(To check out any of the X threads I reference, click the time stamp at the bottom of the tweet embed)

Welcome to the fourth issue of Thought Crime Trap House! Please consider subscribing if you haven't done so already, and don't forget to follow me on X or Farcaster. Hit me up in my DMs if you want to speak with me about anything.

If you like what you read, please SHARE with someone who also might like this kind of content. I need more readers! Thank you.

ALERT: Paywithmoon, a non kyc crypto based virtual visa card provider is cancelling many people's cards and no one seems to know why. Do not deposit any funds.

If you like what I'm doing, a donation will encourage me to continue! You can send me XMR on XMRChat or send me ETH or any ERC-20 to thoughtcrimeboss.eth.

Send me sats via Bitcoin mainnet: bc1qlewp9p426pe3t70fdwx0sg84dfqhnwae20unc5

Or send me Bitcoin via lighting to burnedmitten671@minibits.cash

Send me ETH or any ERC-20 tokens on Ethereum, Base, Optimism, Polygon, or any Layer 2 @ thoughtcrimeboss.eth

Send me SOL or any Solana token at 9uLhcY5AKHjYK3kySrgDnWqp5NFh9p1LQztT8iZUPdxZ

If you want to send me any other crypto currency, I don't care what it is, just comment or message me what blockchain you would like to use and I will gladly spin up a wallet and give you the address.

You can also support me by following me on Nostr npub1uqxkqdq3xngndgwlck03hje0u25uu7ql9nakh63yjk2m63thczkszeffca

Or by sharing this with people......

In the last edition we talked about the sentencing of Samourai Wallet developer Keonne Rodriguez to the maximum sentence of 5 years in a federal penitentiary. Well now the other developer, William Hill, has also been sentenced to 4 years in prison for "operating an unlicensed money transmitting service". Why did he get a whole year less than Rodriguez? Well he played the "I'm old and I am autistic" card and it worked somewhat. Prison is no environment for an autistic 67 year old computer programmer, it's absolutely insane to put him there. At the base level this is fucking stupid, everything about it is stupid. If they are claiming he somehow either deliberately or negligently harmed someone financially or emotionally (I don't see how he could of physically harmed anyone) through his actions, then they can just determine how much harm he caused and charge him restitution in that amount. He shouldn't have to also pay with 4 years of his fucking life. Except he didn't harm anyone, so that doesn't even matter. Also, the very idea that you should have to get a permission slip from the government just to transmit value from point a to point b is also retarded.

There is now a petition to free them both.

Privacy isn't a "nice to have" anymore, it's a necessity for the safety of you and your family, especially if you own bitcoin or other cryptocurrencies.

On the morning of November 22, someone posing as a delivery worker broke into a San Francisco home, tied up the homeowner, and stole 11 million in crypto.

I don't think American crypto holders are ready for what's coming in terms of targeted theft, kidnapping, or extortion using personal data leaked by both users themselves and companies with poor data handling (*cough coinbase *cough).

You've got people STILL posting shit like what city they live in, what car they drive, stuff about their kids, when and where they are on vacation, etc. Even little details can get you fucked. That's fine if you have say, less than 10k in crypto on transparent chains, you might be ok. Anything more than 10k is quite attractive for gangs of semi computer savvy youngins with no moral compass and no money to speak of. Especially with the economy going down the toilet and AI fixin' to drain all the job openings.

So just don't be surprised if you ever find yourself getting your ass beat until you give up your keys. It has already started to happen in America and it's only going to get worse.

Don't freak out yet though, it's never too late to start protecting yourself. Storing your wealth on privacy chains such as Monero or even shielded Zcash is a good start. This means a rando with a block explorer can't track down your balances.

If you have crypto sitting in doxxed wallets, tax loss harvesting might be a good opportunity to rearrange your funds to be more private. Let's say you are underwater on an asset in a wallet linked to your name in some way. You could sell the asset, write the loss off of your taxes, then redeploy the cash into a non kyced wallet by purchasing crypto p2p. Criminals will just see that you once had crypto, and you sold it. They aren't interested in your bank account $$$, they want crypto that can be sent out of your wallet and can't be clawed back. Something to think about that is definitely not financial or tax advice.

Lawmakers in several states are not only trying to force age verification on internet users, but now are also trying to ban VPNs in a major assault on privacy. I feel like I've seen stories every single day this year about some new law attacking privacy around the entire world, it's getting bad and it kind of feels like not many people care enough to fight it. Wisconsin's VPN ban just passed the house and is working it's way through the senate. Once one state bans VPNs, more will probably follow.

