Act lawsuit brought by The New York Times against the bureau, show that F.B.I. officials made a push in late 2020 and the first half of 2021 to deploy the hacking tools — made by the Israeli spyware firm NSO — in its own criminal investigations. The officials developed advanced plans to brief the bureau's leadership, and drew up guidelines for federal prosecutors about how the F.B.I.'s use of hacking tools would need to be disclosed during criminal proceedings. It is unclear how the bureau was contemplating using Pegasus, and whether it was considering hacking the phones of American citizens, foreigners or both. In January, The Times revealed that F.B.I. officials had also tested the NSO tool Phantom, a version of Pegasus capable of hacking phones with U.S. numbers.

The F.B.I. eventually decided not to deploy Pegasus in criminal investigations in July 2021, amid a flurry of stories about how the hacking tool had been abused by governments across the globe. But the documents offer a glimpse at how the U.S. government — over two presidential administrations — wrestled with the promise and peril of a powerful cyberweapon. And, despite the F.B.I. decision not to use Pegasus, court documents indicate the bureau remains interested in potentially using spyware in future investigations. "Just because the F.B.I. ultimately decided not to deploy the tool in support of criminal investigations does not mean it would not test, evaluate and potentially deploy other similar tools for gaining access to encrypted communications used by criminals," stated a legal brief submitted on behalf of the F.B.I. late last month....

The specifics of why the bureau chose not to use Pegasus remain a mystery, but American officials have said that it was in large part because of mounting negative publicity about how the tool had been used by governments around the world.
The Times also notes two responses to their latest report. U.S. Senator Ron Wyden complained the FBI's earlier testimony about Pegasus was incomplete and misleading, and that the agency "owes Americans a clear explanation as to whether the future operational use of NSO tools is still on the table."

But an F.B.I. spokeswoman said "the director's testimony was accurate when given and remains true today — there has been no operational use of the NSO product to support any FBI investigation."

Thanks to long-time Slashdot reader crazyvas for suggesting the story.

"KFC has apologised after sending a promotional message to customers in Germany, urging them to commemorate Kristallnacht with cheesy chicken," reports the BBC. The Nazi-led series of attacks in the country in 1938 left more than 90 people dead, and destroyed Jewish-owned businesses and places of worship. It is widely seen as the beginning of the Holocaust....

The fast-food chain sent an app alert on Wednesday, saying: "It's memorial day for Kristallnacht! Treat yourself with more tender cheese on your crispy chicken. Now at KFCheese!"

Around an hour later another message was sent with an apology, according to the Bild newspaper. "We are very sorry, we will check our internal processes immediately so that this does not happen again. Please excuse this error," the message is reported to have said.
The fast food chain "apologized for the error," reports the Jerusalem Post, "explaining that they 'use a semi-automated content creation process linked to calendars that include national observances.'" "In this instance, our internal review process was not properly followed, resulting in a non-approved notification being shared." Calling the mistake "obviously wrong, insensitive and unacceptable," KFC Germany added that they "have suspended app communications while we examine our current process to ensure such an issue does not occur again.

whoever57 writes: Would you trust your communications to a company that has links to a spyware company and claims that its address is a UPS store in Toronto? You probably already do. Washington Post reports: An offshore company that is trusted by the major web browsers and other tech companies to vouch for the legitimacy of websites has connections to contractors for U.S. intelligence agencies and law enforcement, according to security researchers, documents and interviews. Google's Chrome, Apple's Safari, nonprofit Firefox and others allow the company, TrustCor Systems, to act as what's known as a root certificate authority, a powerful spot in the internet's infrastructure that guarantees websites are not fake, guiding users to them seamlessly.

