Silk Road forums
Discussion => Security => Topic started by: galileosophia on September 22, 2013, 10:01 pm
-
I've been pondering where the most risk is the many activities required for a trade on SR to go down. I'm curious as to what the fine people of the forums think.
Where is the greatest risk:
-- In TOR? Are hidden services and Tor in general completely fucked in terms of preserving anonymity? Or are they somewhat okay as long as you chain VPNs and steal your neighbor's WiFi or something like that? Does the practicality of the gov't breaking Tor or observing enough of the Internet's global traffic flow make this the least secure part of the transaction?
-- With Bitcoin? Does the cashing out of bitcoin represent an extremely precarious part of the transaction? How safe is it to trade locally or get cash deposits or Money Paks for BTC? Does it seem likely that feds or other LE would pose as bitcoin purchasers to lure in unsuspecting SR buyers/sellers?
-- With the mail? Are you most at risk when dropping your packages off? How likely is it that USPS or any other mail carrier will catch on to you, place an order for something you're selling and wait for you to drop off your wares?
-- With SR interactions? Is the risk of SR being compromised high, which would reveal too much identifying information in messages and other communications?
Of course there are many things that should be done at each of these places, but I wondered what you thought to be the largest risk/the most likely place where a fuck-up could cost you your freedom?
-
too stoned to answer all that.
what i can tell you is that your Kush looks incredible.
-
too stoned to answer all that.
what i can tell you is that your Kush looks incredible.
:) I completely understand.
And, yes, it's really great shit! Thanks for noticing and commenting.
Hope to see you around!
-
can only admire from a distance since i'm across the pond
-
Tor is the weakest part for sure its only a matter of time before we are forced to move on to more anonymous alternatives.
-
Weakest part of almost every system is PEOPLE
Whether it's who's running a TOR node you use
Or who else is using that same TOR node
Or it could be who you get your BTC from
Or who you give/sell BTC to
Or who you buy from
Or who you sell to
In every case, it's always those other people in the transaction that pose the greatest risk to you.
-
Guys, let's put this into perspective.
The ARRESTS so far are mostly related to drugs in the MAIL being detected somehow. Particularly importers then on-selling domestically.
The other concern is following the money trail with BTC. This is allegedly how they got the FreedomHosting guy.
The present and future concern is with TOR security. It is unknown how exactly or when/if somebody will be able to do one or both of two things. That is DE-anonymize users AND break encryption protocols, especially what are currently perceived to be 'strong' methods.
-
I've been pondering where the most risk is the many activities required for a trade on SR to go down. I'm curious as to what the fine people of the forums think.
Where is the greatest risk:
-- In TOR? Are hidden services and Tor in general completely fucked in terms of preserving anonymity?
Tor is relatively safer for users, much less safe for hidden services. An attacker can easily link users to the sites they are visiting, but he will only identify a small random sample of users. To get most users or a specific user costs a lot of money and may take a long time (on the order of months). It's not worth doing for most Tor users.
It's notable that LE served an application layer exploit to FH visitors, which means they weren't performing network layer attacks to identify them.
-- With Bitcoin? Does the cashing out of bitcoin represent an extremely precarious part of the transaction?
You'd think it would be, although I haven't heard of anyone getting arrested after cashing out bitcoins. I guess there will be a first time for that eventually. Best way to do it is have trusted associates that want to cash in and trade with them, that way the coins never touch an exchange. The second best way would be to sell coins for cash on an OTC market, but that's not feasible for large amounts.
-- With the mail? Are you most at risk when dropping your packages off?
Dropping off packages isn't as risky as picking them up. This is by far the biggest risk for buyers. Vendors should change drop locations and packaging methods often to avoid getting profiled, and never bring a mobile phone when mailing packages (so your travel patterns are not recorded. Even without GPS your location can be triangulated from phone towers fairly accurately. This becomes a risk if a seized package can be identified as coming from a specific drop location).
