Physical movement can be tracked by cameras. All digital transactions are tracked by virtue of the way the internet works.

When you put your trust in digital transactions you are putting your trust in the cryptography that hopefully underpins them. With recent regimes of harvest now decrypt later, you are putting your trust in both the perfect forward and quantum/parallel resistance of that cryptography.

Just some food for thought. Sending cash might be a smarter choice than you think.

harvest now decrypt later applies to cameras too. Install a bunch of security cameras, aggregate all footage, use facial detection, gait detection, predictive algorithms, etc to figure out the motion of all citizens at all times. I would not be surprised if governments were already doing this.

You simply cannot practically "encrypt" physical methods wirh the same amount of entropy that can be used for digital methods. And this is even before quantum-safe encryption.

Physical surveillance of mail is incredibly expensive, slow and subject to a bunch of regulations.

It also doesn’t consistently work.

Electronic surveillance of communications is incredibly cheap in comparison, near instantaneous and an evolving new technology that’s loosely regulated if at all.

It also creates a 1:1 copy of the transmission for interpretation at a later date.

Regulation means nothing, if the feds want to track people there's endless strings they can pull. Plenty of evidence online of feds intercepting packages and bugging devices. They can even use illegal means and then use parallel construction.

On the other hand, just because the feds collect a bunch of dsta to be decrypted later, doesn't mean they actually will. Encryption is very rarely cracked, it's far more difficult than tracking people down via camera footage. Not to mention, statute of limitations means that even if they crack it 20 years later, the data might be useless by then.

Fact is, I can send some monero to somebody today and know it won't be cracked within the year. But if I put on a mask and gloves and try to send a letter in the dead of the night, I know there's still a chance that I'm caught.

There's a reason why hackers today choose to use crypto and mixers rather than cash. Same reason why the US criminalized tornado wallet. Turns out, Monero and mixers are incredibly effective.

Physical surveillance is barely even circumstantial evidence of the crimes we’re talking about, Hndl troves are incontrovertible. People get caught using monero to do crimes all the time.

Of course if you dress up like the hamburgler you’re gonna stick out. Just look normal.

I did not intend to fight you about this, the point of my reply was to provide some context about the often overlooked physical side of things.

We very often overlook the physical because we think it’s too unknown and that we understand the digital much better but in many years I’ve never met a person who thought that way and could explain in detail how the web works or why certificates are scrubbed.

Keep your nose clean out there, you never know whose gonna be looking in 20 years…

What do you mean the space for digital is unlimited and infinite? There's finite resources on the planet. 2048-bit RSA is not getting brute-forced in our lifetime (without quantum). And if you are talking about password strength, all of what you mentioned should be factored in. Take the combined compute of all GPUs of the world, factor in Moore's law with a 50 year horizon, and figure out how strong your password should be. I know some people use 128 bits of entropy but I think 100 bits is plenty. Use a word-based passphrase for easy memorization. Or just use a hardware key.

Now I'd love to know how to calculate what level of security is enough for physical methods. Anything rigorous?

people can create accounts non-anonymously, and convert them into anonymous accounts by selling them to others

yes so that's the part where identity theft is used

Not necessarily. Protonmail will happily let you create an account if you don't use a VPN or Tor. Such accounts are tied to your IP

Can't you just go somewhere that has public wifi and set up a Proton account from there? No VPN and they dont have your IP.

Can we just perfect strangers this and I create zendayagirl67@gmail and you create shielaandstu@hotmail, then we trade?

Am I being very naive?

Interesting idea. Honestly at first glance I thought this seemed ok, but it's actually dangerous. Imagine if you initiated a trade with somebody and they turned out to be a fed. The fed now has the gmail account you created, and can just ask gmail who created the account. Now they have your identity, and they also know the hotmail account they gave you, so your identity is now linked to that email as well.

By definition, the only way to anonymously acquire an email account is to give zero identifying information about yourself, but by giving away an email account that you created non-anonymously, you are giving away identifying details.

That's another tricky question. I suppose it's possible to make an anonymous online connection, chat with them long enough to be confident that they aren't a fed, and then trade emails. Sounds like a lot of work though 😅

Some things to be cautious about though. If this is a friend that you made over non-anonymous channels, eg Facebook or Discord, then the feds may have already established a link between you two. I'm sure the feds create big social graphs that map the connections between everybody. So if you trade emails with a friend, and then do something illegal with that email, the feds go to your friend, realize that they have the wrong person, and even if your friend doesn't give up any info, the feds might investigate you anyways due to your connection to them.

Yeah, I think you’re right and it’s unlikely that many people have such long friendships with people over entirely private media.

If you’re enjoying the hypotheticals, I’ve got another, but if they’re unhelpful/distracting, don’t feel obligated to indulge me. What if you had an open, anonymous community sharing a chain of emails, so each person joining the group would receive the email account made by the person before them and would make an email for the person joining after them? Obviously the feds could still infiltrate it, but they’d have a lot less data from any given user and they’d get the most data from the person who joins after they do, which they can’t control. Unless they monitor it 24/7 and get lucky, they wouldn’t be able to make sure every other user is a fed. That seems like it would also be relatively easy to detect, if every single time a new account joined, another immediately followed.

keep the hypotheticals coming! They're always fun to think about.

The problem with the chain sharing idea, is all it takes is one person to not make an email for the next person, and the chain is broken.

It sounds like you are trying to create a system for anonymously trading emails. Maybe you invent a fancy system where you have to give an email in order to receive one. But why stop there? What if somebody comes along and says "I'm not very good at making emails, but I can write songs. Can I trade a song for an email address?" And then somebody else says "Sure! Man it would be nice if there were some intermediate form of value that we could use to trade goods and services, instead of just trading emails directly". Voila, the invention of currency :). This is effectively what the darknet market is. A way to anonymously trade goods and services.

Yeah, I figured the prior person’s information would only be released when the new user provides the details for a valid email account. I’m (clearly) not a tech person, but that sounds relatively doable.

The problem with changing the terms is that you don’t know who’s going to join after you, so you don’t know that they want a song. You can look at that as the free market in action, but it’s also effectively a dead end for a purpose-built group.

It has also just occurred to me that people who want to commit fraud would also be interested in this, and perhaps giving them the opportunity to collect a bunch of potential blackmail ammunition is not ideal.