Silk Road forums

Discussion => Silk Road discussion => Topic started by: Krazys on December 23, 2012, 03:21 am

Title: SR messages hacked?
Post by: Krazys on December 23, 2012, 03:21 am
Just sent a message to a vender ending with "...my Silk Road  account" .

What they received was the start of my message, then some gibberish, then; "Silk Road is done in a few days. "


Anyone else experienced messaging oddities? I am now reading back over all of my sent messages just in case.
Title: Re: SR messages hacked?
Post by: Magic Moments on December 23, 2012, 03:25 am
I dont understand.
Title: Re: SR messages hacked?
Post by: Nightcrawler on December 23, 2012, 03:31 am
Just sent a message to a vender ending with "...my Silk Road  account" .

What they received was the start of my message, then some gibberish, then; "Silk Road is done in a few days. "


Anyone else experienced messaging oddities? I am now reading back over all of my sent messages just in case.

That certainly counts as odd, to say the least. Frankly, the best practice is to assume that the SR Forum and/or SR proper are either hacked, or are under surveillance.  That is why you should be using PGP for all communications, even trivial ones.

NC
Title: Re: SR messages hacked?
Post by: Nightcrawler on December 23, 2012, 03:57 am
that is weird indeed ...  hm.  i agree with Nightcrawler about the importance of PGP ... i wish more buyers were using it, even for buying bitcoins from me.

As long as the management refuses to make the use of PGP mandatory, nothing will change. As I said earlier, voluntary compliance never truly works in the real world. Public education only goes so far... When it comes to security, people do NOT want to learn new things, they do not wish to go outside of their comfort zones. User laziness is the single biggest asset that law enforcement has to use against a community like Silk Road. Unfortunately, in the real world, sometimes people have to be _forced_ to do the right thing.  To believe otherwise is nothing but a Libertarian pipe-dream.

NC
Title: Re: SR messages hacked?
Post by: Magic Moments on December 23, 2012, 04:11 am
So does this mean SR is hacked again? Can you ask the vendor to copy and paste the message here so we can all take a look, If the hackers are at it again and this time the have control of our messages it may do more damage then the picture hack. We need more info!
Title: Re: SR messages hacked?
Post by: A Riotous Defect on December 23, 2012, 04:19 am
I wonder if this could mean the security of orders in processing has been comprimised as well? I sure hope not. :[ But I wont get too worried, I don't know any of the specifics...
Title: Re: SR messages hacked?
Post by: astor on December 23, 2012, 05:19 am
"Silk Road is done in a few days. "

I'm sorry but no hacker worth his shit would announce a hack days in advance like that. They would just do it.

Did the image hacker announce his hack? No, he just did it.

If this is real, the hacker is scaring people because altering messages is all he is capable of doing.

I could be wrong, but that seems to be the case 95% of the time. There are people full of bluster, and then there are people who just do it.
Title: Re: SR messages hacked?
Post by: Krazys on December 24, 2012, 12:42 am
I'm sorry but no hacker worth his shit would announce a hack days in advance like that. They would just do it...

If this is real, the hacker is scaring people because altering messages is all he is capable of doing.
That is my take. Please note that all I am saying is that my message to a vender seems to have been hacked; not that "Silk Road is done in a few days. "  I don't have many posts but you can look and see that I am not a trouble maker and have never displayed troll like behavior. and me record/reputation on the road is 100%. Just a heads up to others and asking if anyone else had had anything like this happen.

I encrypt most but not all of my messages. Some venders specifically request that you NOT encrypt messages that are of a simple "hey, how are you doing?" nature.  This was a message to a vender that had taken longer than planned to stock something.

Here is what I sent:
"So glad that you are up and running with this. I will order as soon as my $ ---> ฿ ---> my Silk Road account. "

Here is the message that they received:
"I will order as soon as my $ ---> ฿ ---> Silk Road is done in a few days. "

When I reported it to SR management the messaging function once again changed the ">" to ">". I could have seen that as simply a coding quirk, a difference in script between the road its self and these forums. When I type ---> here it shows as typed. But changing my message to ending with "Silk Road is done in a few days. " ?

I will post both of my messages to DPR as they appear in my sent box as a separate post below.

Title: Re: SR messages hacked?
Post by: Krazys on December 24, 2012, 12:47 am
I just sent a message to Chronic Crew(100). Here is what he received:

"http://silkroadvb5piz3r.onion/silkroad/item/e1208e934b
So glad that you are up and running with this. I will order as soon as my $ ---> ฿ ---> Silk Road is done in a few days. "

Here is what I sent:

"http://silkroadvb5piz3r.onion/silkroad/item/e1208e934b
So glad that you are up and running with this. I will order as soon as my $ ---> ฿ ---> my Silk Road account. "
____________________________________________________________________________________________________________________

