

How you will not uncover Satoshi - wslh
https://bitslog.wordpress.com/2014/06/19/how-you-will-not-uncover-satoshi/

======
nikcub
It is somewhat good news for online anonymity that we don't know who Satoshi
is. The amount of resources that have been poured into trying to uncover his
identity is the equivalent of a medium-sized open source project. He has
survived the army of geeks.

The state of user-user or user-corporation anonymity is good. If you want to
stay anonymous from other users or a corporation then you can gain anonymity
by spending a few hours reading tutorials/guides online and then installing
Tails or Whonix (both which solve the metadata problem in OP and a variety of
other attacks) or an alternative homebrew solution (machine
isolation/snapshots) and apply a level of discipline to isolate your identity.

Last best OPSEC move Nakamoto made was to disappear - removes so many options
in tracking him down. Hanging around and living off the credibility you've
built with your anonymous persona is likely only going to breed complacency
and the odds of slipping up increase each day (you see this in many cases)

I doubt he'll ever be tracked down. I doubt even a gov investigation starting
today (for whatever reason) with all the power it has would achieve it (unless
more than one person knows the secret, in which case a US investigation has a
broad range of legal methods to compel testimony and reveal it).

I know a lot of people are sick of talking about Nakamoto and prefer to focus
on what he produced (you can't even google his name anymore without 50% of the
hits being about the Newsweek article), but being able to invent such an
important piece of transformative technology and remain anonymous for so long,
possible forever - is a brilliant accomplishment worthy of its own attention.

~~~
superuser2
>I doubt even a gov investigation starting today (for whatever reason) with
all the power it has would achieve it (unless more than one person knows the
secret, in which case a US investigation has a broad range of legal methods to
compel testimony and reveal it).

As much as members of the Bitcoin community like to think of themselves as
agitators, there were very clearly no laws broken here.

~~~
eric_bullington
>As much as members of the Bitcoin community like to think of themselves as
agitators, there were very clearly no laws broken here.

Yeah, that's all clear now, but 4 years ago the legal situation was much
murkier. This was all very new ground and we had no idea how the U.S.
government would react, particularly given some of the other things going on
at the time (particularly the prosecution of E-Gold, which was centralized but
shared some features with Bitcoin).

------
mcherm
Note to self:

If I need to publish something and have it remain completely anonymous,
convert it to ASCII TEXT. That is one of the few formats I understand well
enough to be CERTAIN that it is free of metadata.

Now all I have to worry about is how I can anonymously publish it, text style
analysis, and how to include diagrams without resorting to ASCII drawings.

~~~
chaos0
I wonder if there is a tool to obfuscate text to prevent analysis. one way I
could think of is to use any online translation tool to translate to a foreign
language and then back to english. and then fix the grammar slightly. the
structure of the text should hopefully be different enough for any tool/human
to recognize it's your style. is there an easier way to do this?

~~~
TeMPOraL
Reminds me of a concept of "google translate fixed point", i.e. you translate
between english and an foreign language back and forth until the translation
stops changing.

~~~
pelario
Interesting, however, I would not use google translate to obfuscate my
writing, as it might appear in google logs :)

~~~
TeMPOraL
:). Speaking of which, can you recommend any non-Google online translation
tool?

------
userbinator
Although the PDF spec says that the ID field is "optional", a lot of PDF-
producing apps put it in anyway, and the way OoO calculates the ID is
basically what the spec recommends, although it does say "Note that the
calculation of the file IDs need not be reproducible. All that matters is that
the file IDs are likely to be unique." This means that a CSPRNG would be a
better choice, or even omitting the ID entirely.

The Author/CreationDate/Creator/Producer/etc. fields are also completely
optional despite, once again, the insistence of applications to put them in.
There are "PDF anonymisers" out there, and I've written one myself too, but
not all of them remove all this information.

Interestingly enough there's a PDF from the NSA about removing metadata, which
itself has most of the metadata removed, but not the ID nor
creation/modification dates:

[http://www.nsa.gov/ia/_files/app/pdf_risks.pdf](http://www.nsa.gov/ia/_files/app/pdf_risks.pdf)

------
vijayboyapati
The author of the blog post makes the claim that Satoshi used Tor. I'm
interested in what evidence there is for that. I googled and found a few
people mentioning it, but no direct quote from Satoshi himself. I also
searched the archives of his posts:
[https://www.google.com/webhp?sourceid=chrome-
instant&ion=1&e...](https://www.google.com/webhp?sourceid=chrome-
instant&ion=1&espv=2&ie=UTF-8#q=site:nakamotoinstitute.org+tor)

Suppose that claim is not true, or that he was not fastidious in his use of
Tor, it seems to me the email service provider would have logs on where his
emails were originating from. From his original paper his email is
satoshin@gmx.com

I'm not sure who owns gmx.com, but I think it likely that if a sovereign state
went after them, they would probably divulge the information. Not that I want
this to happen, of course. I hope he's never uncovered and his legend grows
with the success of Bitcoin. I hope he did use Tor. I'm just not certain there
is evidence for it.

