Another Privacy Hurdle

Having run this blog for almost three years, I’ve toyed with the idea of creating a more prominent method for folks to leave a tip1. As I found out once again, this is no easy task without giving up privacy.

If there was any doubt, this is why bitcoin “tips” would never work on TAONAW blog. 80% of people say they might tip, which is great, but only one person would consider using bitcoin. Bitcoin is the only option through which I can think of remaining completely anonymous: not to the folks visiting the site, but the big companies behind the scenes.

Let’s consider the “threat model” of what I’m trying to do here. I like to divide this model into three main levels. The state level is the hardest one, this is the Snowden level where you’re trying to hide from the NSA or other state actors with virtually unlimited resources. Then there’s big tech companies level, where the goal is to give the likes of Google the least amount of information as possible. This is where I consider I am today. Beneath that there’s the individual level, where you hide from your boss, friends, maybe your spouse 2.

When you try to hide from the likes of Google and Apple, you simply try to substitute the services they offer for other companies. Usually, this means choosing a lesser evil. In my case for example, Ko-Fi, which I considered before, uses PayPal. PayPal also has its own button-to-donate. If you use those services, your information is stored somewhere with eBay (who owns PayPal) instead of Google or Apple. Not much better, if you ask me. You can still keep yourself hidden from those who choose to tip a business account or alias, sure, but the people handling your money know your true identity and address. This is the case of any such service I was looking into: they have to go through a major financial company somewhere.

Now I can go back to bitcoin. In theory, if someone tips in bitcoin to a wallet address I give here, things stay relatively anonymous. Sure, you can track the transaction (which is public knowledge) with something like blockchain explorer, but the wallet doesn’t have my name or address, provided I use a private service. Those are easy enough to find on the likes of F-Droid on Android phones, which doesn’t store information about you like Google’s Play Store or Apple’s App Store. The problem with bitcoin is when you want to exchange it for real (Fiat) money. The exchanges require real identity, no matter what service you use3.

Independently, that’s not a bad idea: any tips I’d get in bitcoin would go for TAONAW services, like paying for VPN or the Protonmail services - both accept bitcoin. However, as we’ve seen above, most people won’t tip. This is not because they don’t want to, but because it’s inconvenient at best.

TAONAW is not a profitable business and I don’t want it to be. It would be nice to make it self-sustaining though, so the few basic costs are paid for. It’s not that I can’t afford it, it’s about appreciation for good service (in this case, a good post that teaches something) and saying “thanks.” And, more importantly, this is just yet another example of where aiming to be private doesn’t work out.

I’m aware this is all a battle of principles (some may argue that the entire argument of online privacy is purely principles in today’s world). Still, the notion that I cannot have a self-sustaining privacy website without giving in to some level of hypocrisy is preposterous. Yes, there are ways: I give up the domain and use a subdomain on GitHub or GitLab with an alias account. Use some free VPN (or free public WiFi) whenever I want to push content. Use the free version of Proton. These are all solutions that drive me further away from what I want to do at the end of the day: just write my posts.

Footnotes


  1. Currently, this is buried as a link inside the about page for this blog. ↩︎

  2. This is over-simplification of course, but it helps to break down things a bit. I consider individual “hackers” (this term is so widely used by the media today it loses its meaning) who track another individual specifically (so not script-kiddies or bots that scan the internet for open RMD or SSH ports) somewhere between the first and the second level. ↩︎

  3. Yes, there are bitcoin Kiosks… or at least that’s what I was told several times. The websites that store information about their locations are shady and poorly designed at best, and the supposed locations where I can find them are even creepier. Of course, you also need a burner phone with you, which you keep for that purpose. And then I need to get to such a location whenever I want to pull money out of the kiosk, which may or may not be at the location tomorrow. ↩︎