The Three Greatest Scams in History

ExpressVNPred-ball-and-cups-scam

Long before the internet, people cheated each other in more and less creative ways. Three particularly imaginative scammers managed to sell the Eiffel Tower (twice), ruin an entire economy, and convince people to simply hand them free stuff.

Here are our three most favorite scam stories:

3. William Thompson convinced everyone to trust him with stuff

William Thompson lived in the mid-19th century in New York City and was likely the first person to become widely known as a “confidence man”—a type of swindler that became hugely popular in the buzzing metropoles of the late industrial revolution.

As a “confidence man,” Thompson would exploit the naivete of people he met in the streets, bars, or events with a type of social engineering scheme dubbed a “confidence trick.”

Thompson would walk up to people in a friendly way, greet them and give the impression the two had met before. After gaining the trust of a stranger, Thompson would simply ask:

“Have you confidence in me to trust me with your watch until tomorrow?”

Unbelievably, this worked. Thompson managed to repeat the trick on various people before authorities caught up with him.

Somehow, the “you can trust me, give me your watch” trick became so popular it inspired a whole generation of confidence artists. One woman, Bertha Heyman, even continued to find victims while locked up in jail. Bertha’s scheme was more elaborate than Thompson’s and quite similar to today’s “419 Fraud” (the Nigerian Letter Scam). Heyman would claim to have lost access to her enormous fortune, and needed a bit of financial help to get it back.

2. Victor Lustig sold the Eiffel Tower, Twice

The Eiffel Tower was constructed for the 1889 World Fair, coinciding with the 100-year anniversary of the French Revolution. At the time, it was the tallest structure built by humans and kept that title for 41 years (until the Chrysler Building in New York surpassed it).

In 1925, when Victor Lustig was 35 years old, he learned how expensive the tower had become to maintain. He subsequently came up with the idea to sell the Eiffel Tower to a scrap metal dealer.

Lustig found the most gullible scrap metal dealer he could to give a quote and even managed to have a sizeable bribe added for good measure. He got away with it, too—the scrap metal dealer was so ashamed to be tricked that he didn’t go to the police.

After the scam, Lustig moved to Vienna in a train with suitcases full of cash. He considered the fraud so successful that he moved back to Paris the next month to do it again with another separate scrap metal dealer. Although he did not succeed a second time, he was still able to evade arrest.

In the United States, George C. Parker carried out a similar con when he sold the Brooklyn Bridge. Several times. Police had to repeatedly remove barricades of buyers who attempted to set up toll booths.

In India, a man named Natwarlal became famous for having sold the Taj Mahal, the Red Fort, and the Parliament House. He was last seen in 1996 at the age of 86 and is thought to have died in freedom sometime between 1996 and 2009.

1. Alves dos Reis printed himself real money

Alves dos Reis was born in Lisbon in 1896. And when he was 28 years, old he printed himself so much money that he caused an economic crisis that led to a nationalist military coup d’etat.

Reis forged a contract with the Bank of Portugal that authorized him to print a new set of banknotes and approached the company that previously printed Bank of Portugal notes, Waterlow and Sons, to make all the new cash.

As the printers used legit, original plates to print the banknotes, the forgeries were perfect.

Reis had 200,000 bank notes printed, worth almost 1% of Portugal’s entire GDP, comparable to publishing about US$2 billion in currency today. At one point, nearly half of 500 Escudos note was fake.

In fact, Reis had so much money, the businesses, real estate, and luxury goods he bought created a boom in the economy.

Reis used a bank he acquired in Angola, a Portuguese colony at the time, to launder the money before, brilliantly, he attempted to buy himself a stake in the Bank of Portugal to retroactively approve his unauthorized notes.

Eventually, Reis was found out by journalists of O Século, a newspaper owned by tycoon Alfredo de Silva who saw Reis as a competitor.

