Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Privacy IT Technology

Researchers Discover Flaws in Digital Currency Monero That Could Reveal Identity of Users (wired.com) 35

Researchers have discovered flaws in Monero, a digital currency that boasts a high degree of anonymity, that could lead to the identification of users. From a report: Monero is designed to mix up any given Monero "coin" with other payments, so that anyone scouring Monero's blockchain can't link it to any particular identity or previous transaction from the same source. But in a recent paper, a team of researchers from a broad collection of institutions -- including Princeton, Carnegie Mellon, Boston University, MIT, and the University of Illinois at Urbana-Champaign -- point to flaws in that mixing that make it possible to nonetheless extract individual transactions.

That shouldn't just worry anyone trying to stealthily spend Monero today. It also means evidence of earlier not-quite-untraceable payments remain carved into Monero's blockchain for years to come, visible for any snoop that cares to look.

This discussion has been archived. No new comments can be posted.

Researchers Discover Flaws in Digital Currency Monero That Could Reveal Identity of Users

Comments Filter:
  • Are soon parted... /s

    There is a reason there is FDIC insurance in the US...

    • Are soon parted... /s

      There is a reason there is FDIC insurance in the US...

      Teddy Roosevelt did that FIDC thing in a somewhat successful effort to stem the tide of the great depression by printing a LOT of money to bail out the insolvent banks. This was designed to stop the bank runs that where sucking all the cash out of the economy by stuffing it into mattresses for safe keeping.

      It was the original "To BIG to fail" bail out, at taxpayers expense and we've not been able to stop doing it for every financial hiccup since.

      • Franklin, not Teddy. And Roosevelt might well have been more interested in protecting depositors than in protecting banks.

        • Yes, Franklin.. Sorry for the mistake.

          Protecting depositors by bailing out banks... To get money back into circulation by getting it back into banks and not stuffed in mattresses... Sort of the "trickle down theory" if you think about it.

          Actually, I think the real benefit was to expand the money supply dramatically and quickly. Even with that, recovery was muted by the dust bowel and what Carter would have called a "general malaise" where the population was focused on possible impending doom and hesitant

          • by BranMan ( 29917 )

            " In 1900 a million dollars was quite the mound of cash..."

            Actually, not so much - yes it was a LOT of money back then, but the US also printed $5,000 bills. So a million could be a neat little stack of 200 bills. Today, however, it's a mound.

  • by YukariHirai ( 2674609 ) on Tuesday March 27, 2018 @07:41PM (#56338077)
    Anyone who's surprised by this isn't suspicious enough of the idea that a currency built on a permanent public ledger of transactions could possibly be anonymous.
    • by rtb61 ( 674572 )

      I'm just waiting for the cheapest crypt currency exchange to open, you know the one run by a three letter agency. You know they will quietly snaffle one up and then will, instead of mining currency, they will mine data and then, first the big sharks who can not be allowed to run wild and then after some time all the little piranha will feel that noose tighten, when they start issuing more public arrest warrants and brag about taking over that exchange, good luck.

    • by gweihir ( 88907 )

      I am not surprised that this version still has flaws. Your argument is entirely bogus though and just shows that you do not understand security.

    • Just because its in a public ledger does not mean it isn't anonymous. What it means is that it is traceable within that ledger. In order to identify *who* actually did something you still need to go through an exercise of deanonymising the user. Just because you know that {cryptohash} bought realhash for $10 doesn't automatically tell you who {cryptohash} is.

      Kind of like this post here on Slashdot. If you take a careful look at your replies you may be able to deanonymise one of the Anonymous Cowards who rep

      • We've seen time and time again, how meta information can be much more revealing than people think.

        You don't have to necessarily make any mistakes to have previously thought details about a transaction become obvious. The most obvious way people's personal info is compromised is not through their own mistakes, but the mistake of a friend or business associate who gets compromised.

        In fact any digital-realm transaction, whether we're talking about crypto, e-mail or an internet post, is probably one of the le

      • Really, it's more akin to my posts, rather than any Anonymous Cowards replying to my posts. There is the common thread, my username, attached to every post I've made. Looking at every post I've made and what I've said about my real life in them, one could build a profile on me - incomplete, but potentially enough to match to a profile from a different source.

        Cryptocurrencies will be less anonymous than that. In my posts I could be embellishing the truth (or outright lying) enough to throw off a match, thoug

  • by Anonymous Coward

    If so-called cryptocurrencies are really good innovation, why they attract so many criminals/criminal activity?
    Could it really be because, all cryptocurrencies themselves are scams, and that is why they attract all kinds of criminals/criminal activity?

    If so-called cryptocurrencies are really currency, why no company/store can use Bitcoin as currency anymore?
    Because the price of Bitcoin proved to be extremely unstable to use as a currency?
    Would the result be different, if Bitcoin replaced by any other "crypt

  • Monero has several functions to create anonymity, each one on it's own doesn't do it but combined there is a nice proof that they do. Every 6 months some idiot points out that one of the functions can be beaten. It's so common I'm not even going to bother reading the paper this time.
  • https://getmonero.org/2017/04/... [getmonero.org] FYI: the link is more than a year old.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...