The company's Panamanian registration records show that it has the identical slate of officers, agents and partners as a spyware maker identified this year as an affiliate of Arizona-based Packet Forensics, which public contracting records and company documents show has sold communication interception services to U.S. government agencies for more than a decade. One of those TrustCor partners has the same name as a holding company managed by Raymond Saulino, who was quoted in a 2010 Wired article as a spokesman for Packet Forensics. Saulino also surfaced in 2021 as a contact for another company, Global Resource Systems, that caused speculation in the tech world when it briefly activated and ran more than 100 million previously dormant IP addresses assigned decades earlier to the Pentagon. The Pentagon reclaimed the digital territory months later, and it remains unclear what the brief transfer was about, but researchers said the activation of those IP addresses could have given the military access to a huge amount of internet traffic without revealing that the government was receiving it. whoever57 has also shared a unpaywalled link to the story.

An anonymous reader quotes a report from Deadline: AMC Entertainment plans to launch "Zoom Rooms" at movie theaters in up to 17 U.S. cities serving businesses with in-person events and meetings. The partnership with Zoom will roll out "sometime in 2023," the giant exhibitor said. It will give the chain access to the "multi-billion market for corporate and other meetings," according to CEO Adam Aron, and during weekdays when most theaters are quiet.

Users will book three-hour blocks online, selecting preferred theaters and meeting time. AMC and Zoom will provide the necessary equipment. Auditorium sizes are expected to range between 75 to 150 seats. Additional services like food and beverage offerings, movie viewings, and concierge-style personalized handling of meeting needs will be available for an added cost. "As hybrid work has become more commonplace throughout the United States, Zoom Rooms at AMC will enable companies and other entities with decentralized workforces and customer bases to bring people from different markets together at the same time for cohesive virtual and in-person events and meeting experiences," the nation's biggest chain said.

"One of the lessons learned during the pandemic when so many of us were forced to work remotely was the importance of a reliable, dynamic communications platform. We also learned that even though we may be spread far apart, the ability to come together in person is as important as ever," said Aron. "This creates an all-new product in major cities across the U.S. for companies and meeting planners."

The Intercept reports that protesters in Iran "have often been left wondering how the government was able to track down their locations or gain access to their private communications — tactics that are frighteningly pervasive but whose mechanisms are virtually unknown."

But The Intercept now has evidence of a new possibility: While disconnecting broad swaths of the population from the web remains a favored blunt instrument of Iranian state censorship, the government has far more precise, sophisticated tools available as well. Part of Iran's data clampdown may be explained through the use of a system called "SIAM," a web program for remotely manipulating cellular connections made available to the Iranian Communications Regulatory Authority. The existence of SIAM and details of how the system works, reported here for the first time, are laid out in a series of internal documents from an Iranian cellular carrier that were obtained by The Intercept.

According to these internal documents, SIAM is a computer system that works behind the scenes of Iranian cellular networks, providing its operators a broad menu of remote commands to alter, disrupt, and monitor how customers use their phones. The tools can slow their data connections to a crawl, break the encryption of phone calls, track the movements of individuals or large groups, and produce detailed metadata summaries of who spoke to whom, when, and where. Such a system could help the government invisibly quash the ongoing protests — or those of tomorrow — an expert who reviewed the SIAM documents told The Intercept.

"SIAM can control if, where, when, and how users can communicate," explained Gary Miller, a mobile security researcher and fellow at the University of Toronto's Citizen Lab. "In this respect, this is not a surveillance system but rather a repression and control system to limit the capability of users to dissent or protest."
Thanks to long-time Slashdot reader mspohr for submitting the article.

Vietnam's information minister said on Friday authorities had tightened regulations to deal with "false" content on social media platforms so that it must be taken down within 24 hours instead of 48 hours previously. From a report: The new rules will enshrine Vietnam's position as one of the world's most stringently controlled regimes for social media firms and will strengthen the ruling Communist Party's hand as it cracks down on "anti-state" activity. Minister of Information and Communications Nguyen Manh Hung told parliament there was risk that "false news, if it is handled in a slow manner, will spread very widely." Reuters had previously reported government plans to bring in the new regulations, as well rules so that very sensitive information has to be taken down within three hours. Most governments do not have laws imposing the taking down of content on social media firms, but Vietnam's move comes amid intensifying crackdowns in some parts of the world on online content.