OK, silkroad message function is converting the pointy bracket that you can combine with dashes to make an arrow into ">". No idea if that is a new thing or normal for here. I still find the, "Silk Road is done in a few days.", thing to be worrisome and indicative of a hack.
_____________________________________________________________________________________________________________________
Title: Re: SR messages hacked?
Post by: Christy Nugs on December 24, 2012, 12:48 am
they would of had the private key of the vendor to do that...:(
Title: Re: SR messages hacked?
Post by: Krazys on December 24, 2012, 12:55 am
I know exactly what I sent in each case as my messages were written on notepad then c&p's in. And before anyone gets too upset with me having copies of SR correspondences on hand? They are never longer than 2-3 sentences, never explicit, and if someone finds and cracks my encrypted external drive they will be the least of my worries.
Title: Re: SR messages hacked?
Post by: astor on December 24, 2012, 12:56 am
Krazys, I'm not accusing you of trolling or making it up. I'm just saying that if someone is hacking messages and leaving scary warnings like that, then most likely hacking messages is all they are capable of doing.
Title: Re: SR messages hacked?
Post by: gypsy on December 24, 2012, 01:01 am
I'm sorry but no hacker worth his shit would announce a hack days in advance like that. They would just do it...

If this is real, the hacker is scaring people because altering messages is all he is capable of doing.
That is my take. Please note that all I am saying is that my message to a vender seems to have been hacked; not that "Silk Road is done in a few days. "  I don't have many posts but you can look and see that I am not a trouble maker and have never displayed troll like behavior. and me record/reputation on the road is 100%. Just a heads up to others and asking if anyone else had had anything like this happen.

I encrypt most but not all of my messages. Some venders specifically request that you NOT encrypt messages that are of a simple "hey, how are you doing?" nature.  This was a message to a vender that had taken longer than planned to stock something.

Here is what I sent:
"So glad that you are up and running with this. I will order as soon as my $ ---> ฿ ---> my Silk Road account. "

Here is the message that they received:
"I will order as soon as my $ ---> ฿ ---> Silk Road is done in a few days. "

When I reported it to SR management the messaging function once again changed the ">" to ">". I could have seen that as simply a coding quirk, a difference in script between the road its self and these forums. When I type ---> here it shows as typed. But changing my message to ending with "Silk Road is done in a few days. " ?

I will post both of my messages to DPR as they appear in my sent box as a separate post below.

krazys - was your message to chronic crew encrypted or not encrypted?  If you said either way I can't make it out. Thanks man
Title: Re: SR messages hacked?
Post by: Nightcrawler on December 24, 2012, 02:35 am
they would of had the private key of the vendor to do that...:(

Only if the message were encrypted. The only way this entire thing makes any sense whatsoever is if the message were NOT encrypted.

NC
Title: Re: SR messages hacked?
Post by: Nightcrawler on December 24, 2012, 03:07 am
"Silk Road is done in a few days. "

I'm sorry but no hacker worth his shit would announce a hack days in advance like that. They would just do it.

Did the image hacker announce his hack? No, he just did it.

If this is real, the hacker is scaring people because altering messages is all he is capable of doing.

I could be wrong, but that seems to be the case 95% of the time. There are people full of bluster, and then there are people who just do it.

Agreed. That said, however, the ability to read/modify SR messages between SR accounts is not something to be sneezed at, either.  I consider this a serious breach of security.

NC
Title: Re: SR messages hacked?
Post by: outoftheblocks on December 24, 2012, 03:24 am
Wouldnt it be more likely that Krazy has been targeted or his information phished?
Im not familiar with the ways of hackers, but it seems like the nature of the "message hack" is awfully specific. I received a message from a vender, not encrypted, with no changes or interruptions in the past 6 hours. Just my feelin.
Title: Re: SR messages hacked?
Post by: fuckingACE on December 24, 2012, 07:53 pm
Its alarming nonetheless.   Encrypted or not.  Someone caught it in transit and added text to it.  Yikes.

Wondering if the address box suffers the same...             Someone is watching and trying hard to catch in transit.

Encryption should be manditory I suppose.  Its a pain though.

I hope to see more details on this one from SR staff.

I don´t think this is the case.

1. Maybe a bit of legacy code left in from when the site was being constructed, lots of devs put bits in and forget to take them out when the site goes from beta to live. an example message scrubbers are often tested by getting them to change the content of a message, content filtering systems replace certain words with other text.. Finished does not need to mean SR is over, it could have meant the site is completed in a few days.

2. The messages are not being changed by a person, the fact that the behavior is consistent proves that. There is an application or an existing part of the messaging system that reads the content of the messages and replaces certain content with other content. AV systems on messaging servers do this regularly... "your attachment is too large" or "this language is inappropriate for corporate email" or disclaimer texts.. etc..

3. If they had access to this, and it is a hacker, then they have the ability to spoof messages, and create rules to edit/remove/add text.. but cannot read on the fly only once delivered. The rules to edit/remove and append would need to be created before the message is sent.

