Ungovernable Misfits

Share on social media:

A weekly live show covering all things Freedom Tech with Max, Q and Seth.

HELP GET SAMOURAI A PARDON

• SIGN THE PETITION ----> https://www.change.org/p/stand-up-for-freedom-pardon-the-innocent-coders-jailed-for-building-privacy-tools 
• DONATE TO THE FAMILIES ----> https://www.givesendgo.com/billandkeonne
• SUPPORT ON SOCIAL MEDIA ---> https://billandkeonne.org/

TO DONATE TO ROMAN'S DEFENSE FUND: https://freeromanstorm.com/donate

VALUE FOR VALUE

Thanks for listening you Ungovernable Misfits, we appreciate your continued support and hope you enjoy the shows.

You can support this episode using your time, talent or treasure.

TIME:

- create fountain clips for the show
- create a meetup
- help boost the signal on social media

TALENT:

- create ungovernable misfit inspired art, animation or music
- design or implement some software that can make the podcast better
- use whatever talents you have to make a contribution to the show!

TREASURE:

- BOOST IT OR STREAM SATS on the Podcasting 2.0 apps @ https://podcastapps.com
- DONATE via Monero @ https://xmrchat.com/ugmf
- BUY SOME STICKERS @ https://www.ungovernablemisfits.com/shop/

FOUNDATION

https://foundation.xyz/ungovernable

Foundation builds Bitcoin-centric tools that empower you to reclaim your digital sovereignty.

As a sovereign computing company, Foundation is the antithesis of today’s tech conglomerates. Returning to cypherpunk principles, they build open source technology that “can’t be evil”.

Thank you Foundation Devices for sponsoring the show!

Use code: Ungovernable for $10 off of your purchase

CAKE WALLET

https://cakewallet.com

Cake Wallet is an open-source, non-custodial wallet available on Android, iOS, macOS, and Linux.

Features:
- Built-in Exchange: Swap easily between Bitcoin and Monero.
- User-Friendly: Simple interface for all users.

Monero Users:
- Batch Transactions: Send multiple payments at once.
- Faster Syncing: Optimized syncing via specified restore heights
- Proxy Support: Enhance privacy with proxy node options.

Bitcoin Users:
- Coin Control: Manage your transactions effectively.
- Silent Payments: Static bitcoin addresses
- Batch Transactions: Streamline your payment process.

Thank you Cake Wallet for sponsoring the show!

MYNYMBOX

https://mynymbox.net

Your go-to for anonymous server hosting solutions, featuring: virtual private & dedicated servers, domain registration and DNS parking. We don't require any of your personal information, and you can purchase using Bitcoin, Lightning, Monero and many other cryptos.

Explore benefits such as No KYC, complete privacy & security, and human support.

[00:00:01] Unknown:

Hello, and welcome back to Freedom Tech Friday. For those of you that might be new here, allow me to quickly explain what this is all about and why the hell we are here.   Freedom Tech Friday is a weekly live and interactive show hosted on the ungovernable misfits x Nostra YouTube, Rumble, and Twitch feeds.   We go live for one hour every Friday at 9AM Eastern or 2PM UK time, but you can also catch up later on the Ungovernable Misfits podcast feed.   On Freedom Tech Friday, we like to cover the latest news and trends for anything relating to Freedom Technologies. That could be anything from   Bitcoin or Monero, encrypted messengers, privacy tools and everything in between.  

Essentially if there's a news item, tool or topic that can help you take back some control in today's digital panopticon,   we want to talk about it. My name is Q and A and I'm head of customer experience at Foundation where we build Bitcoin focused sovereignty tools. As always I am joined by my good friend Max, the head honcho at the Ungovernable Empire, and Seth who is VP at kWallet.   As I mentioned, the show is live and interactive, and we're allowing you guys to steer us towards the topics that you want us to cover or to send us your Freedom Tech related questions.   There's loads of ways in which you can get involved, all of which really helps spread awareness for the show. These include commenting or asking questions in the live chat, submitting topics or questions before the show on X or NoSTA,   boosting and sharing the show on podcasting two point o apps,   and sending your questions and tips via bitcoin numenero at xmrchat dot com.  

Top support for our last show about digital minimalism comes from   unknown who sent 6,666   sats and said that they are turning off notifications. So good to see they're heeding some of our our advice and some of the stuff that we were talking about. Thank you for your support, Unknown, whoever you are.   So without further ado, let's dive into the show. Max, Seth, we are back after a one week hiatus. How was your,   how was your your week off? Did you have a good, Thanksgiving?  

[00:01:57] Unknown:

I did. I did. Yeah. I had a had a bunch of family in town.   Busy.   Up late. Still recovering.   Very tired. And no coffee machine by the sounds of it. Pure sadness. Yeah. Espresso machine chose to die right after the family visited. So Oh my they abused it.   We made so many lattes. So many lattes. I There's too many apparently.  

[00:02:19] Unknown:

Funny you should mention that. One of my, one of my pals gave me his   old coffee machine, and he's he's he's very much a coffee wonker that takes things very, very seriously.   So he's, like, upgraded to a a super duper mega machine. But even the one he's just given me for free is, like, a big upgrade for me. It's, like, a proper barista style one. So I've, spent the last Nice. Twenty four, forty eight hours trying to trying to dial that in and, get my my espressos dialed in.   I know, Max, you're probably sat there rolling your eyes because the last time we spoke, I was talking about going on a caffeine detox, but that's very much out the window now.  

[00:02:53] Unknown:

Oh, I'm not rolling my eyes. I'm happy for you, mate. I'm I'm living vicariously   through you with your your nice coffee with its all its caffeinated glory while I sit on my decaf.   It's pathetic.  

[00:03:06] Unknown:

How, how was your Thanksgiving, mate? Do they do they,   celebrate that in the North Pole?  

[00:03:11] Unknown:

They don't really.   No. I can't remember what I had.   I can't remember that we did anything. I think I might take it up, though, because I think it's quite cool.   There's not much that the Americans do well, but I kind of like the idea of Thanksgiving.   So I guess we can adopt it now we're not in The UK. We can just sort of bring it in.  

[00:03:30] Unknown:

For sure. You could be thankful for escaping.   We can be we can be, we can we can be be buddies in that. You may not be American, but   you   also hating one. So it's a it's a win  

[00:03:40] Unknown:

win. We got Britain out of our lives in different ways at different times, but we're both grateful.   Yeah. What about you, Q? Anything to be grateful for in that dreary, miserable shithole of a country?  

[00:03:52] Unknown:

Caffeine? Does that count? Can I be thankful for that?  

[00:03:56] Unknown:

It does. It does. It does. That's real freedom tech.  

