CryptoBard's comments

CryptoBard | 6 years ago | on: Mozilla patches Firefox zero-day abused in the wild

I don't know why you are addressing me, I can't even downvote. Your "conspiracy theory" comment is certainly valid, unfortunately I'm not willing to provide more information so I suppose it will remain a "conspiracy theory" albeit one I believe is true.

CryptoBard | 6 years ago | on: Mozilla patches Firefox zero-day abused in the wild

Someone I know was hit by this in a very targeted attack on June 6th. They managed to capture the binary it dropped on their mac with some other gatekeeper bypass vulnerability (perhaps https://www.bleepingcomputer.com/news/security/new-unpatched...). It is a mac port of the binary discussed in this research paper by Exatel: https://exatel.pl/advisory/paranoicy-raport-socexatel.pdf

CryptoBard | 7 years ago | on: Launch HN: Dharma (YC S17) an open protocol for borrowing/lending cryptoassets

I also work in the exchange space like you used to and my thinking is pretty much fully aligned with the way you pose the issue and I'm very excited about your intention behind Dharma. I also agree with your current thoughts on approaching KYC and AML (please see my post in response to this one's parent). I'll reach out to you via your website if you don't mind since HN doesn't have PMs, would love to figure out if there's a way I can contribute.

CryptoBard | 7 years ago | on: Launch HN: Dharma (YC S17) an open protocol for borrowing/lending cryptoassets

I am an engineer at a Coinbase competitor company and I have been thinking about this problem (massive amounts of crypto assets lying dormant) and possible leverage (global access to a universal debt market) and I have been researching Kiva since it seems to be the early player in this space. My 2c - Yes KYC and AML is important but it doesn't make sense relying on national identity documentation and storing everyone's PII in your own database. There's a ton of companies working on identity solutions where the user retains ownership of their sensitive information. With GDPR catching on and similar regional legislation popping up pretty much everywhere outside the EU, KYC and AML information pose a significant liability (and rightly so!) to companies in the fintech space. Especially so for early entrepreneurs who want to innovate but don't have the risk and compliance teams to deal with such sensitive information.

The proper solution is not to hold people's PII at all and depend on a provider (ThisIsMe, Civic, Consent, IDNow, etc, etc, etc, etc) combined with the customer's social graph information. If you want to know your customer, you need to know the people who knows your customer. After-all, who knows you better than your family and friends?