4. I really hope the messaging system is on a dedicated server

ACE
Title: Re: SR messages hacked?
Post by: NorCalKing on December 25, 2012, 05:24 am
Slow down on the blow bro!
Title: Re: SR messages hacked?
Post by: Nightcrawler on December 25, 2012, 09:01 am
Its alarming nonetheless.   Encrypted or not.  Someone caught it in transit and added text to it.  Yikes.

Wondering if the address box suffers the same...             Someone is watching and trying hard to catch in transit.

Encryption should be manditory I suppose.  Its a pain though.

I hope to see more details on this one from SR staff.

I don´t think this is the case.

1. Maybe a bit of legacy code left in from when the site was being constructed, lots of devs put bits in and forget to take them out when the site goes from beta to live. an example message scrubbers are often tested by getting them to change the content of a message, content filtering systems replace certain words with other text.. Finished does not need to mean SR is over, it could have meant the site is completed in a few days.

Excellent point.  If what you described was in place, then it only stands to reason that someone sending an identical message as Krazy should receive an identically-altered message.  So, I setup two SR accounts, and sent an identical message Krazy sent to his supplier and observed the results. 

In this particular instance, the only change that was observed can be chalked-up to automated replacement was the replacement of ">" (greater-than) signs with > which is to be expected in HTML markup. Again, no changes, of any other kind, were observed.

2. The messages are not being changed by a person, the fact that the behavior is consistent proves that. There is an application or an existing part of the messaging system that reads the content of the messages and replaces certain content with other content. AV systems on messaging servers do this regularly... "your attachment is too large" or "this language is inappropriate for corporate email" or disclaimer texts.. etc..

That has not proven to be the case. My tests have shown no alterations other than would be expected with normal, expected HTML markup. That does not account for the other changes that Krazy (and his vendor) have reported.

3. If they had access to this, and it is a hacker, then they have the ability to spoof messages, and create rules to edit/remove/add text.. but cannot read on the fly only once delivered. The rules to edit/remove and append would need to be created before the message is sent.

I think this is supposition -- at present, we do not know for certain whether an intruder made these changes and, if so, at what stage the changes were made. If there indeed is an intruder, we do not as yet know their capabilities. I think it is too early to start making assumption as to what an intruder can or cannot do, assuming they exist in the first place.

4. I really hope the messaging system is on a dedicated server

ACE

Let's hope so.

After some reflection, my thoughts are as follows:

1. We do not know for certain whether or not an intruder has gained access to the SR messaging system, or whether what has happened is due to some other cause.

2. Prudence demands that we hope for the best, but prepare for the worst.

3. As such, it would be wise to consider the SR messaging system untrusted. All communications sent via this medium should be encrypted, as a countermeasure.
   
4. All users of the SR messaging system should maintain a state of heightened vigilance, and be alert for modified/altered messages.

5. New keys should be considered untrusted, unless they can be somehow verified out of band (i.e. via another medium.)

NC

Title: Re: SR messages hacked?
Post by: BlueGiraffe on December 25, 2012, 09:21 am
Its alarming nonetheless.   Encrypted or not.  Someone caught it in transit and added text to it.  Yikes.

Wondering if the address box suffers the same...             Someone is watching and trying hard to catch in transit.

Encryption should be manditory I suppose.  Its a pain though.

I hope to see more details on this one from SR staff.

I don´t think this is the case.

1. Maybe a bit of legacy code left in from when the site was being constructed, lots of devs put bits in and forget to take them out when the site goes from beta to live. an example message scrubbers are often tested by getting them to change the content of a message, content filtering systems replace certain words with other text.. Finished does not need to mean SR is over, it could have meant the site is completed in a few days.

Excellent point.  If what you described was in place, then it only stands to reason that someone sending an identical message as Krazy should receive an identically-altered message.  So, I setup two SR accounts, and sent an identical message Krazy sent to his supplier and observed the results. 

In this particular instance, the only change that was observed can be chalked-up to automated replacement was the replacement of ">" (greater-than) signs with > which is to be expected in HTML markup. Again, no changes, of any other kind, were observed.

2. The messages are not being changed by a person, the fact that the behavior is consistent proves that. There is an application or an existing part of the messaging system that reads the content of the messages and replaces certain content with other content. AV systems on messaging servers do this regularly... "your attachment is too large" or "this language is inappropriate for corporate email" or disclaimer texts.. etc..

That has not proven to be the case. My tests have shown no alterations other than would be expected with normal, expected HTML markup. That does not account for the other changes that Krazy (and his vendor) have reported.

3. If they had access to this, and it is a hacker, then they have the ability to spoof messages, and create rules to edit/remove/add text.. but cannot read on the fly only once delivered. The rules to edit/remove and append would need to be created before the message is sent.

I think this is supposition -- at present, we do not know for certain whether an intruder made these changes and, if so, at what stage the changes were made. If there indeed is an intruder, we do not as yet know their capabilities. I think it is too early to start making assumption as to what an intruder can or cannot do, assuming they exist in the first place.

4. I really hope the messaging system is on a dedicated server

ACE

Let's hope so.