[00:04:00] Unknown:

Yeah. Indeed. Indeed.   Before we dive into the show, guys, I'm just gonna state the obvious here. There's a big fat QR code at the bottom of the screen that's gonna stay there for the entire hour.   I'm sure all of the listeners are well versed in what's happening with the,   with the samurai guys and and the way that that's gone down with the, the sentencing for both guys.   We are kind of left now with with the only hope being a a presidential pardon, essentially, to stop them spending the next five years, of their lives behind bars. So if you could please spend thirty seconds of your life to just scan that QR code if you haven't done so already and just go and sign a petition. Every signature helps. Try and get this, in front of, Orange Man's nose because it's literally the the only hope we have left for,   a somewhat favorable outcome. So, yeah, just a a plea from me if you could do that.  



[00:04:48] Unknown:

Can I, can I add to that? Firstly, can you hear me, or is, is it very, very quiet still? You are a bit distant and a bit echoey.   Just one sec.   Is that any better?  

[00:05:02] Unknown:

Mm-mm. It sounds kinda like it's using, like, your laptop mic or something. Like, it's   changed. You just sound far away.   Mhmm. Yeah. I can hear you. So if we have to, we can roll with it. But Okay. Well, I can I can always  

[00:05:14] Unknown:

try and change it? But what I wanna say on this is anyone listening,   and on the live stream now,   if you want to go and order   anything that's free samurai, whether it's a hat, a hoodie, or a t shirt from Ungovernable Misfits,   rather than doing our normal 50%,   going to Free Samurai, I will be giving a 100% of it. So any orders that you can get through while the show is live, a 100% would go to them.   Think of it as a donation. The only caveat is you must have signed the, petition.  

[00:05:48] Unknown:

The kind of you, and hopefully, we'll, garner us a few more few more signatures and maybe some more samurai swag dotted around the globe. Always nice to see. I saw quite a bit of that at, a bitfest actually, which was which was nice to see. There's a few samurai hoodies, floating around from the usual faces. You you know who you are.   But,   yeah, I guess without further ado, and, yes, I am aware that the Nostra video is freezing. It seems to be a Nostra issue. Shock, horror.   Because everything else on YouTube,   looks absolutely fine. So apologies to   anybody that's, still hanging around for the freezing video in the Nostra in the Zapdot stream.  



[00:06:24] Unknown:

I'm gonna start with you.   We're still early. That's why. We're still early. Please. It's so early.  

[00:06:30] Unknown:

Give it a few years and a few more cycles.   But, anyway, let's dive into the show.   So   picture this.   You're living more and more of your life online as we all are. Your money's digital. Your conversations are digital.   Your identity is scattered across   countless   different platforms,   and websites that you probably don't even remember signing up for.   Now adding the fact that you might be storing your value in a way that no bank can recover for you, hopefully. I mean, that kinda goes without saying if you're listening to the show, I guess.   And you kinda start to realize just how exposed,   I guess, the average listener to,   the show really is.  

Most of us walk around assuming   that we're too small to be targeted,   I guess, until something goes wrong. Could be a hacked email, a drained,   Bitcoin or Monero account, or an exchange account,   a breach that suddenly exposes more about us than we ever intended to share. Unfortunately,   these moments kind of happen all too often. They might feel random,   but they are rarely random. They they are somewhat predictable,   and getting increasingly common, unfortunately.   And,   so today, I guess we're gonna talk about something that helps you get ahead of these moments or try to at least, something that can give you a little bit more clarity about about your kind of level of exposure, your risks,   give you a bit more confidence in your decisions, and give you a bit more control   over your kind of digital footprint, and that is threat modeling.  

So I guess,   open question to the both of you. I'll let you one of you jump in. But, like,   just give us the high level, guys. Like, what is threat modeling? Like, do do people even need to worry about this, or are we just that far down the rabbit hole that we're kind of, like, pontificating   over the over the 1%? Like, give me give me the high level. What what what is it, and why should people care?  

[00:08:27] Unknown:

Should I give this one a go? Here, baby.   I would say it's simply as looking at   your setup, who you are,   everything about your life, and considering different ways that you could be attacked,   and and putting that very clearly maybe down on paper and thinking about how you can improve things if you can at all. I would say that is, a basic idea on threat modeling.  

[00:08:56] Unknown:

Yeah. I mean, the the way I kind of approach it and one of the reasons why I like the blog the blog post that I've written that's been by far the most the most useful for people,   is threat model before you do anything on your privacy journey. Because it's really, really easy to go, like, way too deep and assume that you have the super advanced threat model just because you don't even think about it. You just see all these things that you can be doing. You see all these tools, and you go, I'm gonna do everything. I'm gonna drop all of the services I'm using right now. And sometimes that's okay, but a lot of times, our, like, natural instinct is to go too deep too quickly.   And I I think the the biggest thing with threat modeling for me is normally,   at least for people like me, it helps us to tone down   how we approach the privacy journey to make it more reasonable and more fitting for what we actually need,   and make sure that we can actually finish   the privacy journey. Like, keep going down the privacy rabbit hole and not get burnt out by going too deep too quickly. Because when you actually step back and figure out what you're trying to protect, who you're trying to protect it from, and how far you're willing to go to protect it, it helps you to to make practical   level headed wise   steps towards improving your personal privacy and improving your   your freedom rather than going too far. Or if you're   maybe not like me, you're the opposite of me, maybe going not far enough and not taking drastic enough steps to taking your privacy seriously and leaving gaps open. So it's really about   slowing down, stepping back, figuring out what is important   and what you actually need to do to protect that instead of just assuming   someone else's threat model or assuming you have to be like that influencer on Twitter or assuming you have to be like that podcaster,   and and not putting in protections that are actually useful for you and your family.  



[00:10:42] Unknown:

Yeah. Yeah. No. Like, we sorry, mate. Go ahead.   Go ahead. I was just gonna I was just gonna add in, like, we talk about on the brief, almost every single brief. It's,   generally, the biggest threat   to losing your stack   is you   and trying to be too clever and trying to think about something that's not a standard,   basically. We we talk about that all the time. So just wanted to add that in. It's like when you think about threat modeling, it's not just everybody else.  

[00:11:14] Unknown:

Yeah. I'm gonna come onto that later actually around, like,   it's very diff like, there's no   right or wrong answer to to kind of threat modeling, and it's gonna be very different for very different people. You know, a a journalist that's covering some,   you know, I I don't know, a warmonger in The Middle East or something like that is gonna have a different threat model than somebody that that works in Tesco that just wants to not have their emails link leaked or something like that. And we it's gonna be difficult for people to, like Seth said, not go too deep,   and not go or or on the opposite end of the spectrum, just don't give a shit and just, you know, overly expose themselves or have zero protection.  

