[HN Gopher] Abuse and Harassment on the Blockchain
___________________________________________________________________
Abuse and Harassment on the Blockchain
Author : ilamont
Score : 58 points
Date : 2022-01-23 19:13 UTC (3 hours ago)
(HTM) web link (blog.mollywhite.net)
(TXT) w3m dump (blog.mollywhite.net)
| disruptalot wrote:
| The entire premise of the article is flawed. Blockchains aren't
| at all as "take it or leave it" as it's being portrayed as. In
| fact, the exact opposite compared to traditional web services.
|
| Yes you can send a token or NFT to anyone on the chain, yes as
| far as the data layer is concerned that is "immutable". That
| however does not prevent you as a user to forgo your
| access/freedom to an entity that knows best for you, just like we
| do everyday in traditional web services, social media, banking
| institutions etc.
|
| What does that look like? The underlying data layer (the
| blockchain) is public and open source. A "moderation" company can
| build their own middleware that filters data, throws out
| spam/harassment etc. Then, your node or wallet consumes and
| interacts with this middleware instead of the base layer. Now you
| have successfully incorporated abuse/harassment moderation
| without having to worry about the blockchain at all. If someone
| sends you something undesirable, you never see or interact with
| it.
|
| At the end of the day, blockchains give you *the option* to have
| your freedom, they do not force it upon you. The same can't be
| said about the traditional tech.
| epolanski wrote:
| So this is the modern narrative of "decentralization"? Just
| rely on trusted middlewares? What's the utility of the
| trustless blockchain behind it. Moreover, middleware or not,
| it's still on the chain and accessible to everyone.
| randomhodler84 wrote:
| It would be rad if Molly wrote about privacy cryptocurrencies
| like Monero and Zcash and how these can enable better protections
| for at risk folks.
|
| The argument that transparency can lead to coercion can be quite
| convincing -- privacy technologies can give power to victims.
| rideontime wrote:
| Monero and Zcash have been around for a while. Have they
| worked?
| notriddle wrote:
| Most "Bitcoin" transactions happen off-chain, at sites like
| Coinbase. And they're mostly price speculation.
|
| Monero and Zcash probably do more actual business than non-
| private chains do. It's all drugs and ransomeware, but it's
| actually being used as money.
| totony wrote:
| How would you know if they worked? By their virtue they are
| used for privacy
| syntheweave wrote:
| There's a very large unclaimed bounty for breaking Monero's
| privacy.
|
| And those two are the tip of the iceberg. Check out Dero for
| one that's doing smart contracts with homomorphic encryption.
|
| The future of privacy coins, based on these examples, is
| simply that they work, and will do so as long as the
| encryption mechanisms do. So we are presented with a question
| of which applications benefit from public vs private chains.
| X6S1x6Okd1st wrote:
| > Have they worked?
|
| By what metric?
| ilamont wrote:
| _If someone stores revenge porn or child sexual abuse material on
| a blockchain, it is there forever and cannot be removed._
|
| What, if any, solutions have been proposed for such situations?
| Have there been any lawsuits or proposed legislation to combat
| such crimes?
| lawn wrote:
| What if I told you that PI contains child porn?
| Syonyk wrote:
| I've heard this claim made for many years now about the
| Bitcoin blockchain data blocks, but usually in the sort of
| whispered tones in quiet backwaters places on the internet
| that deal substantially in half-truths, and that which never
| happened but always is, and such.
|
| As there are a _lot_ of people who are quite opposed to
| Bitcoin /PoW/blockchain/etc, I assume if it was true, someone
| would have come up with some indisputable, solid evidence for
| it, and it would make the tech news rounds for quite some
| time (there are enough anti-Bitcoin writers and commenters
| that such a thing would never die, and would be brought up
| with some links to the evidence in literally every article
| written about Bitcoin).
|
| As that's not happened, I remain inclined to treat it as
| rumors and "But if you use this OTP you can get the following
| out!" sort of trickery.
| edent wrote:
| Here are some messages which were stored in the Bitcoin
| blockchain http://www.righto.com/2014/02/ascii-bernanke-
| wikileaks-photo...
|
| There are JPGs, ASCII art, PDFs, religious messages,
| firmware keys, "illegal" prime numbers and all sorts.