After some reflection, my thoughts are as follows:

1. We do not know for certain whether or not an intruder has gained access to the SR messaging system, or whether what has happened is due to some other cause.

2. Prudence demands that we hope for the best, but prepare for the worst.

3. As such, it would be wise to consider the SR messaging system untrusted. All communications sent via this medium should be encrypted, as a countermeasure.
   
4. All users of the SR messaging system should maintain a state of heightened vigilance, and be alert for modified/altered messages.

5. New keys should be considered untrusted, unless they can be somehow verified out of band (i.e. via another medium.)

NC


Thanks for your intelligent analysis :)

BG
Title: Re: SR messages hacked?
Post by: BlarghRawr on December 25, 2012, 10:10 am
OP isn't actually a well-known member of the forums. I suggest everyone consider this LE-action. Psy-ops and the like.

Given that no one else has noticed any strange shit like that and the fact that everyone is anonymous, we only have two options;

Krazys remembers the situation wrong or may have been tripping at the time(thus remembering it wrong).
Krazys is LE using an semi-established "perfectly acceptable" account for psy-ops.

Edit: We also can't verify this with Chronic Crew. CC only knows what he received. The only person who can vouch for Krazys' strange message is Krazys himself. No one else has seen a problem, and this shit has gotten some of you people paranoid.
Title: Re: SR messages hacked?
Post by: Nightcrawler on December 25, 2012, 10:17 am
OP isn't actually a well-known member of the forums. I suggest everyone consider this LE-action. Psy-ops and the like.

Given that no one else has noticed any strange shit like that and the fact that everyone is anonymous, we only have two options;

Krazys remembers the situation wrong or may have been tripping at the time(thus remembering it wrong).
Krazys is LE using an semi-established "perfectly acceptable" account for psy-ops.

Fair enough.  Perhaps Crazys' vendor could verify his story.  At any rate, whatever is going on, this is a good excuse to ratchet-up security by using PGP for all communications.

NC
Title: Re: SR messages hacked?
Post by: Headinn on December 25, 2012, 11:33 am
Just received this message from revenantchild:
revenantchild(100)    Listings will be back up on 1st January    12 hours    read delete
gomohyne    Hi man are you on holiday?When i can order some of your awesome weed? :)    1 day    read delete
I don't had any problem,seriously.
What is this story that SR is hacked?Do you believe that i must send my BTCs to another wallet?
Title: Re: SR messages hacked?
Post by: fuckingACE on December 25, 2012, 01:10 pm
OP isn't actually a well-known member of the forums. I suggest everyone consider this LE-action. Psy-ops and the like.

Given that no one else has noticed any strange shit like that and the fact that everyone is anonymous, we only have two options;

Krazys remembers the situation wrong or may have been tripping at the time(thus remembering it wrong).
Krazys is LE using an semi-established "perfectly acceptable" account for psy-ops.

Edit: We also can't verify this with Chronic Crew. CC only knows what he received. The only person who can vouch for Krazys' strange message is Krazys himself. No one else has seen a problem, and this shit has gotten some of you people paranoid.

not true all of us can replicate and therfore verify this behaviour
ACE
Title: Re: SR messages hacked?
Post by: nomad bloodbath on December 25, 2012, 07:25 pm
Well all my btcs are in place....= sr not hacked.
IMO....but I'm a madman or a sane man in mad land.

X)
nomad
Title: Re: SR messages hacked?
Post by: ontheregs on December 25, 2012, 10:59 pm
Is it wrong to think that maybe a screenshot even though it could be easily edited anyways or a word from the vendor he claims was involved in this could go further in proving if it really is happening?

I'm just not sure I believe that there is some clever hacker sitting around looking to inject into just a few random buyers messages.

Quote
3. As such, it would be wise to consider the SR messaging system untrusted. All communications sent via this medium should be encrypted, as a countermeasure.

Not hating on the site by any means here but due to its nature the messaging should be untrusted. Just keep educating people on PGP and hopefully if something really does become widespread with the messaging system, it wouldn't be a huge deal.

If people are falling for that guy that changes the wikipedia link though maybe a little fear-mongering is enough to stop some people from ordering?.
Title: Re: SR messages hacked?
Post by: BlarghRawr on December 25, 2012, 11:10 pm
OP isn't actually a well-known member of the forums. I suggest everyone consider this LE-action. Psy-ops and the like.

Given that no one else has noticed any strange shit like that and the fact that everyone is anonymous, we only have two options;

Krazys remembers the situation wrong or may have been tripping at the time(thus remembering it wrong).
Krazys is LE using an semi-established "perfectly acceptable" account for psy-ops.

Edit: We also can't verify this with Chronic Crew. CC only knows what he received. The only person who can vouch for Krazys' strange message is Krazys himself. No one else has seen a problem, and this shit has gotten some of you people paranoid.

not true all of us can replicate and therfore verify this behaviour
ACE
You have sent messages to vendors that are different from what the vendors received? That is what replicating it would require. As I said, only Krazys can vouch for himself. CC can tell us what he received and that will be proof of nothing. Because if Krazys is lying...
Is it wrong to think that maybe a screenshot even though it could be easily edited anyways or a word from the vendor he claims was involved in this could go further in proving if it really is happening?

