Krugtron9000

joined 5 months ago
[–] [email protected] 4 points 3 months ago (1 children)

This is like complaining that your new EV doesn't have a large enough gasoline tank.

Haveno is something much better than federated: it is decentralized.

[–] [email protected] 5 points 3 months ago (1 children)

Anything that you "can access on your browser" can and will be shut down.

Browsers and WebPKI are designed to guarantee this.

You're gonna have to let go of your browser obsession. Or just not get what you want. One or the other.

[–] [email protected] 3 points 4 months ago* (last edited 4 months ago) (8 children)

it’s weird that they are able to ddos an onion. i thought tor had pow mitigations?

I want to know about this too. Why didn't you use HiddenServicePoWDefensesEnabled?

[–] [email protected] 1 points 4 months ago

It's only three hops if, like Trocador, you don't need to hide the location of the server. They can (and should) enable HiddenServiceSingleHopMode. This hides the location of the client but not the location of the server. Six hops is only for darknet sites that need to hide the server location.

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago) (1 children)

suffering non-stop DDoS attacks for the last three weeks, and they are using ToR exit nodes to conduct such attack

This doesn't add up:

  1. Exit nodes are not involved in onion site visits. Exit nodes are only involved in connections from Tor to the clearnet.
  2. The tor network itself does not have a particularly massive amount of exit node bandwidth, and anybody trying to use a large fraction of that will attract the attention of the tor developers. I have a very hard time believing that the bits per second you can push through tor exits result in a bandwidth bill that a popular exchange (like yours!) has any difficulty affording.

Blink twice if you've been threatened by a three-letter agency.

Good luck,

[–] [email protected] 1 points 4 months ago (1 children)

WASM is the millennials getting their turn to learn that "those who do not learn from history are doomed to repeat it".

Letting the bloated web offload more of its bloat to clients will simply result in an even worse web obesity crisis than already exists. The computational burden needs to stay with the side (the content producer) that has the ability to reduce the level of bloat. Anything else is a broken incentive structure.

[–] [email protected] 6 points 4 months ago* (last edited 4 months ago) (1 children)

This is precisely what Hashcash is. Hashcash is widely acknowledged as the primary ancestor of Bitcoin.

Also, Tor now has a system like this built-in. It uses PoW. It's quite new (less than a year old) and you have to explicitly enable it, but I'm sure the trocador admins know about this.

But seriously, regarding enshittification, I don't think javascript makes websites any harder to ddos. Rather, you get ddossed until you cry uncle and comply with the demands that you help MITM and fingerprint your customers. Javascript happens to be useful for fingerprinting. It has very little to do with ddos mitigation.

[–] [email protected] 4 points 5 months ago

I can't help hearing this spoken in Jack Nicholson's voice during the first few minutes of The Departed (2006).

Freedom.
Nobody gives it to you. You have to take it.
ok, will do.

[–] [email protected] 5 points 5 months ago (1 children)

I also don't understand why websites are still using bespoke hand-rolled XMR payment frontends -- unless they are exchanges or (like localmonero) super-Monero-gurus... BTCPay server's Monero support is so good at this point... I have used it uncountably-many times and not once had any kind of problem.

Please folks, if you're going to accept Monero, consider using BTCPay Server.

[–] [email protected] 5 points 5 months ago* (last edited 5 months ago)

First, make sure the transaction was completed for the correct amount net of monero transaction fees.

Yes, I absolutely made sure of that. Even waited for all ten confirmations.

One ~~secure~~ way to contact them is through matrix.

FTFY. And of course the (still!) embargoed clusterf*ck. Don't roll your own crypto, kids.

 

They will just take your money and not activate your account.

You can't contact them securely, because their only support contact is email but the PGP key on their website is corrupted (you can't re-wrap the lines of a PGP key!) and even after fixing the corruption it turns out that they forgot to publish their encryption key (the published key is signing-only).

So there's no secure way to contact them.

Total waste of my time and money. This is why everybody uses Mullvad.

 

Only half-joking. Your website spins at 100% cpu on my machine (firefox). Unfortunately it's one big fistulated mass of minified javascript so, not really debuggable.

sigh i miss the days when the web wasn't an app-delivery mechanism.

[–] [email protected] 2 points 5 months ago (2 children)

Not objecting or disagreeing, but could we get more than a one-line explanation for breaking protocol changes? maker selects arbitrator (breaking change) does not inspire a whole lot of confidence. Is there a discussion somewhere I can read that spells out the options and why this one was selected?

[–] [email protected] 1 points 5 months ago (1 children)

when/why was one ever required?

view more: next ›