this post was submitted on 25 Nov 2023
41 points (100.0% liked)

Privacy Guides

16802 readers
9 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS
 

The whole point of me making certain payments with crypto is for it not to be attached to my name. obviously the crypto service company has my cc details. whats the most privacy friendly one? ty :)

top 27 comments
sorted by: hot top controversial new old
[–] [email protected] 12 points 11 months ago (3 children)

Monero, as for wallets Monero.com and Monerujo are your best bets for now.

[–] [email protected] 2 points 11 months ago (1 children)

as much as I love moneroju I have been having problems with it recently. The wallet mysteriously crashes and sends don't work consistently. Would not recommend at this time, but I have no doubts the team is working to fix this. I hate to talk shit as the moneroju guys are dedicated, goodwilled and innovative, but I don't want someone to have a bad experience. Perhaps download it and use it but don't rely on it

[–] [email protected] 2 points 11 months ago

Strange. Mine is not doing that. Hopefully it gets fixed for you.

[–] [email protected] 1 points 11 months ago

Confusing but the official site is not monero.com but www.getmonero.org, where you can see the full list of officially suggested wallets. Official GUI is a safe option. Feather is also good, Electrum-like.

Cake (Monero.com) is one of the suggested options too & is popular, but certainly not “most private“. With Feather, you can do everything over Tor, more privacy-friendly.

Most Monero users only use non-custodial wallets; so they just say “wallets” meaning that. Technically running a local node yourself is the most secure & private—though this option is not for everyone.

[–] [email protected] 1 points 11 months ago (1 children)

buy it from monero.com? redirects me to guardian

[–] [email protected] 2 points 11 months ago

No, there is a monero.com wallet on play store https://play.google.com/store/apps/details?id=com.monero.app and on fdroid via a custom repository. Its on the IOS app store as well if you own one of those https://apps.apple.com/us/app/monero-com-by-cake-wallet/id1601990386

[–] [email protected] 10 points 11 months ago (4 children)

Im not a big crypto person, but ive owned some in the past.
Isnt any reputable wallet pretty much the same? From my understanding, especially when using something like monero, the privacy falls apart at the exchange, not the wallet.

[–] [email protected] 4 points 11 months ago* (last edited 11 months ago)
[–] [email protected] 2 points 11 months ago

Most people use custodial wallets (they don't really hold the coins) and multiple wallets have had hacks (or ""hacks"") where a lot of user funds were stolen.

I personally like

  • Electrum for Bitcoin
  • Feather for Monero
  • Guarda for Ethereum based coins because it allows you to generate a new address each time.
[–] [email protected] 1 points 11 months ago

The exchange and the wallet become the same for a lot of people that never really move money between their personal bank and places like coin base.

[–] [email protected] 1 points 11 months ago* (last edited 11 months ago) (1 children)

You’re right. Use a centralized exchange (CEX), and you’ll be KYCed and de-anonymized. That’s why most privacy-coin users prefer DEX. For normal persons, if privacy is important, using anonymous gift cards or prepaid credit cards, which you can easily buy without ID, is more practical, much better than KYC'ed crypto.

If you can somehow get KYC-free coin, maybe from DEX, i.e. if you can get it personally from your friend or peer without showing ID etc., then and only then, you have real private crypto. There are two popular ways for this (Bisq and LocalMonero). Another option called Haveno is hopefully usable soon, but that is still iffy.

Using DEX is not essentially difficult, much safer than you might imagine due to a mechanism called multisig, but maybe this option is not for normal people. When you feel experimental, you might want to try to buy a small amount via DEX, to see what it’s like. If you’re a popular programmer or artist, accepting donations in crypto is also an easy way to get no-KYC coin. Another option is p2pooling—you can get a few Euro worth of XMR relatively easily; yet this last option is time-consuming and not very effective. Many of p2pool users or full-node people are privacy-advocating volunteers, maintaining/participating the Monero network for philosophical reasons, fully aware it’s not profitable in terms of money. This might be part of the reason why Monero tx fees are almost zero (like 1/100 of that of BTC). At the same time, there are many sketchy people around crypto too 😟 Be careful and stay safe!

[–] [email protected] 2 points 11 months ago (1 children)

Not sure what you're on about with the safety being created by multisigs, quite unrelated

[–] [email protected] 2 points 11 months ago (1 children)

Let’s say I’m selling you a book B and accepting a crypto payment. What if you sent me your crypto C trusting me, but I exit-scammed, vanishing without sending you B you’re trying to buy? That’d be bad. But what if I sent you B first, trusting you’ll send me C as soon as you receive B? Now you could cheat and vanish without paying. That’d be bad too.

To prevent any of those things from happening, there are a few methods. One is a 2-of-3 escrow service. Another is 2-of-2. Both based on multisig. A simplified example follows.

The book costs you 100€. You’ll send, say, 200€ to address A controlled by both you and me via multi-signature. I too will send 100€ to A. Now Wallet A has 300€. When 2 persons (you and I) sign, there will be a 2-output transaction from A to you (100€) and to me (200€), but any single person can’t move fund from A. That’s multisig.

