Search
Items tagged with: cryptocurrency
Filtered word: nsfw
In A Furry’s Guide to Cryptocurrency, I briefly mentioned that NFTs are a dumb idea and not a valid reason for anyone–but especially furries–to get involved with cryptocurrency.
The legitimate reasons for furries to consider cryptocurrency are to protect porn artists and sex workers from the overreach of the conservative finance sector. To bank the unbanked, especially if they provide your spank bank, as it were. Also, to offset the risk of chargeback fraud to cryptocurrency exchanges, which in turn have the lawyers and capital that independent artists do not–especially fursuit makers.
Credit: NathOnSecurity
I was really hoping that was the last word I would need to write about NFTs, and my future blog posts about cryptocurrency could be focused on trivially breaking more of their homebrew hash functions. Or maybe I’ll eventually design a digital currency based on anarchosocialist principles, just to annoy the toxic ancaps that have festered in the cryptocurrency space.
But then the Canine Cartel happened.
Credit: Lynx vs Jackalope
The Canine What?
A group of NFT peddlers decide to create a dog-themed response to crypto-kitties on the Ethereum blockchain. They called it the Canine Cartel and the art they’re peddling is quite hideous.
https://twitter.com/lindsaylohan/status/1443247758199205893
Where are the ears? Why would a professional singer create a character without ears? Is Lindsay Lohan tacitly admitting that her idealized self is one that doesn’t have to hear the sound of her own voice?
No, the art just sucks. If you wanted good-looking furry art, you should’ve paid a furry artist to draw it. To wit.
Not only did the Canine Cartel grifters not hire a furry artist to draw these discount fursonas in order to peddle their NFT scam, they went a step further, and decided to pick a fight with the furry fandom.
Didn’t think I’d have to do this but Canine Cartel IS NOT a furry NFT. We do not sexualize animals its tasteless and disgusting#caninenotfurries#NFT#CanineCartel#NFTgiveway#CryptoJuanny Cage (@PerezWrestler), September 30, 2021, Archived
I don’t need to explain why their implication that furries “sexualize animals” is false here. I’ve covered it before. Additionally, furry hate is usually a dogwhistle or a proxy for queerphobia.
Thus, the gauntlet has been thrown. What should we do about this insult?
Credit: Lynx vs Jackalope
Yiffy Nifties
Put simply, we should give these NFT assholes what they don’t want while doing everything NFTs claim but fail to do for artists.
Here’s the plan, in a nutshell:
- Commission your favorite artists to draw the raunchiest, kinkiest, furry porn (yiff) you can imagine.
- Art comes in all forms, not just visual. Lewd stories or appropriately labelled MurrTube videos are valid too.
- Pay the artists handsomely (and tip them well if their rates are low).
- Request that they include “Canine Cartel” in the title of all yiff submissions.
- Bonus: Work “why NFTs are bad” into the submissions, especially if it’s a comic.
- Flood furry porn websites (FurAffinity, e621, etc.) with this appropriately named content.
- Tweet your newfound NSFW material with the hashtags used by these NFT grifters.
- NFT really means Nuzzling Furry Testicles/Tits (select appropriate)
- Enjoy polluting every major search engine with furry porn–especially Image Search.
Credit: Lynx vs Jackalope
Let me be very clear about this plan: Do not fucking harass people. We aren’t GamerGate. Respect people’s boundaries. Hashtags may not have boundaries, but people do.
I know I can’t stop anyone from being a toxic shit, but if you have any respect for me, refrain.
Additionally, please don’t create a stupid NFT for your smut. The goal isn’t to participate in their nonsense, but to satirize its existence.
Also, please do not get involved if you’re too young to legally consume adult material.
https://twitter.com/LurkingGrue/status/1443654423280947226
How Can People Under 18 Help?
Anyone who is not an adult certainly cannot (and MUST NOT) get involved with the furry porn plan. If you still want to oppose NFTs through direct action, there’s really only one thing you can do.
First, recognize how NFTs are framed in their pitch: As a way to “help artists”. They don’t actually help artists, though. This has a negative consequence of being an empty calorie feel-good gesture for some people, which doesn’t actually stop artists from starving. In extreme cases, they take all the oxygen out of the room and cause a net negative for creative workers while perpetuating the myth of supporting them.
If you want to oppose NFTs, you can do so simply by directly supporting artists in your community. Be kind to them, retweet their posts, help spread awareness of their commissions being open, etc. If you have spare money, commission safe-for-work art at your discretion too.
What’s The Endgame?
The goals of this initiative are as follows:
- Create a reputation and brand risk for any celebrity that wants to get involved with NFTs but not be associated with kinky queer people being openly sexual.
- Ditto, except with corporations. Twitter has been experimenting with promoting NFTs, and this will either create some friction in that initiative or Jack Dorsey will inadvertently expose lots of unsuspecting people to anthropomorphic cock and ball torture.
- Immediately embarrass the Canine Cartel, and any celebrity they’ve roped into their triangular pentahedron-shaped scheme.
Finally, if the NFT douchebags with discount fursonas ever decide to clap back against furries in a courtroom for participating in this plan and using their moniker, they will be unable to do so without explicitly and deliberately trying to harm artists–thereby unmasking their “NFT helps artists” cover story for what it truly is: A means to generate demand for cryptocurrency so they can profit off their investments.
Credit: Lynx vs Jackalope
From Ayyy to Zine
At the end of this initiative, provided that enough furries decide to participate, I will open the door for submissions to the “Not For Teens Canine Cartel” online magazine and distribute it for free on my personal website (soatok.com). It will also be available on Github and, likely, the BitTorrent network.
Although I cannot really control what kind of material people create, the zine I curate will have the following restrictions:
- No underage characters
- All characters engaging in sexual or kinky acts must be anthropomorphic or human
- Taurs are considered anthropomorphic by my standards
- Feral characters aren’t, simply because the discourse that would ensue would be enough of a distraction and a strategic error to allow, which would give the NFT crowd an easy way to clap back
- No depictions of people or characters that did not consent to be included
- The artist and commissioner must both agree to its inclusion
That’s it. You can include any kinks you want here–especially ones I don’t like.
The Moral
Anyone who thought NFTs a decentralized, permissionless way to pay artists for their creativity should be delighted by a decentralized effort of furries and porn artists to (without anyone else’s permission) draw porn of canid characters in a cartel theme to clap back against cryptocurrency peddlers.
https://twitter.com/swiftonsecurity/status/1370641345455460352
https://soatok.blog/2021/10/01/furry-porn-against-nfts-a-call-to-forearms/
#CanineCartel #Cryptocurrency #furries #furry #furryPorn #NSFW #porn #yiff
Normally when you see an article that talks about cryptocurrency come across your timeline, you can safely sort it squarely into two camps: For and Against. If you’re like me, you might even make a game out of trying to classify it into one bucket or the other from the first paragraph–sort of like how people treat biological sex–and then reading to see if you were right or not. Most of the time, you don’t even have to read past the headline to know where the author stands.Unfortunately, the topic of cryptocurrency is complicated in ways only nerds could envision. And I’m not even talking about the cryptography involved when I say that.
(Art by Khia.)
Cryptocurrency is one of those cans I keep kicking down the road, lest all of its worms escape. I’m neither an enthusiast who wants to pump dogecoin to the moon, nor a detractor who thinks that the idea of digital cash is inherently stupid.
https://twitter.com/FiloSottile/status/1380576100888281094
The “crypto means cryptography” trope exists because, after Bitcoin’s first price hike, a shitload of speculative investors flooded cryptography forums and drowned out the usual participants’ discussions. I’ve previously said that some gatekeeping is necessary for the maintenance group identity, and that the excess of this minimum amount is what creates toxicity. Unfortunately, this trope has far exceeded the LD50 for healthy discourse.
Some of my friends make their living working on cryptocurrency projects–as researchers, mathematicians, programmers, security engineers, and so on. A lot of the interesting cryptography breakthroughs we’ll see in the next 10-15 years will be, at least in part, the result of cryptographers working in the cryptocurrency space. It’s difficult to talk about zero-knowledge proofs without acknowledging some of the kick-ass research the Electric Coin Company has done in order to launch their privacy-preserving cryptocurrency, and that’s only one example.
Here’s cryptographer Jean-Phillipe Aumasson, whose employer is launching a regulated cryptocurrency marketplace:
https://twitter.com/veorq/status/1384045994413678598
If you’re not familiar with JP’s work, he wrote several cryptography books (including Serious Cryptography), contributed to several hash functions (SipHash, BLAKE2, and BLAKE3), and initiated the Password Hashing Competition that resulted in Argon2.
However, there’s also a lot of bullshit in the cryptocurrency space.
- Years of securities fraud enabled by “Initial Coin Offerings” (ICOs) on the Ethereum blockchain. Most famously: Bitcoiin (yes, with two I’s) whose spokesman was bad movie star, Steven Seagal.
- The plague of hacked Twitter accounts pretending to be Elon Musk, perpetuating a “give me some $ and I’ll give you more back” scam that’s sadly effective.
- The whole cryptoart / NFT debacle.
- Litanies of startups trying to “use blockchain to solve X problem” without ever asking if the problem warrants a blockchain in the first place.
- Every microgram of drama related to John McAfee.
And those are just the items I can list off, off the top of my head. The awfulness surrounding cryptocurrency is like a fractal: The deeper you look at it, the more shit you see.
Cryptocurrency Subculture: A Tale of Too Shitty
The world’s most successful cryptocurrency to date, Bitcoin, was created in 2008 by an anonymous cryptographer who liked to be known as Satoshi Nakamoto and distributed on metzdowd.com, a mailing list created by a group of cryptoanarchists that called themselves “cypherpunks”.At the risk of being overly reductive, cryptoanarchists are people who believe strongly in a right to privacy and therefore the right to use cryptography to protect communications from others–be it governments, corporations, or jealous ex-lovers. The cypherpunks were a group of cryptoanarchists that also wrote code. It’s a wordplay on “cyberpunk”.
It’s difficult to speculate about the intentions or politics of Satoshi Nakamoto, considering they said very little of substance about their private beliefs, and no longer answer emails from random strangers. However, given their presence on metzdowd, it’s reasonable to propose they were at least sympathetic to the cypherpunks’ cause.
Most outspoken cryptocurrency enthusiasts today are not like Satoshi Nakamoto. They don’t understand or frankly give a shit about complex, nuanced points about privacy and the government machinations underpinning public safety–let alone how that intersects with the racist history of the institutions charged with keeping the public safe. They’re largely anarcho-capitalists who want to make as much money as they can and, in turn, pay as little as possible in taxes.
How do you make money in cryptocurrency?
By obtaining some amount of a coin, then convincing other people to buy it to drive up the demand, and therefore the price, and then sell at a later date. Then you can sell your coins at a higher price than you paid (either directly, or through energy costs from “mining”) and pocket your profits.Don’t let the name fool you: anarcho-capitalists (a.k.a. ancaps) aren’t anarchists (and furthermore, cryptocurrency-manic ancaps aren’t cryptoanarchists). Here’s a helpful video to disambiguate the terms involved:
https://www.youtube.com/watch?v=OOTlxsn8tWc
If I said that large swaths of the cryptocurrency community was generally shitty, I would not be the first to make this observation. The earliest Bitcoin events were caricatures of the kind of toxic sexist excess that dominates chauvinistic power fantasies. (“When lambo?”)