I'm just not sure I believe that there is some clever hacker sitting around looking to inject into just a few random buyers messages.

Quote
3. As such, it would be wise to consider the SR messaging system untrusted. All communications sent via this medium should be encrypted, as a countermeasure.

Not hating on the site by any means here but due to its nature the messaging should be untrusted. Just keep educating people on PGP and hopefully if something really does become widespread with the messaging system, it wouldn't be a huge deal.

If people are falling for that guy that changes the wikipedia link though maybe a little fear-mongering is enough to stop some people from ordering?.
It is easy to fake a screen-shot. I could fake one up in a few minutes without a problem.  As far as we can tell, and given that SR's security appears to be quite good, there is no problem. This means that Krazys remembers it wrong or, since Krazys has gone to such lengths to show his "original message", that Krazys is flat-out lying. If he is lying, that means he is LE and this is just psy-ops. Or trolling. {Blargh retracts the following: Nightcrawler's suggestions are crap, though.}

The messaging system should ALWAYS be considered unsafe. None of SR should be considered safe. Take fucking care, people. But still, Krazys appears to be lying, or LE.
Title: Re: SR messages hacked?
Post by: Nightcrawler on December 25, 2012, 11:12 pm
Is it wrong to think that maybe a screenshot even though it could be easily edited anyways or a word from the vendor he claims was involved in this could go further in proving if it really is happening?

I'm just not sure I believe that there is some clever hacker sitting around looking to inject into just a few random buyers messages.

Quote
3. As such, it would be wise to consider the SR messaging system untrusted. All communications sent via this medium should be encrypted, as a countermeasure.

Not hating on the site by any means here but due to its nature the messaging should be untrusted. Just keep educating people on PGP and hopefully if something really does become widespread with the messaging system, it wouldn't be a huge deal.

If people are falling for that guy that changes the wikipedia link though maybe a little fear-mongering is enough to stop some people from ordering?.

I have always maintained that the messaging system should be untrusted-- now there is some evidence, albeit apocryphal, to back up this belief.

. NC
Title: Re: SR messages hacked?
Post by: Scampony on December 25, 2012, 11:19 pm
PGP is king and if you commit actions without it consider yourself waiting to beheaded.
Title: Re: SR messages hacked?
Post by: ontheregs on December 25, 2012, 11:25 pm
Quote
It is easy to fake a screen-shot. I could fake one up in a few minutes without a problem

That's actually my point.
There is at this time literally zero proof that what he said happened has actually happened. If he wanted any attempt at all at any credibility he should have at least put in a little effort, even if it can be quickly faked.

At the very least he posts something that is more than he can mash out with just a couple keystrokes, at best his vendor at least corroborates the story but that still doesn't prove that he himself didn't just send the message anyways.

Quote
I have always maintained that the messaging system should be untrusted-- now there is some evidence, albeit apocryphal, to back up this belief.

. NC

It's just good to always assume that there are more than two people involved in your two way communication. You and the recipient and the people in the middle who are interested in what you are doing. Maybe that is a little tinfoil hat but look at how we have to access these forums? If this does nothing else but encourage people to be more aggressive with their encryption then honestly, true or false, it may have done more good than bad.

Will be watching to see if anything comes of this but I won't wait up for it.
Title: Re: SR messages hacked?
Post by: fuckingACE on December 26, 2012, 01:23 am
OP isn't actually a well-known member of the forums. I suggest everyone consider this LE-action. Psy-ops and the like.

Given that no one else has noticed any strange shit like that and the fact that everyone is anonymous, we only have two options;

Krazys remembers the situation wrong or may have been tripping at the time(thus remembering it wrong).
Krazys is LE using an semi-established "perfectly acceptable" account for psy-ops.

Edit: We also can't verify this with Chronic Crew. CC only knows what he received. The only person who can vouch for Krazys' strange message is Krazys himself. No one else has seen a problem, and this shit has gotten some of you people paranoid.

not true all of us can replicate and therfore verify this behaviour
ACE
You have sent messages to vendors that are different from what the vendors received? That is what replicating it would require. As I said, only Krazys can vouch for himself. CC can tell us what he received and that will be proof of nothing. Because if Krazys is lying...
Is it wrong to think that maybe a screenshot even though it could be easily edited anyways or a word from the vendor he claims was involved in this could go further in proving if it really is happening?

I'm just not sure I believe that there is some clever hacker sitting around looking to inject into just a few random buyers messages.

Quote
3. As such, it would be wise to consider the SR messaging system untrusted. All communications sent via this medium should be encrypted, as a countermeasure.

Not hating on the site by any means here but due to its nature the messaging should be untrusted. Just keep educating people on PGP and hopefully if something really does become widespread with the messaging system, it wouldn't be a huge deal.

