Silk Road forums
Discussion => Security => Topic started by: cleansober on June 20, 2013, 06:56 pm
-
From the SR Buyers Guide at, http://dkn255hz262ypmii.onion/wiki/index.php?title=Buyer%27s_Guide:
"Receiving address
From the moment you submit your order, to the moment it is displayed to your vendor, the information is fully encrypted and unreadable. Then, as soon as your vendor marks your package with the address and confirms shipment, the address is deleted forever and is irretrievable. For the extra cautious, you can encrypt your information yourself with your vendor's public key. This way, even if the Silk Road server your address is on were compromised, your address would still be safe."
How many folks out there don't use this extra layer of encryption? Seems conflicting information about the need to use it abounds. Who are we attempting to evade by using PGP? NSA, FBI, or just plain cops? If I had the computer skill to figure it out in under two days I would not ask this question but so far even two days has not been enough for me to crack this nut. I suppose if somehow LEO could capture everything going to SR they could put the data stream through some sort of decryption program. But then what does SR mean above about 'fully encrypted and unreadable'? My thinking here is encrypted and I seem to have lost the key to make sense out of it all. Thank you to anyone who can help unlock this mystery. I'm convinced that many SR citizens must be computer hackers of sorts. For the rest of us though I wonder...
-
How many folks out there don't use this extra layer of encryption?
Surprisingly few people PGP encrypt their addresses. I've seen vendors quote numbers ranging from 50% to 95% of their customers don't encrypt their addresses, with a median probably around 80%. We have a biased view, since most SR users are not on the forum. The people who register and post on this forum are going to be more engaged and proactive about their security, and that's even more true of people who post in the Security section. Some SR users are incredibly lax with their security, using regular browsers to access SR over clearnet, through Tor in-proxies like onion.to. They probably have no security in their bitcoin practices either, sending BTC straight from exchanges (linked to their identities) to their SR addresses.
Seems conflicting information about the need to use it abounds. Who are we attempting to evade by using PGP? NSA, FBI, or just plain cops?
Anyone who compromises the server. It would most likely be a big three letter agency, but it could be hackers who then use that information to blackmail people.
If I had the computer skill to figure it out in under two days I would not ask this question but so far even two days has not been enough for me to crack this nut. I suppose if somehow LEO could capture everything going to SR they could put the data stream through some sort of decryption program. But then what does SR mean above about 'fully encrypted and unreadable'? My thinking here is encrypted and I seem to have lost the key to make sense out of it all.
It means either that the SR server uses full disk encryption, or the data is encrypted in the database. The problem is that an adversary who gains physical control of the server may be able to steal the encryption key from RAM and get access to all the data.
The way I view encrypting my address, it's like wearing a seat belt. I may not get in a car accident in the next month or the next year, but in the unlikely event that I do, having a seat belt on could be incredibly important. And it costs me nothing to wear a seat belt, so I wear one every time I'm in a car.
The SR server may not be compromised any time soon, but if it ever is, the people with plaintext addresses will be the low hanging fruit that LE will go after first, especially if they have large outstanding orders. Encrypting your address costs you almost nothing -- maybe 30 seconds of your time -- so you should encrypt your address every time.
-
How many folks out there don't use this extra layer of encryption?
Surprisingly few people PGP encrypt their addresses. I've seen vendors quote numbers ranging from 50% to 95% of their customers don't encrypt their addresses, with a median probably around 80%. We have a biased view, since most SR users are not on the forum. The people who register and post on this forum are going to be more engaged and proactive about their security, and that's even more true of people who post in the Security section. Some SR users are incredibly lax with their security, using regular browsers to access SR over clearnet, through Tor in-proxies like onion.to. They probably have no security in their bitcoin practices either, sending BTC straight from exchanges (linked to their identities) to their SR addresses.
Seems conflicting information about the need to use it abounds. Who are we attempting to evade by using PGP? NSA, FBI, or just plain cops?
Anyone who compromises the server. It would most likely be a big three letter agency, but it could be hackers who then use that information to blackmail people.
If I had the computer skill to figure it out in under two days I would not ask this question but so far even two days has not been enough for me to crack this nut. I suppose if somehow LEO could capture everything going to SR they could put the data stream through some sort of decryption program. But then what does SR mean above about 'fully encrypted and unreadable'? My thinking here is encrypted and I seem to have lost the key to make sense out of it all.
It means either that the SR server uses full disk encryption, or the data is encrypted in the database. The problem is that an adversary who gains physical control of the server may be able to steal the encryption key from RAM and get access to all the data.