Ericsson subsidiary Vonage will pay $100 million to settle Federal Trade Commission allegations that it created a web of obstacles for its customers to cancel the internet-based telephone service and charged unexpected termination fees. From a report: The agreement, filed in a federal court Thursday, represents the largest settlement of its kind in the FTC's enforcement push against companies that allegedly throw up high hurdles to customers seeking to cancel subscriptions or services. New Jersey-based Vonage will be required to obtain consumers' express consent for services and simplify its cancelation process. The cost of a subscription ranged from $5 to $50 a month for consumers, and potentially thousands a month for businesses, the FTC said. The commission said it received hundreds of complaints from consumers about Vonage's tactics.

T-Mobile may be joining rivals Verizon and AT&T by introducing an $35 charge for all new postpaid activations and upgrades, according to The T-Mo Report and some Redditors. Engadget: According to T-Mobile internal documents, it's introducing a "Device Connection Charge" for "all activations and upgrades for mobile, Beyond the Smartphone and broadband devices." Before, the Uncarrier charged activation fees only if you received in-store customer support for new activations, with online orders exempt. Now, all new postpaid activations are charged, whether or not you were assisted. This includes updating to a new device, adding a Bring-Your-Own-Device line, or ordering a Home Internet line, according to The T-Mo Report. T-Mobile has always tried to separate itself from regular telecoms, but charging customers for essentially nothing doesn't sound very Uncarrier-like, if the reports are accurate. And you can't take your business to Sprint, as it no longer exists thanks to its merger with T-Mobile. When that deal was finalized, T-Mobile said things would be "better for customers," but constant activation charges would definitely not be better.

The Council on Foreign Investment in the U.S. (CFIUS) should take action to ban TikTok, Brendan Carr, one of five commissioners at the Federal Communications Commission, told Axios in an interview. From the report: "I don't believe there is a path forward for anything other than a ban," Carr said, citing recent revelations about how TikTok and ByteDance handle U.S. user data. Carr highlighted concerns about U.S. data flowing back to China and the risk of a state actor using TikTok to covertly influence political processes in the United States. There simply isn't "a world in which you could come up with sufficient protection on the data that you could have sufficient confidence that it's not finding its way back into the hands of the [Chinese Communist Party]," Carr said. Carr sent letters to Apple and Google in June asking the companies to remove the apps from their stores due to concerns about data flowing back to China.

The British communications regulator has sounded the death knell of the fax machine, just over 30 years after it revolutionised office life. From a report: Ofcom said on Tuesday it had started the process to scrap legislation compelling BT, the former state-owned monopoly, to provide dedicated landlines for the devices at affordable prices. The facsimile machine, first commercialised by Xerox in 1964, became a ubiquitous feature of offices around the world from the late 1980s, but has since been displaced by a combination of email, scanners, cloud and instant messaging services. The old technology works by processing the contents of a fixed graphic image, transmitting it through the landline via audio-frequency tones, which are then received by another fax machine, interpreted and reconstructed into a printed replica of the original. "As digital technology and broadband services have developed, the fax machine has been overtaken by email and document sharing software that offer the same or better functionality," Ofcom said in a statement. "We're now consulting on changes to telecoms rules that could see the fax machine become a thing of the past."

Amazon is on a tight schedule to launch its internet satellites to orbit, so the company may have to turn to its competitor SpaceX for rides. Gizmodo reports: During a live interview with the Washington Post, Amazon senior vice president Dave Limp expressed the company's openness to use SpaceX's heavy lift rockets to deploy its Project Kuiper internet satellites. "We are open to talking to SpaceX, you'd be crazy not given their track record here," Limp said. However, Amazon is not interested in SpaceX's Falcon 9 rockets that are currently lofting the company's Starlink satellites. Amazon's internet satellites are larger than those being deployed by SpaceX, which explains why the company is eyeing SpaceX's Falcon Heavy rocket and its upcoming Starship rocket, the latter of which is still in development.