If people are falling for that guy that changes the wikipedia link though maybe a little fear-mongering is enough to stop some people from ordering?.
It is easy to fake a screen-shot. I could fake one up in a few minutes without a problem.  As far as we can tell, and given that SR's security appears to be quite good, there is no problem. This means that Krazys remembers it wrong or, since Krazys has gone to such lengths to show his "original message", that Krazys is flat-out lying. If he is lying, that means he is LE and this is just psy-ops. Or trolling. {Blargh retracts the following: Nightcrawler's suggestions are crap, though.}

The messaging system should ALWAYS be considered unsafe. None of SR should be considered safe. Take fucking care, people. But still, Krazys appears to be lying, or LE.

Send this
"So glad that you are up and running with this. I will order as soon as my $ ---> ฿ ---> my Silk Road account. "

to someone and see what they receive.
ACE
Title: Re: SR messages hacked?
Post by: BlarghRawr on December 26, 2012, 01:59 am
OP isn't actually a well-known member of the forums. I suggest everyone consider this LE-action. Psy-ops and the like.

Given that no one else has noticed any strange shit like that and the fact that everyone is anonymous, we only have two options;

Krazys remembers the situation wrong or may have been tripping at the time(thus remembering it wrong).
Krazys is LE using an semi-established "perfectly acceptable" account for psy-ops.

Edit: We also can't verify this with Chronic Crew. CC only knows what he received. The only person who can vouch for Krazys' strange message is Krazys himself. No one else has seen a problem, and this shit has gotten some of you people paranoid.

not true all of us can replicate and therfore verify this behaviour
ACE
You have sent messages to vendors that are different from what the vendors received? That is what replicating it would require. As I said, only Krazys can vouch for himself. CC can tell us what he received and that will be proof of nothing. Because if Krazys is lying...
Is it wrong to think that maybe a screenshot even though it could be easily edited anyways or a word from the vendor he claims was involved in this could go further in proving if it really is happening?

I'm just not sure I believe that there is some clever hacker sitting around looking to inject into just a few random buyers messages.

Quote
3. As such, it would be wise to consider the SR messaging system untrusted. All communications sent via this medium should be encrypted, as a countermeasure.

Not hating on the site by any means here but due to its nature the messaging should be untrusted. Just keep educating people on PGP and hopefully if something really does become widespread with the messaging system, it wouldn't be a huge deal.

If people are falling for that guy that changes the wikipedia link though maybe a little fear-mongering is enough to stop some people from ordering?.
It is easy to fake a screen-shot. I could fake one up in a few minutes without a problem.  As far as we can tell, and given that SR's security appears to be quite good, there is no problem. This means that Krazys remembers it wrong or, since Krazys has gone to such lengths to show his "original message", that Krazys is flat-out lying. If he is lying, that means he is LE and this is just psy-ops. Or trolling. {Blargh retracts the following: Nightcrawler's suggestions are crap, though.}

The messaging system should ALWAYS be considered unsafe. None of SR should be considered safe. Take fucking care, people. But still, Krazys appears to be lying, or LE.

Send this
"So glad that you are up and running with this. I will order as soon as my $ ---> ฿ ---> my Silk Road account. "

to someone and see what they receive.
ACE
The only thing verified and replicated, from my side, is that ">" becomes ">". That isn't what I was talking about. I was talking about the other, far more significant parts of Krazys' claim. The ones about the message actually changing?

So now you've got the ball. Did anything else get fucked up?
Title: Re: SR messages hacked?
Post by: fuckingACE on December 26, 2012, 02:10 am
Lets find out.
 Check your pm
Title: Re: SR messages hacked?
Post by: BlarghRawr on December 26, 2012, 02:14 am
Lets find out.
 Check your pm
He was actually talked about on-site messages, not forum messages. Check your vending account, man. :P
Title: Re: SR messages hacked?
Post by: fuckingACE on December 26, 2012, 02:16 am
should be 8 lines with different combinations of caps and punctuation on the end

5 lines of the full text as normal but different punctuation and 3 lines saying my Silk Road account with varying caps

As for now, I'm off to bed. we can carry on tmoz. Sweet dreams ppl
Title: Re: SR messages hacked?
Post by: fuckingACE on December 26, 2012, 02:17 am
haha shiiiiiiiiiiiit. major fuck up on my part. lemme jump on SR
Title: Re: SR messages hacked?
Post by: SantaClause1 on December 26, 2012, 02:18 am
Thanks for the heads up.
Title: Re: SR messages hacked?
Post by: fuckingACE on December 26, 2012, 02:21 am
text comes back unaltered. sent you a few with varying caps and punctuation.. My bet from this test is that there is no issue
Title: Re: SR messages hacked?
Post by: BlarghRawr on December 26, 2012, 02:42 am
text comes back unaltered. sent you a few with varying caps and punctuation.. My bet from this test is that there is no issue
Yep. No problems for me and ACE means that Krazys is likely LE, not forgetful. That's my conclusion.
Title: Re: SR messages hacked?
Post by: robust on December 26, 2012, 02:45 am
that stinks

I made 4 large in 3 days without breakin a swet(by satisfyin custies not bein a swindlin neegro)
Title: Re: SR messages hacked?
Post by: sourman on December 26, 2012, 03:37 am
Has anyone tried sending the exact message OP claims to have sent?

