A fool and his not-really-money are soon parted
-
-
@LaoC I wonder if he used LastPass...
-
@LaoC said in A fool and his not-really-money are soon parted:
Overall corruption would at least go down.
-
At first I was undecided whether to post this here or in the spam thread, but when I read the highlighted parts, I decided this was the better place. Crypto mining on your phone. With no battery drain!
-
May I bring your attention to the yearly recap of web3, so we can all remember the lowlights of the past year as we look forward to another year of fool-and-(not-really-)money-parting.
-
@dkf said in A fool and his not-really-money are soon parted:
@LaoC I wonder if he used LastPass...
I use LastPass, and the email I got from them about the compromise was that a bunch of metadata was stolen, not that the wallets were compromised. So only the most paranoid of nobody-gets-to-know-my-information people would really care. Or people who used that metadata for their passwords.
...did I miss something worse?
-
-
@loopback0 said in A fool and his not-really-money are soon parted:
keep us all from losing our grip on reality.
-
@PotatoEngineer said in A fool and his not-really-money are soon parted:
@dkf said in A fool and his not-really-money are soon parted:
@LaoC I wonder if he used LastPass...
I use LastPass, and the email I got from them about the compromise was that a bunch of metadata was stolen, not that the wallets were compromised. So only the most paranoid of nobody-gets-to-know-my-information people would really care. Or people who used that metadata for their passwords.
...did I miss something worse?
There was a second compromise (or additional information discovered about the continuing first compromise, depending on which article source you read) that got access to encrypted data including customer vaults. Which LastPass PR waved off as "we encrypt it with a Zero Knowledge technology so as long as you have a good master password you're fine" but you know how good people are at picking passwords.
-
@Atazhaia said in A fool and his not-really-money are soon parted:
In 2022, web3 went just great
To be fair (to something that totally doesn't deserve it), 2022 didn't go great for pretty much anything else either.
-
@izzion said in A fool and his not-really-money are soon parted:
@PotatoEngineer said in A fool and his not-really-money are soon parted:
@dkf said in A fool and his not-really-money are soon parted:
@LaoC I wonder if he used LastPass...
I use LastPass, and the email I got from them about the compromise was that a bunch of metadata was stolen, not that the wallets were compromised. So only the most paranoid of nobody-gets-to-know-my-information people would really care. Or people who used that metadata for their passwords.
...did I miss something worse?
There was a second compromise (or additional information discovered about the continuing first compromise, depending on which article source you read) that got access to encrypted data including customer vaults. Which LastPass PR waved off as "we encrypt it with a Zero Knowledge technology so as long as you have a good master password you're fine" but you know how good people are at picking passwords.
The
hashcat
password cracking tool has been modified so that it can crack the encrypted LasstPass vaults, so if your master password wasn't a long random string or a decent Diceware passphrase then you should be very afraid.Though I guess it also depends on what kind of valuable information you have in there. I believe some information about what kind of website data is in the vault was actually part of the unencrypted metadata.
-
@JBert said in A fool and his not-really-money are soon parted:
@izzion said in A fool and his not-really-money are soon parted:
@PotatoEngineer said in A fool and his not-really-money are soon parted:
@dkf said in A fool and his not-really-money are soon parted:
@LaoC I wonder if he used LastPass...
I use LastPass, and the email I got from them about the compromise was that a bunch of metadata was stolen, not that the wallets were compromised. So only the most paranoid of nobody-gets-to-know-my-information people would really care. Or people who used that metadata for their passwords.
...did I miss something worse?
There was a second compromise (or additional information discovered about the continuing first compromise, depending on which article source you read) that got access to encrypted data including customer vaults. Which LastPass PR waved off as "we encrypt it with a Zero Knowledge technology so as long as you have a good master password you're fine" but you know how good people are at picking passwords.
The
hashcat
password cracking tool has been modified so that it can crack the encrypted LasstPass vaults, so if your master password wasn't a long random string or a decent Diceware passphrase then you should be very afraid.Though I guess it also depends on what kind of valuable information you have in there. I believe some information about what kind of website data is in the vault was actually part of the unencrypted metadata.