The way I view encrypting my address, it's like wearing a seat belt. I may not get in a car accident in the next month or the next year, but in the unlikely event that I do, having a seat belt on could be incredibly important. And it costs me nothing to wear a seat belt, so I wear one every time I'm in a car.
The SR server may not be compromised any time soon, but if it ever is, the people with plaintext addresses will be the low hanging fruit that LE will go after first, especially if they have large outstanding orders. Encrypting your address costs you almost nothing -- maybe 30 seconds of your time -- so you should encrypt your address every time.
Sometimes, I wonder if PGP may be as counter-productive as airbags in such accidents, however.
Isn't it possible that PGP just shifts liability?
Instead of the information being possibly retrieved on SR's server, it is now possibly retrieved from the vendor's computer as he has to save or c/p the text on his drive to decrypt. Since the vendor is at much higher risk of seizure than SR at any point, we're just placing our bets on the vendors. If the PGP using-customers have a file on a computer drive in which they load keys, and do not delete them, then the risk compounds.
Seems plausible.
-
"The way I view encrypting my address, it's like wearing a seat belt. I may not get in a car accident in the next month or the next year, but in the unlikely event that I do, having a seat belt on could be incredibly important. And it costs me nothing to wear a seat belt, so I wear one every time I'm in a car"
+1 - That's exactly why you should do it. It's your decision however.
You don't need to be a programming genius to encrypt messages. There's plenty tutorials on youtube, just choose the program which works best for you. There's also a lot of resources on the internet, look for gnupg.
I even use it to exchange sensible information between people off the Road. Can be anything really. Nobody can read it. I have no clue what it takes to hack an encrypted message but it would sure take more work and effort than what the hacker would gain out of it.
I feel the necessity to use it since we never read license agreements. Proof of this is that the world discovered rather late that facebook saves everything you do, even your chat messages. Do you trust them? I don't.
If they're doing it who else is?
-
@Railgun: Good point, however what I have understood of pgp encryption is that the contents of the message remain safe unless they are transcribed out of the encrypted message. The encrypted message can then be deleted and pushed into oblivion. That IS a good SR vendor's policy.
Maybe someone with more knowledge of pgp can enlighten us further?
Police may be able to retrieve the encrypted messages even after deletion? I wonder though how long it would take them to decrypt each one. What would they do with all those addresses they've decrypted after years of work? Raid each and every one of them? Not likely in western society... for now.
-
How many folks out there don't use this extra layer of encryption?
Surprisingly few people PGP encrypt their addresses. I've seen vendors quote numbers ranging from 50% to 95% of their customers don't encrypt their addresses, with a median probably around 80%. We have a biased view, since most SR users are not on the forum. The people who register and post on this forum are going to be more engaged and proactive about their security, and that's even more true of people who post in the Security section. Some SR users are incredibly lax with their security, using regular browsers to access SR over clearnet, through Tor in-proxies like onion.to. They probably have no security in their bitcoin practices either, sending BTC straight from exchanges (linked to their identities) to their SR addresses.
Seems conflicting information about the need to use it abounds. Who are we attempting to evade by using PGP? NSA, FBI, or just plain cops?
Anyone who compromises the server. It would most likely be a big three letter agency, but it could be hackers who then use that information to blackmail people.
If I had the computer skill to figure it out in under two days I would not ask this question but so far even two days has not been enough for me to crack this nut. I suppose if somehow LEO could capture everything going to SR they could put the data stream through some sort of decryption program. But then what does SR mean above about 'fully encrypted and unreadable'? My thinking here is encrypted and I seem to have lost the key to make sense out of it all.
It means either that the SR server uses full disk encryption, or the data is encrypted in the database. The problem is that an adversary who gains physical control of the server may be able to steal the encryption key from RAM and get access to all the data.
The way I view encrypting my address, it's like wearing a seat belt. I may not get in a car accident in the next month or the next year, but in the unlikely event that I do, having a seat belt on could be incredibly important. And it costs me nothing to wear a seat belt, so I wear one every time I'm in a car.
The SR server may not be compromised any time soon, but if it ever is, the people with plaintext addresses will be the low hanging fruit that LE will go after first, especially if they have large outstanding orders. Encrypting your address costs you almost nothing -- maybe 30 seconds of your time -- so you should encrypt your address every time.
Sometimes, I wonder if PGP may be as counter-productive as airbags in such accidents, however.
Isn't it possible that PGP just shifts liability?
