Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - astor

Pages: 1 ... 82 83 [84] 85 86 ... 208
1246
Security / Re: PGP - when to use it ?
« on: May 23, 2013, 08:05 pm »
Tor encrypts the connection between you and the server, it doesn't encrypt data stored on the server. The server admins have to do that, but it's even safer if you encrypt it yourself so that only the recipient can read it, which is the purpose of PGP.

Generally you should:

1. Encrypt your address
2. Encrypt other personal info or sensitive details that you only want the recipient to read.

You don't have to encrypt every message to a vendor or every PM, in fact that wastes people's time.

1247
This has come up before, but we might as well revisit it.

Maybe creating an account can be free, but before you can send people messages, you have to fund it with $200. This is like a buyer bond,  but you get 100% of it back as you purchase items. You can always withdraw it, but then you can't message anyone anymore, and the messages you sent are automatically deleted.

When you get purchases totaling $200, this restriction is lifted, and you can message people with 0 BTC in your account.

Perhaps there are better strategies, but one thing is clear, the SR messaging system is being heavily abused, and something should be done.

1248
Security / Re: Dumb question here ....
« on: May 23, 2013, 03:35 pm »
The SR pin has nothing to do with the forum. The only time you use it is when moving money out of your account, through a purchase or withdrawal. Try doing one of those things and entering your new pin there.

1249
Security / WebPG
« on: May 23, 2013, 07:03 am »
I saw a post about this in the Newbie forum. Has anyone heard of it or used it?

Web site:  http://webpg.org

Repo: https://github.com/kylehuff/webpg-firefox

Superficially, I have no objections to this. It appears to do all the crypto locally by interfacing with GPG or a similar PGP app installed on the user's computer. Apparently it scans web pages for PGP blocks and does everything in the browser, saving you some steps in working with an external application.

I don't know if it works in TBB, since TBB sandboxes $HOME to its root directory, but copying or symlinking gpg and .gnupg into TBB's root may be a workaround. I haven't tried it yet, but this is definitely on my to do list.

1250
Off topic / Re: Terrorist Attack in London
« on: May 22, 2013, 11:50 pm »
I just watched the video. It's so surreal, because people are nonchalantly standing around, talking to him. If you didn't know the background or see his completely blood covered hands, you'd have no idea he just beheaded the guy laying in the street.

Fucking crazy.

1251
Security / Re: Forensic analysis of Tor use
« on: May 22, 2013, 07:40 pm »
Agreed, but my method was far more entertaining.

LOL.

I use 3 passes, simply to play it safe, just as how the more secure of us use logless VPN's to access Tor even though in theory Tor should be perfectly fine on it's own. Better safe than sorry!

Yeah, assuming they really don't log, or won't immediately start logging when they get an LE request.

That's called privacy by policy, where someone promises not to look at what you're doing. Tor offers privacy by design, where it would be extremely difficult for anyone, including the Tor devs, to see what you're doing, even if they wanted to or got an LE request that they could not turn down.