Now I must send you the book in a good condition, because I don’t want to lose my 100€. So I’ll act carefully and honestly, and sign when I ship the book. You too will be willing to sign when you receive the book, because otherwise you can’t retrieve your 100€ (you deposited 200, when the book only costs 100). Sometimes an unexpected accident may happen, but usually something like this will work pretty well. This is one way how a P2P platform works (not very accurate, but I hope you get the idea).

[–] [email protected] 1 points 11 months ago

Ah, sorry, thought you were talking about ETH-style onchain DEXed. All good then!

[–] [email protected] 7 points 11 months ago (1 children)

Only use Monero and only a FOSS wallet like Monerujo.

[–] [email protected] 2 points 11 months ago (1 children)
[–] [email protected] 1 points 11 months ago (1 children)

Feather then if on desktop. I can't recommend any good FOSS Monero apps for Android... Monerujo is a crashy buggy boy.

[–] [email protected] 2 points 11 months ago

What version of android are you running? if you don't mind me asking. It's been ages since I've last had an issue with monerujo.

[–] [email protected] 5 points 11 months ago* (last edited 11 months ago) (1 children)

If you’re familiar with Electrum and migrating to the privacy coin, Feather may be a convenient choice.

The fundamental problem for you might not be the wallet; but KYC vs. non-KYC. Is it allowed to post a link or mention specific platforms here? You may want to check a website about no-kyc and try a trusted, no-kyc platform—not a CEX but a DEX (pure P2P), so no company can monitor your private life (related to shopping). You can browse monero.town, which is a friendly Lemmy instance of [email protected] in the sense that Monero is recomended on the official site of Privacy Gudies: https://www.privacyguides.org/en/cryptocurrency/ (I’m a mod from [email protected])

The tricky part is, if you have been once KYCed, your privacy invaded, then you couldn’t undo it (un-KYC it). You may need to start over, creating totally new addresses, doing everything anonymously over Tor. If you’re not that privacy-oriented, you can just swap the KYC coin you have to Monero, and you’ll be invisible from that point.

But Moneo is not magic to solve everything. DYOR and stay safe!

[–] [email protected] 1 points 11 months ago (1 children)

Are there any recommendations for cold storage? Or are paper wallets enough? I've pretty much only ever used Electrum and rarely so and I'm trying to expand my horizons

[–] [email protected] 3 points 11 months ago* (last edited 11 months ago)

It depends on how much you have, etc. If it’s just like 10 or 100 €, maybe you don’t need to be super careful.

The following is just one possible way—get a safe and libre “poor man’s hardware wallet” quickly and easily without paying:

1. Main wallet

  • Get a USB stick, install Tails. This takes about an hour (most time is for downloading the .img file)
  • Create a persistent storage, with a strong password (maybe 7 or 8 random words).
  • Install Feather. This takes 10–15 minutes; 30 minutes if generating a new wallet. Use it as your main wallet, and send your Monero to it.
  • When ready, shut down Tails. Pull out the USB and save it in a safe place. Now your wallet is physically disconnected from the Internet, air gapped. Very hard for any attacker to hack it.

2. Hot wallet

  • Set up whatever wallet(s) you like on your daily device(s) for daily use. It too can be Feather, or it can be something different. Just don’t have too much money in a daily wallet.

3. When you send Monero from 1 to 2

  • Insert the said USB, boot into Tails, send a necessary (small) amount from 1 to 2. Unlike BTC, the tx fees are like 1 cent or less. You can make a lot of small TXs without worrying about fees.
  • Once you signed and sent, immediately close your main Feather, shut down Tails, and physically disconnect the USB again. You don’t need to wait for confirmations. It’ll be fully confirmed in 15 or 30 minutes, and for which your wallet doesn’t need to be online.
  • So your daily wallet will be moderately funded, ready to use. You can enjoy private transactions, e.g. buying VPS or making anonymous donations to support your favorite software. Even if your daily wallet is hacked, your main wallet will be safe, physically disconnected from the Internet.

In theory this should work pretty well, if not the strongest possible. It’s not a recommendation, though. Do your own research. You may want to ask the same question in [email protected]; hearing various opinions, not just trusting one person (me), is a good idea.

[–] [email protected] 4 points 11 months ago (2 children)

If you want it the safest use the official Monero wallet. Or what I use and trust cakewallet. It can also do bitcoin in case you use that too…

[–] [email protected] 1 points 11 months ago

nvm found it

[–] [email protected] 1 points 11 months ago (1 children)

which one is the official one? Monero.com?

[–] [email protected] 3 points 11 months ago

https://www.getmonero.org/

The monero.com domain has been taken by a for-profit company, Cake. The Monero community is not wealthy (nor motivated) enough to buy it back.

[–] [email protected] 3 points 11 months ago

I use Monero and Cake Wallet.

[–] [email protected] 2 points 11 months ago

Any non-custodial wallet will work tbh. The best wallet would be a desktop one that is solely used for your chosen network and gives you total control over your funds, like Electrum (https://electrum.org) for bitcoin. Ideally it would also let you connect to your own node, although that could be used to trace transaction origins. Your wallet is only as private as you are :3