Instead of the information being possibly retrieved on SR's server, it is now possibly retrieved from the vendor's computer as he has to save or c/p the text on his drive to decrypt. Since the vendor is at much higher risk of seizure than SR at any point, we're just placing our bets on the vendors. If the PGP using-customers have a file on a computer drive in which they load keys, and do not delete them, then the risk compounds.
Seems plausible.
Vendors can decrypt ciphertext entirely in RAM, the same place the plaintext will be when they view a plaintext message sent to them over SR. The difference is that when customers send a plaintext message it is in plaintext on persistent memory on the SR server, in either case it is in plaintext in the vendors RAM. Also I do not believe at all that vendors are much more likely to have their computers seized than the central SR server is be seized. Not to mention the keyword central, there are thousands of vendors but there is a single (or cluster of synchronized...) SR server. That means one thing needs to be compromised to get all addresses sent in plaintext, thousands of things need to be compromised to get all addresses that are sent encrypted. I don't understand the compounded risk of customers having vendor keys, unless you mean perhaps that it could fingerprint them as being a member of SR and working with said vendors. Regardless, that is what you use FDE and Truecrypt containers for.
-
Thanks astor for the estimates, now at least I don't feel like I'm the only one who can't figure out PGP. Been to the tutorials, help pages and Youtube but as my teachers used to tell me, "you don't get it and at this rate you will be shopping for drugs on SR when you get out of school". Ha ha, they did not tell me this but something along those lines.
For many SR shoppers, older white males who have lost our zest for porn but with a rekindled interest in drugs, the weakest link in this security chain is clearly the delivery part. If LEO started raiding every address that had a few grams of weed sent to it then they will need to increase their forces exponentially. My assumption is they do know what is going on here but are incapable or unwilling to fight a war with so many fronts. For now they will frighten away many and make examples of a few with the laws against using the mail to send illegal stuff. Thank you terrorists for taking the heat off us.
By the way if anyone knows a good thread for learning GPG Keychain Access on the Mac I would be grateful. Cheers to all.
-
Surprisingly few people PGP encrypt their addresses. I've seen vendors quote numbers ranging from 50% to 95% of their customers don't encrypt their addresses, with a median probably around 80%.
You aren't joking when you quote these numbers. That realization meant it took me the best part of an hour to manage a coherent response.
Why would you not take the couple of hours it takes to learn PGP? The security benefits far outweigh the tiny time cost. From this forum I can see that PGP seems to be something of a recurring problem for people, though I suspect that may be due to the OS they are using as much as anything else (I can never get GPG4WIN to verify signed files but using any debian/ubuntu distro has been trouble free). If you are anything like me the problem (at least partially) stems from trying to understand the intricate workings of it. That is not necessary, you can use as if its a voodoo incantation until you can wrap your head around the inner workings (though that feels like an ongoing process).
PGP is like a seatbelt but better since car-crashes rarely try to shiv you or rape you in the showers.
Can't help with the Mac I'm afraid except to strongly advise you get a PC for SR stuff (though it certainly doesn't have to be just for SR) as its many times easier to secure and clean.
-
Why would you not take the couple of hours it takes to learn PGP?
Most people complete my tutorial in under 15 minutes. It is really unfortunate that more people don't use PGP.
-
took me a few hours to fully learn the concept and functionality of it. can't imagine why you would utilize such a valuable tool.
-
From the SR Buyers Guide at, http://dkn255hz262ypmii.onion/wiki/index.php?title=Buyer%27s_Guide:
"Receiving address
From the moment you submit your order, to the moment it is displayed to your vendor, the information is fully encrypted and unreadable. Then, as soon as your vendor marks your package with the address and confirms shipment, the address is deleted forever and is irretrievable. For the extra cautious, you can encrypt your information yourself with your vendor's public key. This way, even if the Silk Road server your address is on were compromised, your address would still be safe."
How many folks out there don't use this extra layer of encryption? Seems conflicting information about the need to use it abounds. Who are we attempting to evade by using PGP? NSA, FBI, or just plain cops? If I had the computer skill to figure it out in under two days I would not ask this question but so far even two days has not been enough for me to crack this nut. I suppose if somehow LEO could capture everything going to SR they could put the data stream through some sort of decryption program. But then what does SR mean above about 'fully encrypted and unreadable'? My thinking here is encrypted and I seem to have lost the key to make sense out of it all. Thank you to anyone who can help unlock this mystery. I'm convinced that many SR citizens must be computer hackers of sorts. For the rest of us though I wonder...