Speaking of VPN's, that brings us to our privacy tip for this issue, which is how to get a VPN without doxxing yourself to the VPN provider. Many people decide they want the extra privacy a VPN can provide, but make mistakes in getting the VPN that can harm their privacy.

Now in most cases your VPN provider is going to know what your IP address is but if you have signed up for phone service or internet service under an alias, that will protect you somewhat in that department, although the VPN provider can still see your location.

Secondly, if you use a reputable no log VPN provider, they don't save your IP address. You still have to trust them when they say they don't save it, but it's better to trust a reputable VPN provider whose entire business model depends on protecting their reputation by not selling user data, than to trust an ISP with all your internet data. One of the reasons Mullvad has a good reputation is that they have been raided by law enforcement before, and the cops left with nothing because Mullvad doesn't save any user data.

Finally, you can reduce your risk even more by paying for the VPN with a private crypto currency, i.e Monero. Mullvad VPN doesn't even require you give them an email address, you can generate a new account number every single month if you want to, very easily.

Here's some VPNs that accept Monero for subscription payments, the only one I can personally vouch for is Mullvad, although I have used IVPN without any problems, but it was only for a few months and several years ago. I tried to only include services on this list that I feel would be better for privacy you still need to DYOR! One thing to consider when doing that research is how many users does the service have. That is going to be the size of your anonymity set so the more the merrier (although now that I think about it, smaller VPNs could have some advantage in their servers not being flagged as VPNs as often). It could also be a good idea to use multiple VPN companies, one for each identity or group of identities, to help compartmentalize your separate online identities. Maybe you can use a faster but less private one for things like streaming video/music, and a more private but slower one for using cryptocurrency. Note: None of these VPN links contain reflinks, I will always disclose if I ever do share ref links.

To compare all of these, you can use Techlore's excellent VPN comparison chart.

Mullvad VPN -10% discount for Monero payments, fast, reliable, reputable, large user base means bigger crowd to hide in, proven to not keep logs (at least at the time of the law enforcement raid)

Obscura VPN -Accepts Monero, uses Mullvad's servers but adds a second layer of privacy in between so that Mullvad never is exposed to your IP address, currently only available on Mac OS and iOS though

Nym -Accepts Monero, offers both a 2 hop fast mode that they claim bypasses most VPN blocks as well as a 5 hop mixnet that creates random noise to further anonymize your traffic from things like packet analysis. More expensive than most VPNs though. They seem to collect a bit more data about their users than I would like though. I will be testing their service soon and will let you know what I think in a future issue.

ProtonVPN -Very recently began accepting Monero after a Monero community member collected petition signatures for them to do so, although I think the Monero payments are done through a third party rather than through Proton's website. This one also has a large user base, although I am a little cautious about Proton as a company because they are a little too mainstream/corporate for my liking, but I still use some of their products. I have not used the VPN though.

IVPN -Accepts Monero, is the only VPN I've found that is based in Gibralatar which might be good or bad I don't know, usually highly rated in the privacy community.

If you already have a VPN that you paid for with a credit card under your name, you're going to want to cancel that subscription and acquire a new subscription with Monero. It's a good idea to start with a month subscription and see how you like the VPN before buying a longer subscription.

If you don't have any, the easiest way to get some Monero is to download the Cake Wallet app on android or ios. For bonus points, download Cake Wallet and pay for the VPN on public WiFi or over TOR.

When you first start cake wallet, change connection and sync settings to use a trusted node. If you don't know any, a good option is Sethforprivacy's node.

node.sethforprivacy.com port 18089

It is best to send the VPN subscription transaction over your own node using churned funds for maximum privacy, if you don't have a device to run a node on, then a good alternative is using Sethforprivacy's Monero node instead of just a random public node. Bad actors such as chainanalysis run a few spy nodes on the network that record your IP address and other metadata if they route a transaction for you, although they still can't see amounts and addresses.

After picking your node, swap another crypto into XMR, such as LTC, SOL, or ETH, which can be done directly in the app. Swap more than you need to avoid linking transactions. For example if your VPN costs $5, swap into $20 of Monero. Let it sit for a couple hours or so, then send it to another account within your wallet. This is called churning and each time you do this, the XMR becomes harder to trace. Wait another random amount of time (a minimum of an hour) before paying for the subscription. What you DON'T want to do is swap $5 from a transparent blockchain like Solana into XMR and then buy a $5 VPN subscription immediately afterwards. That makes it kind of easy to create a trail from the VPN payment to the Solana transaction.

