The Importance of Privacy on Public Blockchains: without it, we are headed for Hacker Hell
I originally posted this as a comment on @lukestokes page about downvoting but this should have a larger audience.
I think we've got a bigger problem in the long run. We're making upvotes and downvotes based upon publicly available wallet information which I think is a really bad idea. Should we be posting reward amounts publicly? I don't think so. It's one of the reasons why I haven't bought more Steem because I worry about privacy (the lack thereof) and what kind of target I'm painting on my back.
I'm already facing constant threats from hackers (I assume it's because I've been running a software business since the dawn of the internet and I've accepted crypto at my business)... Here's a typical email that I get nearly on a daily basis...
Hello!
I'm a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.
This is your password from [redacted] on moment of hack: [redacted]
Of course you can will change it, or already changed it.
But it doesn't matter, my malware updated it every time.
Do not try to contact me or find me, it is impossible, since I sent you an email from your account.
Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.
You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.
I am in shock of your fantasies! I've never seen anything like this!
So, when you had fun on piquant sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.
There will be laughter when I send these photos to your contacts!
BUT I'm sure you don't want it.
Therefore, I expect payment from you for my silence.
I think $869 is an acceptable price for it!
Pay with Bitcoin.
My BTC wallet: 1JTtwbvmM7ymByxPYCByVYCwasjH49J3Vj
If you do not know how to do this - enter into Google "how to transfer money to a bitcoin wallet". It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.
My Trojan have auto alert, after this email is read, I will be know it!
I give you 2 days (48 hours) to make a payment.
If this does not happen - all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)
Do not be silly!
Police or friends won't help you for sure ...
p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.
I hope for your prudence.
Farewell.
The above email demonstrates that this spammer / hacker is an amateur. However it's interesting to see how many fools fell for this:
https://www.blockchain.com/btc/address/1JTtwbvmM7ymByxPYCByVYCwasjH49J3Vj
Obviously a professional hacker would have just taken the funds and not asked. They would have seen the keys for themselves and wiped out my holdings (a bit difficult for the funds I hold on hardware wallets). If they were targeting me specifically, they should have set aside a unique wallet address to see the success or failure of their extortion attempt. But we shouldn't be careless about security and unfortunately Steem keys are not much more secure than a hot wallet.
We really should be adopting an attitude similar to the Monero crowd about wallet privacy. It can and will get a lot worse when national fiat crumbles and crypto's are worth a couple of orders of magnitude more than they are now. It's bound to happen.
We really need to rethink privacy on Steem and all other public blockchains. It will be the difference between living in a digital panopticon and having freedom and security. If we continue down this path, we will eventually be reading about stories of Steemians who've been kidnapped and extorted, hung, decapitated, etc because of this foolishness.
Making a judgement about what something is worth is problematic in itself because of this dark road that can be taken. This should be something negotiated between the upvoter and the content owner and should be nobody else's business. Maybe the nature of the reward pool would have to be changed because of this (hint: something based upon zero knowledge proofs could verify amounts and prevent double spends), but if we don't add privacy, we are eventually headed to hacker hell.
3FwxQsa7gmQ7c1GXJyvDTqmT6CM3mMEgcv
Yes this is a very important point. Privacy of one’s wealth and transactions is a fundamental right and important for serious business to be conducted. Steem is particularly open about transactions and wallet balances. This needs to be addressed.
Posted using Partiko iOS
I agree with you completely. I haven't been on Steemit very long but I was shocked to be able to see the wallet information on anyone's account. When someone upvotes one of my posts, I go to their blog to see if there is something there that I like and can upvote. It doesn't matter to me what the person's wallet has, I want to help other "plankton" grow just like I am trying to grow. But there are plenty of manipulations going on here on this platform. It would be better not to show an account's private information.
Curated for #informationwar (by @openparadigm)
Our purpose is to encourage posts discussing Information War, Propaganda, Disinformation and other false narratives. We currently have over 7,500 Steem Power and 20+ people following the curation trail to support our mission.
Join our discord and chat with 250+ fellow Informationwar Activists.
Join our brand new reddit! and start sharing your Steemit posts directly to The_IW, via the share button on your Steemit post!!!
Connect with fellow Informationwar writers in our Roll Call! InformationWar - Leadership/Contributing Writers/Supporters: Roll Call
Ways you can help the @informationwar
The keychain browser extension is a big step in the right direction.
I completely agree. And it is crazy and sad to see how easy this guy made more than 4 bitcoin! Its easy to be rich if you want to be an asshole!
I upvoted your post.
Keep steeming for a better tomorrow.
@Acknowledgement - God Bless
Posted using https://Steeming.com condenser site.
This is the easiest way to get rich. But this is not right . Sometime karma do his work better then everyone expecting.