Again, I guess Seth already alluded to this, but it's like a bit more of a journey where you kind of get more accurate as time goes on and as your your skills and your knowledge improve.   But when I was doing   a bit of research for the show here,   I I come across,   like a a good, like, one or two liner here that kind of defines it,   or or defines the process pretty well. And it goes like this.   Who are my adversaries?   What do they want? What resources do they have? And how do I prevent them?   And I thought that's that's like a good kind of step by step process of of going through that. And there might be people listening to this going, what adversaries? Like, can I I'm not I'm not going to war here? And I I just wanna spell that out. Like, what do we mean by adversaries?   Adversaries in in the context of threat modeling is anybody that can,   cause you harm. And I don't mean I don't necessarily mean only physical harm. It could be something as simple as or anything between, you know, knocking on your door and caving your head in because they want your crypto,   or just,   leaking your, personal address or your email the contents of your emails through,   not even through malice, just through, you know yeah.  

What's the word I'm looking for?   Incompetence.   Like, an adversary is anybody that can, I guess, cause you,  

[00:13:15] Unknown:

I keep what using the word harm? What's a Well, cause you harm or or or reveal things about you,   that you don't want revealed. A perfect example would be, like, the Ledger hack. You know, that's an adversary that wasn't trying to be an adversary, but,   effectively,   they have leaked a load of information that's now actually quite dangerous.   And now you have to rethink   everything,   especially if your home address was leaked or, you know, or your other personal details. That's a major problem. So,   I don't think they did it on purpose, but they actually   are a problem.  



[00:13:54] Unknown:

Exactly. Yeah. So so it's it's can be pretty easy for the average Joe to identify who their adversaries are. And and as I said, you know, as you get more and more niche, it can be a little bit more difficult to do that. But, like, I'm I wanna   zoom in a little bit on how we can identify our adversaries. And   in my mind, it's just as simple as anybody that has any information   on you, your personal information,   that can be used against you. Again, whether or not they leak that or gain that intentionally or   not is irrelevant.  

It for for in, for strictly speaking, just kind of identifying that they are an adversary.   So that's anyone anywhere online that you order off because you are giving them your address, maybe your banking details,   in person,   trades where they see your face, they could follow you home. It's essentially,   I guess, correct me if I'm wrong here, guys, anybody that you have any form of relationship with or casual relationship with or a business relationship with because   the prerequisite for that is that you're sharing some form of information. It could just be what you look like or it could be all of your personal information like your home address,   your Bitcoin addresses, you know, all of that sort of stuff. So it's kind of like   essentially, anybody that you have any interaction with could be an adversary for you. Would you agree with that? Even  

[00:15:14] Unknown:

yeah. Even people you don't have an interaction with because   if, you know, if you start   wearing a a t shirt that might reveal something about you or you're driving a flash car or have a wanky watch that's worth a lot of money or anything like that, you're you're revealing information about yourself to people who you're not even interacting with. People have eyes and ears. You know, if you're down the pub,   you're not directly speaking to somebody, but you're a loud mouth who's talking about things you shouldn't.   Again, you're revealing things to people you don't know. So,   your threat,   any anyone can be a threat even if you're not interacting.  



[00:15:51] Unknown:

Yeah. I think it's a good it's a good call out that, like, sometimes you can know exactly who your adversaries are, but a lot of the time, it's more about   limiting who your adversaries are rather than focusing on the ones that you do have. So, like, that maybe is a little confusing sounding at first, but   the just like you said, Max, like, being conscious of not showing your wealth publicly is, like, something that hopefully, those of us in the crypto space are very familiar with. Like, this this thing of, like, don't talk about how much Bitcoin you own   is a pretty normal thing, and that is threat modeling. Like, I think a lot of people don't kind of realize how general this term really is, but that is part of threat modeling is you're you're realizing if I show the world how much Bitcoin I have on Twitter,   guess what? You get a lot more adversaries. Because if you're constantly talking about, hey. You have a 100 Bitcoin or something, you can have a lot of adversaries you wouldn't have had otherwise because you're just putting it out there how much money you have. So a lot of that is, like, limiting that   attack surface   by not revealing as much about yourself to the world. And that's a lot of times where the the privacy side of threat modeling comes in.  

You you don't have to have as many defensive measures in place from a security perspective   when you're really good about the personal privacy perspective. And a lot of that really is just the common sense of   not bragging about how much you own, not driving flashy cars, not having your Twitter name on your license plate, like, just just kinda normal common sense things that don't sound they sound crazy, but a lot of people do these things anyways.   And and just cutting out a lot of that stuff will limit how many adversaries you have, which then necessarily makes   implementing   necessary steps much, much easier from then on out.  



[00:17:28] Unknown:

Yeah. We've got a comment for on, in the YouTube chat by infinity divided by 21 m. So it's that that guy in Canada who had his family waterboard, he was apparently very vocal about how much how he'd made so much money with Bitcoin. And that's a perfect example of, like,   you can   protect yourself from a lot of the worst types of attacks   just by the most basic threat modeling and the stuff that we've already covered, like keeping your mouth short, not flashing your wealth online.   That is gonna kind of protect you against most of the the the most common or the the most kind of public attacks that we hear about. Unfortunately,   I guess, correct me if I'm wrong here guys, but like every single week, multiple times a week where people are   quite literally being attacked in their own homes or in the street because they are   known to be wealthy individuals   mainly,   in the Bitcoin and crypto industry.  

Because, you know, because of the way of how crypto works, I guess, is that, you know, the criminals know that all they need to do is either compromise the person and get their private keys or compromise the person and get access to to their exchange account. So, like, we're gonna kind of, I guess, pontificate around, like, different ways of, like, hide my email and things like that. But, like, you know, for for most of these attacks, you just don't need to, like, worry about all of the technical stuff like that. It's just a case of   keeping yourself to yourself. And I think I said this on the brief, but, like, keeping your mouth short is a superpower   and can literally protect you from all of the worst stuff here.  



[00:18:54] Unknown:

It's probably the biggest one.  

[00:18:57] Unknown:

Yep. Yeah. It definitely is is absolutely vital. And I was just scrolling Jameson Lop's,   Twitter feed because he's the kind of the king of finding these new stories about when these things happen.   And the vast majority of them are   actually family members of people, not maybe the vast majority, but many of them are family members of people who are bragging about having a lot of money or who are, like, well known entities in the space, like the lecture CEO,   others like that. So it is also, like, proper threat modeling is not just about protecting you   and not even necessarily just protecting your immediate family, but it can even be protecting extended family. If you're a public individual   that people know have a lot of crypto or know runs a large crypto company or something,   putting these these practices into place, doing proper threat modeling also helps protect to keep your, like, your loved ones, which is another important piece. It's not just about you as well.  