The extent of Reis’ conspiracy was so large that few believed it could have been carried out by a single person. The government and the courts suspected that not only corrupt employees of the National Bank could have helped Reis, but that he also had support from the German government in an attempt to take over control of Angola.

Reis received a 20-year prison sentence, of which he only served 15. He died of a heart attack in 1955.

Does crime pay?

The most famous scammers were mostly unable to enjoy their fortunes. Many went to jail, were shot by their former victims, and some even fell for other scammers in their greed—and the conviction they were the smartest people alive.

Keep your eyes open for scams and stay careful on the interwebs!

ExpressVNP

Meet Federico Tenga: The guy who teaches North Koreans about Bitcoin

ExpressVNPNorth Korea and Bitcoin

Despite being the most hermetic country on Earth, North Korea is certainly no stranger to cyberspace—in both its uses and abuses. Despite a tiny local internet user base and just a few dozen local websites, cybercrime in the Democratic People’s Republic of Korea (DPRK) is estimated to be a multi-billion dollar industry.

Bitcoin, in particular, has undoubtedly caught the attention of the North Korean regime. According to FireEye, the DPRK is specifically interested in stealing Bitcoin and other virtual currencies to not only evade sanctions but also to obtain hard currencies to fund the regime.

It was no surprise, then, that Pyongyang University of Science and Technology (PUST) invited Federico Tenga, an avid Bitcoiner, and co-founder of Chainside, to teach their Computer Science and Finance students about Bitcoin.

ExpressVNP spoke with Federico to delve into the details of the course he taught in Pyongyang.

Ciao Federico! Could you tell us a bit about yourself?

I consider myself to be a “Bitcoiner”—I got interested in 2011, and from there I’ve worked towards eventually co-founding a Bitcoin company, in 2016. We work on products and services that help businesses and companies interact with Bitcoin.

“It’s one of the only places which feels fundamentally different from the rest of the world…”

I’d also consider myself to be a Libertarian, so visiting a country so controlled by the government like North Korea was particularly intriguing to me. It’s one of the only places which feels fundamentally different from the rest of the world because they aren’t as connected to it.

So I was interested to see if I could merge the two things—my passion for Bitcoin and my curiosity about North Korea, which I was actually able to do by teaching North Korean students what Bitcoin was.

How did you get in touch with the university?

I managed to get in touch with PUST by email in 2016. They were very interested in the subject, and I was initially going to tag Bitcoin and blockchain technology at the end of a generic finance course at the university.

But when we finally got around to arranging it they already had a finance professor, so I ended up focusing on the Blockchain and Bitcoin because they really wanted their students to be exposed to the innovations of the outside world. For them living in a country that’s still very closed-off, the professors and faculty members really wanted to give something more to their students.

Did you need to do much persuading to get the university interested in Bitcoin?

Not at all. Right from the very beginning, the university was keenly interested in “blockchain technology”—to which I had to tell them that there was no such thing as blockchain technology without tokens, but they were quite ok with it.

Even when we lost contact after the conference, they still got back to me after a year to ask about me teaching at PUST, so there was certainly a sustained interest.

What were the students like? Were they easy to teach? Did they know a lot about how computers and the internet work? And how was their English?

They speak English very well. Not all of them are super fluent, but the language was not an issue.

As Computer Science students they definitely came to the class with a bit of background knowledge, and they’re pretty good programmers, but since they don’t have much access to the outside world they obviously haven’t experienced the same internet that a European Computer Science student has experienced.

As for teaching Bitcoin, it isn’t as complicated as it seems when the topic is broken down into little pieces. I simply divided it into four parts: i) how do digital signatures work, ii) what is proof of work, iii) how does the blockchain work, and iv) how to coordinate against double spending. After breaking it down, it’s not too difficult to grasp the concepts.

Was there one part of the course that you found the students were most interested in?