It’s not just the bad politics or the stark contrast between cryptocurrency in practice and cryptocurrency as envisioned by the earliest architects on the metzdowd cryptography mailing list.
Last year I wrote about a dumb attack against the second hash function used by the cryptocurrency, IOTA. After I wrote this story, my Twitter mentions and DMs were flooded with astroturfing attempts by IOTA enthusiasts. Nearly a year later, most of those have been deleted–presumably because of an account suspension.
https://twitter.com/HapaRekk/status/1283485380004597760
Before IOTA, Monero enthusiasts used to engage in bad faith with anyone that dared criticize their favorite cryptocurrency project on Reddit or Hacker News.
To be clear: I don’t think that cryptocurrency projects or their developers are ever necessarily responsible for the behavior of their users. Sometimes you find toxic assholes like Sergey Ivancheglo (the IOTA developer that threatened security researchers) at the helm, and then immediately jettison it until they leave (to great fanfare of the non-toxic part of their community).
I don’t want to overstate my case here. A lot of blockchainiacs are just downright awful people. The absolute worst. But I’ve found over the years that, the less a person talks about cryptocurrency as a financial endeavor (e.g. speculative trading), the less likely they are to be shitty. It’s not a law of the universe, but it’s a useful measuring stick.
But with all that in mind, an obvious question emerges.
If there’s so much awful shit surrounding cryptocurrency, why would furries (a subculture that constantly receives endless helpings of flak from society at large) ever venture near cryptocurrency?
The Politics Inherent to Furry Identity
Art by Swizz.A lot of Americans like to think of themselves as “Free Speech” proponents. Some of them get all sweaty over whether or not they should be allowed to broadcast, and profit from, bigoted or hateful content laden with slurs.
And yet, the most censored people in American society are, without a doubt, sex workers. And you rarely hear any so-called “Free Speech” proponents give an iota of shit about the plight of sex workers. They can’t even freely engage in commerce here.
Sex work is explicitly banned by most financial service providers, such as PayPal. It’s exceedingly difficult for sex workers to make ends meet without constantly having to worry about their accounts being frozen and funds inaccessible.
There are a lot of reasons why the plight of sex workers is so bad in America. At the top of the list is the intersection of conservative politics and evangelical Christianity, which overall condemns healthy and consensual expressions of human sexuality. (Ever noticed how the only people who think they have a “sex addiction” are religious or right-wing? Not a coincidence.)
Do you know who else is a target of evangelicals and conservatives?
Furries, as you might know, are widely considered an LGBTQIA+ subculture (although not all of us are LGBTQIA+; only about 80%). But we’re more than just an LGBTQIA+ subculture. We’re also a vibrant community filled with skilled artists. Some of this art is pornographic in nature. It turns out, when queer people aren’t forced into the closet, they tend to embrace shameless authenticity and celebrate their romantic and sexual attractions with pride.
https://twitter.com/Pinboard/status/992819169593716737
A few years ago, the Death Eaters in Congress passed two bills (FOSTA and SESTA) that were advertised as an attempt to crack down on “sex trafficking”.
In practice, these laws killed Pounced.org–the only furry “dating” site at the time that wasn’t a sketchy cash grab (FurryMate, FurFling, etc.). Pounced.org died because the cost to avoid being criminally prosecuted under these laws was so exorbitant that they couldn’t sustain the website anymore, and it probably wasn’t the only small dating site to be killed by poor legislation. Only the big players could really have front-loaded these costs.
Which leads to the meat of this issue…
Why Furries Might Be Interested in Cryptocurrency
Cryptocurrency can be very attractive to members of the furry fandom because of the bullshit baked into the societies and cultures we exist in.Cryptocurrency promises to be permissionless and decentralized; to bank the unbanked. If you make your living filling up someone else’s spank bank, the idea of creepy rich white men not being able to exercise targeted censorship against you or your family is, frankly, irresistible.
“Can’t use PayPal for your trade? Just setup a cryptocurrency wallet and give a different address to each of your clients, and instructions on how to access some vaguely reputable cryptocurrency exchange.”
Granted, most furries aren’t sex workers or porn artists, but some of our friends are, and we want to see them protected. But there’s another threat that cryptocurrency promises to alleviate: Chargeback fraud.
The prevalence of chargeback fraud is why I always tip artists. It helps to offset some of the harm caused by shitty behavior.
(Art by Khia)This is the usual story (although exceptions do exist) I heard from my artist friends:
Someone under 18 decides they want to commission an artist they cannot personally afford, so they steal their parent’s credit card and use it to pay for a commission. Later–often after the work has been completed and delivered to the client–their parent notices the unauthorized charge on their credit card, and issues a chargeback.
Not only does this steal from the artist, but it incurs a $35 fee and increases the risk of their account being permanently suspended by their payment provider–thereby preventing them from accessing the funds paid to them by legitimate customers.
“Thanks for the free art! Now you’re at least $35 poorer and maybe lost your only lifeline out of perpetual poverty.”— Assholes
And thus, the Siren Song repeats once again!Cryptocurrency doesn’t prevent chargeback fraud, but it does shift the risk from independent artists that have no capital or political power and onto billion dollar financial institutions like Coinbase.
Once the cryptocurrency has been transferred from the Coinbase wallet to the furry artist, it cannot be unspent. Bad faith behavior might still happen, but the artist doesn’t risk their livelihood because of it.
And that’s why, when furry auction site The Dealer’s Den announced a plan to rebuild with “Blockchain Technology”, I didn’t even bat an eye. It seems like an obvious solution to a pervasive unsolved problem to me.
Sure, it’d be great if we could solve this problem with sensible civil policy. But when is that going to finally happen? After all, we’re talking about the same governments that bungled COVID-19 last year, and the AIDS crisis last century, and so on…
https://www.youtube.com/watch?v=aJtvKSUPICA
However, and this bears emphasizing, the CryptoArt / NFT trend is not a valid reason to get involved in cryptocurency! As I said on Twitter:
https://twitter.com/SoatokDhole/status/1370045499122843654
https://twitter.com/SoatokDhole/status/1370046285798064128
https://twitter.com/SoatokDhole/status/1370047071949033472
https://twitter.com/SoatokDhole/status/1370047509314297862
So, super long preamble aside, what I thought I’d do today is talk a bit about cryptocurrency and how to engage with the topic responsibly, especially if you’re trying to mitigate the damage of the systems we inherited.
Cryptocurrency For Furries
I’m going to be very light on technical jargon, in the interests of accessibility, but at the risk of being imprecise.No two cryptocurrencies are created equal. If you’re hoping to use one to mitigate systemic harms to our community, I implore you to learn the technical details in depth.
Decentralized Consensus
Cryptocurrencies can be classified by something called their consensus mechanism, which is how they can maintain a consistent ledger without being centralized. It doesn’t really matter, for the purpose of this article, how any of them work. I’m happy to dive into that in a future blog post, should anyone want it.What you need to know is that Proof-of-Work (PoW) consensus algorithms are designed to maximize energy waste across the entire cryptocurrency network. That’s how it maintains its security against different kinds of esoteric-sounding attacks.
When you “mine” a Proof-of-Work cryptocurrency, what you’re doing is solving a computationally hard puzzle (e.g. find a number that, when combined with the previous block’s hash and your address and hashed, produces a specific number of leading 0 bits determined by an algorithm to ensure this happens at a set average frequency of time), which results in the entire network agreeing that your address gets the “block reward” (a fixed amount of whatever currency) plus transaction fees.
Cryptocurrency discussions frequently invite conversations about the environmental impact of mining. Proof-of-Work is the cause for this excess energy use which certainly contributes to global climate change.
So, if you’re going to get involved with cryptocurrency without contributing to global climate disaster, you’re going to want to avoid Proof-of-Work cryptocurrencies. There are several other options to choose from.
Proof-of-Stake is popular among my cryptocurrency nerd friends, although it receives a fair bit of criticism from experts (especially the “nothing at stake” problem). Ask your cryptographer. It’s probably not me.
On-Chain Privacy
The vaunted “blockchain” is a public, transparent record of all transactions.When you use a cryptocurrency like Bitcoin, it’s sort of like tweeting your financial activities for the world to see.
“But nobody knows who owns this address,” Bitcoin maximalists might argue. To which I point out: Nobody is supposed to know your sockpuppet Twitter accounts either, but when you use them to harass someone right after they block your main account, we know it’s you.
The people whom this applies to know who they are, and should stop.
(Art by Khia)Some cryptocurrencies, like Zcash, try to provide something like TLS for your transactions. When you use shielded Zcash addresses, the transaction amounts and recipients are encrypted, and this ciphertext is accompanied by a zero-knowledge proof to ensure the total amount in the shielded and unshielded pools remains consistent.
I highly implore you to choose a cryptocurrency that has on-chain privacy, especially if your target audience includes queer people and/or sex workers.
Mainstream Appeal
Finding a privacy-preserving cryptocurrency that doesn’t equate to Global Warming Bucks is a tall order, but if you want people to actually use a cryptocurrency, it needs to be accessible.By accessible, I mean available on all the mainstream cryptocurrency exchange platforms (Coinbase, Binance, Bitfinex, etc.).
This might sound like pointless gatekeeping, but remember: They have the money and lawyers to negotiate with the economic powerhouses of the world, while sex workers and furry artists do not.
Cryptographic Security
Any regular reader of Dhole Moments probably saw this section coming a mile away, but an important consideration for a cryptocurrency to build upon is whether or not it’s actually secure.This is where things get tricky. Weird or poor choices in cryptographic algorithm don’t seem to matter much.
Bitcoin uses ECDSA over Koblitz curves. IOTA shipped two broken hash functions, threatened researchers, and then tried to claim the first broken hash function was backdoored for “copy protection”. The CryptoNote currencies (n.b. Monero) tried to build on EdDSA but introduced a double spend attack.
I’m certainly not qualified to audit an entire cryptocurrency and say “yes/no” on its security. But any cryptocurrency you consider should at least pass a smoke test from your cryptographer.
Which Cryptocurrency Should I Choose?
If you’re looking for a cryptocurrency that’s secure, accessible, privacy-preserving, and doesn’t waste a fuck ton of energy all the time, the short answer is that there is none. You’re going to have to make a trade-off.Shocking, I know.
(Art by Khia)I’m sure there are cryptocurrency projects that use privacy-preserving technologies without a Proof-of-Work algorithm, and their design and implementation might even be secure! But, to date, I’m not aware of any such projects that also have mainstream accessibility on large exchange platforms.
You’ll notice that I didn’t mention price volatility in my list above. There’s two reasons for that:
- I’m not a financial expert. For all I know, price volatility might be something you want out of your cryptocurrency, especially if you’re LARPing a day trader.
- It’s hard enough to make this choice without adding more complications to the formula.
If Zcash ever adopted a consensus algorithm that wasn’t Proof-of-Work, it’d be a shoe-in for me to recommend. It checks all the other boxes neatly and is one of the most interesting cryptography projects on the Internet, after all.