[00:19:49] Unknown:

Yeah. Absolutely.   So we we kind of all come to an agreeance that anybody could be your adversary, essentially. Like, there there are some, obviously, some worse adversaries that you I guess in the the these kind of personal attacks is that you don't necessarily know who they are until they quite literally punch you in the face sometimes.   But I guess that's when we step back and think, well, how did that person become an adversary in the first place?   In the examples we've just been talking about, it's because people have been speaking too loudly and being flashing too much of their wealth. Might seem very obvious, but, like, I guess it pays to to to state the obvious essentially.   But,   moving down further down that practical definition I gave earlier where it was who who are my adversaries was the first thing. And the next thing is gonna be what do they want.  

I think identifying what they want is   important. And, again, it might seem very obvious, but, like, generally speaking, it's gonna be   your information.   And generally speaking, that will then lead them because they want something that you have. Again, namely   a car, a house,   some cryptos, Bitcoin.   Generally speaking, that it's gonna be financially motivated,   your your   adversary, especially if they're a malicious type of adversary and and not necessarily like the the legit scenario that you gave earlier, Max.   So I think what what do you think about, like, identifying   what your adversaries want? Have I missed any anything obvious there, or is it generally always gonna be financially driven, do you think?  



[00:21:19] Unknown:

I mean, I think the the one thing I would add is that it's not always,   like, straight up money.   Like, I think one of the core adversaries   that just applies to literally all of us is   people who just want information about who we are, what we do, and what we like, which is the kind of the data brokers, the advertisers, the social media companies,   ones where we're not at risk directly   of, like,   loss, even if we are losing kind of control of our data, so we're losing privacy,   you don't feel that loss as immediately.   But those those entities are adversaries because they're going after   the core of who you are, which is, I would argue, far more important than your money. Because if you can keep your identity   and your activity private,   the money that you have becomes much, much easier to protect. I mean, almost all of these, like, the the crypto ransoms and kidnappings, those kinds of things, they're happening because people know exactly who those people are. And if they know who they are, they also likely are able to quite easily figure out where they live, where family members live, who they're related to, and everything, like, really quickly unravels at that point.  

So even just viewing, like, these these data brokers, these people who want to kind of hoover up all of our data,   collate it, and collect it   as a a key adversary,   even if they don't have, they're not directly stealing your money, but they are monetizing your data. So they are again, it is it is still a financial incentive at the end of the day, but they're there to monetize your data. That can have knock on effects on other things, like your crypto, like your fiat,   like your family member's safety, that sort of thing. So I think those are   those are really important too and if they're not directly after your money.  



[00:23:01] Unknown:

Yeah. Max, what do you think?  

[00:23:04] Unknown:

Yeah. Agree. I haven't really got much to add there.  

[00:23:07] Unknown:

Alright. Well, what I wanna do starting from, from the bottom of, like, the most simple adversaries or or the easiest way to protect yourself from common adversaries,   what springs to mind for you guys that are, like, quick wins for people that listen to this to be like,   you know, we've we've we've talked about, like, this is kind of like a sliding scale or, you know, protecting yourself very simply against one thing can have, like, a really positive knock on effect for the rest of your life and protect you from the worst things. Like, what springs to mind in terms of how you can protect yourself from the most common   adversaries? Max, I'll hand it to you first.  



[00:23:46] Unknown:

I would say that, like, going into security   a little bit   outside of, like, keep your mouth shut and the things we've kind of already covered.   Having   as people are normally gonna come after your money, having something   that is not accessible   easily   would be a big one,   whether that's having   not having your passphrase   that's very, very complicate complicated passphrase,   at the same place as you live, and you'd have to actually physically travel somewhere to,   to send anything   or multi sig or something like that would be,   something to think about. We but I'm sure we'll go into more detail on those things later.  

That would be something. And then,   physical security.   So,   my personal opinion is, like, CCTV   and alarm systems and stuff are not all that useful,   most of the time because it's just a way to watch yourself get robbed, and the police are never gonna be there in time in 90% of cases and don't give a fuck about you anyway.   If you want   physical security unless you're extremely wealthy,   I think the best is having very well trained guard dogs.   It's probably   the most effective security you could ever have. Ones that won't take poison, will only eat out of their bowl,   and will,   scare the shit out of anyone who looks over your wall or thinks about coming near you.  

I like that. I I I didn't think, guard dogs would come up in today's conversation. But, Well, you know, they've been around for for a very long time. If you if you don't want mice and rats have cats and if you don't want people breaking in and harming you or your family, get some fucking good guard dogs because they're they're very good at their jobs.  

[00:25:43] Unknown:

Yeah. I I mean, I can't disagree with that.   You know, having a a dog is, I think, an acute, give you a lot more protection for somebody that wants to kind of physically attack you in the street if you're working with it or more importantly, break into your house where your family are. You know, I'd rather I'd rather have a vicious, canine there to to as a first line of defense than nothing else. Yeah. I agree.  

[00:26:04] Unknown:

Yeah. Yeah. I mean, I think maybe more on the digital side, I think a lot of it comes down to just, like, basic personal privacy. So, I mean, when you're when you're threat modeling, I think most people's threat model is more   how do I protect my identity   from data brokers, from advertising agencies,   and how do I   protect the knowledge of how much crypto I own from outside entities.   And a lot of that does really boil down to the same thing, which   is whenever possible, don't give out   specific information about yourself. There's gonna be a a million things vying for identity and buying for   login, buying for accounts online.  

And the more you can lean into digital minimalism, like we talked about last week or two weeks ago,   and away from this, like, I have to have an account everywhere kind of thing, and I have to give my credit card to everyone,   the better off you'll be. You'll you'll limit exposure there.   And then on the just kind of the crypto side, I think the the thing that really applies to everyone,   no matter your threat model, is just don't tie your identity to your crypto usage or purchases.   And that sounds really daunting at first. I know we've talked about that on the show, and,   y'all both are great examples of the the no KYC approach to things. But when you can avoid tying your identity directly to your crypto holdings,   to your hardware wallet purchases,   to anything crypto related, to your your crypto Twitter NIM or something,   like, you will be so much better off if no one knows   this   real person who lives at this address owns Bitcoin or owns a ledger or owns a Trezor.  

That's gonna that's gonna put you way, way ahead in terms of security because it's gonna be much, much harder for someone to know that   John Smith lives at this address and has this much Bitcoin.   So I think those are, like, two of the the key things. I mean, there's, obviously, there's a ton of different, like, specific steps you can take on the personal privacy side, and that's where we are really gonna have to figure out, like, do you have kind of what I think is the base level threat model of I need to protect myself from data brokers,   from,   data collection agencies,   from these entities who are just trying to suck up as much data as possible?  

Or do I have a more more, targeted threat model where there are specific entities after me or,   my type of person or my religious,   minority or something like that? If there's some reason why you would be targeted, then you're gonna have to take even more drastic steps. But I think for everybody, that that kinda starting place   is is pretty set in stone.  

