The CryptoNote codebase and its best known currency-derivative Monero, both of which prominently use ring signature anonymity as their defining feature, build their entire privacy scheme upon said feature. This is highly problematic to anyone that relies on their transactions to be anonymous not only in the present but also well into the future as I will show in the following.

If someone or something (e.g. an AI) ever were to break ring signature anonymity every CryptoNote currency's blockchain will be completely de-anonymized from beginning to end. This only has to happen once. So in regards to anonymity Cryptonote has one centralized point of failure: The robustness of its ring signature implementation.

Case in point

A (former?) Monero team member going by the name of "Shen Noether" wrote a (now deleted) blog post about how he was able to break the anonymity of ShadowCash due to an erroneous implementation of ring signatures (Here's an archived version. - And an archive of that).

Shen went on to deanonymize the entire ShadowCash blockchain from start to finish just to prove the flaw he found was serious and painfully real. Had anyone -up to that point and subsequently- ever put their faith into SDC's flawed ring signature implementation and made a life and death transaction with ShadowCash, they'd be in mortal danger right now (to emulate doomsday rhetoric heard from Monero "steward" Riccardo Spagni in regards to other privacy-oriented currency projects and their purported flaws).

Safe Today != Safe Tomorrow

The important takeaway here is the fact that a single kink in this specific anonymity scheme's architecture will crush the privacy of every single user . It would be extremely naive to believe ring signatures are free of attack vectors in their current state.

This isn't even the most immediate danger, though: We are at the brink of quantum computing becoming mainstream and with its proliferation it is well known and acknowledged that Monero's ring signatures will be broken:

However, the traceable version Monero uses (for double-spending prevention) is indeed able to be broken (meaning public key linked to key image and thus signer revealed) due to the existence of a key image.

But wait: Aren't all cryptocurrencies done for with the advent of Quantum Computing?

Hardly. Bitcoin and similar cryptocurrencies can safely transition to Quantum resistant encryption without compromising the security of their blockchain because it was transparent from the get go. CryptoNote/Monero however obfuscates its entire blockchain with QC-vulnerable encryption. Anyone with a copy of any CryptoNote blockchain (obviously this is the very nature of a distributed ledger) will be able to retroactively expose every transaction ever done with it. This cannot be mitigated after the fact because it's impossible to prevent someone from retaining an "unpatched" copy of the chain.

Conclusion

Anyone entrusting their anonymity to the Monero- or any other CryptoNote-blockchain for that matter is relying on a house of cards and oblivious to inescapable future exposure.

Any serious cryptocurrency project marks itself as experimental software. I assume the same is true for CryptoNote/Monero (if that isn't the case, it should raise a red flag immediately). Ring signature privacy is a working scheme in the present but only a temporary fix and an experimentation on what can be done and what is feasible with current computing resources (even though it could be argued ring signature bloat is not scalable). To promote CryptoNote currencies as "drug money" or a safe haven of any sort while failing to mention the impending future of complete exposure is not only being reckless and irresponsible but is also endangering other people who might depend on an anonymity without a time limit.