In the meantime, maybe some other project will fill this niche and become widely accessible for everyone. There’s a lot of exciting and/or scary things happening with cryptocurrency research.
If you’re stuck with a hard decision, honestly, just do the best you can and be very transparent about the trade-offs you’re making and why you’re making them. Then ask a friend or expert to check your reasoning before you commit to it. “Do nothing” also needs to be publicly considered, no matter how absurd it might seem.
Disclaimers and Other Remarks
I do not work with cryptocurrency in my dayjob. I’d like to say that, consequently, I don’t have a conflict of interest, but all humans have subconscious biases, and a lot of my favorite people in cryptography do work in or with cryptocurrency. I want my friends to be able to continue to do awesome work without feeling ashamed.https://twitter.com/cryptolexicon/status/1331712883403722752
Thus, I don’t care if you invest in Bitcoin or Dogecoin or whatever. Shoot for the moon while you awoo at the moon. Just be careful; for every winner, there’s at least one loser.
Fact: Dholes are also known as “Whistling Dogs”
(Art by Khia)I’m a fan of transparency logs–which are often compared to blockchains, but without the currency aspect. If you’re not familiar, read up on Trillian and Chronicle. Notably, Trillian is the backbone of Certificate Transparency, which helps keep the CA infrastructure honest and consequently makes HTTPS safer for everyone.
https://soatok.blog/2021/04/19/a-furrys-guide-to-cryptocurrency/
#Cryptocurrency #furries #furry #furryArtists #FurryFandom #Politics #Society
Every hype cycle in the technology industry continues a steady march towards a shitty future that nobody wants.
Note: I know this isn’t unique to the tech industry, but I can’t write about industries I don’t work in, so this is what’s being covered.
The Road to Hell
Once upon a time, everyone was all hot and bothered about Big Data: Having lots of information–far too much to process with commodity software–was supposed to magically transform business.
How do you build technology that can process that much information at scale? Well, obviously, you just need to invest in The Cloud! (If you’re using the Cloud to Butt Plus Chrome extension, this entire blog post may be confusing to you.)
But don’t scrutinize the Cloud too long, you might miss your chance to invest in blockchain.
meme via Tony Arcieri
Blockchainiacs practically invented an entire constructed language of buzzwords. Things like “DeFi”, “Web3”, and so on. To anyone not accustomed to their in-signaling, it’s potent enough cringe to repel even the weirdest of furries.
But the only thing to know about blockchain is its proponents they like it when the line goes up, and every “innovation” in that sector was in service of the line going up.
Blockchain, of course, refers to cryptocurrency. The security of these digital currencies is based on expensive consensus mechanisms (e.g., Proof of Work). The incentives baked into the design of these consensus mechanisms led users to buy lots of GPUs in order to compete to solve numeric puzzles (a.k.a. “mining”).
For a while, many technologists observed that whenever the line actually goes down or a popular cryptocurrency decides to adopt a less wasteful consensus mechanism, the secondhand market gets flooded with used GPUs.
That all changed with the release of ChatGPT and other Large Language Models.
https://www.youtube.com/watch?v=AaU6tI2pb3M
Now GPUs are a hot commodity even when the price of Bitcoin goes down because tech company leaders are either malicious or stupid, and are always trying to appease investors that have more money than sense. It’s not just tech companies either.
“Our vision of [quick-service restaurants] is that an AI-first mentality works every step of the way.”Joe Park, CEO of Yum Brands (Taco Bell, Pizza Hut, KFC)
Of all these hype cycles, I suspect that the “AI” hype has more staying power than the rest, if for no other reason than it provides a hedge against the downside of previous hype cycles.
- Not sure to do with the exabytes of Big Data you’re sitting on? Have LLMs parse it all then convincingly lie to you about what it means.
- Expensive cloud bill? Attract more investor dollars by selling them on trying to build an Artificial General Intelligence out of hallucinating chatbots.
- Got a bunch of GPUs lying around from a failed crypto-mining idea? Use it to flagrantly violate intellectual property law to steal from artists with legal impunity!
This “AI” trend is the Human Centipede of technology.
(Yes, there are some valid use cases for the technology that underpins this hype. I’m focusing on Generative AI exclusively for this blog post, since that’s what a lot of the hype is centered around.)
Art: CMYKat
So you can imagine how I felt when I went to add an image to a blog post draft one day and saw this:
Generate with AI? Fuck you.
There is no way to opt out of, or disable, this feature.
WordPress is not alone in its overt participation in this consumption of binary excrement.
Tech Industry Idiocy is Ubiquitous
Behold, Oracle’s AI innovation. Source
EA’s CEO called generative AI the “very core of our business”, which an astute listener will find reminiscent of the time they claimed NFTs and blockchain were the future of the games industry at an earnings call.
Nevermind the fact that they’re actually in the business of publishing video games!
Mozilla Firefox 128.0 released a feature (enabled by default of course) to help advertisers collect data on you.
Per 404 Media, Snapchat reserves the right to use AI-generated images of your face in ads (also on by default).
At this point, even Rip Van fucking Winkle can spot the pattern.
Investors (read: fools with more money than sense) are dead set on a generative AI future, blockchain bullshit in everything, etc. Furthermore, there are a lot of gullible idiots that drank the Kool-Aid and feel like they’re part of the build-up to the next World Wide Web, so there’s no shortage of willing new CS grads to throw at these problems to keep the money flowing.
So we’re clearly well past the point that ridiculing the people involved will have any significant deterrence. The enshittification has spread too far to quarantine, and there are too many True Believers in the mix. Throw in a little bit of Roko’s Basilisk (read: Pascal’s wager for arrogant so-called “rationalists” who think they’re too smart to be Christian) and you’ve got a full-blown cargo cult on your hands.
What can we do about it? Beats me.
Sanity Check
I’m going to set aside the (extremely cathartic) attempts at shame and ridicule as a solution. Fun as they are, they fail to penetrate filter bubbles and reach the people they need to.
What’s your Bullshit Tech Score?
One way we could push back against this steady march towards a future where everything is enshittified, and the devices you paid for (with your hard-earned money) don’t respect your consent at all, is to turn the first of the buzz words we examined (Big Data) against these companies.
I’m proposing we could gather data about companies’ actual practices and build score-cards and leaderboards based on the following metrics:
- Does the company strategy involve generative AI?
- Does the company strategy involve selling NFTs?
- Does the company strategy involve stitching other unnecessary blockchain bullshit where it doesn’t belong?
- Does the company make questionable claims about quantum computers?
- Does the company choose default settings that hurt the user in the interest of increasing revenue (i.e., assuming consent without explicitly receiving it)?
- Does the company own any software patents?
- This includes purely “defensive” patents, in industries where their competitors abuse intellectual property law to stifle competition.
While these circumstances are understandable, we should be objective in our measurements.
- This includes purely “defensive” patents, in industries where their competitors abuse intellectual property law to stifle competition.
- Is the company completely bankrupt on innovation tokens?
- Does the company suffer from premature optimization (e.g., choosing MongoDB because they fear a relational database isn’t web-scale, rather than because it’s the right tool for the job)?
- Have any of the company’s leaders been credibly accused of sexual misconduct or violence?
- Sorry not sorry, Blizzard!
- Does the company routinely have crunch time (i.e., more than one week per quarter where employees are expected to work more than 40 hours)?
- Does the company enforce draconian return-to-office policies?
- Has the company threatened a security researcher with lawsuits in the past 10 years?
- Does the company roll its own cryptography without having at least one cryptographer on the payroll?
- (Okay, this one is purely for my own sanity, and probably not broadly applicable.)
A passing score is “No” to each of the above questions.
This proposal is basically the opposite of SSO Tax. Rather than shaming the losers (which there will assuredly be many), the goal would be to highlight companies that are reasonably sane to work for.
I’m aware that there are already companies like Forrester that try to do this, but with a much wider scope than the avoidance of bullshit.Furthermore, they’re incentivized to not piss off wealthy businessmen, so that they can keep their research business alive, whereas I don’t particularly care if tech CEOs get mad at being called a hypocritical hype-huffer.
I mean, what are they gonna do? Downvote me on Hacker News? I don’t work for them anyway.
In Over Our Heads
There may be other solutions available that will improve things somewhat. I’m not immune to failures of imagination.
Some solutions are incredibly contentious, though, and I don’t really want the headache.
For example: I’m sure that, if this blog post ever gets posted on a message board, someone in the peanut gallery will bring up unions as a mechanism, and others will fiercely shoot that idea down.
It’s possible that we, as an industry, are completely in over our heads. There’s too much bullshit, and too many perverse incentives creating ever-increasing amounts of bullshit, that escape is simply impossible.
Perhaps we’ve already crossed the excrement horizon.
Maybe Kurzweil was right about a Singularity after all?
Closing Thoughts
The main thing I wanted to convey today was, “No, you’re not alone, things are getting stupider,” to anyone who wondered if there was a spark of sanity left in the tech sector.
Art: AJ
It’s not just the smarmy tech CEOs that are the problem. The rot has spread all the way to the foundations of many organizations. Hacker News, Lobsters, etc. are full of clueless AI maximalists that cannot see the harms they are inflicting.
It is difficult to get a [person] to understand something, when [their] salary depends on [their] not understanding it.Original quote by Upton Sinclair.
Though I am at a loss for how to tackle this problem as a community, acknowledging it exists is still important to me.
On WordPress and Generative AI
Years ago, I wrote on Medium, but got tired of the constant pressure to monetize my blog, so I decided to pay for a WordPress.com account. I write for myself, after all, and don’t expect any compensation for it.
Many of you will notice the “adblocker not detected” popup. That sums up how I feel about the adtech industry.
It’s disheartening that WordPress is pushing Generative AI bullshit to paying customers with no way to opt out of the feature. (Nevermind that it should be off-by-default and opted into.)
For now, I just refuse to use the feature and hope a lower adoption rate causes a project manager somewhere in Automattic to sweat. They’re somewhat notorious for being led by stubborn assholes who don’t listen to critics (even on security matters).
I’ll also continue to credit the artists that made the furry art I include in my blog posts, because supporting artists is the exact opposite of supporting generative AI.
If you’re looking for a furry artist to commission, first read this, and then maybe consider the artists whose work I’ve featured over the years.
New Avenues of Bullshit
If I may be so bold as to make a predication: In the distant future, I expect to see more Quantum Computing related bullshit.
Though currently constrained to the realm of grifters, NIST’s recent standardization of post-quantum cryptography is likely to ignite a lot of questionable technology companies.
Whether any of this quantum bullshit catches on at the same scale as tech industry hype remains to be seen.
If any does, I promise to handle each instance with the same derision as the bullshit I discovered in DEFCON’s Quantum Village.
https://soatok.blog/2024/09/18/the-continued-trajectory-of-idiocy-in-the-tech-industry/
#Cryptocurrency #Society #Technology
Normally when you see an article that talks about cryptocurrency come across your timeline, you can safely sort it squarely into two camps: For and Against. If you’re like me, you might even make a game out of trying to classify it into one bucket or the other from the first paragraph–sort of like how people treat biological sex–and then reading to see if you were right or not. Most of the time, you don’t even have to read past the headline to know where the author stands.Unfortunately, the topic of cryptocurrency is complicated in ways only nerds could envision. And I’m not even talking about the cryptography involved when I say that.
