MARK SURMAN, PRESIDENT, MOZILLA Keeping the internet, and the content that makes it a vital and vibrant part of our global society, free and accessible has

  • Ants Are Everywhere@mathstodon.xyz
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    22 days ago

    @felsiq

    Good point thanks for catching that. The receipt itself can name any anonymous identifier like a crypto address. I was just intending to note that the blockchain is essentially a wasteful timestamp server that doesn’t seem needed for this application.

    As a practical matter, the website has your IP, when you visited, what you looked at etc. So you already have to trust them with your privacy. And there’s a question of whether public policy would allow web traffic to be untraceable by default. But certainly the payment processor doesn’t need to know things like which websites you visit.

    • felsiq@lemmy.zip
      link
      fedilink
      arrow-up
      1
      ·
      21 days ago

      Minor correction: the website has my VPN’s IP 😂 I don’t trust random websites with shit, personally. The payments not being tied to your real identity would also not make the web any more or less private than it currently is - just the alternative would remove privacy. Again tho, I’m not tied to crypto specifically and would be perfectly happy with any payment system that maintained user privacy. I just don’t want to see a feature roll out that gets people jailed for visiting lgtbq+ sites or some shit when their payment providers are controlled by fascist governments

      • Ants Are Everywhere@mathstodon.xyz
        link
        fedilink
        arrow-up
        1
        ·
        21 days ago

        @felsiq

        > that gets people jailed for visiting lgtbq+ sites or some shit when their payment providers are controlled by fascist governments

        If that’s your threat model, then there may be an additional threat of timing analysis on the blockchain.

        If your threat actor has the resources of a nation state and is able to tap your ISP, the site’s ISP, and your VPN’s ISP, then you probably also don’t want a permanent pseudonymous record of your activity in the form of a blockchain.

        This is just an initial thought; I don’t have any concrete reason to believe that blockchain forensics + timing analysis is any stronger than just one of those on its own.