Silk Road forums

You all using same usernames as here?

Most people do, yeah.

So this chat room is totally anon?

As long as you don't reveal anything personal about yourself. It's a hidden service, about as safe for users as the forum.

How often you all chat?

People are there all the time, but some times are busier than others. If nobody is talking when you come in, stick around for a while and people will start talking.

I see nothing in that article that indicates it was related to SR. Transactions on the market are not in the block chain, so if it had any relation to SR at all, ie if the DEA met the guy through SR, it would be an out of escrow transaction.

Wow thank you both Astor and KmfKewm. Both of your responses were very illuminating. Can I ask how you found this information?

I recommend these sources:

The Tor Wiki and Bug Tracker:  https://trac.torproject.org/projects/tor
The mailing lists: https://lists.torproject.org/cgi-bin/mailman/listinfo
The anonymity bibliography: http://freehaven.net/anonbib/date.html

Also, the Whonix documentation is great: http://sourceforge.net/p/whonix/wiki/Home/

As for the google searching buyer's addresses from Tor this could be a big save for SR. There might be sellers who might not know they are compromising both their anonymity and the buyers. There needs to be a SR PSA (lol) for all the sellers.

There's no way to win this. It's useful to vendors, and  they will do it regardless. If you make a big deal about it, they will lie and say they are not doing it. You have no way to catch them or call them out.

I know this has probably been asked before, but before I knew about Tor I would use it for google searches on illegal topics. I wonder if history of nodes could prove dangerous. Like now that I don't use Tor for any clearnet, could those things I searched for in the past still be used to identify me in Tor currently. I'm guessing that it can't because my connections change over time randomly?

If they could, we would have no reason to use Tor.

I had an idea, I'm not sure if its been done yet, but I was thinking of hiring a hacker to see if they could find any weak points (in SR) or just see if they could target my computer specifically (while on Tor/SR). This might make for a really really good service (in SR) for someone with hacking skills.

Why pay good money for information that academic researchers provide for free? A guy who wants to get paid is much more likely to tell you what you want to hear, or to falsify results to make his services look useful.

What is the exact error in the message log?

1. It's complicated to do and the Tails developers are against it. Do you want to run Tor over a VPN to hide your Tor use from a local observer? In that case you can use bridges. If you want to run a VPN over Tor to get a non-exit IP address, there are lists of web proxies you can use, like http://www.publicproxyservers.com

2. Tails has a MAC changer called macchanger. It doesn't run at boot though.

SR has been public for a long time, but not like national major network TV public.
A fictional series would be cool, I'd love to write some of those scripts

That's true. In the American press, I can't recall a single printed article. It's all been online coverage. This has the potential to really blow up the community.

Quote

You could change the Tor source code to keep entry guards longer, for 6 months or even a year, but then you would stand out more, reducing your anonymity in a different way.

This is the standard dogma of the Tor camp, however I fail to see it. If you keep the same set of entry guards for a year, only the entry guards, their ISP's and your ISP are capable of determining this. If your ISP, your entry guard, or your entry guard's ISP's are malicious, then you are at great risk of falling victim to a timing attack or a fingerprinting attack. It definitely makes you stick out (to your ISP, entry guards and entry guards ISP) if you use persistent entry guards, but I don't think it really reduces your anonymity in any appreciable way. The people who know that you are using those guard nodes already know who you are, and they already cannot tell where you are going unless they get you with a timing or a fingerprinting attack, and if they want to get you with a timing or a fingerprinting attack they are already capable of doing so. I have never gotten a satisfactory answer as to how exactly using persistent entry guards reduces your anonymity.

That's true, their argument seems to assume that a local observer is already malicious, which by their own line of reasoning is just as bad whether they operate your entry guard for 10 minutes or 30 days, so what difference does 6 months or a year make? One reason could be that they don't know who to target, but someone taking extra precautions, like keeping their entry guards for 6 months, would be an interesting target. It's a weak argument though.

Quote

You can also reduce your anonymity by making your circuit behavior on the network more noticeable. Some people feel the need to exclude nodes in whole countries. For example, someone living in the United States may not want to connect to relays in the United States. If an attacker operates one of his entry guards, he might notice that this person never connects to relays in his own country, meaning he's trying to get extra protection, making him a subject on interest. If the attacker were LE, he might start investigating that Tor user.

That is the most acceptable answer I have ever heard regarding this subject. However, I would point out that if the attacker operates one of your entry guards they are able to attempt timing and fingerprinting attacks against you regardless of if you stick out or not. I can see a possibility that if you stick out by using the entry guard in a persistent way, that the attacker may decide to do non-traffic analysis based surveillance on you. That is the only way I can see using a persistent set of guards as possibly being detrimental. Although if everybody on SR starts using persistent entry guards, then using persistent entry guards will become a behavior associated with SR. But if only you use persistent entry guards, out of all of the people here, and you never tell anybody that you do, it seems like a bit of a stretch to me that this hurts anonymity (although this is what the Tor people claim, so I am not finding fault with your description at all).

The argument here is the same as the one above, in that you would become a target, but in this case it's more than just using a persistent entry guard. Someone avoiding all relays in his own country could be tagged as suspicious. Of course there are more efficient ways to identify targets than to watch for circuit path selection biases. They could position themselves as a specific hidden service's HSDir and correlate the descriptor fetches with people using their entry guards, or run exit nodes and wait for people to access specific clearnet sites.

Quote

There are theoretical non-technical attacks on SR users that involved Tor. For example, a lot of vendors check buyer addresses on Google Maps and similar sites to see if they are valid (to avoid issues with products not arriving and having to go into resolution). They make these searches over Tor. If LE wanted to go on a fishing expedition, they could ask Google for all searches over Tor and hand those addresses to local LE for increased surveillance and inspection of incoming packages.

I would be absolutely furious to learn that a vendor looked up my address on Google Maps over Tor. I would also be furious to learn that a vendor looked up the tracking number on my package over Tor. Although it is probably common behavior, thankfully none of the vendors I work with would ever do such things though.

It's funny because I got into a debate with a vendor about this yesterday and he told me how "unrealistic" the attack is. Yes, this is a widespread practice on SR, although probably also in most online drug communities. They usually only need to look up the address once and after the first successful delivery they can trust it. However, someone who purchases from many vendors could have dozens of searches of his address from Tor, and that would indicate a busy buyer worthy of investigating. What other reasons are there to look up someone's address over Tor dozens of times?

80% of my current unfilled orders have the address PGP encrypted.
Some days it is as low as 50%, other days 100%.

Privacy is liberating.

Nice. That's the highest number I've heard. The second highest number I've heard, 50%, was in the last couple of weeks. I wonder if the percentage of people using encryption is increasing. Maybe people are becoming more aware and educated.