(Art by Khia.)
Cryptocurrency is one of those cans I keep kicking down the road, lest all of its worms escape. I’m neither an enthusiast who wants to pump dogecoin to the moon, nor a detractor who thinks that the idea of digital cash is inherently stupid.
https://twitter.com/FiloSottile/status/1380576100888281094
The “crypto means cryptography” trope exists because, after Bitcoin’s first price hike, a shitload of speculative investors flooded cryptography forums and drowned out the usual participants’ discussions. I’ve previously said that some gatekeeping is necessary for the maintenance group identity, and that the excess of this minimum amount is what creates toxicity. Unfortunately, this trope has far exceeded the LD50 for healthy discourse.
Some of my friends make their living working on cryptocurrency projects–as researchers, mathematicians, programmers, security engineers, and so on. A lot of the interesting cryptography breakthroughs we’ll see in the next 10-15 years will be, at least in part, the result of cryptographers working in the cryptocurrency space. It’s difficult to talk about zero-knowledge proofs without acknowledging some of the kick-ass research the Electric Coin Company has done in order to launch their privacy-preserving cryptocurrency, and that’s only one example.
Here’s cryptographer Jean-Phillipe Aumasson, whose employer is launching a regulated cryptocurrency marketplace:
https://twitter.com/veorq/status/1384045994413678598
If you’re not familiar with JP’s work, he wrote several cryptography books (including Serious Cryptography), contributed to several hash functions (SipHash, BLAKE2, and BLAKE3), and initiated the Password Hashing Competition that resulted in Argon2.
However, there’s also a lot of bullshit in the cryptocurrency space.
- Years of securities fraud enabled by “Initial Coin Offerings” (ICOs) on the Ethereum blockchain. Most famously: Bitcoiin (yes, with two I’s) whose spokesman was bad movie star, Steven Seagal.
- The plague of hacked Twitter accounts pretending to be Elon Musk, perpetuating a “give me some $ and I’ll give you more back” scam that’s sadly effective.
- The whole cryptoart / NFT debacle.
- Litanies of startups trying to “use blockchain to solve X problem” without ever asking if the problem warrants a blockchain in the first place.
- Every microgram of drama related to John McAfee.
And those are just the items I can list off, off the top of my head. The awfulness surrounding cryptocurrency is like a fractal: The deeper you look at it, the more shit you see.
Cryptocurrency Subculture: A Tale of Too Shitty
The world’s most successful cryptocurrency to date, Bitcoin, was created in 2008 by an anonymous cryptographer who liked to be known as Satoshi Nakamoto and distributed on metzdowd.com, a mailing list created by a group of cryptoanarchists that called themselves “cypherpunks”.At the risk of being overly reductive, cryptoanarchists are people who believe strongly in a right to privacy and therefore the right to use cryptography to protect communications from others–be it governments, corporations, or jealous ex-lovers. The cypherpunks were a group of cryptoanarchists that also wrote code. It’s a wordplay on “cyberpunk”.
It’s difficult to speculate about the intentions or politics of Satoshi Nakamoto, considering they said very little of substance about their private beliefs, and no longer answer emails from random strangers. However, given their presence on metzdowd, it’s reasonable to propose they were at least sympathetic to the cypherpunks’ cause.
Most outspoken cryptocurrency enthusiasts today are not like Satoshi Nakamoto. They don’t understand or frankly give a shit about complex, nuanced points about privacy and the government machinations underpinning public safety–let alone how that intersects with the racist history of the institutions charged with keeping the public safe. They’re largely anarcho-capitalists who want to make as much money as they can and, in turn, pay as little as possible in taxes.
How do you make money in cryptocurrency?
By obtaining some amount of a coin, then convincing other people to buy it to drive up the demand, and therefore the price, and then sell at a later date. Then you can sell your coins at a higher price than you paid (either directly, or through energy costs from “mining”) and pocket your profits.Don’t let the name fool you: anarcho-capitalists (a.k.a. ancaps) aren’t anarchists (and furthermore, cryptocurrency-manic ancaps aren’t cryptoanarchists). Here’s a helpful video to disambiguate the terms involved:
https://www.youtube.com/watch?v=OOTlxsn8tWc
If I said that large swaths of the cryptocurrency community was generally shitty, I would not be the first to make this observation. The earliest Bitcoin events were caricatures of the kind of toxic sexist excess that dominates chauvinistic power fantasies. (“When lambo?”)
It’s not just the bad politics or the stark contrast between cryptocurrency in practice and cryptocurrency as envisioned by the earliest architects on the metzdowd cryptography mailing list.
Last year I wrote about a dumb attack against the second hash function used by the cryptocurrency, IOTA. After I wrote this story, my Twitter mentions and DMs were flooded with astroturfing attempts by IOTA enthusiasts. Nearly a year later, most of those have been deleted–presumably because of an account suspension.
https://twitter.com/HapaRekk/status/1283485380004597760
Before IOTA, Monero enthusiasts used to engage in bad faith with anyone that dared criticize their favorite cryptocurrency project on Reddit or Hacker News.
To be clear: I don’t think that cryptocurrency projects or their developers are ever necessarily responsible for the behavior of their users. Sometimes you find toxic assholes like Sergey Ivancheglo (the IOTA developer that threatened security researchers) at the helm, and then immediately jettison it until they leave (to great fanfare of the non-toxic part of their community).
I don’t want to overstate my case here. A lot of blockchainiacs are just downright awful people. The absolute worst. But I’ve found over the years that, the less a person talks about cryptocurrency as a financial endeavor (e.g. speculative trading), the less likely they are to be shitty. It’s not a law of the universe, but it’s a useful measuring stick.
But with all that in mind, an obvious question emerges.
If there’s so much awful shit surrounding cryptocurrency, why would furries (a subculture that constantly receives endless helpings of flak from society at large) ever venture near cryptocurrency?
The Politics Inherent to Furry Identity
Art by Swizz.A lot of Americans like to think of themselves as “Free Speech” proponents. Some of them get all sweaty over whether or not they should be allowed to broadcast, and profit from, bigoted or hateful content laden with slurs.
And yet, the most censored people in American society are, without a doubt, sex workers. And you rarely hear any so-called “Free Speech” proponents give an iota of shit about the plight of sex workers. They can’t even freely engage in commerce here.
Sex work is explicitly banned by most financial service providers, such as PayPal. It’s exceedingly difficult for sex workers to make ends meet without constantly having to worry about their accounts being frozen and funds inaccessible.
There are a lot of reasons why the plight of sex workers is so bad in America. At the top of the list is the intersection of conservative politics and evangelical Christianity, which overall condemns healthy and consensual expressions of human sexuality. (Ever noticed how the only people who think they have a “sex addiction” are religious or right-wing? Not a coincidence.)
Do you know who else is a target of evangelicals and conservatives?
Furries, as you might know, are widely considered an LGBTQIA+ subculture (although not all of us are LGBTQIA+; only about 80%). But we’re more than just an LGBTQIA+ subculture. We’re also a vibrant community filled with skilled artists. Some of this art is pornographic in nature. It turns out, when queer people aren’t forced into the closet, they tend to embrace shameless authenticity and celebrate their romantic and sexual attractions with pride.
https://twitter.com/Pinboard/status/992819169593716737
A few years ago, the Death Eaters in Congress passed two bills (FOSTA and SESTA) that were advertised as an attempt to crack down on “sex trafficking”.
In practice, these laws killed Pounced.org–the only furry “dating” site at the time that wasn’t a sketchy cash grab (FurryMate, FurFling, etc.). Pounced.org died because the cost to avoid being criminally prosecuted under these laws was so exorbitant that they couldn’t sustain the website anymore, and it probably wasn’t the only small dating site to be killed by poor legislation. Only the big players could really have front-loaded these costs.
Which leads to the meat of this issue…
Why Furries Might Be Interested in Cryptocurrency
Cryptocurrency can be very attractive to members of the furry fandom because of the bullshit baked into the societies and cultures we exist in.Cryptocurrency promises to be permissionless and decentralized; to bank the unbanked. If you make your living filling up someone else’s spank bank, the idea of creepy rich white men not being able to exercise targeted censorship against you or your family is, frankly, irresistible.
“Can’t use PayPal for your trade? Just setup a cryptocurrency wallet and give a different address to each of your clients, and instructions on how to access some vaguely reputable cryptocurrency exchange.”
Granted, most furries aren’t sex workers or porn artists, but some of our friends are, and we want to see them protected. But there’s another threat that cryptocurrency promises to alleviate: Chargeback fraud.
The prevalence of chargeback fraud is why I always tip artists. It helps to offset some of the harm caused by shitty behavior.
(Art by Khia)This is the usual story (although exceptions do exist) I heard from my artist friends:
Someone under 18 decides they want to commission an artist they cannot personally afford, so they steal their parent’s credit card and use it to pay for a commission. Later–often after the work has been completed and delivered to the client–their parent notices the unauthorized charge on their credit card, and issues a chargeback.
Not only does this steal from the artist, but it incurs a $35 fee and increases the risk of their account being permanently suspended by their payment provider–thereby preventing them from accessing the funds paid to them by legitimate customers.
“Thanks for the free art! Now you’re at least $35 poorer and maybe lost your only lifeline out of perpetual poverty.”— Assholes
And thus, the Siren Song repeats once again!Cryptocurrency doesn’t prevent chargeback fraud, but it does shift the risk from independent artists that have no capital or political power and onto billion dollar financial institutions like Coinbase.
Once the cryptocurrency has been transferred from the Coinbase wallet to the furry artist, it cannot be unspent. Bad faith behavior might still happen, but the artist doesn’t risk their livelihood because of it.
And that’s why, when furry auction site The Dealer’s Den announced a plan to rebuild with “Blockchain Technology”, I didn’t even bat an eye. It seems like an obvious solution to a pervasive unsolved problem to me.
Sure, it’d be great if we could solve this problem with sensible civil policy. But when is that going to finally happen? After all, we’re talking about the same governments that bungled COVID-19 last year, and the AIDS crisis last century, and so on…
https://www.youtube.com/watch?v=aJtvKSUPICA
However, and this bears emphasizing, the CryptoArt / NFT trend is not a valid reason to get involved in cryptocurency! As I said on Twitter:
https://twitter.com/SoatokDhole/status/1370045499122843654
https://twitter.com/SoatokDhole/status/1370046285798064128
https://twitter.com/SoatokDhole/status/1370047071949033472
https://twitter.com/SoatokDhole/status/1370047509314297862
So, super long preamble aside, what I thought I’d do today is talk a bit about cryptocurrency and how to engage with the topic responsibly, especially if you’re trying to mitigate the damage of the systems we inherited.
Cryptocurrency For Furries
I’m going to be very light on technical jargon, in the interests of accessibility, but at the risk of being imprecise.No two cryptocurrencies are created equal. If you’re hoping to use one to mitigate systemic harms to our community, I implore you to learn the technical details in depth.
Decentralized Consensus
Cryptocurrencies can be classified by something called their consensus mechanism, which is how they can maintain a consistent ledger without being centralized. It doesn’t really matter, for the purpose of this article, how any of them work. I’m happy to dive into that in a future blog post, should anyone want it.What you need to know is that Proof-of-Work (PoW) consensus algorithms are designed to maximize energy waste across the entire cryptocurrency network. That’s how it maintains its security against different kinds of esoteric-sounding attacks.