I’d say there were a few moments where I caught their attention. They were interested in mining—when I did a simulation of manual bitcoin mining and showed them that they’d have to try many many times, they were curious about whether they had to do it manually as surely it could be done automatically?

When I showed them pictures of Bitcoin mining farms, they were like “Wow, this is so cool!” While it did get a little technical at times and it was a mandatory course, Bitcoin is an inherently interesting concept that people can easily get passionate about so by if explained well enough.

Students also asked about how Bitcoin could be used as a medium of exchange if the price was not fixed, which is valid criticism since price volatility and Bitcoin’s deflationary nature could jeopardize the success of Bitcoin as a widely used medium of exchange.

Bitcoin can be a politically sensitive subject, was it problematic talking about things like censorship resistance?

Well, it depends on how you approach it. Bitcoin lets you do stuff that your government doesn’t want you to do, and that may be a complicated topic in the DPRK. But if you frame censorship resistance as a method of performing transactions and accessing advanced financial services without having to ask permission from foreign banks they’re obviously more interested.

“As a completely socialist country, money is not the primary motivator—duty to country is.”

When I was teaching them, clearly I couldn’t say “Yeah you could use this stuff to go on the black market and have access to stuff that you wouldn’t otherwise have.” I instead focused on how they’d be able to use it after they graduate. As a completely socialist country, money is not the primary motivator—duty to country is.

There’s this feeling that a North Korean’s only motivation is to work for their country. By using Bitcoin, you can help regain some agency over your country’s finances, i.e., handle Bitcoin for the state. The contrast to the rest of the world is incredibly stark once you consider that Bitcoin outside of North Korea is used on an individual level because its users don’t trust their governments or financial institutions to handle their finances.

What’s the number one thing that you’d hope students get out of your course?

I really wanted to get them to understand how Bitcoin works and why it is important. Of course, there were exams at the end, and I wanted them to do well in those, but more so I wanted them to understand why we need this complicated system to solve these problems, why it was built in the first place, and how can one have censorship resistance and permissionless finance.

The last thing I wanted to cover was why the Bitcoin token is so valuable and how you can use it to optimise your financial portfolio. If for instance, you mixed bitcoin with other assets it can improve the preference of your portfolio since Bitcoin is not very correlated with other assets. Even if you’re not using Bitcoin to store value, you can still use it as a way to optimize your portfolio.

What surprised you when you went to North Korea?

One thing that really surprised me was that I had greater access to the internet than I did in China. When I transferred from Beijing, I had to use a VPN to access the internet, so it was pretty funny to land in Pyongyang and have freer access to the internet, although of course, such access to Wi-Fi is only available to a few people. I was also surprised that the students had some exposure to the outside world too—there were quite a few football fans who watched European football.

Wow! Who do they cheer for?

Yeah! I was quite disappointed because they were supporting teams like Barcelona and Real Madrid and I root for Juventus.

What a fascinating insight into North Korea and Bitcoin. Thank you for talking to us, Federico!

Follow Federico to his next adventure on Twitter!

Also published on Medium.

ExpressVNP

Five myths that the NSA wants you to believe about FISA 702

ExpressVNPSurveillance binoculars with American flags

UPDATE: January 19, 2018

On January 18, the Senate officially voted to reauthorize FISA Section 702 in a 65-34 vote. The President will almost certainly sign the bill, and the program that has enabled the U.S. government to surveil U.S. and non-U.S. citizens alike will remain as invasive as it ever has been, if not more so.

The bill, which has allowed surveillance programs like PRISM and Upstream to flourish, rejected an amendment that intended to provide oversight or transparency to it, retaining its ability to search the communications of Americans without a warrant and without being held accountable.

You should be made aware, if not already, that your innocence does not exclude you from having your emails, text messages, online activity, and other sensitive data swept up in mass surveillance as a result of the unchecked power this bill gives.

You can still take steps to protect your digital rights and privacy by using encryption to shield your internet activity, including by using messaging apps with end-to-end encryption like WhatsApp or Signal, a VPN with strong encryption, and installing the EFF’s HTTPS Everywhere browser extension.

