Is that analysis based just on the whitepaper, or on some more understanding of the current implementation?

I assumed just on the whitepaper - which the implementation might've deviated a lot from.

Thank you Nicholas Weaver whoever you are. I had very similar thoughts but it's good to have them out on Twitter.

Put bluntly, the only way as a security professional you would endorse this as a valid "privacy coin", let alone push it out to your huge user base, is if you were faced with a dump-truck full of money.

I would be very surprised if Moxie didn't receive a dump truck of money from Intel for using SGX. I believe Signal also uses SGX for (supposedly) preventing Signal or a third party from knowing an account's contacts.

Did you see he bought a huge house?

I hadn't seen that but just found this article on it when searching:

Wow, very different tastes than what I would expect from a privacy advocate.

Not a great source.

Also, I believe he was a multi millionaire well before Signal and MobileCoin. This isn't clear smoking gun.

I have warmed up to MobileCoin tbh. Once you realize that they’re not trying to be decentralized, it actually is a good product.