When you “mine” a Proof-of-Work cryptocurrency, what you’re doing is solving a computationally hard puzzle (e.g. find a number that, when combined with the previous block’s hash and your address and hashed, produces a specific number of leading 0 bits determined by an algorithm to ensure this happens at a set average frequency of time), which results in the entire network agreeing that your address gets the “block reward” (a fixed amount of whatever currency) plus transaction fees.
Cryptocurrency discussions frequently invite conversations about the environmental impact of mining. Proof-of-Work is the cause for this excess energy use which certainly contributes to global climate change.
So, if you’re going to get involved with cryptocurrency without contributing to global climate disaster, you’re going to want to avoid Proof-of-Work cryptocurrencies. There are several other options to choose from.
Proof-of-Stake is popular among my cryptocurrency nerd friends, although it receives a fair bit of criticism from experts (especially the “nothing at stake” problem). Ask your cryptographer. It’s probably not me.
On-Chain Privacy
The vaunted “blockchain” is a public, transparent record of all transactions.When you use a cryptocurrency like Bitcoin, it’s sort of like tweeting your financial activities for the world to see.
“But nobody knows who owns this address,” Bitcoin maximalists might argue. To which I point out: Nobody is supposed to know your sockpuppet Twitter accounts either, but when you use them to harass someone right after they block your main account, we know it’s you.
The people whom this applies to know who they are, and should stop.
(Art by Khia)Some cryptocurrencies, like Zcash, try to provide something like TLS for your transactions. When you use shielded Zcash addresses, the transaction amounts and recipients are encrypted, and this ciphertext is accompanied by a zero-knowledge proof to ensure the total amount in the shielded and unshielded pools remains consistent.
I highly implore you to choose a cryptocurrency that has on-chain privacy, especially if your target audience includes queer people and/or sex workers.
Mainstream Appeal
Finding a privacy-preserving cryptocurrency that doesn’t equate to Global Warming Bucks is a tall order, but if you want people to actually use a cryptocurrency, it needs to be accessible.By accessible, I mean available on all the mainstream cryptocurrency exchange platforms (Coinbase, Binance, Bitfinex, etc.).
This might sound like pointless gatekeeping, but remember: They have the money and lawyers to negotiate with the economic powerhouses of the world, while sex workers and furry artists do not.
Cryptographic Security
Any regular reader of Dhole Moments probably saw this section coming a mile away, but an important consideration for a cryptocurrency to build upon is whether or not it’s actually secure.This is where things get tricky. Weird or poor choices in cryptographic algorithm don’t seem to matter much.
Bitcoin uses ECDSA over Koblitz curves. IOTA shipped two broken hash functions, threatened researchers, and then tried to claim the first broken hash function was backdoored for “copy protection”. The CryptoNote currencies (n.b. Monero) tried to build on EdDSA but introduced a double spend attack.
I’m certainly not qualified to audit an entire cryptocurrency and say “yes/no” on its security. But any cryptocurrency you consider should at least pass a smoke test from your cryptographer.
Which Cryptocurrency Should I Choose?
If you’re looking for a cryptocurrency that’s secure, accessible, privacy-preserving, and doesn’t waste a fuck ton of energy all the time, the short answer is that there is none. You’re going to have to make a trade-off.Shocking, I know.
(Art by Khia)I’m sure there are cryptocurrency projects that use privacy-preserving technologies without a Proof-of-Work algorithm, and their design and implementation might even be secure! But, to date, I’m not aware of any such projects that also have mainstream accessibility on large exchange platforms.
You’ll notice that I didn’t mention price volatility in my list above. There’s two reasons for that:
- I’m not a financial expert. For all I know, price volatility might be something you want out of your cryptocurrency, especially if you’re LARPing a day trader.
- It’s hard enough to make this choice without adding more complications to the formula.
If Zcash ever adopted a consensus algorithm that wasn’t Proof-of-Work, it’d be a shoe-in for me to recommend. It checks all the other boxes neatly and is one of the most interesting cryptography projects on the Internet, after all.
In the meantime, maybe some other project will fill this niche and become widely accessible for everyone. There’s a lot of exciting and/or scary things happening with cryptocurrency research.
If you’re stuck with a hard decision, honestly, just do the best you can and be very transparent about the trade-offs you’re making and why you’re making them. Then ask a friend or expert to check your reasoning before you commit to it. “Do nothing” also needs to be publicly considered, no matter how absurd it might seem.
Disclaimers and Other Remarks
I do not work with cryptocurrency in my dayjob. I’d like to say that, consequently, I don’t have a conflict of interest, but all humans have subconscious biases, and a lot of my favorite people in cryptography do work in or with cryptocurrency. I want my friends to be able to continue to do awesome work without feeling ashamed.https://twitter.com/cryptolexicon/status/1331712883403722752
Thus, I don’t care if you invest in Bitcoin or Dogecoin or whatever. Shoot for the moon while you awoo at the moon. Just be careful; for every winner, there’s at least one loser.
Fact: Dholes are also known as “Whistling Dogs”
(Art by Khia)I’m a fan of transparency logs–which are often compared to blockchains, but without the currency aspect. If you’re not familiar, read up on Trillian and Chronicle. Notably, Trillian is the backbone of Certificate Transparency, which helps keep the CA infrastructure honest and consequently makes HTTPS safer for everyone.
https://soatok.blog/2021/04/19/a-furrys-guide-to-cryptocurrency/
#Cryptocurrency #furries #furry #furryArtists #FurryFandom #Politics #Society
Normally when you see an article that talks about cryptocurrency come across your timeline, you can safely sort it squarely into two camps: For and Against. If you’re like me, you might even make a game out of trying to classify it into one bucket or the other from the first paragraph–sort of like how people treat biological sex–and then reading to see if you were right or not. Most of the time, you don’t even have to read past the headline to know where the author stands.
Unfortunately, the topic of cryptocurrency is complicated in ways only nerds could envision. And I’m not even talking about the cryptography involved when I say that.
(Art by Khia.)
Cryptocurrency is one of those cans I keep kicking down the road, lest all of its worms escape. I’m neither an enthusiast who wants to pump dogecoin to the moon, nor a detractor who thinks that the idea of digital cash is inherently stupid.
https://twitter.com/FiloSottile/status/1380576100888281094
The “crypto means cryptography” trope exists because, after Bitcoin’s first price hike, a shitload of speculative investors flooded cryptography forums and drowned out the usual participants’ discussions. I’ve previously said that some gatekeeping is necessary for the maintenance group identity, and that the excess of this minimum amount is what creates toxicity. Unfortunately, this trope has far exceeded the LD50 for healthy discourse.
Some of my friends make their living working on cryptocurrency projects–as researchers, mathematicians, programmers, security engineers, and so on. A lot of the interesting cryptography breakthroughs we’ll see in the next 10-15 years will be, at least in part, the result of cryptographers working in the cryptocurrency space. It’s difficult to talk about zero-knowledge proofs without acknowledging some of the kick-ass research the Electric Coin Company has done in order to launch their privacy-preserving cryptocurrency, and that’s only one example.
Here’s cryptographer Jean-Phillipe Aumasson, whose employer is launching a regulated cryptocurrency marketplace:
https://twitter.com/veorq/status/1384045994413678598
If you’re not familiar with JP’s work, he wrote several cryptography books (including Serious Cryptography), contributed to several hash functions (SipHash, BLAKE2, and BLAKE3), and initiated the Password Hashing Competition that resulted in Argon2.
However, there’s also a lot of bullshit in the cryptocurrency space.
- Years of securities fraud enabled by “Initial Coin Offerings” (ICOs) on the Ethereum blockchain. Most famously: Bitcoiin (yes, with two I’s) whose spokesman was bad movie star, Steven Seagal.
- The plague of hacked Twitter accounts pretending to be Elon Musk, perpetuating a “give me some $ and I’ll give you more back” scam that’s sadly effective.
- The whole cryptoart / NFT debacle.
- Litanies of startups trying to “use blockchain to solve X problem” without ever asking if the problem warrants a blockchain in the first place.
- Every microgram of drama related to John McAfee.
And those are just the items I can list off, off the top of my head. The awfulness surrounding cryptocurrency is like a fractal: The deeper you look at it, the more shit you see.
Cryptocurrency Subculture: A Tale of Too Shitty
The world’s most successful cryptocurrency to date, Bitcoin, was created in 2008 by an anonymous cryptographer who liked to be known as Satoshi Nakamoto and distributed on metzdowd.com, a mailing list created by a group of cryptoanarchists that called themselves “cypherpunks”.
At the risk of being overly reductive, cryptoanarchists are people who believe strongly in a right to privacy and therefore the right to use cryptography to protect communications from others–be it governments, corporations, or jealous ex-lovers. The cypherpunks were a group of cryptoanarchists that also wrote code. It’s a wordplay on “cyberpunk”.
It’s difficult to speculate about the intentions or politics of Satoshi Nakamoto, considering they said very little of substance about their private beliefs, and no longer answer emails from random strangers. However, given their presence on metzdowd, it’s reasonable to propose they were at least sympathetic to the cypherpunks’ cause.
Most outspoken cryptocurrency enthusiasts today are not like Satoshi Nakamoto. They don’t understand or frankly give a shit about complex, nuanced points about privacy and the government machinations underpinning public safety–let alone how that intersects with the racist history of the institutions charged with keeping the public safe. They’re largely anarcho-capitalists who want to make as much money as they can and, in turn, pay as little as possible in taxes.
How do you make money in cryptocurrency?
By obtaining some amount of a coin, then convincing other people to buy it to drive up the demand, and therefore the price, and then sell at a later date. Then you can sell your coins at a higher price than you paid (either directly, or through energy costs from “mining”) and pocket your profits.
Don’t let the name fool you: anarcho-capitalists (a.k.a. ancaps) aren’t anarchists (and furthermore, cryptocurrency-manic ancaps aren’t cryptoanarchists). Here’s a helpful video to disambiguate the terms involved:
https://www.youtube.com/watch?v=OOTlxsn8tWc
If I said that large swaths of the cryptocurrency community was generally shitty, I would not be the first to make this observation. The earliest Bitcoin events were caricatures of the kind of toxic sexist excess that dominates chauvinistic power fantasies. (“When lambo?”)
It’s not just the bad politics or the stark contrast between cryptocurrency in practice and cryptocurrency as envisioned by the earliest architects on the metzdowd cryptography mailing list.
Last year I wrote about a dumb attack against the second hash function used by the cryptocurrency, IOTA. After I wrote this story, my Twitter mentions and DMs were flooded with astroturfing attempts by IOTA enthusiasts. Nearly a year later, most of those have been deleted–presumably because of an account suspension.
https://twitter.com/HapaRekk/status/1283485380004597760
Before IOTA, Monero enthusiasts used to engage in bad faith with anyone that dared criticize their favorite cryptocurrency project on Reddit or Hacker News.