No one else seems to be having this problem, so either the supposed hack--which sorta looks like an example of SQL injection form output pulled from a textbook--is not affecting most SR users at this time, or nothing has been compromised and this has some other explanation. I guess it could be more disruptive FUD aimed at making SR more difficult to use. If you have to PGP every single message now as a result of the paranoia, that would be a bitch! In this case, LE would be sacrificing the potential contents of (mundane but valuable) SR messages in exchange for a denial of service condition that wouldn't even bother most regulars.
Title: Re: SR messages hacked?
Post by: BlarghRawr on December 26, 2012, 03:43 am
Has anyone tried sending the exact message OP claims to have sent?

No one else seems to be having this problem, so either the supposed hack--which sorta looks like an example of SQL injection form output pulled from a textbook--is not affecting most SR users at this time, or nothing has been compromised and this has some other explanation. I guess it could be more disruptive FUD aimed at making SR more difficult to use. If you have to PGP every single message now as a result of the paranoia, that would be a bitch! In this case, LE would be sacrificing the potential contents of (mundane but valuable) SR messages in exchange for a denial of service condition that wouldn't even bother most regulars.
text comes back unaltered. sent you a few with varying caps and punctuation.. My bet from this test is that there is no issue
Yep. No problems for me and ACE means that Krazys is likely LE, not forgetful. That's my conclusion.
Yeah. ACE and I replicated the message exactly. The most we found is that the > gets converted into that whatever the fuck that was. > or whatever.. or that's what I know, at least. Since he didn't say that the message got eerily changed, we can assume it wasn't touched. So either shit went weird right when Krazys first messaged Chronic Crew or...

Krazys is LE/FUD/Psyops. This is what I assume.
Title: Re: SR messages hacked?
Post by: ontheregs on December 26, 2012, 03:57 am
Quote
If you have to PGP every single message now as a result of the paranoia, that would be a bitch! In this case, LE would be sacrificing the potential contents of (mundane but valuable) SR messages in exchange for a denial of service condition that wouldn't even bother most regulars.

I think its obvious how much PGP intimidates the average user. Look only at the bitcoin reseller who had some person plaintext him their phone number AND address. Guess both of those things are needed?

If you can stir up enough doubt in the minds of the common user you don't even have to take down the source because all their clients will bail on them. Sort of how they cracked the whip on megaupload and every other clearnet upload service shit their pants in unison.

Just make it so the average user can't be involved, the tech savvy user and/or the user with connections that aren't online will be involved either way. It's much more cost effective this way.
Title: Re: SR messages hacked?
Post by: sourman on December 26, 2012, 04:00 am
OK, yeah that makes sense. SR's message code may have been patched, and now special characters aren't being handled properly. "They" probably saw that and just ran with it lol.

@ontheregs: I agree 100%. Most of SR's buyers aren't even on the forums. Many are lucky that tor comes neatly bundled for them these days, as I doubt they can spell PGP let alone use it.
Title: Re: SR messages hacked?
Post by: BlarghRawr on December 26, 2012, 04:58 am
On a hunch I thought that any instance of "Silk Road" might be altered by a script to "Silk Road is going down in a few days" or whatever the message was, so I sent a bunch of messages between two of my accounts with varying text that included "Silk Road" and all went through unaltered.

Has anyone been able to find an altered message? Could it be that OP is wrong, OP's vendor is wrong, or there's some miscommunication between them? I'm starting to think these are the more likely options.
Has anyone tried sending the exact message OP claims to have sent?

No one else seems to be having this problem, so either the supposed hack--which sorta looks like an example of SQL injection form output pulled from a textbook--is not affecting most SR users at this time, or nothing has been compromised and this has some other explanation. I guess it could be more disruptive FUD aimed at making SR more difficult to use. If you have to PGP every single message now as a result of the paranoia, that would be a bitch! In this case, LE would be sacrificing the potential contents of (mundane but valuable) SR messages in exchange for a denial of service condition that wouldn't even bother most regulars.
text comes back unaltered. sent you a few with varying caps and punctuation.. My bet from this test is that there is no issue
Yep. No problems for me and ACE means that Krazys is likely LE, not forgetful. That's my conclusion.
Yeah. ACE and I replicated the message exactly. The most we found is that the > gets converted into that whatever the fuck that was. > or whatever.. or that's what I know, at least. Since he didn't say that the message got eerily changed, we can assume it wasn't touched. So either shit went weird right when Krazys first messaged Chronic Crew or...