Oh, okay then, no worries. It only has all of my financial passwords. What could possibly go wrong?
-
@PotatoEngineer said in A fool and his not-really-money are soon parted:
@JBert said in A fool and his not-really-money are soon parted:
@izzion said in A fool and his not-really-money are soon parted:
@PotatoEngineer said in A fool and his not-really-money are soon parted:
@dkf said in A fool and his not-really-money are soon parted:
@LaoC I wonder if he used LastPass...
I use LastPass, and the email I got from them about the compromise was that a bunch of metadata was stolen, not that the wallets were compromised. So only the most paranoid of nobody-gets-to-know-my-information people would really care. Or people who used that metadata for their passwords.
...did I miss something worse?
There was a second compromise (or additional information discovered about the continuing first compromise, depending on which article source you read) that got access to encrypted data including customer vaults. Which LastPass PR waved off as "we encrypt it with a Zero Knowledge technology so as long as you have a good master password you're fine" but you know how good people are at picking passwords.
The
hashcat
password cracking tool has been modified so that it can crack the encrypted LasstPass vaults, so if your master password wasn't a long random string or a decent Diceware passphrase then you should be very afraid.Though I guess it also depends on what kind of valuable information you have in there. I believe some information about what kind of website data is in the vault was actually part of the unencrypted metadata.
Oh, okay then, no worries. It only has all of my financial passwords. What could possibly go wrong?
Chaaaaaaaaange, baby change! Password inferno!
-
@HardwareGeek said in A fool and his not-really-money are soon parted:
@loopback0 said in A fool and his not-really-money are soon parted:
keep us all from losing our grip on reality.
-
@boomzilla said in A fool and his not-really-money are soon parted:
@LaoC said in A fool and his not-really-money are soon parted:
Overall corruption would at least go down.
Definitely. Overall speeding violations would also go down if you removed speed limits.
-
@PotatoEngineer said in A fool and his not-really-money are soon parted:
@dkf said in A fool and his not-really-money are soon parted:
@LaoC I wonder if he used LastPass...
I use LastPass, and the email I got from them about the compromise was that a bunch of metadata was stolen, not that the wallets were compromised. So only the most paranoid of nobody-gets-to-know-my-information people would really care. Or people who used that metadata for their passwords.
...did I miss something worse?
Yes. Here's a guy picking their PR apart who seems to have been following them for a few years.
-
@loopback0 said in A fool and his not-really-money are soon parted:
I think the internet's NFT bullying has had an effect on mainstream game publishers: If we'd all just shrugged, they'd have tried way more NFT gun skins by now. Even if it hasn't, though, maybe making fun of stuff online is something we do for each other, to remind us all of what's real and validate the overwhelming feeling that it's all very stupid.
One of us.
-
@JBert said in A fool and his not-really-money are soon parted:
@izzion said in A fool and his not-really-money are soon parted:
@PotatoEngineer said in A fool and his not-really-money are soon parted:
@dkf said in A fool and his not-really-money are soon parted:
@LaoC I wonder if he used LastPass...
I use LastPass, and the email I got from them about the compromise was that a bunch of metadata was stolen, not that the wallets were compromised. So only the most paranoid of nobody-gets-to-know-my-information people would really care. Or people who used that metadata for their passwords.
...did I miss something worse?
There was a second compromise (or additional information discovered about the continuing first compromise, depending on which article source you read) that got access to encrypted data including customer vaults. Which LastPass PR waved off as "we encrypt it with a Zero Knowledge technology so as long as you have a good master password you're fine" but you know how good people are at picking passwords.
The
hashcat
password cracking tool has been modified so that it can crack the encrypted LasstPass vaults, so if your master password wasn't a long random string or a decent Diceware passphrase then you should be very afraid.Though I guess it also depends on what kind of valuable information you have in there. I believe some information about what kind of website data is in the vault was actually part of the unencrypted metadata.