|
| Is there anything worse than that? There are certainly some
| GPG encoded files in there. Perhaps someone is planning on
| shorting Bitcoin and is waiting to announce something so
| evil is stored that possession of the chain becomes a
| criminal offence is most countries.
| Syonyk wrote:
| I'm certainly aware non-transactional data is stored in
| the blockchain, I've linked a list of it elsewhere in
| this post.
|
| However, the specific claim of CP remains, as far as I'm
| aware, entirely hypothetical. And I'm at least not aware
| of any legal precedent that says the possession of random
| data, of which you don't have the keys, and don't have
| any reason to know the content of it, is illegal.
| mw888 wrote:
| Any blockchain which universally stores media _forever_ puts
| itself in the category "economically unfeasible
| /unsustainable." People pay for that storage and the large and
| distinct nature of media makes it easy to single out prune.
| Worst case scenario I replace that block with illegal media
| with its original block header and no data.
|
| The cost to sustain an illegal media attack such that
| consecutive blocks contain such data is unsustainable and far
| easier to ameliorate than a 51% attack. According to this $76k
| per gigabyte on Eth.
| https://ethereum.stackexchange.com/questions/872/what-is-the...
| Grimburger wrote:
| > Worst case scenario I replace that block with illegal media
| with its original block header and no data
|
| How do you alter a block without altering the headers of
| every other block afterwards? Unless you are capable of
| second pre-image attacks on modern cryptographic hashes
| that's simply not possible. What you have is a database, not
| a blockchain.
| breadbreadbread wrote:
| What I get from this is that all web3 promises are smoke and
| mirrors. ok your photos arent stored on the blockchain... the
| blockchain just stores your image URLS.... so then if there
| is still a traditional repository for content off the
| blockchain, you now have two points of failure instead of
| one.
| disruptalot wrote:
| I'm not aware of any instances of this but the solution is
| pretty simple. It's not dis similar at all to the current web.
| At the end of the day, any node that faces the public is a web
| server that is serving content, whether it's backed by a
| Blockchain or not. If it transmits a mentioned "illegal
| content" then it must cease to do so just like any other web
| server.
|
| What is the practical solution? Clean nodes. If such web server
| is in a jurisdiction of said illegal content, it must run a
| clean node that specifically filters such content to the web.
| This technology exists today, it's called "moderation", it's
| just that the backend is a MySQL database, not a blockchain.
| Gigachad wrote:
| You can't store the actual content on the chain. At least not
| bitcoin. You can only really store the hash of it.
| Syonyk wrote:
| Not really true - it's no longer affordable to do so, but
| there's all sorts of non-transactional content on the Bitcoin
| blockchain: https://cirosantilli.com/cool-data-embedded-in-
| the-bitcoin-b...
| taurusnoises wrote:
| snarkerson wrote:
| taurusnoises wrote:
| yob22 wrote:
| tmnvix wrote:
| > ...then you should be listening and not responding.
|
| I think this is a bit much. Considered responses - even
| critiques - should always be welcome.
| taurusnoises wrote:
| Not really. There are many (many) instances when critiques
| are not welcome. Tales of abuse (which this is one of them)
| is a prime example. Try to understand the situation for
| people who have been abused online. No one really needs your
| "critique."
| fleddr wrote:
| No one needs yours either.
| taurusnoises wrote:
| good one
| atypicaluser wrote:
| While I won't critique the article, I will critique this
| response: why bother being on a discussion board if you're not
| going to _discuss_ or if you 're going to _ban discussion_? You
| post to a discussion board, you risk discussion, even if
| contributors to the discussion don 't fit your idea of the
| model participant.
| taurusnoises wrote:
| No one is "banning" anyone. When people discuss abuse, your
| best move is to listen, get informed, listen and get
| informed. "Critique" is literally the least useful response.
| isx726552 wrote:
| > Apple apparently didn't put much thought into how its AirTag
| location tracking discs could be misused by stalkers and domestic
| abusers.
|
| I'd say this is not really accurate. Apple chose to put detection
| and warnings in place for when an AirTag is potentially moving
| with someone without their knowledge, and they had these in place
| from day 1. Sure, they could have done a better job (especially
| when it comes to other platforms like Android, which have taken
| time for Apple to get caught up on), but it's a stretch to say
| they didn't put thought into it. If anything, they could have
| kept much more quiet about it rather than put tools into place
| which help detect abuse, but also raise awareness and call
| attention to it. They made a choice, and the right one at that.