To be clear: I don’t think that cryptocurrency projects or their developers are ever necessarily responsible for the behavior of their users. Sometimes you find toxic assholes like Sergey Ivancheglo (the IOTA developer that threatened security researchers) at the helm, and then immediately jettison it until they leave (to great fanfare of the non-toxic part of their community).
I don’t want to overstate my case here. A lot of blockchainiacs are just downright awful people. The absolute worst. But I’ve found over the years that, the less a person talks about cryptocurrency as a financial endeavor (e.g. speculative trading), the less likely they are to be shitty. It’s not a law of the universe, but it’s a useful measuring stick.
But with all that in mind, an obvious question emerges.
If there’s so much awful shit surrounding cryptocurrency, why would furries (a subculture that constantly receives endless helpings of flak from society at large) ever venture near cryptocurrency?
The Politics Inherent to Furry Identity
Art by Swizz.
A lot of Americans like to think of themselves as “Free Speech” proponents. Some of them get all sweaty over whether or not they should be allowed to broadcast, and profit from, bigoted or hateful content laden with slurs.
And yet, the most censored people in American society are, without a doubt, sex workers. And you rarely hear any so-called “Free Speech” proponents give an iota of shit about the plight of sex workers. They can’t even freely engage in commerce here.
Sex work is explicitly banned by most financial service providers, such as PayPal. It’s exceedingly difficult for sex workers to make ends meet without constantly having to worry about their accounts being frozen and funds inaccessible.
There are a lot of reasons why the plight of sex workers is so bad in America. At the top of the list is the intersection of conservative politics and evangelical Christianity, which overall condemns healthy and consensual expressions of human sexuality. (Ever noticed how the only people who think they have a “sex addiction” are religious or right-wing? Not a coincidence.)
Do you know who else is a target of evangelicals and conservatives?
Furries, as you might know, are widely considered an LGBTQIA+ subculture (although not all of us are LGBTQIA+; only about 80%). But we’re more than just an LGBTQIA+ subculture. We’re also a vibrant community filled with skilled artists. Some of this art is pornographic in nature. It turns out, when queer people aren’t forced into the closet, they tend to embrace shameless authenticity and celebrate their romantic and sexual attractions with pride.
https://twitter.com/Pinboard/status/992819169593716737
A few years ago, the Death Eaters in Congress passed two bills (FOSTA and SESTA) that were advertised as an attempt to crack down on “sex trafficking”.
In practice, these laws killed Pounced.org–the only furry “dating” site at the time that wasn’t a sketchy cash grab (FurryMate, FurFling, etc.). Pounced.org died because the cost to avoid being criminally prosecuted under these laws was so exorbitant that they couldn’t sustain the website anymore, and it probably wasn’t the only small dating site to be killed by poor legislation. Only the big players could really have front-loaded these costs.
Which leads to the meat of this issue…
Why Furries Might Be Interested in Cryptocurrency
Cryptocurrency can be very attractive to members of the furry fandom because of the bullshit baked into the societies and cultures we exist in.
Cryptocurrency promises to be permissionless and decentralized; to bank the unbanked. If you make your living filling up someone else’s spank bank, the idea of creepy rich white men not being able to exercise targeted censorship against you or your family is, frankly, irresistible.
“Can’t use PayPal for your trade? Just setup a cryptocurrency wallet and give a different address to each of your clients, and instructions on how to access some vaguely reputable cryptocurrency exchange.”
Granted, most furries aren’t sex workers or porn artists, but some of our friends are, and we want to see them protected. But there’s another threat that cryptocurrency promises to alleviate: Chargeback fraud.
The prevalence of chargeback fraud is why I always tip artists. It helps to offset some of the harm caused by shitty behavior.
(Art by Khia)
This is the usual story (although exceptions do exist) I heard from my artist friends:
Someone under 18 decides they want to commission an artist they cannot personally afford, so they steal their parent’s credit card and use it to pay for a commission. Later–often after the work has been completed and delivered to the client–their parent notices the unauthorized charge on their credit card, and issues a chargeback.
Not only does this steal from the artist, but it incurs a $35 fee and increases the risk of their account being permanently suspended by their payment provider–thereby preventing them from accessing the funds paid to them by legitimate customers.
“Thanks for the free art! Now you’re at least $35 poorer and maybe lost your only lifeline out of perpetual poverty.”— Assholes
And thus, the Siren Song repeats once again!
Cryptocurrency doesn’t prevent chargeback fraud, but it does shift the risk from independent artists that have no capital or political power and onto billion dollar financial institutions like Coinbase.
Once the cryptocurrency has been transferred from the Coinbase wallet to the furry artist, it cannot be unspent. Bad faith behavior might still happen, but the artist doesn’t risk their livelihood because of it.
And that’s why, when furry auction site The Dealer’s Den announced a plan to rebuild with “Blockchain Technology”, I didn’t even bat an eye. It seems like an obvious solution to a pervasive unsolved problem to me.
Sure, it’d be great if we could solve this problem with sensible civil policy. But when is that going to finally happen? After all, we’re talking about the same governments that bungled COVID-19 last year, and the AIDS crisis last century, and so on…
https://www.youtube.com/watch?v=aJtvKSUPICA
However, and this bears emphasizing, the CryptoArt / NFT trend is not a valid reason to get involved in cryptocurency! As I said on Twitter:
https://twitter.com/SoatokDhole/status/1370045499122843654
https://twitter.com/SoatokDhole/status/1370046285798064128
https://twitter.com/SoatokDhole/status/1370047071949033472
https://twitter.com/SoatokDhole/status/1370047509314297862
So, super long preamble aside, what I thought I’d do today is talk a bit about cryptocurrency and how to engage with the topic responsibly, especially if you’re trying to mitigate the damage of the systems we inherited.
Cryptocurrency For Furries
I’m going to be very light on technical jargon, in the interests of accessibility, but at the risk of being imprecise.
No two cryptocurrencies are created equal. If you’re hoping to use one to mitigate systemic harms to our community, I implore you to learn the technical details in depth.
Decentralized Consensus
Cryptocurrencies can be classified by something called their consensus mechanism, which is how they can maintain a consistent ledger without being centralized. It doesn’t really matter, for the purpose of this article, how any of them work. I’m happy to dive into that in a future blog post, should anyone want it.
What you need to know is that Proof-of-Work (PoW) consensus algorithms are designed to maximize energy waste across the entire cryptocurrency network. That’s how it maintains its security against different kinds of esoteric-sounding attacks.
When you “mine” a Proof-of-Work cryptocurrency, what you’re doing is solving a computationally hard puzzle (e.g. find a number that, when combined with the previous block’s hash and your address and hashed, produces a specific number of leading 0 bits determined by an algorithm to ensure this happens at a set average frequency of time), which results in the entire network agreeing that your address gets the “block reward” (a fixed amount of whatever currency) plus transaction fees.
Cryptocurrency discussions frequently invite conversations about the environmental impact of mining. Proof-of-Work is the cause for this excess energy use which certainly contributes to global climate change.
So, if you’re going to get involved with cryptocurrency without contributing to global climate disaster, you’re going to want to avoid Proof-of-Work cryptocurrencies. There are several other options to choose from.
Proof-of-Stake is popular among my cryptocurrency nerd friends, although it receives a fair bit of criticism from experts (especially the “nothing at stake” problem). Ask your cryptographer. It’s probably not me.
On-Chain Privacy
The vaunted “blockchain” is a public, transparent record of all transactions.
When you use a cryptocurrency like Bitcoin, it’s sort of like tweeting your financial activities for the world to see.
“But nobody knows who owns this address,” Bitcoin maximalists might argue. To which I point out: Nobody is supposed to know your sockpuppet Twitter accounts either, but when you use them to harass someone right after they block your main account, we know it’s you.
The people whom this applies to know who they are, and should stop.
(Art by Khia)
Some cryptocurrencies, like Zcash, try to provide something like TLS for your transactions. When you use shielded Zcash addresses, the transaction amounts and recipients are encrypted, and this ciphertext is accompanied by a zero-knowledge proof to ensure the total amount in the shielded and unshielded pools remains consistent.
I highly implore you to choose a cryptocurrency that has on-chain privacy, especially if your target audience includes queer people and/or sex workers.
Mainstream Appeal
Finding a privacy-preserving cryptocurrency that doesn’t equate to Global Warming Bucks is a tall order, but if you want people to actually use a cryptocurrency, it needs to be accessible.
By accessible, I mean available on all the mainstream cryptocurrency exchange platforms (Coinbase, Binance, Bitfinex, etc.).
This might sound like pointless gatekeeping, but remember: They have the money and lawyers to negotiate with the economic powerhouses of the world, while sex workers and furry artists do not.
Cryptographic Security
Any regular reader of Dhole Moments probably saw this section coming a mile away, but an important consideration for a cryptocurrency to build upon is whether or not it’s actually secure.
This is where things get tricky. Weird or poor choices in cryptographic algorithm don’t seem to matter much.
Bitcoin uses ECDSA over Koblitz curves. IOTA shipped two broken hash functions, threatened researchers, and then tried to claim the first broken hash function was backdoored for “copy protection”. The CryptoNote currencies (n.b. Monero) tried to build on EdDSA but introduced a double spend attack.
I’m certainly not qualified to audit an entire cryptocurrency and say “yes/no” on its security. But any cryptocurrency you consider should at least pass a smoke test from your cryptographer.
Which Cryptocurrency Should I Choose?
If you’re looking for a cryptocurrency that’s secure, accessible, privacy-preserving, and doesn’t waste a fuck ton of energy all the time, the short answer is that there is none. You’re going to have to make a trade-off.
Shocking, I know.
(Art by Khia)
I’m sure there are cryptocurrency projects that use privacy-preserving technologies without a Proof-of-Work algorithm, and their design and implementation might even be secure! But, to date, I’m not aware of any such projects that also have mainstream accessibility on large exchange platforms.
You’ll notice that I didn’t mention price volatility in my list above. There’s two reasons for that:
- I’m not a financial expert. For all I know, price volatility might be something you want out of your cryptocurrency, especially if you’re LARPing a day trader.
- It’s hard enough to make this choice without adding more complications to the formula.
If Zcash ever adopted a consensus algorithm that wasn’t Proof-of-Work, it’d be a shoe-in for me to recommend. It checks all the other boxes neatly and is one of the most interesting cryptography projects on the Internet, after all.
In the meantime, maybe some other project will fill this niche and become widely accessible for everyone. There’s a lot of exciting and/or scary things happening with cryptocurrency research.
If you’re stuck with a hard decision, honestly, just do the best you can and be very transparent about the trade-offs you’re making and why you’re making them. Then ask a friend or expert to check your reasoning before you commit to it. “Do nothing” also needs to be publicly considered, no matter how absurd it might seem.
Disclaimers and Other Remarks
I do not work with cryptocurrency in my dayjob. I’d like to say that, consequently, I don’t have a conflict of interest, but all humans have subconscious biases, and a lot of my favorite people in cryptography do work in or with cryptocurrency. I want my friends to be able to continue to do awesome work without feeling ashamed.
https://twitter.com/cryptolexicon/status/1331712883403722752
Thus, I don’t care if you invest in Bitcoin or Dogecoin or whatever. Shoot for the moon while you awoo at the moon. Just be careful; for every winner, there’s at least one loser.