Monero wallets make you wait a minimum of 20 minutes before you can spend XMR you have received. Blockchain sleuths know this, so this is why you should wait a random amount of time longer than 20 minutes to spend any received Monero to avoid timing analysis.

Once you have some churned Monero ready to go, pick your VPN, generate an account, and make your payment. Congratulations you have just privately paid for a VPN!

Graphene OS left France due to smear campaign from French media and law enforcement. According to France, only criminals need privacy. Same ol' bullshit. Sorry for the Graphene devs, who should just be left alone to write code, instead they have to deal with this nonsense. Please consider a donation to these absolute chads.

WhatsApp had a major flaw uncovered by researchers that would of been the largest data breach in history if it had been exploited in the wild . Luckily it was exploited by white hat researchers who deleted the data (they say anyways). Data included phone numbers, profile text, profile pictures, timestamps, and more.

If you are using WhatsApp please consider switching to Signal (easy mode), Session, or SimpleX. Vitalik approves....since he recently donated almost 400 grand in ETH to both Session and SimpleX. I hope they make good use of it.

If you insist on continuing to use Whatsapp, maybe because your side piece refuses to use another messenger, do yourself a favor and at least don't put anything you don't want leaked in your profile information. I hear that eventually you will be able to message Whatsapp users directly from Signal, and then you can delete this horrible app.

So apparently a version of the controversial Chat Control bill passed in the EU. The version that passed isn't final yet, they can still negotiate the final text, but this version changed the adoption of the bill to "voluntary" for each individual country.

After more than three years of European Parliament in-fighting, EU governments have finally agreed on a controversial new law that gives a backdoor to reading text messages and viewing photo messages on private individuals phones for the purpose of fighting child sexual abuse material (CSAM) online. Critics call it "Chat Control” and say it is potentially a serious threat to everyone’s privacy.

The European law is officially called the Child Sexual Abuse Regulation (CSAR). Its most controversial part would let companies scan private messages through a kind of tech backdoor into your phone – even on apps with strong end-to-end encryption like Signal or WhatsApp, in order to look for illegal pictures and videos.

For years the plan was to make this scanning mandatory. In early November 2025, however, the Danish government amended the text: scanning is now “voluntary” for individual EU states to decide upon. That small word change was enough for the 27 EU countries to agree on November 26.

Even though the scanning is now "voluntary", some people are worried that this still means companies will be pressured to build backdoors into their applications to avoid fines or being blocked from EU markets. If we don't have the ability to privately message each other, we don't have freedom. It's that simple. This is Orwellian nonsense using the old "protect the children" excuse to take away freedom from EU citizens. The change to "voluntary" adoption doesn't help the citizens of the countries that do decide to adopt this, also if a few major countries in the EU do implement it, then are tech companies going to make 2 different versions of their software or are they just going to stick the backdoor in and call it a day?

I'd like to give props to Slovenia, the Netherlands, Poland, Luxembourg, Germany, Estonia, Finland, the Czech Republic, and Austria for opposing this. The rest of the countries that either are undecided or in support are no longer suitable for free individuals to live in.

So X decided to dox everyone's locations without warning, not their exact location but the country they live in. Luckily X has no idea what country I live in, so that's good, except I don't like the new little warning next to my location that says something about the possibility I am using a VPN or proxy to hide my true location. A lot of people were understandably very upset about this. One interesting side effect is now you can see just how many people are weighing in on US political issues that live in places like Nigeria without mentioning that they are not American. It's kind of like everyone's masks got ripped off at the same time, and pandemonium has ensued.

"Elon Musk’s X unveiled a feature Saturday that lets users see where an account is based. Online sleuths and experts quickly found that many popular accounts posting in support of the MAGA movement to thousands or hundreds of thousands of followers, are based outside the United States — raising concerns about foreign influence on U.S. politics.

Researchers at NewsGuard, a firm that tracks online misinformation, identified several popular accounts — purportedly run by Americans interested in politics – that instead were based in Eastern Europe, Asia or Africa.

The accounts were leading disseminators of some misleading and polarizing claims about U.S. politics, including ones that said Democrats bribed the moderators of a 2024 presidential debate."

This is just another good reason to get on decentralized social media like Farcaster and Nostr and began building a following there that you control and can't be taken from you.