|
| Meanwhile there are plenty of electronic devices available which
| can be used for stalking purposes and can be bought very cheaply
| on Amazon (no, I won't link to any) and give no such warnings
| from any apps when they are unexpectedly traveling with someone.
| These are much cheaper and much harder to detect. If someone is
| genuinely concerned about such abuse of technology that should be
| equally called out along with Apple. Of course that might not get
| as much attention as going after a visible company like Apple,
| but it nevertheless deserves the same level of concern.
| xiphias2 wrote:
| So much text with so little content. Not talking about taproot
| upgrade, using discrete log contracts instead of hash time lock
| contracts, signature aggregation, half signature aggregation,
| coinjoin, and a lot of technologies that take many years of
| research and development to improve privacy.
| breadbreadbread wrote:
| personally i think its a problem that a technology that is
| supposed to be the "future" requires so much institutional
| knowledge to even begin to discuss privacy improvements. If you
| want go write your own article that explains these technologies
| to the average twitter user and see how long it ends up being.
| mnd999 wrote:
| If I store the decryption key to some blu-ray on chain,
| presumably that makes the chain illegal in the USA?
| overcast wrote:
| diabolical!
| pontifier wrote:
| Haha, made great use of the NEM Blockchain.
|
| Sent "f* __this_s*_ coin_to_the_ground" to everyone that had more
| than about $10 worth of NEM.
|
| It was highly satisfying to use their own network to message
| people about the dishonesty of the developers after they tried to
| censor me on every other platform.
| ardme wrote:
| It's a question of whether or not you believe freedom of speech
| is worth the risk somebody somewhere will say something you don't
| like. At one point people seemed to believe this worth the risk
| and freedom of speech was good. Now, little by little people are
| attacking this. Choose safety over freedom and you will be giving
| your freedom to someone you have no control over, but now they
| have the freedom to control you.
| tinalumfoil wrote:
| Banks and data harvesters are not good guys. The problem with
| blockchains is, unlike banks, they let people send abusive
| messages to me? Every time i wade through my Gmail spam folder I
| see dozens of sexually explicit messages. Every time I open my
| phone there's notifications I dont want that I never asked to
| receive from, among other things, my bank. I've had money taken
| out of my bank account, charged to my credit cards from services
| that couldn't take a, "No I don't remember subscribing to you and
| I don't want your services." I get physical mail for loans I
| don't need at rates, stated in misleading ways, that nobody
| should take. I didn't ask for these.
|
| I don't think blockchains accomplish what they're supposed to,
| but you're telling me the problem with them is they don't respect
| and privacy and allow people to send me unwanted messages?
| Compared to the status quo? What world do you live in?
| louwrentius wrote:
| To be frank, whataboutism like this reply is really detrimental
| to the quality of many discussions around any topic, but
| particularly when it is about crypto.
|
| Any and all criticism is deflected with "but look at x, they do
| y which is just the same. Well so what?
|
| Bad behavior within another system doesn't absolve the system
| under scrutiny from criticism.
| mw888 wrote:
| Not at all. Pretending that a new technology is somehow
| exposed to new problems not present in old technology is
| disingenuous and frames the overall problem narrowly. Take an
| example from the author: "anyone can airdrop nfts to someone
| and it will show up in their wallet for them to see before
| they know what it is." And? This is no different from getting
| emailed a similar picture, it's not hard to track where it
| came from if investigators are so inclined, unless privacy
| measures also available in web2 are used.
|
| The place this ends is not about crypto currency, if you
| really want to stop all "harm" on the internet you end up in
| a society where encryption is demonized. I wonder what abuse
| and harassment will be irrestistable to corporations and
| governments who completely deny you privacy or digital
| autonomy. And we are worried about problems that already
| exist with or without crypto? Give me a break.
| tinalumfoil wrote:
| The status quo the context new technologies get compared
| against. We don't live in a vacuum.
| boffinism wrote:
| In the article she specifically talks about how blockchains are
| a godsend _for data harvesters_. I think it 's disingenuous to
| pick out one of her criticisms, ignore the rest and say "that
| criticism by itself isn't as bad as the alternative".
