Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - astor

Pages: 1 ... 47 48 [49] 50 51 ... 208
721
Alright it went away, I uninstalled mcafee (aka NSA puppet tool) and stopped using the .to suffix. Working well now.

I hope you realize that if McAfee could see you were accessing that URL (and even changed it), other apps, malware, etc. could too. McAfee was probably reporting that URL to their servers.

Stop using regular browsers, people! Stop taking short cuts with your security!

722
Silk Road discussion / Re: I cannot login to the marketplace
« on: July 13, 2013, 01:28 am »
Astor, you're an invaluable wellspring of knowledge.

Please don't ever leave us.

+karma

haha, thanks.

One caveat: when you export the cookie, don't log out of SR. That will invalidate the cookie. Just close the tab or browser when you're done with that session.

Also, I looked at the cookie, and the expiration time is set to 0, so don't quote me on this, but the cookie may never expire.

723
Silk Road discussion / Re: I cannot login to the marketplace
« on: July 13, 2013, 12:35 am »
Here's a work around for the next time the captcha gets screwed up

Install these two add ons:

https://addons.mozilla.org/en-US/firefox/addon/cookie-exporter/

https://addons.mozilla.org/en-US/firefox/addon/cookie-importer/

You can install them in Tor Browser just fine. Login to the market and use the first add-on to export your the cookie to a text file. I believe it expires after 2 weeks, so you'll have to do it every two weeks. Then if the captcha is screwed up, use the second add-on to import your login cookie.

Works like a charm. :)

724
Why would it redirect your Tor Browser but not the thousands of other Tor Browsers that people on the forum use? It makes no sense. Did you change the user agent or something?

Anyway, when I use the Chrome 28 user agent, I can access the forum just fine.




725
I've been told TAILS is the most secure method for browsing SR/Darkweb.... but how is having an USB with an obvious Hidden/encrypted partition laying around safer than a simpler truecrypt file container with multiple key-files which are all disguised as legitimate files, including the container.

The down side to Truecrypt files is that information about the contents might leak onto the unencrypted parts of the hard drive. For example, if you open a document that is stored in the encrypted file, it may be added to a Recent Documents or Recent Files list in whatever program.

Take a look at the traces that the browser bundle leaves behind on Windows:

http://dkn255hz262ypmii.onion/index.php?topic=148291.msg1152452#msg1152452

Presumably some of those traces are left behind when it is run from an encrypted file too. Full disk / volume encryption, where there is no unencrypted area to leak data to, is much safer.

But Tails isn't really about the encrypted persistent volume. That's just one feature. Even if Truecrypt volumes were just as good or safer, the reasons to use Tails include:

-- it's Linux, so there's effectively no malware to worry about <-- this is the main reason it's safer
-- it transparently torifies network connections  <-- the second biggest reason
-- it comes with many apps that are configured to use Tor
-- it implements new Tor features early, such as obfsproxy bridge support and stream isolation
-- it never touches the main hard drive, so there is absolutely no data leakage
-- it's run from media (DVD, USB) that is easy to get rid of

Tails is definitely safer than running TBB from a Truecrypt file on Windows.

726
Edit: I wanted to add, there are a number of people, including myself, who have made bulk orders numerous times without using PGP....It won't kill you to not use it once or twice, but it's always smart to take the extra step for security.

There was a guy named Sabu who was part of Anonymous. He connected to their IRC server over Tor. Did it every day for months. One time he misconfigured his IRC client and connected over clearnet, exposing his IP address... to the feds. That's how they busted him.

You only need to fuck up once to get screwed. You can do everything securely for years, but one fuck up and it's over. That's why you should do things securely every time. I encrypt my address every time, because I don't know when the SR server might be compromised, or a vendor gets phished and someone accesses his account. He sure as hell won't be reading my address.

727
Yeah, about 20% of vendors don't have PGP keys, and a majority of buyers don't encrypt their addresses.

Some vendors are pretty explicit about not using PGP. Here's what RxKing's profile says:

PGP:
If you want to use pgp...go to another vendor. If SR ever gets compromised they will want ME--NOT YOU!! And they sure as fuck won't look at orders and find your address and do something. I don't have the space to get into it...but it is the biggest myth on SR. I have heard so many lame reasons. But they all love to say it is an added layer of security. Total bullshit...but whatever...NO PGP FOR THE KING

He also says:

Privnote---
If you must be secretive(no need at all) with sending me your address and you believe all those morons in the forum ---- I ONLY USE privnote.com. You can use it for your address. Part of the reason my operation runs so fast is because I don't have to waste extra time trying to read secretive messages or use that stupid time wasting pgp. Don't be the one slowing the packaging and shipping down with your privnote last second after my time cut off time with a long message for me to read and respond to. I am very busy!

Privnote is safe, fast, and easy. And totally not needed. BUT if you feel you need to..then use it. I don't care. But don't use it to send me a question..A big waste of time. You are too paranoid and stupid... Go to another vendor or jump off a building.


728
I got 6 of the ASIC "block eruptor" miners from ebay.  They are farmed together in a 10-port USB hub. The whole rig was about $1400, and makes me about 0.06 BTC a day.  At this rate, it is going to take me like 6 months to pay my investment (unless BTC shoots up big time). 

6 ASICs generate $6 a day. Amazing.

729
Customer support / Re: trusted or not?
« on: July 12, 2013, 09:31 pm »
Search the forum for reviews or a thread about him. Judging by the rating, I doubt it, though.

730
Off topic / Re: Who are you in real life?
« on: July 12, 2013, 09:22 pm »
This thread is a gold mine for the feds.

731
Newbie discussion / Re: PGP Question
« on: July 12, 2013, 09:20 pm »
Also, you only need to encrypt sensitive info, not every message. It wastes vendors' time if they have to decrypt a lot of messages that don't need to be encrypted in the first place.

732
Newbie discussion / Re: pgp4win vs tails
« on: July 12, 2013, 09:17 pm »
oh, is there any problem with pgp4win or is the pgp4usb  the same thing but portable?

Hi, I recommend GPG4USB because I've seen a lot more people have problems with GPG4Win. It seems to be more buggy.

So, I made the tutorial for GPG4USB.


733
Silk Road discussion / Re: commission stuff
« on: July 12, 2013, 09:06 pm »
That was a lot of work yet every number for the new commission is wrong because you applied it to the USD price, not the BTC price.

734
good post +1 :-)

but .. they are not "our" rules..
You and I are not responsible for the content of western culture..
..no more than a fish is responsible for the water it swims in.

You can still challenge shitty cultural mores.

735
Maybe because it really doesn't matter. :)

Maybe/maybe not but it would stop these fucking rumors flying about!

LOL, no it wouldn't.

Pages: 1 ... 47 48 [49] 50 51 ... 208