[00:28:37] Unknown:

Great. We we've got a couple of comments and questions from the listeners that are kind of, a good point to come in here. First one,   a funny one from mister MDM   on,   Anasta, and they just said, get a Luna tattoo. Nobody will waste their time trying to rob you.  

[00:28:55] Unknown:

The Luna ticks. Hiding in the blue site.  

[00:28:58] Unknown:

Indeed. Indeed. Hiding in plain sight. Good. And then we got another one on YouTube from, infinity divided by 21.   This is a good question, actually. I'm gonna try and tackle this one first.   How do you balance advocating for Bitcoin in your local community and staying secure?   Teaching in a local school, local cafe, or library, for example, and is there an opportunity cost to stay in private?   Is there an opportunity cost to stay in private? Yes. Absolutely.   Especially if you kind of, like, work in a a a Bitcoin or a crypto business, like, people   respond much better to faces.  

Like, you see you know, a prime example is, like, all of the the podcasts and things like that. Like, the the biggest ones are all video ones because people just enjoy seeing faces.   That's exactly the same in, in in real life as well. So, yes,   there is an opportunity cost. Like, you you just reach fewer people by being,   more private. And that's just something that well, especially the the three of us in varying degrees, I've all had to to wrestle with over the last couple of years.   But, yeah, it's just a decision that you have to make. And for me,   it's it's a bit of a no brainer really that, you know, the protection that's offered to my family versus being public and   sharing where I'm from and my real name,   or that, you know, that end of the spectrum versus, you know, the potential risks of somebody following me home and putting my family in danger because they know I'm a Bitcoiner.  

Like, it's just a complete no brainer for me. And and, of course, that's not a binary thing. There there is a sliding scale where you can be a public face like Seth and only share, you know, minimal amounts of information so that, you know, Seth still has has sort of great protection from from the worst types of attacks as well. And sorry, Seth. I didn't mean to use you as a as an example, but it's, you know, it's it's a perfect example of kind of, you know, how there is, you know, it isn't a zero or one type of thing, and you can kind of find a happy medium that that suits you best, based on on your, I guess, threat models.   To answer the first question, how do you balance advocating for your for Bitcoin from your local community and staying secure?  

This is something that I kind of not really have to do all that much because   in The UK, adoption is is kind of so low that, you know, I don't even try advocating for it locally. You You know, all my friends obviously know what I do and and know that I'm the Bitcoiner and they can come to me. But I'm not going around door to door or going to the local cafe or anything like that and asking them if they'll accept Bitcoin because,   you know, Doris at the local cafe is gonna look at me like I've got three heads when I enter the word Bitcoin. Like, we are just not there yet where I live.   But if you, you know, you're you're in a, you know, a bigger city, maybe in The US, where it's a bit more,   you know, progressive,   then you can still kind of of advocate if you wanna be out there kind of trying to, I guess, orange peel   people, but you don't have to, you know, share any personal information. You can give, you know, a fake name. You can say, hi. My name's Tony. Like, you can still be a face, but have, you know, share minimal amounts of information. That's what I do at conferences.  

People, you know, I I don't walk around masked up at a conference.   I, people know me as as, you know, a a specific Fiat name that's not my real name, but it just makes life easier.   So you again, sliding scale. Like, you you can share   whatever information you're comfortable with. The the tricky part is if you wanna remain a NIM,   knowing what information you've shared and with whom, because you can quickly twist yourself into   into a web of,   you know, different amounts of information that I've shared with different people.   And, obviously, you can't be,   a 100% confident that people don't talk when you're not around as well. So you have to be,   I guess, start every interaction from a very guarded state. And and yes, that is gonna limit,   maybe your your kind of level of outreach. But again, it it all comes down to trade offs here. But, guys, have I missed anything? Do you have any, opposing opinions?  



[00:32:54] Unknown:

Yeah. I mean, I I it it is a very good question, and it's one that I've spoken to a lot of people. But   I I I think a lot of times this question does kinda come down to   like, do a realistic assessment of what someone in your local, like, Bitcoin meetup, for instance, knowing   that you like Bitcoin   actually means for you. I think it it varies quite widely because if you are a known entity where people know who you are online, they know that you   run a Bitcoin company or work at one and have access to a lot of money, and that they know your face and you show up to a local Bitcoin meetup, that's a very, very different set of risks   than if you are a,   like, a a relatively unknown Bitcoiner   who just wants to teach people about Bitcoin or learn about Bitcoin at a local Bitcoin meetup. Like, the risks are very low and almost always worth taking, in my opinion, to get that local community,   to get that ability to to teach others and help others in their their Bitcoin journey   if you're not a known entity.  

And, like, even if you were a   let's say you're a a huge nim on Bitcoin Twitter or something, but you haven't revealed your face, your real name, or anything to people, you could go to your local Bitcoin meetup and just be a Bitcoin guy. Like, yeah, you'd probably know more than most people there if you are actually, like, deep in the Bitcoin space or something. So it may be hard to kind of hide that you're not a   not a a very knowledgeable Bitcoiner, but you wouldn't have any direct tie between someone seeing your face or hearing whatever name you give them and your Twitter name.   But I think that oftentimes, and I have struggled with this specifically,   we let kind of the paranoia of no one can know that I like Bitcoin   actually harm the impact that we can have on the space unnecessarily.  

And, again, threat modeling, it's very personal. You need to decide what risks you're willing to take. But I think for the vast majority of people,   it is well, well, well worth having or building the local community that can help you, that can grow awareness of Bitcoin,   where you can help answer people's questions and help them with threat modeling, help them with taking privacy seriously, help them with self custody.   That is is is almost always well worth the cost unless you're in a very specific situation. Like, if you're   we've we've talked about Jameson Lop, and he's he's a security, like, guru in the space. If you're Jameson Lop, you're probably not walking into your local Bitcoin meetup wherever you live,   and telling people where you live and letting them know, okay. Well, he lives here in the city clearly, so I'm gonna tail him back home or something like that. You're gonna have a very different approach   than if you're Joe Schmo on Twitter   and no one knows your face. If you walk into a room, you're you're okay. You're gonna be okay, and it's gonna be much easier for you to fly under the radar,   than than he would. And that's where it does come down to to personal threat modeling and why threat modeling is so important because you can go too far and assume you have to advance to a threat model and cut yourself off from everyone around you and really actually harm yourself.  

Or you could go under and be like, well, no one's gonna care about me. And then you you show up and people realize, oh, this guy has talked about trading Bitcoin for ten years on Twitter. He probably has a lot of Bitcoin. So it's gonna be up to you, but make sure you're threat model accurately so you can get the most out of the opportunities you have available to you.  

