Silk Road forums

Quote from: medicineman684 on August 07, 2013, 02:56 pm

It seems like this is a huge market opportunity for some tech oriented person.

It's also a huge risk. This is why noone else has really picked up the slack in regards to .onion hosting.

You hit the nail on the head. Unless there is a big financial incentive in it, who wants to risk decades in prison because idiots upload millions of CP images to their free image hosting site and the admin is incapable of controlling it?

Yes, it was hosted on FH, so it's gone unless the admins don't get busted and decide to recreate it somewhere else.

That site was heavily watched by the FBI. I have heard of someone who used a username on that site that they linked to his clearnet identity (not much of a hacker, I guess), and the FBI paid him a visit. This was before the FH fiasco and unrelated to it. I'm just saying, the feds were all over that site.

Yes the address was in plain text. I will NEVER make that mistake again. But luckily the order I made was very small it could pass as a user ordering stuff for personal use.

And luckily the package arrived without and problem. That I know of yet. It was to a drop address I never order to my house.

As for the old emails on there I did not get a chance to delete them a full month before the indecent but luckily there was talk of only a couple transactions. They have one small transaction. And talk of a few hundred g's from a past transaction.

Now considering that what do they have on me? If anything?

What would they be able to do with that information?   

We're still not 100% sure that the server is in the hands of LE. They could have injected an exploit without taking physical control of the server, but the fact that the server was offline for a couple of days before coming back online with the exploit, and this happened after the presumptive admin was arrested, is pretty good evidence that LE had physical control of the server.

For security reasons, we should operate under the assumption that they have physical control of the FH server, including the Tormail email database. That hard drive has a massive trove of data for them to sift through. Besides all the CP, there must have been tens of thousands of Tormail accounts, and potentially millions of emails. They will likely prioritize the biggest targets: major CP and drug distributors.

If I was tasked with sifting through the data, I'd go through the list of SR vendors, starting with the highest percentage rank, and see if they have Tormail addresses. Conveniently, StExo's archives are on that hard drive with all vendor profiles, so they don't have to crawl the SR server. Email addresses will be listed in the profiles or their PGP keys. About half of SR vendors had Tormail addresses, so they wouldn't be hard to find.

That may not be how LE sifts through the data, but it seems logical to me, so if I was a top SR vendor, I would be extremely cautious right now, if I had a Tormail account with unencrypted emails in it.

As for you, it could take months to years, or possibly never, before they get around to reading your emails, but to err on the side of safety, I would never use that shipping address, and probably never use that Chinese source again. Consider them both watched.

Are there any other precautions that need to be taken?

The best thing you can do for your security is switch to Tails or Whonix. There are other ways a browser can be exploited besides JavaScript, and the next payload that LE delivers may target Linux and OS X as well, but at least with Tails, if you are not running as root, it would be more difficult to bypass Tor.

Whonix is even more secure than Tails, because bypassing Tor requires breaking out of the VM, and I haven't heard of an exploit for that in the last few years, although there have been privilege escalation exploits to gain root access on Linux (which would affect Tails). The downside is the VMs obviously exist on your hard drive so it's not a "leave no trace" solution like Tails, and the Workstation VM does not have disk encryption out of the box, so you'd have to store it in an encrypted volume yourself, or install a custom OS with full disk encryption of the virtual hard disk. So making it safer in that regard is more difficult. Tails is more of a plug-n-play solution.

He wrote a similar all caps rant in the Security forum about how he's been trying to figure out PGP for months and still doesn't understand it. He's clearly not cut out for the darknets.

I setup a hidden service for image hosting a few days ago. It had security features to prevent IP leaks and entry guard identification, though I won't mention the specific features for obvious security reasons. I still took it down though. Honestly, I'm not comfortable running a hidden service until we find out how Marques was identified. I also don't have the resources to host the entire Tor or even SR community's images if it became the default image host. I also don't have the time or energy to police it for the massive amounts of CP it would get if it became the default image host.

Most people here are not technically savvy enough to run their own hidden services safely. Honestly comsec, it's a bad idea to suggest it to random people. They are going to get themselves into trouble. However, there are technically savvy users here who could consult anyone who has the resources to take on the challenge of running (potentially large) hidden services.

Five fucking years? I quit!

Just kidding, but we can't get any good news this week, can we?

Devils advocate here, I should know more but what if my anonymous vpn provider did by acident have logs then all LE would have is a list of everyone sharing the same VPN node as that time.
Hypothetically there is 50 users online sharing my node right now, Does LE then have to bust all 50 or take their investigation form there or can they just see who viewed what.

That depends on the level of logging they are doing. LE could ask them to log source and destination IP addresses, then they look at who sent requests to LE's server.