Silk Road forums

what exactly are you trying to protect against? if for drug stuff, then who cares what is written, nobody is going to write personal info to their drug dealer.

You might send your shipping address to the vendor. Unless you have a PO box with a fake name, that's pretty personal, but even in the case of a PO box, you wouldn't want the feds to know where to intercept your package.

Also, a sentence like this,

"I sent the payment. Please ship the 100 grams of DMT to..."

counts as a written confession. Read the Farmers Market indictment. Most of the evidence against them was taken from their Hushmail emails. If it had been PGP encrypted properly (on their computers, rather than with a key stored on Hushmail's servers), the feds would not have had 1/10th of the evidence that they used in the indictment.

Exactly.

Their fatal error was instituting auto-PGP. That sketched the hell out of a lot of people regardless of the fact that it could be turned on/off. Had they never done that, they would have probably been serious competition to SR. The one feature made them seem like a LEO honeypot. That's a stigma they couldn't overcome no matter how they explain it away.

I don't know if that was their fatal error, but it was one of many bone-headed mistakes. Like directing their users to access the site through onion.to, which thankfully never did anything malicious but could have been an MITM proxy that stole people's account credentials like those Atlantis phishing sites. Or suggesting CryptoCat as a place to chat with reporters, when CryptoCat's encryption was broken up until a couple of months ago (why not use an in-house messaging system that you can control and secure rather than a third party service with a long history of security vulnerabilities?). Or the lack of a tumbler (how were coins transferred safely from buyers to sellers?). Or their media blitz, which brought way more unwanted attention on them than they needed, especially considering their size.

The real reason for the shut down may be far more mundane than these speculations about security problems, though. Quite simply, they weren't profitable so they closed their business. They may have planned it all along. If the media blitz didn't bring in enough customers, they were going to quit. It was a hail mary and it didn't work. They got a decent number of sign ups, or so they claimed, but that didn't convert to sales, as is demonstrated by the fact that most listings have no reviews.

The reason the media blitz didn't work and they lost in the competition against SR is not because of any security issues, since most people don't know anything about those issues and that was not a part of their decision making process. They lost because they couldn't beat the network effect on SR.

How likely is Facebook to be replaced by another social network at this point? Any new social network will be a wasteland. If you sign up, you will have no friends there. But if you sign up on Facebook, half the people you know will already by on it, creating a better experience. SR's biggest asset is the people who are already using it. A new buyer can get instant access to 1200+ vendors, while a new vendor can get instant access to tens of thousands of buyers.

Another aspect of it is the psychology of brand loyalty. SR has proven to be a trusted platform. People like and trust DPR (they don't merely put up him like Mark Zuckerberg, for example). People are rightfully suspicious of others in the drug world, because there are a lot of scammers and assholes, but SR works for the vast majority of people. It has proven itself. People stick with what works, rather than take risks with new products (or markets) even if they are theoretically a better alternative.

LE do bend the rules to suit there purposes agreed and have engaged in criminal activity as part of ongoing investigations e.g. allowing sites to continue to operate after they had taken control and they have also engaged in arms trading, governments have been doing that since they invented gun powder but I'd b fucking surprised to discover LE set up shop on SR, BMR or Atlantis and vended illegal drugs.

Yeah, it's conceivable that LE might break the law during an investigation. The NSA is doing a lot of illegal shit. But I don't think it's standard practice for drug investigations. Distributing drugs carries a big liability, if people overdose and die. In all of the CDs I've heard about, they make sure to bust the person before he can get away or consume the drugs, and in sting operations they often use fake drugs. Purdue Pharma makes blank OC80's. They look just like the real thing, since they are made in the same presses, but contain no oxycodone. They provide these blanks as a "service" to LE and the community, to stop prescription drug abuse.

LE will allow drug dealers to operate for months while conducting an investigation, because in that case the dealer carries the liability if someone is harmed. There's a difference between allowing someone to distribute drugs and distributing the drugs yourself. More importantly, I have never heard of a case where someone received real drugs from LE and was allowed to keep them, consume them, etc., and only later got busted. If anyone has evidence this happened, that an actual LE agent distributed real drugs, and not just a drug dealer under investigation, I'd love to see it.

OP updated again. I removed my instructions and just included Atomos' for clarity.

Safe-Mail is hosted in Israel, which has a liberal intelligence sharing agreement with the US, which is part of the Five Eyes along with Australia. So they all share a lot of intel with each other. I'd stay away from Safe-Mail, because even if you PGP encrypt every message, your metadata is not safe. Find a clearnet provider in Russia, South America or Asia. The less friendly the country is with the Five Eyes countries, the better.

The web site doesn't have to be in English. Pop the text into a translation service to figure out what you're doing long enough to get a desktop email client set up. Configure Thunderbird + Enigmail + Torbirdy to work with the email provider's POP/SMTP settings. And obviously PGP encrypt all messages. Enignmail integrates PGP into Thunderbird, Torbirdy configures it to route traffic over Tor and adds other anonymity features like changing your time zone to GMT and scrubbing email headers.

This is the best way to use clearnet email, imo. It avoids the need to visit a web site and turn on Javascript.

Grab VirtualBox and any 32 bit Linux installation image. Lubuntu, Xubuntu and Linux Mint Mate are good choices. The tutorials above use the first two. I like Mint because it comes with media codecs installed by default, so it's more newb friendly.

To configure it to send all traffic over Tor, take a look at the Whonix documentation:

https://www.whonix.org/wiki/Other_Operating_Systems

I used to have a "How to Torify any OS with the Whonix Gateway" tutorial which was based on that.

You should update to TBB 2.4 because of the botnet.

https://blog.torproject.org/blog/new-tor-02417-rc-packages

Also look for a new TBB in the next few days (hopefully upgrading Tor Browser to FF 17.0.9 and fixing four remote execution vulnerabilities).