Silk Road forums

typtap hit +100 karma. Congrats!

Hey, I am new here and was just wondering if someone could direct me to some information on sending encrypted messages and whatnot when dealing with ppl.

This is a good tutorial http://32yehzkk7jflf6r2.onion/gpg4usb/

Oh, also the fact that he posted a thread asking why people don't send mail-bombs to LE, and then went on to encourage the practice of trying to mailbomb LE.

Yes, he has gone on several tirades encouraging violence against the government and LE, which I disagree with as well.

I'm not trying to excuse those comments, but there's a chance he was fucked up when he made them. Lord knows I've said some stupid shit online, mostly thanks to alcohol in my case.

Also, if ya'll aren't using Liberte, then isn't it a concern to have your IP accessible to LE while on SR?

The vast majority of people are not using Liberte. They are running the vanilla Tor Browser Bundle on Windows, which will hide your IP. That's what Tor and the TBB are for. Liberte is just a secure operating system that also uses Tor, but Tor can be run on any operating system.

Since most people are on Windows, they are using a Windows port of GPG, mainly GPG4Win and GPG4USB.

1.Why do you use Tor and hidden services?

Obviously almost everybody here uses hidden services to get drugs. Some people use them for other things, like secure email. It depends on what the hidden service offers. Asking on a drug forum will give you a biased sample of Tor users.

More generally, hidden services are useful because they are very censorship resistant. An onion domain can't be hijacked by a registrar like we saw with some piracy web sites. An onion domain is the first 16 characters of a base32 encoded hash of a private key. A hidden service identifies itself to a Tor client with that private key, so the only way to hijack a hidden service is to 1) hack the server and steal the private key, 2) brute force a private key with the same hashed / encoded first 16 characters (a hash collision), 3a) trick people into believing your domain is the domain they desire, or 3b) brute force a private key where a substring of the onion domain resembles a known hidden service, which we've seen with some phishing attempts. 3a,b) are possible because of Zooko's triangle.

https://en.wikipedia.org/wiki/Zooko%27s_triangle

2. Do you think an academic study on hidden services is a good/bad idea, why?

Great idea. There's already a library of academic material on anonymity networks.

http://freehaven.net/anonbib/

Why? Because security through obscurity is a myth. The more we know about the technology we use, including threats to that technology, the safer we are.

3. Do you think that the Tor Darknet has longevity? How long can you see it lasting?

It's a decentralized network, supported by thousands of independent volunteers, spread across ~75 countries. Even if funding to the Tor Project were cut off, the relays would keep running. Eventually bitrot might down the network, but it would take years. As for "darknets" in general, there's an obvious need for privacy-enhancing technology, especially with an increased awareness of state surveillance capabilities.

Beyond that, people increasingly understand the liberating value of this and other technologies (cognitively, financially, and otherwise). Take bitcoin as an example. When governments don't control the money supply, an American can safely do business with a Cuban or Iranian. Let's say you're a publishing platform, like Wordpress. You need to make money as a business to survive, and an Iranian dissident is willing to pay for your service, but he can't because of embargoes between your two governments. This is where superficially well-meaning policies go wrong, but transactions in the bitcoin network are subject to no global policies, except the math that protects the integrity of bitcoin transactions. The coins in your wallet are yours, like actually yours, not just a(n easily revoked) "guarantee" from your government or a bank.

The cat is out of the bag on "darknets" and other privacy-enhancing technologies. A growing number of people understand the value of these technologies and there's no turning back, so no they won't go away, even if Tor isn't the final answer on secure anonymity networks.

Finally, is there anything you would like to see included in an academic study on Tor? (I.E more about the positive sides of the Tor community etc?)

I'd like to know if your colleagues in the CS department can identify a random hidden service of my choosing.

And if you don't mind spending hours digging through kmfkewm's 2000 posts, he has a lot of verbose but incredibly detailed, and in my opinion, expertly informed comments on the subject.

@stiffneck

-----BEGIN PGP MESSAGE-----

hQIMA1ewgXaB/e6sARAAlEBg7+0WPR6lY6M9XfseETF2i/5JGb8/+NXv2tKkLcRp
a1ZeEuc2/B71wR7y8cPRPZ6BjmKEehiENXGX7p0OBSRPUVEvdHDoL3ZMItXqtyFw
I9Aqlq27V0rcKDEPhLsufsY0o7KCCXb6MaB9bCaRkq/v8SgXBHSgQdI9N+7IyyH/
fPtbQBrTkO072vzcofGaEuVwJBBFEK5fxQ77AxcGYV99lbdaJcDlw/1wQ/S+m1br
rMFIswMBviObNhCMqwUZCEDkOpnsd5IRs2QqGCBoj0FHvtGXIjl0eIxJQOm6LfYb
iEsvLbxsRa3GlxBNlIrCrqt4faHsg+UCOE8bXFwBy+LaujM5Rvlu7+rAR+CoYWP2
wZImk6+4sz+VXyilCUwMdSPFu4ZuiXlXeKJ9BF1lP4ozaUIx0E1RaWQiWnvLdgff
m8MpsoKNfbjIKz830FEiOmLf5MWeFdLPp/nSrpElZoJ3DH/VM9MWDjjZXyFwk2bo
Y//jL4Co1OMgDqJ7/8RhWP0vuHtgFXLpOfrnmiiYAK5VyPS8iq+BA1e8YlZRwjVa
wtU61MmatkWBqbxv1ClKOe/w9ZXzKGKxhIIE+Lnxn6UqrnAYNNFzI9u8jYYductr
ZjgjkhIka1D+tOwXaYT4zCmafjrZ81TM6iaA/rw2wTq9vOWlcJtvFj7SA/W7Xx3S
wGcBcPvZRdQbfoO7IuN6Ed3/5mCWFQkoO9Anfv0RTsSXKmsFc3WYHJXaDg0zMmil
eciElWh7A1PpvVpdLxLE9uscLR5D1XP4uBkg+KXHVaOVqZc9cAWKcxWD0zlINaCB
sqDXoYb9AuYVi/44qseC/4XWHFobbPWAENMKSpZhotPS0ZaV1W1kMoxz0AwM2aoX
L8wQO79ktxdRxtPkJJ0lyNGpQJXF+Q+vDgdzSkuj9vOILo0JzrN9iCTyEMD/OfnZ
fmHVl22LZoOoKhcFJP76kJ10mN3ca6WAyMmndBfikLzjBG+ej/0G0Dfnbhct6HKb
3TpmhxscqYHocfSPWXeiWyUSCnwMGr/BpNiyvBZSnQp048b1pIsJUi0lbaPEg5IH
/fM8dBHI/Off
=XD+X
-----END PGP MESSAGE-----