***

One of the U.S. government’s most invasive pieces of privacy legislation is due for reauthorization before it expires on December 31, 2017.

What is FISA Section 702?

Section 702 of the Foreign Intelligence Surveillance Act (FISA), passed in 2008, enabled the NSA to conduct mass surveillance programs like PRISM and Upstream to collect unprecedented amounts of data from both U.S. and non-U.S. citizens.

Such surveillance was only brought to light when Edward Snowden blew the whistle on the NSA back in 2013.

The Foreign Intelligence Surveillance Act’s (FISA) Section 702, passed in 2008, enabled mass surveillance programs like PRISM and Upstream to collect unprecedented amounts of data from both U.S. and non-U.S. citizens.

FISA Section 702 is supposed to enable the collection of the content of electronic communications from non-U.S. persons (citizens or green card holders) located outside the U.S., as long as one “significant purpose” of this collection is to obtain “foreign intelligence information.” But the law gives plenty of room for the NSA to collect information on its own citizens and their communications, which undermines the U.S. Constitution’s Fourth Amendment right to not be subject to surveillance without a warrant backed by probable cause.

Now members of Congress are seeking to reauthorize Section 702, and without any significant changes to it, despite attempts to correct the most controversial parts of the bill.

ExpressVNP vehemently opposes Section 702’s renewal. Stand with us against this draconian mass surveillance program: Sign our petition to tell Congress to end the mass, warrantless surveillance enabled by FISA Section 702.

The U.S. government has tried to muddy the waters about Section 702’s surveillance reach, so we at ExpressVNP took it upon ourselves to look at the five biggest myths they’re trying to convince you of, and what uglier truths lie behind them.

Sign ExpressVNP’s 702 petition

1. Section 702 cannot be used to target Americans for surveillance intentionally

While technically correct—the government can’t intentionally target American citizens—the NSA can still collect data on conversations between targeted foreigners and American individuals. Intentions are therefore irrelevant as surveillance will include American individuals.

2. If FISA 702-enabled surveillance collects any American’s communications, it’s accidental

Nope, not an accident. The Director of National Intelligence James Clapper makes a point in this letter in June 2015 that the intelligence community needs to collect such communications to “understand the motivations and plans of individuals in contact with terrorist groups,” even citing homegrown terrorism as a reason why they must collect both.

In knowingly and deliberately collecting the information of U.S. persons, the government is clearly circumventing their citizens’ constitutional Fourth Amendment rights under Section 702.

3. Agencies can’t perform warrantless back-door searches on U.S. persons with Section 702

They can. The FBI and other agencies can ask for information on an American citizen whose comms have been collected “accidentally” through 702 without a warrant. Section 702 leapfrogs over the Fourth Amendment where a warrant or court order is needed to access a U.S. person’s communications.

As the primary target is a non-U.S. persons’ communications, there is a loophole whereby agencies can ask for a U.S. citizen’s communications without a warrant. The information can then be used to investigate and prosecute Americans for charges that don’t even link to terrorism. Which leads us to our next point…

4. FISA 702 surveillance specifically targets suspected terrorists only

False. The only definition is that targets don’t come from or live in the U.S., and a “significant purpose” (not necessarily the sole or principal purpose) of the surveillance is to obtain “foreign intelligence information.” “Foreign intelligence” is defined by Section 702 to include purposes beyond terrorism, such as journalists or activists blowing the whistle on America’s domestic and foreign affairs.

5. If the NSA tries to abuse its power, the FISA Court can hold them accountable

Not really. The role the FISA Court plays is laughably limited. For one thing, the government doesn’t have to obtain surveillance orders in court.

The court does have “targeting procedures” to make sure that targets are “reasonably believed” to be outside the U.S. and “minimization” procedures are adopted to, well, minimize the amount of information collected about U.S. persons. But the government isn’t required to go to the FISA court to obtain surveillance orders.