| nemo1618 wrote:
| Weird to premise an article on the assertion that blockchain devs
| suffer from a lack of...adversarial thinking? "How will this
| technology be used to harass and abuse people?" is a question
| that security engineers ask every single day!
|
| > there is very little privacy available once your crypto wallet
| address is known, because every transaction is publicly visible,
| and attempts to obscure them often easily unobscured with chain
| analysis tools
|
| Any good crypto wallet will generate a distinct address for each
| transaction. (Granted, chain analysis could help correlate
| addresses, but doing so requires a vastly larger effort and
| success is not guaranteed.)
|
| > immutable social network content is horrifying given what
| people post themselves. Imagine if the cringy posts by a twelve-
| year-old were guaranteed to be available in perpetuity as soon as
| they were saved
|
| Once your data is on my machine, it is out of your hands forever.
| This is a fundamental principle, and the alternative is surely
| more dystopian. Norms must change to accommodate what is a
| technological fact; the reason they haven't changed yet is
| because most social technology is still centralized. But people
| already understand that you can't un-send an email, for example.
| Why should the rest of the internet be different?
| breadbreadbread wrote:
| For a technology that is supposedly comes from a privacy and
| security philosophy, blockchain evangelists and devs DO suffer
| from a lack of adversarial thinking. It has cornered the market
| in fraud and manipulation, just look at all of the pump and
| dump and phishing scams that are perfectly tailored to its
| design.
|
| Blockchain is built from the ground up to prevent exactly one
| type of security vulnerability: man in the middle attacks. It
| is absolutely abysmal at protecting against any other form of
| attack. Anything that involves, say: social engineering, is
| fair game. After all it is YOUR fault if YOU leak personal
| information that can be used to destroy YOUR life. If that ends
| up in the blockchain its not MY fault, I cant do anything...
| what do you want me to do? change it? punish someone? oops
| sorry I cant!
|
| Ultimately this form of thinking is the logical conclusion of
| "personal responsibility" arguments. Why criticize the system
| when you can instead pretend the problem is the individual?
| Crypto doesnt have philosophical issues, you are using the
| wrong wallet. It isnt MY fault that someone made an NFT
| containing your home address and bitcoin wallet ID, YOU trusted
| your information with the wrong service.
|
| The ultimate scapegoat is blaming the end-user. At some point
| you need to take the L and at least admit these are oversights.
| Blockchain tech has been around for over a decade and it's had
| plenty of time to solve these problems but instead it has dug
| its heels in and said "no all of this is by design and good
| actually"
| KarlKemp wrote:
| > Once your data is on my machine, it is out of your hands
| forever.
|
| The world isn't quite that apodictic. While the worst case may
| not change, its likelihood can. Information has always had a
| half-life that people had a general idea of, and that they
| considered in their decision-making. An effort specifically
| aimed at creating immutable, perpetual records will hurt both
| the people who fail to adjust, who will more likely see
| damaging old stuff coming up than expected, as well as the
| people who _do_ change their habits, who are forced to restrict
| their openness and thereby lose whatever utility they used to
| derive from the previous, more liberal ability to share
| content.
|
| The mechanism is identical to a change from traffic laws being
| enforced by cops, where some slack in the system was
| unavoidable, expected, and sometimes compensated for with
| higher fines (where the risk of being caught is too low), to
| some automated system where every single traffic violation is
| recorded and fined.
| baggy_trough wrote:
| edent wrote:
| For those that don't get how unwanted financial messages can be a
| problem, here's a thread from last year about blocking incoming
| transactions to UK bank accounts.
| https://www.reddit.com/r/UKPersonalFinance/comments/kkgrsj/c...
|
| It's somewhat common in the UK for people to send each other a
| couple of pennies, along with a short message, via banking apps.
| Some banks will block senders on request. As banks have to
| perform KYC checks, it's also possible to report people for
| harassment to the police.
|
| I'm not sure how unregulated cryptocoins can do that. I'm sure
| you can tell a wallet to ignore any transactions from a specific
| address - but there's no way to prevent those transactions
| actually being committed to the chain.
___________________________________________________________________
(page generated 2022-01-23 23:00 UTC)