Limp's statement come as a surprise considering that Amazon signed deals earlier this year with Arianespace, Blue Origin, and United Launch Alliance to lift its satellites into orbit, while leaving out SpaceX from the mix. Both companies are aiming to bring high-speed internet to remote areas across the world by beaming down data signals from low Earth orbit. [...] Amazon is seemingly running out of options for rockets, while SpaceX has rockets-a-plenty, so a future deal between the industry rivals does make sense. A 2020 authorization order from the Federal Communications Commission stipulates that Amazon launch 50% of its 3,236 Project Kuiper satellites by 2026, and the remainder by 2029, or the company will lose its license.

An anonymous reader quotes a report from ZDNet: Everyone depends on OpenSSL. You may not know it, but OpenSSL is what makes it possible to use secure Transport Layer Security (TLS) on Linux, Unix, Windows, and many other operating systems. It's also what is used to lock down pretty much every secure communications and networking application and device out there. So we should all be concerned that Mark Cox, a Red Hat Distinguished Software Engineer and the Apache Software Foundation (ASF)'s VP of Security, this week tweeted, "OpenSSL 3.0.7 update to fix Critical CVE out next Tuesday 1300-1700UTC." How bad is "Critical"? According to OpenSSL, an issue of critical severity affects common configurations and is also likely exploitable. It's likely to be abused to disclose server memory contents, and potentially reveal user details, and could be easily exploited remotely to compromise server private keys or execute code execute remotely. In other words, pretty much everything you don't want happening on your production systems.

The last time OpenSSL had a kick in its security teeth like this one was in 2016. That vulnerability could be used to crash and take over systems. Even years after it arrived, security company Check Point estimated it affected over 42% of organizations. This one could be worse. We can only hope it's not as bad as that all-time champion of OpenSSL's security holes, 2014's HeartBleed. [...] There is another little silver lining in this dark cloud. This new hole only affects OpenSSL versions 3.0.0 through 3.0.6. So, older operating systems and devices are likely to avoid these problems. For example, Red Hat Enterprise Linux (RHEL) 8.x and earlier and Ubuntu 20.04 won't be smacked by it. RHEL 9.x and Ubuntu 22.04, however, are a different story. They do use OpenSSL 3.x. [...] But, if you're using anything with OpenSSL 3.x in -- anything -- get ready to patch on Tuesday. This is likely to be a bad security hole, and exploits will soon follow. You'll want to make your systems safe as soon as possible.

The Federal Aviation Administration (FAA) wants the U.S. telecommunications regulatory agency to ensure a delay in some 5G C-Band transmissions from smaller operators. Reuters reports: Acting FAA Administrator Billy Nolen said the agency wants the Federal Communications Commission (FCC) to mandate voluntary mitigations that AT&T and Verizon agreed to earlier this year mandated for 19 smaller telecoms and other spectrum holders. In a previously unreported letter dated Friday, Nolen cited industry data established "aviation safety would be compromised if the U.S. government does not codify certain additional operating limits in the 5G C-Band environment."

Concerns that the 5G service could interfere with airplane altimeters, which give data on a plane's height above the ground and are crucial for bad-weather landing, led to disruptions at some U.S. airports earlier this year. Nolen's letter warns that without the FCC mandating the mitigations "the FAA would be forced to take immediate steps to ensure the safety of the traveling public, raising the likelihood of flight disruptions across the United States."

Computer science professor Moshe Y. Vardi is the Senior Editor of Communications of the ACM.

And he's concerned about the state of cybersecurity today: In 2017, I wrote: "So here we are, 70 years into the computer age and after three ACM Turing Awards in the area of cryptography (but none in cybersecurity), and we still do not seem to know how to build secure information systems." What would I write today? Clearly, I would write: "75 years," but I would not change a word in the rest of the sentence....