It's a locally-stored password database. Is there really all that much they can do against dictionary attacks if the attacker has a copy of the DB? I mean, you can do some padding to make the password-to-key function more expensive, but that really works best in concert with a good key, and there's a limit to how expensive you can make it.
-
@PleegWat said in A fool and his not-really-money are soon parted:
Is there really all that much they can do against dictionary attacks if the attacker has a copy of the DB?
Peppers help a little here.
-
@LaoC said in A fool and his not-really-money are soon parted:
@PotatoEngineer said in A fool and his not-really-money are soon parted:
@dkf said in A fool and his not-really-money are soon parted:
@LaoC I wonder if he used LastPass...
I use LastPass, and the email I got from them about the compromise was that a bunch of metadata was stolen, not that the wallets were compromised. So only the most paranoid of nobody-gets-to-know-my-information people would really care. Or people who used that metadata for their passwords.
...did I miss something worse?
Yes. Here's a guy picking their PR apart who seems to have been following them for a few years.
Well, that's not good. I'd say "it's time to upgrade the password strength", except that I can't find out how many iterations of PBKDF2 I'm using. I've had the account for a while, so I probably have the less-secure option.
And, dangit, I share that account with my wife, who's kind of bad at remembering passwords. I'm assuming that if I change my master password, I'll get the new-and-improved PBKDF2 strength. So I get to teach her a new password. Yay.
-
@PotatoEngineer got to change all other passwords too.
-
@topspin said in A fool and his not-really-money are soon parted:
@PotatoEngineer got to change all other passwords too.
Yup. Though, thankfully, most of the important ones have 2FA, and I haven't gotten any spurious 2FA requests lately.
-
@PotatoEngineer said in A fool and his not-really-money are soon parted:
I haven't gotten any spurious 2FA requests lately.
That means they hijacked the device you use for TFA, too.
-
@Zerosquare said in A fool and his not-really-money are soon parted:
@PotatoEngineer said in A fool and his not-really-money are soon parted:
I haven't gotten any spurious 2FA requests lately.
That means they hijacked the device you use for TFA, too.
Yeah, don't get me started on how my bank uses SMS or their authenticator app for TFA, with no option to disable SMS. (And then screws up the authenticator app implementation so that if you show up at the wrong time, the code won't work.)
-
-
-
@boomzilla said in A fool and his not-really-money are soon parted:
Modern finance is completely bonkers with how the money flows and who owes what to whom. Crypto-finance is bonkers222. I mean, seriously, they don't even know how much they owe (aside from "a lot"), or who they owe it to!? (Okay, maybe they don't know the identities, but they know the wallet IDs?)
-
@PotatoEngineer said in A fool and his not-really-money are soon parted:
they don't even know how much they owe (aside from "a lot"), or who they owe it to!?
That's the problem with not-really-money
-
@Zerosquare said in A fool and his not-really-money are soon parted:
@PotatoEngineer said in A fool and his not-really-money are soon parted:
they don't even know how much they owe (aside from "a lot"), or who they owe it to!?
That's the problem with not-really-money
The other hilarity: FTX's "illiquid tokens" where they own the overwhelming majority of the supply of some particular tokens, so that selling them would crash that particular token. Sure, selling things usually lowers the price a bit, but how could you possibly call it an asset if it's impossible to sell? Were they just thinking of "in the far future there will be a larger market and we'll be able to sell them if we need to", or was it just "if I move these electrons around, our balance sheet gets bigger!!!!!!"
-
@PotatoEngineer said in A fool and his not-really-money are soon parted:
@Zerosquare said in A fool and his not-really-money are soon parted:
@PotatoEngineer said in A fool and his not-really-money are soon parted:
they don't even know how much they owe (aside from "a lot"), or who they owe it to!?
That's the problem with not-really-money
The other hilarity: FTX's "illiquid tokens" where they own the overwhelming majority of the supply of some particular tokens, so that selling them would crash that particular token. Sure, selling things usually lowers the price a bit, but how could you possibly call it an asset if it's impossible to sell? Were they just thinking of "in the far future there will be a larger market and we'll be able to sell them if we need to", or was it just "if I move these electrons around, our balance sheet gets bigger!!!!!!"