[00:36:04] Unknown:

Yeah. It is a good call out there and, good question, actually. Thank you for that. Keep them coming, if anybody else got any   related questions in the chat.   I wanna   go back quickly to something you mentioned earlier, Seth,   around people,   particularly in our position, sometimes going too far and taking things   further than is necessary and maybe causing themselves   undue stress or undue headaches   when,   you know, you can get, I guess, ultra paranoid and kind of,   I guess, you just think that the the boogeyman's just waiting outside for you to to make the next mistake and that, you know, poof,   Bitcoin's gone or your personal information's gone. Like, do you have any   examples, either from yourself or people that you've interacted with,   where people have taken it too far? Like, what they did and maybe what they did to kind of walk that back to find that kind of happy medium.  



[00:37:00] Unknown:

Yeah. I mean, I I'll just speak personally, actually,   because I think I I have definitely done this. I know I've talked about it a bit of going too far in the past, but, especially earlier on in my journey when I wasn't actually well known. I wasn't even working in the space.   I was so paranoid about the idea of anyone knowing that I cared about Bitcoin or cared about privacy that I I missed out on I had some really good local Bitcoin meetups,   that I   went back and forth   a lot on whether or not I should attend.   And I've lost out on years of local community   that I could have had. Obviously, again, I needed to be I did need to be smart. And I think there there did come a point where I probably shouldn't have been   at least known a known entity in that that local Bitcoin community for me and my family's safety. But   for a long time, I think I really could have benefited from that. And more importantly, I think I could have helped many, many people,   in the city that I was in and in the region that I was in.  

And I think that really came from me initially when I first got started in this space   going way too deep and assuming that, like, everyone was out to get me and that, if anyone knew anything about me or even that I touched Bitcoin,   that I would be doomed.   And it it ended up hurting me a lot. And I think, honestly, it really slowed down   my Bitcoin journey, slowed down the the reach that I could have had and the the impact I could have had in people around me. And probably cost a lot of people their, like, their chance to learn more about self custody or privacy, etcetera.   So I think I mean, I I I think I am an example of that, of kind of regretting that, and I really do regret the the lost time that I could have had there.  

So I think that's that is one example. I mean, the the other one and the just more general one is   I've talked to a lot of people online who   have kind of started this journey,   done way too advanced of a threat model, and then just bailed and just not wanted to to worry about it anymore because they try to go too deep. They try to do   tour for everything. They try to   to cancel all of their services. They don't shop online anymore. Like, they go a little too deep for their pretty normal threat model,   and just get burnt out. But, yeah, I think the on the the concrete example, I think mine is one and kinda ties back to Infiniti's question earlier of, like, that,   that risk versus reward, having to do that for yourself. And I think I was too paranoid in my assessment threat   model. I missed out on a lot of really, really good things there.  



[00:39:27] Unknown:

You, Max, as as somebody who's   arguably, I guess, less of a public figure than than Seth is, like, do you have any similar stories, but that you've kind of,   I guess, gone too far and walked it back for whatever reason?  

[00:39:41] Unknown:

Yeah. I mean, I've always Yeah. I think I've not really done hardly any meetups.   There's probably   outside of you, there's probably only   a handful of people who actually know what I look like or or, like, have actually met me in in person.   And for that,   there are some regrets because,   I have definitely missed out on a lot of interactions and experiences   that I wish I'd done, actually.   And I   definitely went too far with my security setup and threat modeling   in the early days.   A lot of it, I've had to walk back because   on reflection, especially after having children,   I was like,   oh, if I die,   no one's   getting anything because this is so complicated   now.  

I'm I'm thinking about threats that probably don't really exist,   and   it's so complex that even I'm struggling to keep track of what I'm doing,   and there's no chance my family are gonna get anything, which is the whole point of having any sort of,   money anyway, so to make sure that they're okay. So I think,   that's been a big one, going way too   deep on,   and   and past what I was probably capable of doing technically as well.   As everyone knows, I'm nowhere near as technical as you or Seth   and,   just worrying at night,   stress that didn't need to be there,   for years and years, just worrying like, oh, have I done that wrong? Oh, what if this doesn't work? Did that backup work? Or or or or and and that is quite draining. It stops you from doing other things. So they're they're probably my my main two.  



[00:41:32] Unknown:

The the,   a lot of what you guys have just said kinda resonates with me. I've definitely   done very similar things with, like, overcomplicated   Bitcoin backups   or trying to run Linux operating systems that are way above my pay rate because somebody on the Internet that I respect, they said it was a good idea. Like, it might have been a good idea for them. But for me, it just caused me, you know, untold   amounts of headaches for not a lot of gain.   What I I wanna switch switch gears and talk about some of the the different attack factors that we haven't talked about because we kind of gone both ends of the spectrum here. Like, we've touched on the fact of, you know, you know, you can use hide my email to stop, a service from seeing your your your email address or your your personal,   your location.  

Or we've gone right to the other end of the spectrum where somebody knocks on your front door because they know that you're a Bitcoiner. But what about the middle ground? What what about stuff like,   phishing attacks or social engineering   or exchange account   breaches and things like that. Like, aside from the fact that, you know, we wanna limit the fact that the the information   that,   people have about us. Like, how can people   kind of think about protecting themselves against, like, phishing attacks, social engineering attacks,   or maybe malware and   compromised,   devices? Like, should people be worried about that? Where does that sit in terms of the hierarchy of what we've spoken about here? And do you have any kind of insights on that one?  



[00:43:04] Unknown:

That's a Seth question.  

[00:43:07] Unknown:

I figured I'd give Max a chance.  

[00:43:09] Unknown:

I don't know. I know my limits.  

[00:43:15] Unknown:

Yeah. I mean, it it's definitely something for everyone to be concerned with.   But the, again, the lengths that you go to will depend.   But I think this is this is another area where just, like, good common sense goes a really long ways,   and   making sure that you   tread carefully whenever something seems urgent online.   I think the the the place where most people get   get wrecked in terms of phishing specifically   is that spear phishing, like, people who have some information about you or about an email address that you've used online. Like, for instance,   an email address you used for Trezor. They had an email leak, and those email addresses got used for a spear phishing attack   that was very, very well done,   and   tried it tries to instill in a sense of urgency that you need to do something right now or something bad will happen.  

And that's always where people mess up. Even people who think that you're that they're very technically talented and very well understood is if you feel a sense of urgency and stress or if it comes at a bad time when you're just overly stressed and overwhelmed,   you'll do things that just don't make any sense because you're not thinking straight.   And sometimes that's just, like, put in measures to slow yourself down. Like, maybe a lot of the phishing attempts or things that just they try to trick you into entering your seed. And I know it sounds like dude, I would never enter my seed phrase online. Like, I'm not an idiot. But at the wrong time, with the wrong wording in an email and the the right sense of urgency,   you'd be surprised what you'll do in a in a brain fog or when you have a newborn that's wailing or, like, there are a lot of different things that could happen here. And maybe just putting yours, it'd phrase somewhere that's harder to get to that requires some some time to access it or,   making things just a little bit more difficult for you to to accidentally fall into one of these traps is important.  