Instead, the court just approves procedures by checking to see whether they’re consistent with the Constitution’s Fourth Amendment. After approval, the court no longer has any authority over or visibility into whether the government remains compliant with these procedures for that target’s case.

The truth about FISA 702

FISA Section 702’s reauthorization at the end of this year will reinforce the U.S. government’s mass surveillance programs, which not only collects communications en masse but also enables the warrantless surveillance of U.S. citizens, bypassing the U.S. Constitution’s Fourth Amendment right.

We at ExpressVNP believe that the renewal of FISA Section 702 not only our fundamental right to privacy but also our rights enshrined in the U.S. Constitution, including our First Amendment right to freedom of speech and our Fourth Amendment right to be secure against warrantless search and seizures.

Don’t want your rights taken away? Tell Congress to end mass, warrantless surveillance enabled by FISA Section 702. Sign the petition, and tell your representative not to vote for its renewal.

Also published on Medium.

ExpressVNP

Zero-knowledge proofs explained: Part 1

ExpressVNPWhat is zero-knowledge proof?

Zero-knowledge proofs explained Part 2: Non-interactive zero-knowledge proofs

Cryptography mostly concerns itself with secure communications and includes hiding information from adversaries and authentication of individuals.

Hashes, asymmetric encryption, and symmetric encryption are often used together to allow for secure communications. In popular cryptographic systems, like PGP, OTR, and VPNs, different algorithms are often used together, including:

  • Hash functions that allow us to identify files, text, and keys conveniently
  • Asymmetric encryption functions to securely exchange encryption keys over insecure channels
  • Symmetric encryption functions to efficiently encrypt large amounts of data
  • Key exchange functions to securely negotiate encryption keys over insecure channels

Zero-knowledge proofs are encryption schemes used to prove that you know something without revealing what it is. For example, you can show without a doubt that you know the answer to a puzzle without actually disclosing the solution.

Zero-knowledge proofs are still relatively new and have only found a common use-case recently in cryptocurrencies.

Interactive zero-knowledge proofs

Interactive zero-knowledge proofs require interaction between the individual (or computer system) proving their knowledge and the individual validating the proof.

The system creates one additional interesting characteristic for a zero-knowledge proof: Not only are you proving you know something without disclosing what you know, but you are also just revealing it to the individual with which you interact. Somebody who merely observes you will not be able to verify your claim.

Though this is good for additional privacy, it can also come with considerable extra effort and cost when trying to prove something to multiple individuals.

How zero-knowledge proofs work

The situation:

Imagine an odorless, tasteless, and colorless poisonous liquid that looks and feels exactly like water. What if someone places this glass next to an identical glass full of water? You have no way of distinguishing the two liquids from each other. Indeed, you may not even know they are different from each other.

The claim:

Somebody claims they have an extraordinary vision that allows them to tell the two glasses apart. They do not want to tell you which is which, though. How can you verify their claim without finding out which glass is poison, and which is water?

The proof:

You (the verifier) blindfold the person that claims to tell the two glasses apart (the prover) and randomly decide to switch the glasses or not. After the removing the blindfold, you ask the prover if the glasses have changed position.

If they really can easily tell the two liquids apart, they will be able to tell you if they have switched places. Otherwise, they will be wrong with a 50% chance.

If you then repeat the experiment, the prover(if they are only guessing) will be wrong with a cumulative 75% chance.

After repeating the test 10 times, if the prover is correct each time, there is already a 99.9% chance they did not guess, and it’s likely that they do indeed have a way to distinguish the two glasses. After repeating the test n times:

1 – 0.5^n *100%

Of course, our example here has a few practical weaknesses. They could be security cameras or motion sensors installed, but in the abstract world of mathematics, we can be sure.