-- With SR interactions? Is the risk of SR being compromised high, which would reveal too much identifying information in messages and other communications?
Certainly there's a risk of revealing too much info in messages, but that's what PGP is for.
Of course there are many things that should be done at each of these places, but I wondered what you thought to be the largest risk/the most likely place where a fuck-up could cost you your freedom?
For buyers it's receiving packages in the mail. For vendor it's unclear. To my knowledge, no SR vendor has been busted through an attack on Tor or an investigation of SR. The vendors I've heard about were busted either because they were receiving drugs in the mail themselves, or through IRL dealing.
-
As far as shutting down SR goes, I'd say btc is the weakest link, specifically the points of exchange. They are the easiest to regulate and leave a comparatively easy trail to follow.
The weakest link as far as security goes would probably be the users themselves followed by the money trail. Only vendors, staff, and bulk buyers have to worry about targeted attacks against their IT assets. I'm not saying it's impossible for LE to target casual buyers this way, but it is highly unlikely.
Buyers usually get caught due to a combination of shitty stealth on the vendor's part and their dubious distinction of being "that guy"--you know, the one who happens to be at the wrong place at the wrong time.
Unfortunately, there's not much you can do to counter that threat other than knowing NOT TO TALK TO COPS, and NEVER SIGNING FOR ANYTHING.
-
Weakest part of almost every system is PEOPLE
Whether it's who's running a TOR node you use
Or who else is using that same TOR node
Or it could be who you get your BTC from
Or who you give/sell BTC to
Or who you buy from
Or who you sell to
In every case, it's always those other people in the transaction that pose the greatest risk to you.
That's an excellent point and one I should've suggested in my question. I completely agree here, but it's also a bit worrisome that we trust these complicated systems to preserve our safety. However, it's always people that go and fuck it up for everyone.
-
The riskiest part is the process where you turn BTC into a national currency and wherever along the chain your hand touches something physical linked to that money trail.
-
1. Human error. Including not using GPG to encrypt your address.
2. Massive state level SIGINT agency traffic analysis
3. Hackers
4. Lack of anonymizing Bitcoin enough
5. Random interceptions
Human error is certainly a weak part of SR. Lots of users don't even encrypt their addresses I hear. But this is fine by itself, up to the point that the server is seized, pwnt by hackers, or the admins are busted. So it is hard to say it is the weakest part of SR, since before it manifests itself as a weakness another issue will need to trigger it. Massive traffic analysis by NSA and similar agencies is a big concern and there is a lot of worry that these attackers can deanonymize most Tor users. If they actually feed the intelligence to the feds, that is somewhat of a different question, although I am not as optimistic as I once was. Hackers are a real threat as well and it is hard to say they are less of a threat than SIGINT agencies. Even though a global external attacker is near a death blow against SR, it might be that we actually have more to worry about from hackers. Random interceptions are always a threat as well, but they happen rarely without some other form of intelligence pointing to the package or individual.
It is really hard to say which of these is the greatest threat to SR, but together they are the primary threats to keep in mind.
-
1. Human error. Including not using GPG to encrypt your address.
2. Massive state level SIGINT agency traffic analysis
3. Hackers
4. Lack of anonymizing Bitcoin enough
5. Random interceptions
Excellent list and accompanying reasoning. It's wonderful how fucked hackers can be to each other. There's a persistent showmanship involved where there's a continual ego boost behind taking down something that's supposed to be secure.
You hear security types use cliches like "you're only as strong as your weakest link," but I fear we may be dealing with a defective chain here, a systemic risk if you will.
-
I would say that #4 (mail) is the ultimately weakest part of the SR network. We can envision a possible future in which the security of the tor network/bitcoin, the workability of bitcoin, the strength of the protective measures that DPR has in place against cyberattacks, and all other security nodes are relatively impervious, at least in the sense that the full brunt of world government doesn't come down to attack us.