All those Enron staffers had to do something with their life after 2000.
-
@PotatoEngineer said in A fool and his not-really-money are soon parted:
Sure, selling things usually lowers the price a bit, but how could you possibly call it an asset if it's impossible to sell?
"HODL" is not meant as a metaphor.
-
@PotatoEngineer said in A fool and his not-really-money are soon parted:
The other hilarity: FTX's "illiquid tokens" where they own the overwhelming majority of the supply of some particular tokens, so that selling them would crash that particular token. Sure, selling things usually lowers the price a bit, but how could you possibly call it an asset if it's impossible to sell? Were they just thinking of "in the far future there will be a larger market and we'll be able to sell them if we need to", or was it just "if I move these electrons around, our balance sheet gets bigger!!!!!!"
Welcome to the Wonderful World of Asset Trading!
The sole value proposition of this sort of Monopoly money is that someone, at some point in the future, will buy it off you for some non-zero price.
Why would they do that? Because they believe there exists a
suckerinvestor that wil, at some point in the future, buy it off them for a higher price than they paid for it.Why would they possibly believe that? Well... they just bought it off you, didn't they?
As long as there exist
suckersinvestors who are willing to buy Monopoly money for real money, Monopoly money has some value. Therefore, if your business happens to have a truckload of Monopoly money, it owns an asset of some value.For accounting purposes, it's important to put a value to all assets you own. How can we do that with your truckload of Monopoly money? Well, we can see what Monopoly money is going for in the market these days; multiply the market price by the number of Monopoly notes you have, et .
Unfortunately, liquidating this supply of Monopoly money is tricky, because a
suckerinvestor will only buy it for you at a given price if they believe they'll be able to sell it to some othersuckerinvestor at a higher price, and that's only happening if there's a lot ofsuckersinvestors in the market for Monopoly money, but not a lot of Monopoly money on the market.So you can't blow your load all in one go, 'coz as soon as the price of Monopoly money starts a downward trend, all the
suckersinvestors currently holding it will be looking to sell what they've got in order to minimise their losses (they paid real money), and you're gonna have a hard time findingsuckersinvestors to buy it, because selling what you bought for a higher price looks a lot less likely when the price is cratering as we speak (positive feedbacks are a bitch).To be fair, this is a feature of all asset markets. It's just that crypto is unique in that it has no value other than as an object of trade. Shares, which are nearly as bad these days, might at least start paying dividends at some point, and commodities can, as a last resort, be sold to end users.
-
@GOG said in A fool and his not-really-money are soon parted:
To be fair, this is a feature of all asset markets. It's just that crypto is unique in that it has no value other than as an object of trade. Shares, which are nearly as bad these days, might at least start paying dividends at some point, and commodities can, as a last resort, be sold to end users.
These crypto markets have a lot in common with foreign exchange markets, i.e., they're extremely tricky places to invest in as they're pretty much exactly zero sum. Real assets at least have a base value that underpins the speculative overvaluing.
The other nasty thing is borrowing against an asset. Especially if you're actually loaning to yourself (via a shell game) to increase the size of asset pool you can issue loans against. I don't know whether that's what FTX were doing, but it's a good way to apparently manufacture a lot of money out of absolutely nothing and to get into massive trouble once confidence collapses. And it's the sort of thing that would be horribly complicated to unwind, as loans to yourself are not regarded very favourably by the law but the laundering shell game makes finding out if that really happened very messy. Unless all the shells collapse and the records are discovered because they've been put immutably in the blockchain...
-
-
-
@PotatoEngineer said in A fool and his not-really-money are soon parted:
@TimeBandit said in A fool and his not-really-money are soon parted:
...the sequel to FTX?
It's kind of amusing how the whole crypto scammery is doing a speed run discovery of why we have the financial rules and regulations that we do.