Fact: Dholes are also known as “Whistling Dogs”
(Art by Khia)
I’m a fan of transparency logs–which are often compared to blockchains, but without the currency aspect. If you’re not familiar, read up on Trillian and Chronicle. Notably, Trillian is the backbone of Certificate Transparency, which helps keep the CA infrastructure honest and consequently makes HTTPS safer for everyone.
https://soatok.blog/2021/04/19/a-furrys-guide-to-cryptocurrency/
#Cryptocurrency #furries #furry #furryArtists #FurryFandom #Politics #Society
If you’ve somehow never encountered an Internet meme before, you may be surprised to learn that the number 69 is often associated with sex (and, more specifically, a particular sex act).This happens to be the 69th blog post published on Dhole Moments, since I started the blog in April 2020.
You could even go as far as to say it’s the 4/20 +69th post, for maximum meme potential.
42069, get it? (Art by Khia)
However! I make a concerted effort to keep my blog safe-for-work, so if you’re worried about this post being flooded with furry porn (a.k.a. yiff art), or cropped yiff memes, or any other such lascivious nonsense, you won’t find any of that on this blog. (Sorry to disappoint.)
Instead, I’d like to take the opportunity to correct some public misconceptions about human sexuality, identity, and how these topics relate to the furry fandom.
Is Furry a Sex Thing?
I find it difficult to overstate how often people assume the “furry is a sex thing” premise. Especially on technical forums.But let’s backtrack for a second. What isn’t a sex thing?
Art by Khia.
This turns out to be a difficult question to answer. Even Wikipedia’s somewhat concise list of paraphilias doesn’t leave a lot of topics off the table.
Are shoes a sex thing? Are cigarettes? Poetry?
Comic from Saturday Morning Breakfast Cereal.
Hell, one might be tempted to cry foul on the header image used in this blog post for including tentacles, hypnotic eyes, and footpaws in the same image. (Scandalous!) But if you look at the uncropped versions of these images, you’ll quickly realize they aren’t yiffy.
Top Art by AtlasInu.
Bottom: Created by FlashWhite_. Fox is Kiit Lock.
The more you read about this topic, the more you’ll realize this question is inert. Anything can be a sex thing. Humans are largely a sexual species, and sex is deeply ingrained in our culture (which can make life awkward for asexual people).Instead, the question of whether or not the furry fandom is sexual becomes a bit of a Rorschach test for one’s cognitive biases.
If you’re chiefly concerned with public image–especially when fursuiting in public, where kids can see–you’re incentivized to double down on the fact that the furry fandom is no more inherently sexual than anything else can be. And this is true.
If you’re concerned with cultivating a sex-positive environment where people can live out their sexual fantasies in a safe, sane, and consensual manner, you’re incentivized to insist that furry is a sexual thing. “We have murrsuits for crying out loud! Stop kink-shaming! Down with puritan ideologies on sex!” And this is also true.
Humans are largely sexual, so any activity humans engage in will inevitably involve people sexualizing it. Even tupperware parties, for fuck’s sake! Anyone who believes there is a “Rule 34 of the Internet” tacitly acknowledges this fact, even if it’s inconvenient for a narrative they’re trying to spin.
So while this might be a meaningless question, one has to wonder…
Why Does Everyone Care So Much If Being a Furry (In Particular) Is Sexual or Not?
To understand what’s really happening here, you need to know a few things about the furry fandom.
- Approximately 80% of furries are LGBTQIA+ (source).
- Early anti-furry sentiments were motivated by queerphobia, especially on forums like Something Awful–and the influence of early hateful memes can still be seen to this day.
https://twitter.com/spacetwinks/status/728349066178998274
One of the Something Awful staff eventually acknowledged and apologized for this.
Archived from here. To corroborate, an Internet author named Maddox once parodied SomethingAwful’s hateful obsession with furries.
There was even a movement within the furry fandom history (the “Burned Furs“) that aimed to excise queerness and sex-positivity from the community. It’s no coincidence that a lot of the former Burned Furs joined with the alt-right movement within the furry fandom.
The alt-right is explicitly queerphobic; especially against trans people. But it’s not just queerphobic; it’s also an ableist and racist movement.
Regardless of sexual orientation, a lot of furries are neurodivergent, too.
Simply put: The reason that most people care whether or not furries are sexual is rooted in the propensity of anti-furry rhetoric in Internet culture, which was motivated at its inception by mostly queerphobia with a dash of ableism.
Art by Khia.
The notion that furries are “too sexual” originated as a dog-whistle for “too gay”, and caught on with people who didn’t know the hidden meaning of the idea. Now a lot of people repeat these ideas without intending or even knowing their roots, and many more have internalized shame about the whole situation.
Unfortunately, this even precipitates into the furry fandom itself, which leads to an unfortunate cyclical discourse that takes place largely on Furry Twitter.
Original tweet unavailable
Furry Isn’t a Sexuality. There is no F in LGBT!
If you publicly state “anti-furry rhetoric is largely queerphobic dog-whistles”, you will inevitably hear someone try to retort this way. So let’s be very clear about it.Furry isn’t its own sexual identity, and I would never claim otherwise.
Unlike transgender people, furries do not experience anything like “species dysphoria” (although therians/otherkin do report experiencing this; don’t conflate the two).
What’s happening here is: Most furries (about 80% of us) have separate sexual/gender identities that deviate from the heteronormative. A lot of queerphobia is easier to sell when you convey it through dog-whistles. So that’s what bigots did.
Polite company that wouldn’t partake in queer-bashing is often willing to laugh at the notion of “Beat A Furry Day“.
Anyone who tries to twist this acknowledgement to mean something ridiculous like an LGBTF movement is either being irrational or a 4chan troll.
Art by Khia.
For related reasons, you shouldn’t ever feel the need to “come out” as a furry.
https://www.youtube.com/watch?v=ZG2DRLimBSM
It’s okay to just really like Beastars, Zootopia, or even the Furry aspects of the Minecraft and Roblox communities. It doesn’t make you a sex-freak.
What’s the Take-Away?
It doesn’t really matter if the furry fandom has a sexual side to it. Everything does! The people who proclaim to care very much about this care for all the wrong reasons. Don’t be one of them.Art by Swizz.
And remember: Lewd furries aren’t furry trash; we’re yiff-raff!
Sex Isn’t Well-Defined Either
While we’re talking about sex, did you know that biological sex isn’t neatly divided into “male” and “female”? This isn’t an ideological position; it’s a scientific one. Just ask a biologist!https://twitter.com/JUNIUS_64/status/1054387892624285699
Trans and nonbinary people change gender (which is about your role within society) from what they were assigned at birth, but even sex itself isn’t so concrete.
The next time someone tries to appeal to “science” when talking about trans rights and then vomits up some unenlightened K-12 explanation of human reproduction and biological sex, remind them that science disagrees with their oversimplified and outdated mental model–and they might know this if they kept up with scientists.
Where Can I Learn More About the Sexual Side of the Furry Fandom?
Important: If you’re under the age of 18, you should stay out of adult spaces until you’re old enough to participate. No excuses.If you’re looking for pornographic furry art (also called “yiff”), most furry art sites (FurryLife, FurAffinity, etc.) have adult content filters that you can turn off when you register an account.
If you’re looking for something more interactive, there’s a swath of furries that develop private VR experiences for 18+ audiences. One of the most well-funded Patreon artists makes adult furry games.
If you’re curious about why and how people express their sexuality when fursuiting (also called “murrsuiting”), there’s a subreddit for that.
It’s really not hard to find. This is one of the advantages of furry being a largely sex-positive community.
Furry YouTuber Ragehound even has a series about Furries After Dark if you want to learn more about these topics.
https://www.youtube.com/watch?v=nGOlQJDO5no
Finally, similar to how 69 is a meme number for sex, furries have an additional meme number (621) that comes from the name of an adult furry website (e621.net).
You now have enough knowledge to navigate the adult side of the fandom. Just don’t come crying to me when you develop the uncanny knack for recognizing which r/furry_irl posts are actually cropped yiff versus wholly worksafe art.
https://soatok.blog/2021/04/02/the-furry-sexuality-blog-post/
#furries #furry #FurryFandom #LGBTQIA_ #Society
Historical Context of Iota’s Hash Functions
Once upon a time, researchers discovered that the hash function used within the Iota cryptocurrency (Curl-P), was vulnerable to practical collisions. When pressed about this, the Iota Foundation said the following:
https://twitter.com/durumcrustulum/status/1083859956841889792
In response to this research, the Iota developers threatened to sue the researchers.
https://twitter.com/matthew_d_green/status/965731647579664385?lang=en
Iota replaced Curl-P-27 with a hash function based on Keccak-384 they call Kerl. Keccak, you may recall, is a sponge function that went on to become SHA-3.
At its face, this sounds like a conservative choice in cryptography protocol design: Migrate from a backdoored hash function to one trusted and respected by cryptographers around the world.
https://twitter.com/cybergibbons/status/1283065819300331520
Iota even offered a bug bounty for attacks against reduced round variants:
https://twitter.com/durumcrustulum/status/1083860482866343936
Kerl isn’t Keccak-384 though. It’s Keccak-384 with a bit of an odd twist: They encode the input bytes into ternary ({0, 1} -> {-1, 0, 1}) before hashing. Apparently this weird obsession with ternary encoding is part of Iota’s schtick?
Practical Kerl Collisions
As a consequence of their weird ternary obsession, the following inputs all produce the same Kerl hash:
- GYOMKVTSNHVJNCNFBBAH9AAMXLPLLLROQY99QN9DLSJUHDPBLCFFAIQXZA9BKMBJCYSFHFPXAHDWZFEIZ
- GYOMKVTSNHVJNCNFBBAH9AAMXLPLLLROQY99QN9DLSJUHDPBLCFFAIQXZA9BKMBJCYSFHFPXAHDWZFEIH
- GYOMKVTSNHVJNCNFBBAH9AAMXLPLLLROQY99QN9DLSJUHDPBLCFFAIQXZA9BKMBJCYSFHFPXAHDWZFEIQ
This is a consequence of always zeroing out the last “trit” before passing the input to Keccak-384.
Since this zeroing was an explicit design choice of Iota’s, I decided to helpfully submit a pull request adding these inputs as test vectors to their JavaScript implementation.
Why It Matters
These are the facts:
- Kerl is intended to replace Curl-P-27 within the Iota cryptocurrency.
- The Iota Foundation previously admitted that Curl-P-27 was a “copy-protection backdoor”.
- The ternary encoding in Kerl allows three different inputs to produce the same hash output (which is not true of Keccak-384).
Given the past behavior of the Iota developers, there are three possible explanations for this:
- It’s a bugdoor (a backdoor enabled by a bug) intended to be exploited by the Coordinator–possibly as another copy-protection backdoor in the spirit of Curl-P-27.
- They made a critical design mistake in Kerl, which may or may not be exploitable in one or more of the places they use Kerl.
- Their alleged justification for zeroing out the last trit is sound, and there’s no way to exploit this collision vulnerability within Iota.
The last explanation is the one that Iota fanboys will probably cling to, but let me be clear: Even if this isn’t exploitable within Iota, it’s still a huge fuck-up in the design of Kerl.
