Silk Road forums

Well, that's interesting, as I run Tails from a thumb drive, while maintaining a VPN connection. So it isn't totally impossible.

That is interesting. Can you explain to us how you did it, and did you confirm the VPN is going over Tor and not connecting directly?

I've appended the gpg.conf file as follows:

hidden-encrypt-to <my key id>
throw-keyid
use-agent
no-auto-key-locate
trust-model always
utf8-strings
no-greeting
no-emit-version
no-comments
no-mdc-warning
armor

The output looks like this <<I have redacted the key ids >>:

gpg -v Test.asc
gpg: public key is 00000000
gpg: anonymous recipient; trying secret key 18XXXXXX ...
gpg: anonymous recipient; trying secret key 2EXXXXXX ...
gpg: using subkey 2EXXXXXX instead of primary key 18XXXXXX
gpg: anonymous recipient; trying secret key 65XXXXXX ...
gpg: anonymous recipient; trying secret key 6CXXXXXX ...
gpg: using subkey 6CXXXXXX instead of primary key 65XXXXXX
gpg: anonymous recipient; trying secret key B1XXXXXX ...
gpg: anonymous recipient; trying secret key 6DXXXXXX ...
gpg: using subkey 6DXXXXXX instead of primary key B1XXXXXX
gpg: public key is 00000000
gpg: anonymous recipient; trying secret key 18XXXXXX ...
gpg: anonymous recipient; trying secret key 2EXXXXXX ...
gpg: anonymous recipient; trying secret key 65XXXXXX ...
gpg: anonymous recipient; trying secret key 6CXXXXXX ...
gpg: anonymous recipient; trying secret key B1XXXXXX ...
gpg: anonymous recipient; trying secret key 6DXXXXXX ...
gpg: encrypted with RSA key, ID 00000000
gpg: encrypted with RSA key, ID 00000000
gpg: decryption failed: secret key not available


Any help very welcome!

pb.

Looks like it tested all of your private keys, and none were the complement of the public key. Did you encrypt the message with your own public key? Or if someone else wrote it, did they encrypt it one of your public keys?

People on the forum have asked how anyone can know a bitcoin address belongs to SR. Here's your answer:


 I received assistance from Sara Meiklejohn, a graduate student at the University of California, San Diego who's been analyzing the role of bitcoin and anonymity on the Silk Road. Meiklejohn confirmed that the bitcoin wallet linked to in Fly's forum thread was indeed used to deposit two bitcoins into a purse controlled by anonymous individuals who help manage commerce on the Silk Road.

Meiklejohn and fellow researcher Damon McCoy, an assistant professor of computer science at George Mason University, have been mapping out a network of bitcoin wallets that are used exclusively by the curators of the Silk Road. If you wish to transact with merchants on the Silk Road, you need to fund your account with bitcoins. The act of adding credits appears to be handled by a small number of bitcoin purses.

"All Silk Road purchases are handled internally by Silk Road, which means money trades hands from the Silk Road account of the buyer to the Silk Road account of the seller,"  explained Meiklejohn, author of the paper, A Fistful of Bitcoins: Characterizing Payments Among Men with No Names, to be released in October 2013 at the ACM Internet Measurement Conference in Barcelona, Spain.

"These accounts aren't visible on the bitcoin network though, so the only thing we can even hope to see by looking at the public transactions is when money goes into and comes out of the set of addresses that represent the collective account balances of all silk road users," Meiklejohn wrote in an email to KrebsOnSecurity. "By manually tagging a handful of silk road addresses (via direct interaction) and then bootstrapping using the heuristic I described to label many more (around 250,000 in total), we are able to achieve this second goal by identifying addresses in the network that are 'owned' by silk road."

It shouldn't check for revocations of an SSL certificate unless you are typing https at the beginning, and in that case it should fail to connect to the server (I just tried it myself).

idk, probably some bug. Obviously there are no SSL certificates involved, so checking for revocation doesn't matter.

You can get them from https://bridges.torproject.org

Those are fine too, although Google gives you better results. It's a pain to use over Tor, but that's life.

My point is that nobody here knows the URL for Torchat off the top of their head, and it's an easy question to answer. If OP had Googled it, he'd have the answer, but instead he expects us to do it.

People need to stop being so helpless and start doing their own research, especially for simple questions like this. If you want to know whether your ISP can fingerprint the hidden services you are visiting, that's a question for this forum, since the answer isn't readily available in a simple search engine query. But stuff like this is wasting our time.

Some people are so helpless.