-
-
@Atazhaia said in A fool and his not-really-money are soon parted:
This seems more and more like an elaborate 4chan troll.
-
@Carnage said in A fool and his not-really-money are soon parted:
This seems more and more like an elaborate 4chan troll.
knowyourmeme.com/news
Is this even real, or this part of the site more like The ?
It's certainly long reached Poe or Noe territory, where every attempt of satirizing it would fall short of the real thing's idiocy.
-
@Carnage said in A fool and his not-really-money are soon parted:
It's kind of amusing how the whole crypto scammery is doing a speed run discovery of why we have the financial rules and regulations that we do.
Too slow for a "speed run"... They need to crank it up a couple notches.
-
@Carnage said in A fool and his not-really-money are soon parted:
@Atazhaia said in A fool and his not-really-money are soon parted:
This seems more and more like an elaborate 4chan troll.
Dude that's what I took Bitcoin for upon first analysis - except it's worse, it's Japanese mathematical performance art trolling.
-
@topspin said in A fool and his not-really-money are soon parted:
@Carnage said in A fool and his not-really-money are soon parted:
This seems more and more like an elaborate 4chan troll.
knowyourmeme.com/news
Is this even real, or this part of the site more like The ?
It's certainly long reached Poe or Noe territory, where every attempt of satirizing it would fall short of the real thing's idiocy.
It's as real as NFTs are, alas.
Listings on the OpenSea exchange show a current floor price of 1.49 ETH (about $2,293) for a "Sewer Pass" NFT that grants access to Dookey Dash until February 8. In less than 24 hours, the exchange has seen 8,394 ETH (about $12.8 million) in Sewer Pass transactions, with some passes selling for as much as 5.75 ETH (about $8,770).
-
@Carnage said in A fool and his not-really-money are soon parted:
@PotatoEngineer said in A fool and his not-really-money are soon parted:
@TimeBandit said in A fool and his not-really-money are soon parted:
...the sequel to FTX?
It's kind of amusing how the whole crypto scammery is doing a speed run discovery of why we have the financial rules and regulations that we do.
And like all speedrunners, they repeat the exact same thing 200 times in a row.
-
@loopback0 said in A fool and his not-really-money are soon parted:
@topspin said in A fool and his not-really-money are soon parted:
@Carnage said in A fool and his not-really-money are soon parted:
This seems more and more like an elaborate 4chan troll.
knowyourmeme.com/news
Is this even real, or this part of the site more like The ?
It's certainly long reached Poe or Noe territory, where every attempt of satirizing it would fall short of the real thing's idiocy.
It's as real as NFTs are, alas.
Unfortunately, that doesn’t clear up much.
Listings on the OpenSea exchange show a current floor price of 1.49 ETH (about $2,293) for a "Sewer Pass" NFT that grants access to Dookey Dash until February 8. In less than 24 hours, the exchange has seen 8,394 ETH (about $12.8 million) in Sewer Pass transactions, with some passes selling for as much as 5.75 ETH (about $8,770).
Most of that is probably wash trades to give suckers the appearance that other suckers are buying this shit.
-
@topspin said in A fool and his not-really-money are soon parted:
Most of that is probably wash trades to give suckers the appearance that other suckers are buying this shit.
I doubt it needs them, as there are enough retards buying into this sort of shit already.
-
@topspin what surprises me is that despite insanely high transaction costs, wash trading is still profitable.
-
-
@loopback0 said in A fool and his not-really-money are soon parted:
$2,293 [...] for a [...] NFT that grants access to [video game] until February 8
People are paying $2k for essentially a digital ledger entry that acts as a ticket to play a video game (for a limited time).
It's like some kind of weird social experiment. "How badly can we scam rich idiots while telling them openly exactly what we're doing?"
-
@acrow that's been done before:
-
@Gustav said in A fool and his not-really-money are soon parted:
@topspin what surprises me is that despite insanely high transaction costs, wash trading is still profitable.
Not all of the real money is real dirty. But some of the real money, is real dirty.