Why zero-knowledge proofs work

You, the verifier, can now be convinced with 99.9% certainty that the other person really does have a way of identifying the glasses, though you still don’t know which glass is full of poison, and which one is full of water.

Somebody who observed you and the prover, however, is not convinced. In theory, the verifier and the prover could have colluded with each other and put on a show with predetermined moves.

Also published on Medium.

ExpressVNP

An interview with Mark Burdon on the sensor society phenomenon

ExpressVNPAn interview with Mark Burdon on the sensor society

Our devices, as convenient as they may be, are getting creepily good at collecting data. Phones, cars, and even carpets are packed full of sensors that can detect and record day-to-day activities without your knowledge.

Since 2012 the world generates 2.5 billion gigabytes of data daily. Dr. Mark Burdon, a senior lecturer at the University of Queensland’s TC Beirne School of Law, argues that this number will balloon as we head towards a ‘sensor society.’

ExpressVNP’s Jamie spoke with Dr. Burdon to learn more about the sensor society phenomenon—a term he and his colleague coined back in 2014.

1. Thank you for speaking with us, Dr. Burdon. Firstly, may we ask what the sensor society is?

Mark Andrejevic and I developed the concept of the sensor society as a way of thinking through the consequences of ubiquitous connectivity. The sensor society warns of a world in which our everyday devices generate, detect and collect information about our activities, about our environments and entire societies. This, of course, is a world in which our notions of privacy and surveillance are fundamentally challenged, and we thus have to think about the consequences of ever-present personal data collection in a different way.

2. How do these sensors work and where could we come across them?

A sensor is a device that measures or detects something and translates this measurement or detection into a signal. For example, a keystroke monitoring system on a computer that can record the unique speed and pattern of an individual’s typing style. Or a web browser that can capture and record someone’s Internet search habits. The importance of the sensor society is that it highlights that sensorised data collection is becoming an increasingly commonplace facet of our everyday life.

“…you may be surprised to know that the average smartphone now has up to a dozen sensors packed inside it.”

One of the key targets of sensor development is the smartphone, and you may be surprised to know that the average smartphone now has up to a dozen sensors packed inside it. Proximity sensors work out how close the phone to your face so the screen can be deactivated, thus *** sure that you won’t press a button by mistake. The accelerometer senses when you are holding the phone up or down and thus allows the phone’s interface to seamlessly glide from portrait to landscape at the flick of a wrist.

Other sensors detect light, movement, and moisture. All of these sensors collect data about the phone’s use but can also be analysed in different ways to learn more about the phone user’s use of the phone which can then be inferred to broader characteristics about their personality and their life.

3. What are the implications if sensors completely permeate society?

Well, it’s not necessarily just about the complete permeation of sensors. Rather, the greater implications regard the emergence of pervasive and always on forms of data collection. The relationship between sensors, the data they produce, and ourselves is important to understand.

“Sensors do not rely on direct and conscious registration on the part of those being monitored.”

For example, sensors don’t watch and listen. Rather, they detect and record. So sensors do not rely on direct and conscious registration on the part of those being monitored. In fact, the opposite is the case. We need to be passive and unaware of the sensing capabilities of our devices for the sensors to be an effective measurer of our activity and our environments.

Our relationship with our devices as sensors is consequently a loaded one. We actively interact with our devices, but we need to be passively unaware of the sensors within our devices. The societal implications are significant—it could mean that everything we do is collected, recorded and analysed without us consciously being aware that such activities are taking place because collection is so embedded in daily life.

4. Is the sensor society an inevitable consequence of our quest to connect everyone to everything and everyone else, or is there a way to apply the brakes?

The undisputable fact is that more devices mean more data. And we start to see this spiralling effect which is leading to the quest to connect, and thus collect, data about everything. The connected quest consequently links the sensor to the data that is generated. And it’s at this point where the ever-increasing trove of sensor-generated data has to be subjected to the processes of predictive analytics and the search for new insight.