PGP is super easy. Download portable PGP and learn to use it. The biggest question is why not use it? Not to sound like a penis, but if you can't encrypt your stuff, or be bothered to learn to, you probably shouldn't order illegal substances from the internet.
It's not SR you have to worry about being caught, it's the vendor. If your plain text address is on their account and you get nabbed, they have a real name attached to a physical address, or a PO box which has to be attache dto a physical address (if no fake id was used).
Modern computer encryption employs algorithms that would take the strongest super computers something like tens of thousands of years to unencrypt just one. AKA It's practically impossible to unencrypt without the key.
PGP is also open source. This means the source code is available for anyone to see. There is no way to hide some secret code (If you download from a reputable source) that makes it so it can be unencrypted via backdoor.
Hope this helps.
-
From the SR Buyers Guide at, http://dkn255hz262ypmii.onion/wiki/index.php?title=Buyer%27s_Guide:
"Receiving address
From the moment you submit your order, to the moment it is displayed to your vendor, the information is fully encrypted and unreadable. Then, as soon as your vendor marks your package with the address and confirms shipment, the address is deleted forever and is irretrievable. For the extra cautious, you can encrypt your information yourself with your vendor's public key. This way, even if the Silk Road server your address is on were compromised, your address would still be safe."
How many folks out there don't use this extra layer of encryption? Seems conflicting information about the need to use it abounds. Who are we attempting to evade by using PGP? NSA, FBI, or just plain cops? If I had the computer skill to figure it out in under two days I would not ask this question but so far even two days has not been enough for me to crack this nut. I suppose if somehow LEO could capture everything going to SR they could put the data stream through some sort of decryption program. But then what does SR mean above about 'fully encrypted and unreadable'? My thinking here is encrypted and I seem to have lost the key to make sense out of it all. Thank you to anyone who can help unlock this mystery. I'm convinced that many SR citizens must be computer hackers of sorts. For the rest of us though I wonder...
PGP is super easy. Download portable PGP and learn to use it. The biggest question is why not use it? Not to sound like a penis, but if you can't encrypt your stuff, or be bothered to learn to, you probably shouldn't order illegal substances from the internet.
It's not SR you have to worry about being caught, it's the vendor. If your plain text address is on their account and you get nabbed, they have a real name attached to a physical address, or a PO box which has to be attache dto a physical address (if no fake id was used).
Modern computer encryption employs algorithms that would take the strongest super computers something like tens of thousands of years to unencrypt just one. AKA It's practically impossible to unencrypt without the key.
PGP is also open source. This means the source code is available for anyone to see. There is no way to hide some secret code (If you download from a reputable source) that makes it so it can be unencrypted via backdoor.
Hope this helps.
I'd recommend GPG4Usb over Portable PGP since it's in my opinion easier to use and provides more functionality while still being portable.
However more importantly the keypairs it generates are a lot stronger than Portable PGP's which only offers a maximum key size of 1024 bits which shouldn't be used anymore.
Wow much better, thanks! Tasty knowledge.
-
80% of my current unfilled orders have the address PGP encrypted.
Some days it is as low as 50%, other days 100%.
Privacy is liberating.
-
Actually if you have an Android Smartphone you can download the application "APG" which actually works extremely well. Takes less than an hour to set up and use. Only drawback is you have to mail stuff back and forth but it's not a big deal.
Of course keeping all your public keys on a phone might seem questionable to some but you can hide the application pretty well. Chances are as well that whoever busted has no idea what it is.
GPG4win works but won't stop crashing so I inevitably uninstalled it.
-
The people putting their trust in the SR server side encryption obviously don't understand the difference between types of encryption. There is absolutely no way that the SR server side encryption is adequate to protect from 99% of attacks. Chances are extremely high that it consists of having things stored on a mounted symmetrically encrypted partition or container. That means that everything is in an unencrypted state while it is in RAM, which will be almost 100% of the time. If hackers pwn the servers, they can get all of the plaintexts. If the server is seized, unless the feds tremendously fuck up how they go about it, they will be able to get the plaintexts.
-
80% of my current unfilled orders have the address PGP encrypted.
Some days it is as low as 50%, other days 100%.
Privacy is liberating.
Nice. That's the highest number I've heard. The second highest number I've heard, 50%, was in the last couple of weeks. I wonder if the percentage of people using encryption is increasing. Maybe people are becoming more aware and educated.
-
everytime, just didn't for 2 vendors cause they use privnote :\
1 vendor asked me to send it clear lol
sr is safe enough? don't care, pgp don't hurt me :)
better to be paranoid that uncaring