To finish off the bad privacy news, Meta is pushing for mandatory age verification at the app store level in Canada.

Monero is back on top, outperforming the majority of the crypto market. It has taken back the position of largest privacy coin by both price and market cap from Zcash, which has dropped more than 50% from it's recent highs. It couldn't even pump on Tuesday when the entire market was ripping, I'm not sure why. Keep in mind this price performance is despite Monero being delisted from most major exchanges. It's organic demand for real world usage continues to drive slow steady growth in Monero. If Zcash wants to sustain higher prices and and not just be a late cycle pump and dump, it needs to focus on this kind of IRL adoption and usage. Monero has people all around the world on the ground onboarding people and businesses to use Monero for what it was designed for, private digital permissionless payments.

One of the catalysts behind the latest selling in Bitcoin was worries about MSTR potentially having to sell some Bitcoin to stay solvent. I have never been a fan of Micheal Saylor or the whole DAT thing, I think Micheal Saylor is a douchebag honestly. He tried to block funding for Bitcoin development and talked shit about crypto anarchists. Who could of guessed that giving up your principles to cozy up with Wall Street would end badly for Bitcoin? The Bitcoin community was so focused on number go up that they lost their way and now we are paying for it. Bitcoin should be focused on upgrading to deal with the quantum threat, not on making itself appealing to institutions and governments. On the plus side, maybe I don't have to listen to people talking about how much MSTR and MSTY they have in their portfolios at the Bitcoin meetup anymore. Looks like they should of been buying something cool like Monero instead of a regulated KYCed ponzi scheme.

Now, since I wrote that last paragraph, it seems that they have sold a bunch more MSTR shares to raise a "cash reserve" of 1.4 billion dollars, which probably will help keep them from having to sell any Bitcoin for at least a while.

Triple catalysts arrived on Tuesday, December 2nd to pump the entire crypto market just in time (well almost the entire market, ZEC got left behind).

Vanguard is finally allowing Bitcoin ETFs and Bank of America is recommending investors allocate between 1 and 4 percent of their portfolios to Bitcoin (Fidelity also did something similar a while back I believe), all of which gives even more legitimacy to Bitcoin as an asset and simultaneously makes it way less cooler than Monero which your bank will not be recommending ever. Fuck the banks, I'm my own bank, and 4% is way too low for Bitcoin anyways. This will make number go up though and that's all that matters anymore right? More and more Bitcoin is going to be held by regulated custodians and less by plebs, so hold on to what you got in self custody for dear life.

And the third catalyst was a bunch of large players buying Bitcoin, when they were previously net sellers.

Vitalik weighed in on the Zcash governance debate, he is firmly against token voting rights in the protocol. I would have to agree with this. Some ZEC whales may have priorities other than privacy and freedom and will vote accordingly.

As the recent Balancer hack demonstrated, the AI threat to smart contracts in DeFi is very real. Although don't freak out too much yet because the tech works both ways and AI can be used to defend against AI. I would love to see protocols using both humans and AI in their audits, and pray to whatever God you believe in that Aave v3 doesn't fall victim to any of these hacks. You don't have to worry about any of that if you just hold Monero, but it's hard to resist using DeFi for me personally. So far I have managed to dodge many bullets over the years and despite using probably 100 different DeFi protocols I have only lost money to a hack once in a tiny BSC protocol. I lost way more from FTX's fake wrapped bitcoin on Solana but that wasn't really a hack. Check out this article on Decrypt about a recent test of AI frontier models on smart contract exploits.

AI agents matched the performance of skilled human attackers in more than half of the smart contract exploits recorded on major blockchains over the last five years, according to new data released Monday by Anthropic.

Anthropic evaluated ten frontier models, including Llama 3, Sonnet 3.7, Opus 4, GPT-5, and DeepSeek V3, on a dataset of 405 historical smart contract exploits. The agents produced working attacks against 207 of them, totaling $550 million in simulated stolen funds.

Found a new tool that seems like it could be very helpful. It's extremely dangerous, especially on any device you use for crypto, to open attachments like PDFs or even image files like PNGs. This dangerzone software allows you to open such files safely in a sandbox, which then produces a visual copy of the attachment for you to look at without handling the original file. (Note this requires Docker, but Docker is easy to set up). I have not tried it out yet, but Techlore recommended it so I feel comfortable sharing it.

Tor Browser has a new update, version 15.0.2 is now available.

The Tails OS also has a new release, version 7.2 is now available.