Thus, new and unexpected understanding is, therefore, the ultimate goal of sensor-generated collection and that requires a certain data collection logic. You have to collect everything because when you search for the unexpected, every piece of data may be relevant. Everything, therefore, needs to be collected, recorded and kept forever because even irrelevant data may become relevant at some point in the future.

Is there a way to apply the brakes and slow down or stop this spiralling effect? That’s the role of information privacy or data protection laws which prohibit speculative forms of personal data collection and require collecting organisations to meet certain conditions—namely, to have a business purpose for collection, to notify individuals about why personal data is collected and how it will be used, to only use personal data for the purpose it was collected, and to destroy or de-identify personal data when it is no longer needed.

So there is a break, but we are not sure, at this point, how effective that brake is at slowing down the spiral of pervasive collections of personal data that the sensor society is warning about.

5. How would you recommend someone learn more about the impact of living in a sensor society?

Look at your everyday devices in a different way. Behind the device and the sensor are vast and imperceptible, invisible infrastructures. Infrastructures of collection enable the explosion of collectible data and infrastructures of prediction enable understanding and thus give purpose to sensors. Otherwise, sensor-generated data without an analytical framework to understand it is just a mountain of unintelligible data.

“When you’re at home with your devices, realize that you are not alone and just think about those invisible infrastructures that are also present with you.”

The sensor society, therefore, redirects us towards the hidden technological processes that make data collection capture, storage, and processing possible. This, in turn, highlights the importance of understanding relations of ownership and control of sensors and the infrastructures in which sensors operate. So when you’re at home with your devices, realize that you are not alone and just think about those invisible infrastructures that are also present with you. Then question to ask then is: What data is being collected, by whom and for what purpose?

6. Finally, what’s a good cyber security practice that we can all start doing right away?

Ask yourself the question: Do I really need to have a device that connects my fish tank or my toaster or my child’s toy or my light bulb, etc. etc. with my Wi-Fi or smartphone? Be aware of what you bring into the home and the risks of doing so. The best cybersecurity practice in that sense is to mitigate the risk before it emerges.

Thank you, Dr. Burdon!

More ExpressVNP interviews can be found here.

Also published on Medium.

ExpressVNP

3 cryptocurrencies that care about your privacy

ExpressVNPAltcoins that care about your privacy

Bitcoin is not perfectly anonymous.

While it’s true that you don’t have to connect your real name or phone number to a Bitcoin transaction, there are multiple ways to de-anonymize your account.

Every cryptocurrency has some form of blockchain which stores all transactions that ever occurred on its system for eternity. Anybody can download this blockchain and see this history, analyze it and copy it.

The trail of each Bitcoin, for example, may reveal its owners and the ultimate beneficiaries of the money. Most privacy-focused altcoin blockchains change Bitcoin’s cryptographic signatures into techniques to make this trail more obscure.

Unhappy with Bitcoin’s lack of privacy, a bunch of cryptographers and programmers set out to create alternative cryptocurrencies (or altcoins), that provide stronger privacy protections and make it much more difficult to track your funds, find out how much you own, or what payments you make.

3 altcoins that put your privacy first:

Monero

Main feature: Ring signatures
Created: April 2014 under the name BitMonero
Moniker: XMR
Total market capitalization: US$1.3 billion
Downside: Large size (kB) of transactions
Transactions per day: ~4,000
Total Blocksize: 29.2 GB

Privacy feature: Ring signatures

Monero has implemented the concept of ring signatures. A ring signature proves that someone in a group of people signed something, but it does not reveal who.

Imagine you are standing in front of ten lockers, each of which has an unknown number of coins inside. You can now prove that you have the key to one of these lockers, but you do not have to show which one.

Only during a transaction would you unlock and transfer the coins to somebody else and just you and they will know how many coins you transferred.