As long as users use proper communication methods (e.g. PGP) that are easy to learn and adopt safe browsing practices (again easy to learn), the one flaw in the system that I cannot see us adequetly resolving is the issue of delivery of goods from vendor to buyer.
Yes it is true that the USPS sucks and the chances of mail being intercepted is rather low (so long as stealth shipping is in place, which all vendors should already know how to do), but I feel that we're at a dead end at the particular point in time.
I suppose an ideal solution would be to design some sort of "underground railroad" where drugs are shipped to each other using a private Silk Road courier (obviously you'd need a front for the business). The courier would only ship from vendor to buyer, the driver would be paid off or something, etc. Wild idea but in my opinion that'd be ideal to resolve the shipping/delivery problem.
-
I would say that #4 (mail) is the ultimately weakest part of the SR network. We can envision a possible future in which the security of the tor network/bitcoin, the workability of bitcoin, the strength of the protective measures that DPR has in place against cyberattacks, and all other security nodes are relatively impervious, at least in the sense that the full brunt of world government doesn't come down to attack us.
As long as users use proper communication methods (e.g. PGP) that are easy to learn and adopt safe browsing practices (again easy to learn), the one flaw in the system that I cannot see us adequetly resolving is the issue of delivery of goods from vendor to buyer.
Yes it is true that the USPS sucks and the chances of mail being intercepted is rather low (so long as stealth shipping is in place, which all vendors should already know how to do), but I feel that we're at a dead end at the particular point in time.
I suppose an ideal solution would be to design some sort of "underground railroad" where drugs are shipped to each other using a private Silk Road courier (obviously you'd need a front for the business). The courier would only ship from vendor to buyer, the driver would be paid off or something, etc. Wild idea but in my opinion that'd be ideal to resolve the shipping/delivery problem.
If SR gets big enough it could break apart into local city wide groups, with dead drops. The only people that would need to travel far distances would be big suppliers, and they would be well compensated. Small orders could be dead dropped around the city.
-
I used to think that SR would eventually be shut down because the admin and/or servers would be discovered. But no, recent events convince me that Bitcoin is the weak link. Liberty Reserve was shutdown for money laundering; MtGox makes users provide government issued ID before making withdrawals, and many Bitcoin exchanges just cease to exist after a time.
And no matter how much you try to hide that fact that the Bitcoins you bought went to SR, Blockchain.info (other LE agencies surely have similar tools) has software that gives a quick, graphical view of the route your Bitcoins took to SR. So your transfer looks something like this:
WalletA --> WalletB --> WalletC --> WalletD --> SilkRoad
And now users are having trouble just getting the Bitcoins they sent to SR credited to their account.
One of the successful tactics LE agencies have used over the years is to "follow the money trail." Once you cut off the cash to an organization you can expect it to collapse. LE hasn't been able to find SR, but they can trace, and in some cases, cut off the funds.
-
I used to think that SR would eventually be shut down because the admin and/or servers would be discovered. But no, recent events convince me that Bitcoin is the weak link. Liberty Reserve was shutdown for money laundering; MtGox makes users provide government issued ID before making withdrawals, and many Bitcoin exchanges just cease to exist after a time.
And no matter how much you try to hide that fact that the Bitcoins you bought went to SR, Blockchain.info (other LE agencies surely have similar tools) has software that gives a quick, graphical view of the route your Bitcoins took to SR. So your transfer looks something like this:
WalletA --> WalletB --> WalletC --> WalletD --> SilkRoad
And now users are having trouble just getting the Bitcoins they sent to SR credited to their account.
One of the successful tactics LE agencies have used over the years is to "follow the money trail." Once you cut off the cash to an organization you can expect it to collapse. LE hasn't been able to find SR, but they can trace, and in some cases, cut off the funds.
Yes, that is definitely a worry. However, even if they know an address belongs to SR, they cannot for sure pin down the rest of the addresses in the chain after the SR transaction as long as cash only comes into the picture using local transfers and/or lots of transfers to try and make the number of transactions after the SR address too confusing to track down.