But, honestly, like, a lot of this boils down to the same basic privacy principles. Like,   if you're   using,   email aliases for everything rather than giving out the same email address to every service that you use,   you have a lot better protections against phishing, especially if you do the   the thing that I haven't been good enough about but need to do more. And I'm I would love to see, like, Proton and   SimpleLogin   and,   Adi, I think is their new name. They used to be a non Adi, but I think they they rebranded recently.   It would be cool if they would have, like, a an auto disable after a week thing because I think a lot of the email addresses we get out we give out, we only need for, like, verifying an account immediately,   or we only need for this one order that once we get the tracking information, we don't need any more emails from that. And you can just disable a lot of those email aliases once you get what you what you need out of it. And then if that email alias gets leaked and you someone tries to spearfish you, guess what? You never even get the email. You're not at risk at all. And that would have been, like like, I was affected by the Trezor email hack. Thankfully, I hadn't actually bought a Trezor from them, so no personal details were there. But   I was on their newsletter,   and I got the spear phishing, but I should have just disabled the alias. I didn't even need their emails anyways. Like, it it was one of those things where, like, I could have done a better job with that.  

And I think a lot of people, you can really protect yourself well by saying, like, I'm gonna use this email alias. I'll disable it right after I sign up and verify my email. And then if I need an email in the future, guess what? You just enable the alias,   get the email, the verification, whatever, then disable the the alias again. You don't need to do anything fancy, but that can be a a great protection as well.   And that would really be helpful.  

[00:46:49] Unknown:

What what about as you're saying that, I'm just thinking   for people who maybe   haven't been as careful as they could have been, maybe they know that they've been in these leaks, whether it's phone numbers, emails, addresses, whatever information it is that's out there.   Can you think of, like, the most,   simple way for them to move forward from that? If they're if they're listening to this and they're just going,   yeah, there's more information out there than there should be. Like, what would be the steps   that you would take without causing major drama? Like, you know,   if they if they need their phone for a million different verification things and they still got the same number or   they've still got the old email because   whatever, again, like, verification   or people   have that email and they need to contact them, how do they   swap? Like, what would you what would you do?  



[00:47:44] Unknown:

Yeah. I mean, it depends on how bad the leak is. If it's, like, all of your personal data, I think you probably should be pretty aggressive. Like, obviously, you can't move. So, like, I know that was like, if you're in the ledger hack, you don't have any choices if you you still live at the address that was revealed in that or something.   But, honestly, like, I would go through the trouble of changing my phone number after something like that. I know it's a pain in the ass,   but that's also a good reason to be using, like,   TOTP, the time based two factor instead of phone verification where you can. And thankfully, nowadays, almost everything,   can do verification via TOTP. Not everything. I know there's some things that you still have your phone for, but,   I I like, I think that would be worth changing. Same if you've, like if you have a decade old Gmail or something that you've been using.  

Start fresh. Get a proton address.   Start using their   aliases.   And   if you do that, just you can keep the old one around. You just need to I would both for digital minimalism and your safety, just just disable   notifications   and go back to it when you need to because you should just be aware that that is very likely to be used   to try and fish you and spear fish you and get,   spammed. And you're gonna have a lot of annoyances with that one. So you could keep it around if you need to for verification purposes or while you do the migration, that sort of thing. But it can be one of those good catalysts to help you,   be smarter and and jump into a a good new piece of Freedom Tech that maybe you wouldn't have done before, but now you have that sense of urgency because of the,   because of your data being revealed. But I think oftentimes, it is worth it in that case to rotate whatever you can,   and to start using things that are easier to rotate like email aliases,   when possible.  



[00:49:31] Unknown:

Q. Any other,   tips on that?  

[00:49:35] Unknown:

No. I think, I think Seth covered all all of the the basic stuff that I was gonna mention.   I do we've only got, like, nine minutes left, so I do wanna cover off this awesome question, again, from infinity divided by 21. It's coming in,   coming in clutch today with the the excellent questions.   To what extent do you agree that time locks are an effective defense against social engineering and $20 wrench attacks? I'll I'll take this one first.   Against social engineering where the the attacker is not nearby,   I guess probably   pretty effective. Like, if you've can't physically spend your Bitcoin,   when, you know, an an attacker posing is, let's say, somebody from Ledger support or something like that is is telling the you that you need to move your funds   immediately.  

Like, if those funds are are time locked, then, yes, it could be preventative. But I guess depending on the type of attack, like, if if they are,   extracting your seed word from you, then, you know, they can once they've got the seed words, they can sit and wait for the time lot to expire and then race you to move your funds. And it becomes a kind of race to the bottom where your funds are probably just gonna get eaten up by fees essentially.   For $20 renter tax, I guess it's a similar situation.   I would argue that,   MultiStake here is probably much more effective than just the time lock itself. Like, if you have a single sick wallet,   yes, you can demonstrate that you can't move the funds, but, like, that isn't gonna stop them from stealing or destroying your seed words. And once those seed words fall into the wrong hands, then it's essentially game over because, you know, irrespective of whether they can move now or in twelve months time. Like,   once they those seed words are in the wrong hands, like, it's it's it's already too late. So for me, I would say, multisig here is gonna be or even just a passphrase is gonna be,   a a a much bigger protection than the time locks themselves.  

To take it a step further, you could argue that,   time locks when combined with multisig is kind of like the the gold standard at the moment, especially with MiniScript where you've got, you know, expanding or decaying keys where you can have, you know, protection against most eventualities.   And it's something I'm becoming a lot more confident about. And I'm hopeful that it becomes the the de facto standard,   in years to come,   especially when we're talking about, like, the the worst case scenario here where somebody is literally breaking into your home to try and steal from you. So, yes, they provide some protection, but I certainly wouldn't rely on them for my own stock,   especially in the context of a single signature wallet for the the reason that I've outlaid.  

But, guys, any any disagreements from from you there?  

[00:52:10] Unknown:

Just one tiny point I wanted to,   comment on. I always used to think that multisig was a problem because people knew you had multisig and it made you stand out.   After speaking to Black Coffee about this a while ago, he was like, yeah.   They can. But in if someone's attacking you,   they can see that it's multisig,   especially if they're sophisticated,   which means that when you tell them if they're about to break your kneecaps, look, I cannot send these funds,   It is provable. It it does show them, like, I'm not fucking around here. I'm not trying to,   lie to you. I cannot send you the funds.  

So it works both ways. You stand out more, but also it's it's provable to some extent. I I think that's something that I'd never considered before he'd said that.  