Edit: I am not Satoshi Nakamoto, although I wish I was

~~~
Taek
gmx is very popular among tor users because you can create an account with no
strings attached. No other emails are needed, no other phone numbers are
needed, and signup takes only a few webpage loads (important when dealing with
latencies of up to 45 seconds).

This of course doesn't mean that Satoshi is a tor user, but a gmx account is
consistent with typical tor behavior.

~~~
mahouse
Last time I tried to create a gmx account under Tor, it told me I could not do
it because my IP address was blacklisted.

~~~
adamnemecek
What's your point? The fact that one exit node was blacklisted does not
disprove anything.

~~~
dzhiurgis
Tor exit-node filtering is soooo common nowadays it practically makes Tor
useless.

------
nebulous1
I would have thought he'd use a computer solely for his Satoshi identity, in
which case his username probably is satoshi. This is the best way to ensure
your computer doesn't leak anything you don't want it to: don't give it the
information in the first place.

~~~
tomjen3
Then somebody stumbles over the computer and you are outed.

------
callesgg
If someone finds Satoshi and publishes Satoshi's identity and Satoshi is a
regular person. It would probably led to the destruction of Satoshi's life and
not that unlikely Satoshi's death.

With that in mind, i think it is kind of stupid to look for Satoshi.

~~~
bruceb
How would it lead to his death? Would his life change? Yes but there is no
reason to think he would die.

~~~
hellodevnull
This is funny, a couple of months ago everybody was saying how publishing the
identity of a man who holds millions in an anonymous virtual currency would
most likely lead to somebody attempting to extort him and put his life great
danger.

Now this comment is getting downvoted.

~~~
bruceb
People seem to forget there are lots of millionaires, multi millionaires, and
billionaires around. For the most part in America, Europe, Japan, etc they are
safe.

But I guess at least being downvoted means someone is reading it.

~~~
ufmace
Yes, but they generally have their fortunes in various bank accounts,
investment accounts, land/property, and other things that are very difficult
to steal and monetize without leaving traces. How much security would you need
if you had $20 million in gold bars in your living room, and the general
public knew about it?

------
Relys
Why does everyone assume that Satoshi is a singular entity? What if Satoshi is
legion? :/ Given that initial assumption, which large/government entities
would be most likely to start such a project?

------
erikb
Wasn't there some article some time ago that Satoshi has been discovered? Was
it shown to have been fake? At least on FB/G+ it went quite viral and I
haven't seen anything since.

~~~
damian2000
Wrong guy ... from wikipedia ...

The most high-profile speculation to date came in a March 6, 2014, article in
the magazine Newsweek,[30] when journalist Leah McGrath Goodman identified
Dorian Prentice Satoshi Nakamoto, a Japanese American man living in
California, whose birth name is Satoshi Nakamoto.

[http://en.wikipedia.org/wiki/Satoshi_Nakamoto#Dorian_Nakamot...](http://en.wikipedia.org/wiki/Satoshi_Nakamoto#Dorian_Nakamoto)

~~~
MrBuddyCasino
Still seems fishy to me. The real Satoshi could have proved that he couldn't
be that guy (using the blockchain or something else), but he didn't.

~~~
nawitus
What's in it for the real Satoshi in that? By the way, Satoshi's old accunt
was used to deny it.

[http://p2pfoundation.ning.com/profile/SatoshiNakamoto](http://p2pfoundation.ning.com/profile/SatoshiNakamoto)

~~~
MrBuddyCasino
I know that, but that doesn't prove anything.

\- If Dorian was the real Satoshi, he would of course have used his 'real'
account to try to disprove the claim.

\- If not, the only to way to know for sure that he is not the guy is for the
other 'real' Satoshi to prove that it couldn't be Dorian.

Simple as that. I agree that in the second case, the real Satoshi would not
have a lot of incentive to prove the mistake. I'm not a conspiracy nut, I'm
just saying that it has not been proven that Dorian is not the guy.

~~~
dpark
How exactly could Satoshi _prove_ that he isn't Dorian Nakamoto?

~~~
bpicolo
By proving he is somebody else?

Not saying he would, just saying it would work.

~~~
dpark
Fair enough. :) I should have asked how he could prove it without revealing
his actual identity.

------
hotpockets
According to I believe mike hearn, the whitepaper was not originally published
as a pdf by satoshi. Someone else made the pdf.

~~~
gwern
Link? I've never heard that, and the very first draft of the whitepaper
(hosted on a now dead filesharing website) was also a PDF.