1252
Security / Re: Post PGP keys here
« on: May 22, 2013, 07:31 pm »
-----BEGIN PGP MESSAGE-----

hQIMA/+n5QPMklrXAQ//f7NNUOSPkL88YLgUBip3nCkrJDqc+lIXsC//ZNfgWvZQ
/LeP9nAmdPZnCOXuyhoNf1kqkbXwySecAjcCjlwcKv+ZAKwxSLZjUQO+R1uiOn5I
wjPwRC3I7OfsTh48elwddM179k9yZ3S6J4+C1bb34y30owz1cvrATlug5qX4ypXA
EBa35Smi5YK9gZEJJyeyuimAyS7fSUcLUBlfk1ihA+0+ruQy9EbaCUM0XET3B3EZ
fHSMWLyRwGDxjTGCIrg9W2V/7zQD6KArM0s3fd3sHk9cg4wp+QFh0tBNibiYDaof
i4cMlhoCvPinNcjkBRVgkn3gn8UfJQhAHOQ/ZWOrjAv+qbCKPfsbghDyNuHeZePf
AMDl1ueaMg7KEegST1xekdrexfu09Yj4g3FBn2OiI/i1YltQdgFZ2hlloCEWd8bj
mKYoENMGkXQEMnrY+wdyKmNKZaH2ushKMv+4Jf49iOvINVPSctxb5/eg/DA0npT/
CsTg5VFvSfUnRVRVaA+R05Z4W8QMHp6MeJeTiLtF/UulLDcThWHHrL+dAZ4co8GW
A/K70MtrrsHSQXRJTynM3dPusycoNBAh9gh/qjfUQF7br+51eQCNw5KhQY9S8Vu/
LUH4wvkGlNKaBlz3DrJCiuwW90oFKwnjoFeA3C2r6oWAc/A/rjpYLlv7P9854hCF
AgwD+8XoJr1Qo8kBD/9RzR9L0wKn9WxYMvHE3gT5RpKBcV4Jz+MgItN+oPrQ8NTW
+G8jzS9oSBHeasMQT4lQmCj2/twQph7f/sd5t82Hgusnn/x6rkXNeV6DxAHX967S
YV0gqldu5DN6TAhXVCExSxaSZ7y672wfGFh416LBiZ1UEo9JWwvZzgxFHEev4N3p
d58X53AoNxdw1C1swbcze3VWyexfdmFUCuHrnvyUjyuLWHMmCEQCSgPyypAkU9Ez
LHOdo7c3ALA8lUNKYQpEfotIAQIIb7dvEPyh1BQeHFMJliCZLy5qgFDo9Lm3eopi
s5UkAYq26GP6zBQ2ehD5F5nW6+iWlOiU4BZ+qHDz22h3VE245hJGr1IXo94K4sJd
XQ54VnvT8T9dvN38d4x7TnruZW+pzNqh9Ov9ndxd+CLwXAMA3ZZqx9CuiIcXAVmv
ZBADoqKHSfEtodPclCc+KSpKK3ps2HhHoG0QFkIY/I+0JtJhgBRmLqG8DaBsXau0
0Y7qgxkXLrXOtlZ/7SerXukstmvTxHcG5aFjOgkb29/4a6CI0KpDQ5ycnStc/yOR
Tk+hTvlyZ4k4taYW7D4Y/E3Az7yH+n54van4hYokHzRuL/crm9J9/VVqwFjy39Jk
OQaymhHg0gEpQG5w9CXC4HB1AR7J5z2k6AYjhO89Li6oyrWi49IaX/YRxi+R+dLp
AUJmPteqnXZDX3lymwVGSHIdR7Tbq21zp8WVQMREEuVqhsm+3kmYdwFc+yisj02F
zVe/EQnr1SQDmeuGzpWv87m0mgJH78ghgGoDXZ7MP/zPga4UDPJTjzWXnhVhL5+7
pPIQ5IChfxnbOuBzlo050ubo2X3NiU2c5XFtfre2JVhoO7wLwRW3RLi9dTw+4PrB
dOBhvYV2tSzRXZVynw9mPcx5z8UOJziHNsZ9cKTyxhdKGoq3mkQhP6lYcdOsv+c2
Y+aEXGM3UCX6di8/lqAJN1BZvATzGL70SyFCzdNa7IZD21ZrwkMwTw85IsvNdbfg
OunhIA4SjbFiwQlb3zLw2Te2M7/3DAn3Ozz4pveWUWe9/Hb5IZ3afPq1wCiZ2BJB
vsyrFxIuym38MKBuukksUDfB+5WcLYPV4StV4iLHzyJLyA0m5w4BWZMZdAofwNla
8qMfOKno2ZsT+/JNs3RReoOqWTD04/cgQdxIlq9w/v4HwPkmwhremr47eH1PETqF
PbUJUBQDc7ZRC+dYb8TDyOawEdnrE1+8nfO7Y5SxoPLz/VMmqSZ9NcdBc6Kt1vaz
GbaIdyaHtKRhbBrr8qWbAIzDhyVEkorF+hSHPgCvl+OtaBC7w+eeFvoUhd5EjsZm
QtMAWscZcxeJs2hRcC37KkZb+4+u+Sk5NPjIRKKtxzbA98G72xRPISruD6cPRWmU
cbSlgzQ+9qJ/WIbQqp/AdGSuxJZ6oyb4eX26FxE9sraYRBRvgW8ZgCNX4Ns2F7Yy
4D2pdcSNmBwyESE/MvfvBdiwbWsK1FCOB499ryHGL4IKgez/AEIvGsIYL53PUGtk
qnmUMYQ0PGvWKttQQibB/vQbmoxQuAxZWgoo3tceIiHZDtzZa2j0aKCeVxDIJ4TB
XuhJbYQ9EwIEAhgamdGN6kB9q7FkughITiYNKDP3SL7O/7MG0oQb0GftSCqwWA+9
NSpmyE1DhLkrOZmsEvmsh0F4Oe5elumy0KWt5dhbQxkSYPRuICjd9Jq46nV7/ky1
7U0Ju6Y3gcdrhlFtA4dMEQ9nRnt/PICT1S97aRGiHTLPb0/BL3dKnZPK/LC7r+tb
i/FI97n1dogpd+9hF6KSysI/nNa1XM9Kxufso6oUhNCQG0hsbZULCJTC8HG+s/5h
X/B1sVbs3NzjftgL4rcm8YAwAroeIOOO3UqbqEBaBa1Z+hGyAlLXlM3gbd/vHzUW
U1jIc5w1rM0TdcPyytJwfj2yYeLEkFpQX0t6yopdzw9UT3bmdZ6p/WE=
=nB1c
-----END PGP MESSAGE-----

