Ask Alice: I’m Ready for My First Crypto Tattoo

Cryptography is central to keeping blockchains secure, and in cryptographic logic exercises, Alice (A) passes information to Bob (B). In BREAKER’s blockchain advice column, Alice passes useful advice to “Bob,” our anonymous reader. Have a question? Ask Alice here.

Q: Dear Alice,

I’ve saved up some bitcoin, and I’m finally ready. I’m going to get my first crypto-themed tattoo. I can’t wait to express my love for the idea—no, reality—of non-state-controlled currency!

The only problem is, how can I tell which token is worth inking on my body for life? I’m no bitcoin maximalist, but ₿ is forever…I think? And I love Augur’s symbol, but I hate assassination markets. What’s the right balance between style and immutability? How should I choose?

Not getting a unicorn tattoo, Bob

A: Dear Bob,

Choosing what kind of tattoo to get is always tough, whether you’re considering the token-of-the-week, a pink hammerhead shark, or a constellation of stars across your chest. Each might seem like a great idea in the moment, but so did turning your money into Badgercoin in 2014.

John McAfee’s freshly inked Skycoin tattoo

Ask yourself: Are you the kind of person who can laugh off that time your friend used your leg as a stick-and-poke practice canvas (not speaking from experience, of course…)? Or do you lean more toward the Kim Kardashian school of thought, which insists, “You don’t put a bumper sticker on a Bentley”?

But what if that bumper sticker is of, say, the Skycoin logo? And someone offered you enough money to buy two Bentleys for getting it? John McAfee, who already had a bunch of tattoos, said yes, and though the application of his new Skycoin back tattoo looked painful as hell, he does not appear to regret it. However, Alice will never advise you to Do What John McAfee Would Do.

Let’s be real—most of us do not get Bentleys in exchange for token tats. So what would you gain? Showing your support for “the idea—no, reality—of non-state-controlled currency” is a noble concept indeed. So, instead of paying homage with a flashy, new coin that might not exist in January tattooed across your bicep, you could get some ink that represents the bigger picture. A dollar bill on fire, maybe. Or, if that’s too violent, an abstract pattern of blocks and lines running down your arm. As you pointed out, a symbol for the first cryptocurrency, the bitcoin ₿, could make for a decent compromise. Think of it as the genesis block of crypto tattoos.

Your body can be an immutable record.

Maybe you don’t care that an ICO won’t stand the test of time. Your body can be an immutable record. Kitty Coin may be no more, but not as far as your lower back is concerned!

Regardless of what you decide, make sure you take time to decide. ICOs come and go, but a SPANK tattoo is forever.

Yours, Alice

Q: Dear Alice,

I admit it—I’m afraid of the dark web. Besides people dealing drugs and hiring hitmen, I have no idea what goes on there, and that uncertainty sends me into an anxiety spiral. Is my personal information floating around there? Could any shady character conduct their unsavory business with it? Has someone been making micro-payments for a big shipment of ketamine with my credit card, unbeknownst to me because the payments are so micro? Believe me, I can go on.

I just heard about this thing called a “dark web scan” that says it can check the internet’s underbelly for criminals selling your information. Should I get one? Or are the vendors of these scans just as shady as the people they claim to protect you against?

Afraid of the dark, Bob

A: Dear Bob,

There’s always an element of fear to the unknown. That’s why I never look Satoshi Nakamoto In the eye.

Before we get into whether you should get a dark web scan, let’s go over what they’re all about. Dark web scans claim to scour the “internet’s underbelly”—the parts you can’t access without software like Tor, used to hide websites from the general public—for identity points like your social security number, email address, phone number, and credit card info.

Should you be concerned about your information being on the dark web? Depends on who you’ve been handing it out to. Ever sent Eloon Musk 0.1 ether and, say, your SSN on Twitter? Met any Nigerian princes on Craigslist lately? How about that account you held with Equifax last year? If any of these scenarios sound familiar, think twice about where your personal information has ended up.

Who will scan for that personal information? A number of companies, including Experian, Dashlane, CyberScanner, and SpyCloud, insist they can protect you from dark web thieves. Experian, for instance, claims one of their scans covers the past 12 years worth of dark websites. If the company finds anything, it will alert you to “next steps”—but it leaves you in the dark as to what those steps are.

Many of these scans market themselves as “free,” but read the fine print. A 30-day free trial with Experian precedes $10 monthly payments. Dashlane costs $4.99/month, billed annually.

Let’s look at these companies’ claims. Scanning 12 years of the dark web means looking at more than 1,208,925,819,614,629,174,706,176 websites, according to a May 2017 Motherboard article. This number takes five minutes to say. Imagine how long it would take to scan that many sites, especially since new sites crop up daily. It’s a Sisyphean task.

Scanning 12 years of the dark web means looking at more than 1,208,925,819,614,629,174,706,176 websites.

Dark web scans can’t even access the shadiest sites. As How-To Geek features editor Chris Hoffman points out in a recent post, many information exchanges on the dark web take place in private. The public information available on the dark web, Hoffman continues, consists of “data dumps,” piles of stolen information from compromised sites. Most dark web scans just sift through these piles, writes Hoffman.

I’ll leave you with some, er, comforting food for thought. “Statistically speaking,” writes Hoffman, “most Americans have probably had their social security numbers leaked in at least one [data breach] by now.” Not comforted enough? Here are some examples: Besides Equifax, there was health insurance provider Anthem’s breach in 2015, the great Target hack of 2013, and a LinkedIn data breach from 2012 that resulted in a Russian hacker selling email/password combos on the dark web for five bitcoin each (then about $2,300) in 2016.

How’s your anxiety doing? Okay, I’m sorry I couldn’t help with that. But look at it this way. Your information hasn’t been used nefariously yet, at least as far as you knowbut that’s as far as it matters!

Ultimately, dark web scan providers tend to exaggerate their abilities. They’re charging money for an abstract notion—your peace of mind. If that’s all you want in exchange for $5 to $10 a month, go for it. Will it thoroughly protect you from dark web dangers? No.

Instead, focus on doing the preemptive work yourself. Create strong passwords that are different for every site, learn to identify and avoid scams, and keep your cryptocurrency in a decentralized wallet to which only you hold the private keys.

Yours, Alice