Criticism:

Monero receives criticism as it is difficult to use, especially for newcomers. Their development focuses on the core architecture of the coin rather than building wallets or *** integrations. For a long time, the only way to interact with the Monero wallet was through a command-line interface.

Ring signatures are also very expensive and the computation time for verification is relatively long. The signatures require a lot of data (a single standard transaction can be larger than 15kB, as compared to 260 bytes in Bitcoin). Of course, the data also needs to be transferred and stored, which makes blockchains with ring signatures challenging to scale upwards.

Dash

Main feature: Coinjoin
Created: January 2014 under the name Darkcoin
Moniker: DASH
Total market capitalization: US$2 billion
Downside: Makes unproven assumptions about privacy and security
Transactions per day: ~5,000
Total Blocksize: 4GB

Privacy feature: Coinjoin

Dash uses the Coinjoin mechanism (which is also available for Bitcoin) multiple users tie their transactions into one, *** it difficult for an observer to see which inputs belong to which outputs (see the graphic above). It is still, however, possible to ascertain which address has how much funds in it.

Criticism:

Critics accuse Dash of running like a professional company, rather than a decentralized team. The fear is that attackers of the project, for example, governments, only have to compromise a single organization to undermine the cryptocurrency. As Dash focus more on marketing than developing the coin, it might also push security priorities behind. For example, the last commit to their Github repository was over half a year ago.

The Coinjoin mechanism receives criticism for being an insufficient privacy solution that, if properly implemented, would not need a new blockchain. The main advantage of Dash over Bitcoin’s Coinjoin is that everyone in Dash is required to use it, which means users don’t stick out that much for valuing their privacy.

There are also concerns though that an incorrect implementation of Coinjoin might still open up users to deanonymization, as the graphic below illustrates.

Make Bitcoin anonymous with Joinmarket.

ZCash

Main feature: Zero-knowledge proofs
Created: October 2016
Moniker: ZEC
Total market capitalization: US$600 million
Downside: Few use the Zero-knowledge Proofs
Transactions per day: ~5,000 (~12 of which using full privacy features)
Total Blocksize: 7.7 GB

Privacy feature: Zero-knowledge proofs

The concept of a zero-knowledge proof is to show you know the solution to a problem without revealing the solution.

Imagine having two coins in front of you, one yours and one owned by somebody else. Zero-knowledge proofs allow you to show without a doubt that you own one of the coins, without revealing which one it is. By using this feature, you can prove that you have coins, but not which coins you own—nobody can see how many coins you have, even if they know your address.

Criticism:

The cypherpunk scene criticizes ZCash for being a company, rather than a decentralized group of people. ZCash raised money from Venture Capital firms, and 20% of the ZCash mining reward goes back to these early investors.

The integrity of zero-knowledge proofs depends on an initial key creation ceremony, in which an encryption key is created and later destroyed.Trusting ZCash means trusting this ceremony since anybody in possession of this key could arbitrarily develop ZCash out of nowhere.

Similar to ring signatures, zero-knowledge proofs consume a lot of processing power and bandwidth and threaten the scalability of the project. Unlike in Monero, ZCash has made the use of zero-knowledge proofs optional, and less than 1% of all transactions use them, which makes it hard to use ZCash as an anonymous payment vehicle.

Could Bitcoin implement ring signatures and zero-knowledge proofs for more privacy?

While it would be feasible to implement ring signatures and zero-knowledge in Bitcoin, it’s highly unlikely that it will ever happen due to the reluctance of the Bitcoin ecosystem to make significant and risky changes and the poor scalability of these cryptographic techniques.

While Coinjoin transactions are possible in Bitcoin already, they are sparingly used, *** them less useful as a privacy cloak.

There are plenty of ideas on how to make Bitcoin more anonymous, including the Lightning Network, Schnorr Signatures, and more esoteric concepts like Mimblewimble.

Data collected from Bitinfocharts and Coinmarketcap.

Also published on Medium.

ExpressVNP