Silk Road forums

Members when ANYTHING IS not a normal SR LOGIN then back off it.. An second Why is it sooo hard to BOOKMARK THIS PAGE?? Or highlight copy open notepad PASTE it then Save as to a USB stick?

I would love for everyone to save important data locally and not rely on untrusted third parties like easily vandalized Wikipedia, but you have to consider that some people don't have full control of their computer. They share a computer with family or roommates, or they go to a library, university, or internet cafe, and they don't want evidence of accessing SR on disk. An encrypted thumb drive is their best option, and I plan on writing a tutorial for that in the coming days.

As for recognizing a phishy site, they don't even have to remember the entire 8 characters after silkroad. Memorizing 5piz3 is enough, since the probability of finding a private key that hashes to silkroad*5piz3* is extremely small. It would take ages to search the key space for a private key that hashes to a domain name containing those two strings. Looking for 5piz3 after silkroad will block 99.99% of all phishing attempts.

Security experts will tell you that no proprietary software is safe. Corporations can collude with the government to introduce backdoors, and Microsoft is known to have a cozy relationship with law enforcement. They provide software like COFEE

https://en.wikipedia.org/wiki/Computer_Online_Forensic_Evidence_Extractor

Open source software is safer because it can be reviewed by independent experts. TrueCrypt is open source. GPG is open source. BitLocker is not open source, and some of the Windows ports of GPG may not be open source, so be careful, and choose open source security solutions over proprietary ones.

@stiffneck

-----BEGIN PGP MESSAGE-----

hQIMA1ewgXaB/e6sARAAjQGBd4epCtzhvZnfvg6pdLJH04zowV1G+pyDp5yM9Ao+
cUfios9Ozj0CJY76/Icn7ClG4yTsmLUy1sit75vbtrC0pace16lJET1ROfF113r3
eseVLvxnT2yr1K64pDZrGLXfOP4fXCv5TUcWoevxMSVcl/3qOKKMByZsNS9Ti86R
Tc6nTZZZHEneLG/0G+3P3BcoXg4o4CBccM84X1Gil1vACxFBAIncwO28+ExWbpe5
f2vKGKDimcg4TmksNmR4/liTGNdE8aLtvEGy/A/Kz2CaqNdCKhoR3p++qlDitBfF
12KloUc349aiIuFn/nDrOKBvoEu4jHEfGq7L6fpGPoO6FeW9iKsPsz8Iv+abvGRm
jbPGckQCM2wcRZEJyiyKQ4YY+maLU3NqY57oGSXHgulifyGnn1WE4cuilhPyes5O
sniQsxn2CcjQlM+IM9xGLXd23sLrw+siZ8V5SsRR43ksPVyl/ArbwnlyHxUh55mK
myym5U1goISP/G3cwRFLkAlLGIb2c/B05dZkzpYKw+Y8Fsw+C1EQDAS0plk3hnLm
1sflKxOfIesDXeRkgBVbUk8exnNpTy2noq2fxAwW1A6Ar/SwtCqz4zgndBg4R5dB
dz397f1ywhPqP0O8N0L61CAUdnAiu/Q/0FdOe04zZi0pkinA5md/L0wc/7ZtiuvS
wEUBcMbuLHnshI/tgY9jFZgk96qUuDUI76yDryn6EhByncc6oolZ+hsNoAdSXiC3
n6S+nUEWQrAcEWRC3utMoN6cYiYXGSabK9SN+/pZb5Nn3EfGEM+rH2EIbT8NJIs1
N3gOXV0EeFx+vnNf6oU8SrG/qS7S3fUuXlV8sRJ20fCpNjUioVvkXOABWtWgCC7H
cu1N1C1s3XXbi5sHmgfgO5jEvyG9Y8XbLqCBsBXU9jQgsrytDuMgCBAXugydhhQV
gLoON9LoLUlsMlUPSux82dRhMXsBcJWEe9txVrngkS4GVcygWqV5gfACBpwcqU27
rcKM89QQ2W2GfEbFTFhCoOKP3XJz2jA=
=5xhW
-----END PGP MESSAGE-----

I wont book mark, to risky to leave it on my computer for personal reason's.

Buy a USB thumb drive and copy TrueCrypt onto it, then create an encrypted file that contains TBB and your PGP software, along with a text file with URLs and strong passwords. TrueCrypt can even be set to autorun when you insert the thumb drive.

http://www.truecrypt.org/docs/?s=truecrypt-portable

I think this will be my next tutorial, because there's a big need for secure data storage in the community. Too many people rely on untrustworthy third parties to get the URL.

BTW, storing the SR URL and your password in plaintext on hosted email isn't risk free.

You should store TBB and your PGP software on encrypted media, then you can bookmark the URL or save it in a text file and avoid this problem.

Instawallet is an intermediary like a mixing service, but nowhere near as safe. Some people believe it's enough to offer plausible deniability, ie, someone follows the bitcoin trail back from your SR address to an Instawallet address to the exchange. The exchange knows who you are but you can claim that you sent the coins to someone else, and as long as you access Instawallet over Tor, nobody can prove it's you.

I'm not particularly convinced of that method. I'd rather not be identified in the first place, which is why if I bought coins in a non-anonymous way, I'd properly mix them.

You'll want to configure the Bitcoin-QT client to run over Tor, otherwise it could list your IP address as the "Relayed by IP" in the block chain. So if you're sending coins directly from your client to SR, you could be deanonymized.

Take a look at any random transaction and you'll the relayed by IP

https://blockchain.info/tx/95855cbb856458834fb26d948cd8a5b8bf2644ce829a0a77d128c5aced5df30b/95855cbb856458834fb26d948cd8a5b8bf2644ce829a0a77d128c5aced5df30b

Honestly, if you've never used bitcoin before, I suggest using an ewallet like the one that blockchain.info offers. With the standard client, you need to download the entire block chain before you can use it, plus the index file, and that's like 4 GB of data and rapidly increasing.