[00:53:01] Unknown:

Yeah. So you you mean that the the knowledge of the fact that it's multisig can be more of a deterrent than,  

[00:53:07] Unknown:

the allure of, oh, it's multisig. There might be more funds in there. Is that what you mean? Yeah. I think so. Because originally, I thought, oh, well, if someone sees that it's multisig, you stand out. And it's like, why do you have multisig unless you've got a large amount of funds,   especially in the early days. Whereas now it's like, it's not that hard to   do. It's not really expensive to do.   So   it doesn't mean that you have a lot of funds, and it means you can show that you can't spend them. So   I'm just saying that my view around multisig   has changed somewhat.  



[00:53:40] Unknown:

Yeah. You you could also argue as well that,   the   the vast majority again, we're talking extremes here, but, like, if somebody's breaking into your home,   it's because they know that you've got Bitcoin.   The the likelihood of them knowing that because they they know your addresses   is   unlikely. I would say the more common thing is that you haven't kept your mouth short or you're a very public Bitcoin. Like, they're not coming in going, I've seen your addresses. I can see it's a multisig.   Give me your money. There it's more of a case of, you know, I know you're a public Bitcoin. You're probably wealthy. I'm gonna break into your house. So the the fact of whether or not they know you've got multisig upfront is is probably unlikely in my opinion. Seth, any hot takes on this one?  

[00:54:27] Unknown:

No. I think just,   the reminder that you probably don't have that threat model. So my single sake is good enough for most people thing stands. But if you do   need multi sake, I think that is a is a good call at max. I think the only thing that I just kind of always have in the back of my mind is, like,   are they just gonna leave   if they realize you can't spend the funds? I I'm always kind of, like, when I kind of game plan out what would happen in that scenario, I'm always curious. Like, I don't know if that's a good thing or a bad thing that you can't spend funds at that point. Because, like, if my life or my loved one's life was on the line, I'd rather just send the Bitcoin.  

[00:55:03] Unknown:

Yeah. Yeah. I mean, that's just me. Can't. It's provable that you can't. Whereas,   oh, well, I can't send it because the the majority of funds are behind a passphrase, and I don't have that on-site. They're like, well, I don't know if that's true. I'm gonna hurt you some more till I I can make my mind up on this.   Whereas the multisig thing is more provable.   That's my point. And also, if someone has taken the time to break into your home, if you did actually have a large amount of Bitcoin.   Most people haven't actually sold all their chairs, and most people who actually have some wealth   do have other valuable things inside their home Yeah. It's true. That are not Bitcoin.  

And for the average attacker, if they're breaking in and they're saying, you're saying, look, I can prove to you I can't send it to you, but have my watch, have my car, have my whatever. I've got some cash. I've got security. I've got a wedding ring, whatever. It's like they're not leaving empty handed. And there is a limited amount of time   where they can be in the house without having a major problem. And you avoid most of this stuff in most cases if we go back to my first point, which is, like, have good physical security as well. Like, for example, I wouldn't wanna be going anywhere near Jameson Lop's house   because he has many, many guns, and I'm sure he's thought this thing through. Unless you're very sophisticated,   you're probably gonna come off worse.  

And so, you know, the physical security,   should be something that you think about.  

[00:56:25] Unknown:

So you're saying give them the chairs  

[00:56:28] Unknown:

is my take on. Give them the chairs. Give the have the dogs, and if they get past the dogs, give them the chairs   and the steak in the freezer.  

[00:56:40] Unknown:

Alright. Well, very quickly, one final question that was submitted just before we started recording,   under your post, Seth.   And feel free to be very succinct here because it's a very deep question. But on a scale of one to ten, ten being the highest, what scores would you give to the following web three applications as most susceptible   to attack vectors? In other words, most likely to be attacked and a frequent target.   Mobile wallets, dApp front ends, dApp back ends, back end blockchain nodes, DEX swap providers, DEX pools, and DEX lending and borrowing.   Again, feel free to be succinct.  



[00:57:14] Unknown:

Yeah. A million things here. I mean, the the most mobile to me is almost never your wallet, but it's what you do with your wallet. So, like, mobile wallets, I generally think if you're using a good one that's open source, you're generally gonna be quite secure there.   But the vast majority and he mentioned web three and a lot   of DeFi stuff. The vast majority of the way people lose money is they just they ape into some random new smart contract thing,   and then they get rug pulled. So, I mean, the you're you're you're putting a lot of trust in people unless you're using a very well established, very well understood,   DeFi protocol, something like Aave or Uniswap, something that's been around for a long time, been heavily audited,   has good protections   in place.  

But it's really when you're kind of trying out new random things that you get into a lot of risk   or anything where you're actually giving up control of your funds. But the vast majority of risk and I would say, like, the   the   the most susceptible to attack vectors is really those kinda Defi protocols   where you don't really know what's going on to the under the hood. You can't audit the smart contract,   and you you approve them through WalletConnect or something to access all your funds, and then you get rugged at the end of the day. So that's where I would be really, really careful on these things that are really well vetted,   and well audited and well understood.  

Yeah.  

[00:58:33] Unknown:

Thank thank you very much. Alright, guys. That that brings us, to time already.   Thank you for those of you that hopped into the live chat.   We had some great questions asked, especially from, Infiniti Divided by twenty one. Thanks for getting involved in the show.   Apologies again for the the nostalgia mishap. Looks like Zap. Stream is completely offline at the moment, so we know where the problem lies.   Quick reminder, please, please, please scan the QR code on screen and spend 30 seconds of your time filling out the, the petition to try and get the samurai developers a pardon.   When this is released on the podcast feed, the link will undoubtedly be in the show notes as well if you're listening to this on audio. Thank you for stopping by, Max. Seth, good to have you back, and, we will be back for more of the same next week. Let us know if you've got any topic suggestions.  

See you guys.  

[00:59:21] Unknown:

Thanks, everyone.  

[00:59:24] Unknown:

Thank you for listening to Freedom Tech Friday.   To everyone who boosted, asked questions, and participated   in the show, we appreciate you all.   Make sure to join us next week   on Friday at 9AM   EST and 2PM London.   Thanks to Seth, Max, and Q for keeping it ungovernable.   And thank you to Cake Wallet,   Foundation,   and my NIM box for keeping the Ungovernable   Misfits   going.   Make sure to check out ungovernablemisfits.com   to see mister Crown's incredible   skills and artwork.   Listen to the other shows in the feed to hear Kareem's   world class editing skills.  

Thanks to   Expatriotic   for keeping us up to date with boosts,   XMR chats, and sending in topics.   John,   great name and great guy,   never change,   and never stop keeping us up to date with mining news   or continuing to grow the mesh to Dell.   Finally,   a big thanks to the unsung hero,   our Canadian   overlord   short,   for trying to keep the ungovernable   in check   and for the endless work he puts in behind the scenes.   We love you all.   Stay   ungovernable.