The Monero GUI and CLI wallets have a new release, version 0.18.4.4 "Fluorine Fermi" is now available.

It was recently confirmed that the American defense secretary, Pete Hegseth, authorized the military to kill two helpless survivors clinging onto the burning wreckage of their boat, although a top Navy Admiral gave the actual order. So far the military has killed at least 80 alleged drug smugglers in these strikes in the Caribbean Ocean. This is just murder plain and simple.

If they are "terrorists" as the state claims, wouldn't they want to capture the survivors and interrogate them for intel? So far no evidence linking the boats or victims to terrorism has been shared and no drugs were seized, but according to Grok the US is claiming these boats are linked to Tren de Aragua and the National Liberation Army (ELN).

Meanwhile, when the US Government smuggles cocaine like the CIA has done many times, it's all good. I have little doubt that the organizations smuggling this cocaine are violent organizations and if we really want to stop them, all we have to do is legalize drugs and the price of cocaine will drop 90 or more percent overnight. Legitimate businesses will take over the industry and these criminal organizations will lose their funding and power.

Anthony Pompliano is someone who I had some respect for, only because his podcasts about bitcoin helped turn me from a crypto experimenter into a believer back in the bear market of 2018/19. That's why I was even more disturbed by this tweet of his:

My response to his tweet:

You can justify it a thousand different ways, killing men who aren't actively threatening you with actual violence is still murder. That's why when a cop finds a murder suspect they try to arrest them, they don't just execute them without a trial (usually). They not only blew up the boat that wasn't attacking them but they then shot the helpless survivors in cold fucking blood. There is no universe in which that is okay.

Breaking the law that says cocaine is illegal? It's a stupid fucking law and a century of the war on drugs has done nothing to decrease drug use, but it has gotten a lot of people killed for no fucking reason. Do you know why it is illegal? Look it up. Why is ok for the CIA to smuggle it, I guess they get a pass? Does the harm cocaine causes outweigh the harm of prohibition?

Should we be shooting liquor store owners? Alcohol kills way more people than cocaine does, maybe we should execute liquor store owners without a fucking trial. If you actually want to stop the cartels, legalize drugs, and the problem is solved overnight. Cut off their funding. People are going to do the drugs anyways, at least they would be doing drugs they knew the contents of and won't be funding cartels in the process.

If not then they need to lock up a shit ton of politicians for the cocaine they are doing on the weekends, at least make it fair.

In case you think I only call out idiots on the right, the left is also still full of idiots, many of whom are very anti-crypto. It doesn't help that Trump has become so closely intertwined with the industry, which makes me worry about post midterm crypto regulations. It seems the left has already started their FUD campaign in preparation. I have been seeing a lot more stories in the news about Bitcoin ATM scams and there was this ridiculous NYTimes hit piece that the Rage talks about here.

The question you have to ask yourself is, if the state ever makes self custody or using privacy coins a crime, will you comply or resist? The thing about the state is most of it's power depends on people believing in that power, because there are way more citizens than members of the state. The military is mostly made up of regular folks who can also stop believing in the legitimacy of the state. Crypto enables nonviolent resistance to the state's oppression by offering an alternative to their money system. We must do everything possible to protect that alternative.

Here is a good interview with the crypto OG and fellow voluntaryist Erik Voorhees, founder of SatoshiDice, Shapeshift, and Venice AI. One good point he made is although governments accumulating Bitcoin might be good for price, it's not good for the world. We want the people to have Bitcoin, not governments. Any of the money governments are using to accumulate Bitcoin was stolen from the people and should be returned to them. I thought this was an important reminder.

Unchained interviewed Aztec Network, a private Ethereum L2, about their long awaited Ignition Chain release. Although I am still mad at Aztec Network at the moment because they wouldn't let me participate in their testnet without KYCing. Yes that's right, so I have to wonder how aligned these guys are with true privacy and freedom if they are KYCing testnet participants. I asked someone and they said something about "they gotta be compliant" and I was like no the fuck they don't, not on a testnet, it's fake money. This was still an interesting interview though.

In case you missed the latest episode of Monerotopia, be sure to check it out.

More great content from Ungovernable Misfits, with the theme of this Freedom Tech Friday being digital minimalism. It's time to reclaim your life from your phone! In this episode I discovered O launcher for android which is a great minimalist launcher.

And that's all for issue 4 of the Thought Crime Trap House! Thanks for reading, please leave some feedback, what did you like, what didn't you like, and what would you like to see more content about? Don't forget to subscribe and share!