The slow progress in cybersecurity is leading many to conclude the problem is not due to just a lack of technical solution but reflects a market failure, which disincentivizes those who may be able to fix serious security vulnerabilities from doing so. As I argued in 2020, the computing fields tend to focus on efficiency at the expense of resilience. Security usually comes at a cost in terms of performance, a cost that market players seem reluctant to pay. To discuss the market-failure issue and how to address it, the Computing Community Consortium organized in August this year a visioning workshop on Mechanism Design for Improving Hardware Security. The opening talk was given by Paul Rosenzweig, an attorney who specializes in national security law. He argued that technological development is founded, at the end, on human behavior.

So, the key to good cybersecurity is to incentivize humans. Thus, the answer lies in the economics of cybersecurity, which is, mostly, a private domain with lots of externalities, where prices do not capture all costs.... As the philosopher Helen Nissenbaum pointed out in a 1996 article, while computing vendors are responsible for the reliability and safety of their product, the lack of liability results in lack of accountability. She warned us more than 25 years ago about eroding accountability in computerized societies. The development of the "move-fast-and-break-things" culture in this century shows that her warning was on the mark....

If we want to address the cyber-insecurity issue, we should start by welcoming liability into computing.
Thanks to long-time Slashdot reader shanen for sharing the article

Harry Halpin helped create uniform cryptography standards for the World Wide Web Consortium, reports Quanta magazine — but "he also wanted to protect the lower, foundational level: the network through which the information is transmitted.

"In 2018, he started Nym Technologies to take on this problem.... Halpin spoke with Quanta from Nym's headquarters in Neuchâtel, Switzerland." Halpin: The trickier problem is this: How do I communicate with you so that no one else knows I'm communicating with you, even if our messages are encrypted? You can get a sense of what people are saying from the pattern of communication: Who are you talking with, when are your conversations, how long do they last...?

There are two key elements: One is the "mixnet," a technology invented by David Chaum in 1979 that my team has improved. It relies on the premise that you can't be anonymous by yourself; you can only be anonymous in a crowd. You start with a message and break it into smaller units, communications packets, that you can think of as playing cards. Next, you encrypt each card and randomly send it to a "mixnode" — a computer where it will be mixed with cards from other senders. This happens three separate times and at three separate mixnodes. Then each card is delivered to the intended recipient, where all the cards from the original message are decrypted and put back into the proper order. No person who oversees mixing at a single mixnode can know both the card's origin and its destination. In other words, no one can know who you are talking to.

Q: That was the original mixnet, so what improvements have you made?

Halpin: For one thing, we make use of the notion of entropy, a measure of randomness that was invented for this application by Claudia Diaz, a computer privacy professor at KU Leuven and Nym's chief scientist. Each packet you receive on the Nym network has a probability attached to it that tells you, for instance, the odds that it came from any given individual.... Our system uses a statistical process that allows you both to measure entropy and to maximize it — the greater the entropy, the greater the anonymity. There are no other systems out there today that can let users know how private their communications are.

Q: What's the second key element you referred to?

Halpin: Mixnets, as I said, have been around a long time. The reason they've never taken off has a lot to do with economics. Where do the people who are going to do the mixing come from, and how do you pay them? We think we have an answer. And the kernel of that idea came from a conversation I had in 2017 with Adam Back, a cryptographer who developed bitcoin's central "proof of work" algorithm. I asked him what he would do if he were to redesign bitcoin. He said it would be great if all the computer processing done to verify cryptocurrency transactions — by solving so-called Merkle puzzles that have no practical value outside of bitcoin — could instead be used to ensure privacy.

The computationally expensive part of privacy is the mixing, so it occurred to me that we could use a bitcoin-inspired system to incentivize people to do the mixing. We built our company around that idea....

A new paper that came out in June shows that this approach can lead to an economically sustainable mixnet....

We are not building a currency system or trying to replace the dollar. We just want to provide privacy to ordinary people.