I’ve lost count of the number of projects I’ve encountered that used secp256k1 as their elliptic curve choice simply because it was also the curve Bitcoin used. These are protocols doing ECDSA for JSON Web Tokens, or ECDH for use in ECIES schemes.
The probability of someone eventually using Kerl outside of Iota is 1, and they will be vulnerable to collisions because of that choice.
Takeaways
Iota is a cryptocurrency project that threatens security researchers, intentionally backdoored the cryptographic hash function in their original design (for “copy-protection”) and admitted to it, and designed a replacement cryptographic hash function (Kerl) that is vulnerable to trivial collision attacks (but the underlying hash function, Keccak-384, is not).
I don’t need to connect the lines on this one, do I?
It’s really freaking obvious.
Since this attack also works on “reduced round” variants of Kerl, I guess I win their bug bounty too!
If the Iota developers are reading this, please remit payment for your promised bounty to the following ZEC address: zs1lwghzjazt4h53gwnl7f24tdq99kw7eh9hgh3qumdvcndszl7ml4xmsudcmm60dut2cfesxmlcec
That being said, I never got an answer to my question, “Should I report the security reduction in bits or trits?” I’m feeling generous though. Given the cost of a collision is basically 1 trit, this is a 242-trit security reduction against collision attacks in Kerl.
https://soatok.blog/2020/07/15/kerlissions-trivial-collisions-in-iotas-hash-function-kerl/
#collision #cryptanalysis #Cryptocurrency #cryptographicHashFunction #hashFunction #iota #kerl #kerlission
Historical Context of Iota’s Hash Functions
Once upon a time, researchers discovered that the hash function used within the Iota cryptocurrency (Curl-P), was vulnerable to practical collisions. When pressed about this, the Iota Foundation said the following:https://twitter.com/durumcrustulum/status/1083859956841889792
In response to this research, the Iota developers threatened to sue the researchers.
https://twitter.com/matthew_d_green/status/965731647579664385?lang=en
Iota replaced Curl-P-27 with a hash function based on Keccak-384 they call Kerl. Keccak, you may recall, is a sponge function that went on to become SHA-3.
At its face, this sounds like a conservative choice in cryptography protocol design: Migrate from a backdoored hash function to one trusted and respected by cryptographers around the world.
https://twitter.com/cybergibbons/status/1283065819300331520
Iota even offered a bug bounty for attacks against reduced round variants:
https://twitter.com/durumcrustulum/status/1083860482866343936
Kerl isn’t Keccak-384 though. It’s Keccak-384 with a bit of an odd twist: They encode the input bytes into ternary ({0, 1} -> {-1, 0, 1}) before hashing. Apparently this weird obsession with ternary encoding is part of Iota’s schtick?
Practical Kerl Collisions
As a consequence of their weird ternary obsession, the following inputs all produce the same Kerl hash:
- GYOMKVTSNHVJNCNFBBAH9AAMXLPLLLROQY99QN9DLSJUHDPBLCFFAIQXZA9BKMBJCYSFHFPXAHDWZFEIZ
- GYOMKVTSNHVJNCNFBBAH9AAMXLPLLLROQY99QN9DLSJUHDPBLCFFAIQXZA9BKMBJCYSFHFPXAHDWZFEIH
- GYOMKVTSNHVJNCNFBBAH9AAMXLPLLLROQY99QN9DLSJUHDPBLCFFAIQXZA9BKMBJCYSFHFPXAHDWZFEIQ
This is a consequence of always zeroing out the last “trit” before passing the input to Keccak-384.
Since this zeroing was an explicit design choice of Iota’s, I decided to helpfully submit a pull request adding these inputs as test vectors to their JavaScript implementation.
Why It Matters
These are the facts:
- Kerl is intended to replace Curl-P-27 within the Iota cryptocurrency.
- The Iota Foundation previously admitted that Curl-P-27 was a “copy-protection backdoor”.
- The ternary encoding in Kerl allows three different inputs to produce the same hash output (which is not true of Keccak-384).
Given the past behavior of the Iota developers, there are three possible explanations for this:
- It’s a bugdoor (a backdoor enabled by a bug) intended to be exploited by the Coordinator–possibly as another copy-protection backdoor in the spirit of Curl-P-27.
- They made a critical design mistake in Kerl, which may or may not be exploitable in one or more of the places they use Kerl.
- Their alleged justification for zeroing out the last trit is sound, and there’s no way to exploit this collision vulnerability within Iota.
The last explanation is the one that Iota fanboys will probably cling to, but let me be clear: Even if this isn’t exploitable within Iota, it’s still a huge fuck-up in the design of Kerl.
I’ve lost count of the number of projects I’ve encountered that used secp256k1 as their elliptic curve choice simply because it was also the curve Bitcoin used. These are protocols doing ECDSA for JSON Web Tokens, or ECDH for use in ECIES schemes.
The probability of someone eventually using Kerl outside of Iota is 1, and they will be vulnerable to collisions because of that choice.
Takeaways
Iota is a cryptocurrency project that threatens security researchers, intentionally backdoored the cryptographic hash function in their original design (for “copy-protection”) and admitted to it, and designed a replacement cryptographic hash function (Kerl) that is vulnerable to trivial collision attacks (but the underlying hash function, Keccak-384, is not).I don’t need to connect the lines on this one, do I?
It’s really freaking obvious.
Since this attack also works on “reduced round” variants of Kerl, I guess I win their bug bounty too!
If the Iota developers are reading this, please remit payment for your promised bounty to the following ZEC address: zs1lwghzjazt4h53gwnl7f24tdq99kw7eh9hgh3qumdvcndszl7ml4xmsudcmm60dut2cfesxmlcec
That being said, I never got an answer to my question, “Should I report the security reduction in bits or trits?” I’m feeling generous though. Given the cost of a collision is basically 1 trit, this is a 242-trit security reduction against collision attacks in Kerl.
https://soatok.blog/2020/07/15/kerlissions-trivial-collisions-in-iotas-hash-function-kerl/
#collision #cryptanalysis #Cryptocurrency #cryptographicHashFunction #hashFunction #iota #kerl #kerlission
It’s finally time to release my newest project: https://www.followthecrypto.org/
This website provides a real-time lens into the cryptocurrency industry’s efforts to influence 2024 elections in the United States.
#crypto #cryptocurrency #elections #USpol #lobbying
Follow the Crypto
Follow the cryptocurrency industry’s influence on 2024 elections in the United States.Follow the Crypto
The Ponzinomics: When you pay money for nothing, and stash your nothing in a protocol with the expectation that it will give you a 20 percent yield—all you end up with is 20 percent of nothing.
I've now received 3 separate emails asking me to sell my potential share of the upcoming Fluence Network cryptocurrency airdrop. This project aims at rewarding the "~110,000 developers who contributed into open source web3 repositories during last year" according to the project webpage. In order to do this "Public keys of selected Github accounts were added into a smart contract on Ethereum" which they stored in a single file hosted on AWS that their own "install" script fetches in order to generate proof of GitHub account ownership.
So you can check any GitHub account eligibility on the Fluence website, of course, but you can also obtain the conveniently complete list of 108,615 eligible GitHub accounts to spam with your stupid cryptocurrency acquisition request. I've pulled down my email address from my public profile in the hope that it will stem the tide, but that's yet another possibly well-meaning Web3 project that ends up abused within seconds of its inception because of poorly thought-out process.
Also I never contributed to any web3 repository, so I'm vaguely curious how they compiled this list of accounts but not that much either.
https://neilzone.co.uk/2022/02/i-have-a-complicated-relationship-with-cryptocurrency
They still hold true, I think, with even more weight on the environmental damage.
I still have a small amount of Bitcoin in a hardware wallet, but we don’t accept payment in cryptocurrency, and I doubt the wallet even has charge.
I always knew that there was something fishy about LBRY.
https://www.theguardian.com/technology/2023/jul/16/lbry-closes-odysee-cryptocurrency-tech-sec-fraud-extremist
Extremist-friendly tech company closes after fine for securities fraud
Experts say LBRY’s failure casts shadow on future of other ‘alt-tech’ sites as Twitter becomes more receptive to far rightJason Wilson (The Guardian)
This week #deepfake shenanigans strike users of troubled crypto firm #FTX, the perils of charging your electric vehicle, and is Microsoft’s takeover of Activision good news for video game fanatics.
All this and much much more...
Find @smashingsecurity in your favourite #podcast app or listen to the latest episode at https://www.smashingsecurity.com/299
#cybersecurity #cryptocurrency
299: EV charging risks, FTX, and an ancient apocalypse
Deepfake shenanigans strike users of troubled crypto firm FTX, the perils of charging your electric vehicle, and is Microsoft's takeover of Activision good news for video game fanatics.Smashing Security
Who needs "money" like that, right? People invented banking, payment systems and other financial institutions for a reason. I swore I would never touch it.
Year 2022 came and brought War like one Horseman¹ of Apocalypse already hanging around wasn't enough.
- Most popular global payment systems blocked Russia which was bad enough itself but what was even worse it became almost impossible to pay for services which remained operational but had no other forms of payment.
- SWIFT bank transfers mostly stopped working and what remained became very expensive.
- Some foreign investment accounts were frozen. So much for investing in US shares. Poof.
- EU now forbids exporting euros to Russia and some countries (like Finland) can actually confiscate² cash on border.
- Local accounts in foreign currency are restricted by the government which means you can't withdraw cash from them in substantial amount.
- At the same time now they have negative interest rates so if you just leave them they will get depleted anyway. The only way is to convert them to rubles at shamelessly low rates.
- Ruble, local currency, has about four very different rates towards other currencies (depends where, how and in which direction you convert) and suffers from high inflation (which again is very different depending how you calculate but significant no matter what).
- Local government as well as just about everyone else tightened all kinds of financial regulations, restrictions and tracking.
- Looks like everyone declared cold war on cash. I have some money in 500 and 200 euro notes which apparently are next to impossible to use in EU now because are you drug dealer, gun runner or child trafficker as no one else has use for these notes? Locally it is a bit better but clearly not for long.
So here I am standing before you admitting I broke my oath. I still think crypto is crap. So is the current state of the world and I hate to say it but the future doesn't look much brighter. I thought these cryptoanarchists had distorted perspective - apparently not. It is not that their vision is dystopian - it is our world that becomes ugly mess fitting their expectations.
#BraveNewWorld #crypto #cryptocurrency #Russia #nowar
¹ - Pestilence of course. Although if you like the other interpretation where it is Conquest - it fits even better.
² - As I hear they don't formally confiscate euro cash on Finnish border but "take it to be returned later on the next visit" and don't really search for it but it happens.
Mais promis on va faire avec du renouvelable.... ☠️
https://www.presse-citron.net/le-minage-de-bitcoins-consomme-plus-delectricite-que-certains-grands-pays/
Having recently run across a couple people with avowedly left politics who support cryptocurrency I foresee a major public reckoning in the discourse. Personally I think crypto is ancap ideology in a very pure form (ie capital does whatever the hell it wants).
I'm no expert, though, feel free to prove me wrong!
An Ethereum contract I wrote has done over 100ETH (180,000 USD) of sales on #OpenSea in less than 24 hours
I don't get a cut of sales (the artists do!) but I was compensated fairly for my work in valuable digital cards 😀