1253
Off topic / Re: Plagiarism on Atlantis
« on: May 22, 2013, 06:38 pm »
Because Atlantis admins are lying? IDK, was it even a verified account?

1254
Security / Re: Forensic analysis of Tor use
« on: May 22, 2013, 06:18 pm »
Hey thanks. :)

I originally posted that to disprove the persistent myth that you need 7, or 15, or -- laughably -- 35 writes to make data unrecoverable.

Under controlled conditions, where the researchers know where to look and what to look for, a single write is sufficient to prevent recovering anything except random, useless bits of information. Under realistic conditions, it should be even harder to recover anything useful. Even the NSA admits that additional overwrites offer no benefit (this is their recommendation to other government agencies that require secure data erase, for example to comply with HIPAA regulations, so it's unlikely they're lying to screw us over).

The analysis paper happens to contain a lot of other useful information. One reason that I like full disk/volume encryption is it allows for near-instant secure data wipes. All you have to do is write over the first 10 or 100 megabytes of the drive, which takes a few seconds to a few tens of seconds, and you have securely wiped your disk. DBANing can take hours to days.

1255
Security / Re: Forensic analysis of Tor use
« on: May 22, 2013, 05:33 pm »
StExo, you might be interested in this:  http://dkn255hz262ypmii.onion/index.php?topic=99520.msg699299#msg699299

1256
Off topic / Re: Plagiarism on Atlantis
« on: May 22, 2013, 05:06 pm »
Yeah, be wary of Atlantis "verified" accounts too. Ask for a PGP signed message from the vendor.

1257
Perhaps if anyone knows how to tell whether or not you have been infected by the malware, they could let people know on here?

I found the rootkits with the free version of AVG. dirtybiscuitz found it with Malware Bytes and some others that I forgot, but those two definitely work.

The Trojan itself can be detected with any of the AV programs listed on that web site that give it a specific name. Oddly, the ones with just a green check mark don't detect it.

1258
You know, it's probably a good idea for vendors to squat their account names on these other markets, even if they never use them.

1259
You could send your customers a warning on your SR profile and forum thread, and remind them to always verify your identity on other web sites by requesting a PGP signed message.

Other than that, there's not much you can do except ask the admin to give you the account or ban the impostor.

1260
Security / Re: laptop suggestions
« on: May 22, 2013, 03:04 pm »
No matter what you get,  you might as well wait 2 more weeks for the Haswell chips to come out.

Pages: 1 ... 82 83 [84] 85 86 ... 208