Krazys is LE/FUD/Psyops. This is what I assume.
fuckingACE and I tried to replicate it without success(good news!). OP could be wrong, but he has defended his claims, OP's vendor could be wrong but he is a trusted seller(unlike OP who is just unknown).

I respect your opinion, but the "OP or Vendor got things wrong" part are, without CC stepping in and saying something himself(I'll PM him), completely negligible. As far as I can tell, we're in the position that Krazys is likely LE.
Title: Re: SR messages hacked?
Post by: nomad bloodbath on December 26, 2012, 05:05 am
Misinformation...encryption hacked my 3third head of Cerberus.

X)
nomad
Title: Re: SR messages hacked?
Post by: Nightcrawler on December 26, 2012, 05:32 am
OP isn't actually a well-known member of the forums. I suggest everyone consider this LE-action. Psy-ops and the like.

Given that no one else has noticed any strange shit like that and the fact that everyone is anonymous, we only have two options;

Krazys remembers the situation wrong or may have been tripping at the time(thus remembering it wrong).
Krazys is LE using an semi-established "perfectly acceptable" account for psy-ops.

Edit: We also can't verify this with Chronic Crew. CC only knows what he received. The only person who can vouch for Krazys' strange message is Krazys himself. No one else has seen a problem, and this shit has gotten some of you people paranoid.

not true all of us can replicate and therfore verify this behaviour
ACE
You have sent messages to vendors that are different from what the vendors received? That is what replicating it would require. As I said, only Krazys can vouch for himself. CC can tell us what he received and that will be proof of nothing. Because if Krazys is lying...
Is it wrong to think that maybe a screenshot even though it could be easily edited anyways or a word from the vendor he claims was involved in this could go further in proving if it really is happening?

I'm just not sure I believe that there is some clever hacker sitting around looking to inject into just a few random buyers messages.

Quote
3. As such, it would be wise to consider the SR messaging system untrusted. All communications sent via this medium should be encrypted, as a countermeasure.

Not hating on the site by any means here but due to its nature the messaging should be untrusted. Just keep educating people on PGP and hopefully if something really does become widespread with the messaging system, it wouldn't be a huge deal.

If people are falling for that guy that changes the wikipedia link though maybe a little fear-mongering is enough to stop some people from ordering?.
It is easy to fake a screen-shot. I could fake one up in a few minutes without a problem.  As far as we can tell, and given that SR's security appears to be quite good, there is no problem. This means that Krazys remembers it wrong or, since Krazys has gone to such lengths to show his "original message", that Krazys is flat-out lying. If he is lying, that means he is LE and this is just psy-ops. Or trolling. {Blargh retracts the following: Nightcrawler's suggestions are crap, though.}

The messaging system should ALWAYS be considered unsafe. None of SR should be considered safe. Take fucking care, people. But still, Krazys appears to be lying, or LE.

Send this
"So glad that you are up and running with this. I will order as soon as my $ ---> ฿ ---> my Silk Road account. "

to someone and see what they receive.
ACE
The only thing verified and replicated, from my side, is that ">" becomes ">". That isn't what I was talking about. I was talking about the other, far more significant parts of Krazys' claim. The ones about the message actually changing?

So now you've got the ball. Did anything else get fucked up?

I did the same and the only changes I notices were the transformatin of > to > as one would expect.  No other changes observed

NC
.

Title: Re: SR messages hacked?
Post by: BlarghRawr on December 26, 2012, 05:41 am
OP isn't actually a well-known member of the forums. I suggest everyone consider this LE-action. Psy-ops and the like.

Given that no one else has noticed any strange shit like that and the fact that everyone is anonymous, we only have two options;

Krazys remembers the situation wrong or may have been tripping at the time(thus remembering it wrong).
Krazys is LE using an semi-established "perfectly acceptable" account for psy-ops.

Edit: We also can't verify this with Chronic Crew. CC only knows what he received. The only person who can vouch for Krazys' strange message is Krazys himself. No one else has seen a problem, and this shit has gotten some of you people paranoid.

not true all of us can replicate and therfore verify this behaviour
ACE
You have sent messages to vendors that are different from what the vendors received? That is what replicating it would require. As I said, only Krazys can vouch for himself. CC can tell us what he received and that will be proof of nothing. Because if Krazys is lying...
Is it wrong to think that maybe a screenshot even though it could be easily edited anyways or a word from the vendor he claims was involved in this could go further in proving if it really is happening?

I'm just not sure I believe that there is some clever hacker sitting around looking to inject into just a few random buyers messages.

Quote
3. As such, it would be wise to consider the SR messaging system untrusted. All communications sent via this medium should be encrypted, as a countermeasure.

Not hating on the site by any means here but due to its nature the messaging should be untrusted. Just keep educating people on PGP and hopefully if something really does become widespread with the messaging system, it wouldn't be a huge deal.

If people are falling for that guy that changes the wikipedia link though maybe a little fear-mongering is enough to stop some people from ordering?.
It is easy to fake a screen-shot. I could fake one up in a few minutes without a problem.  As far as we can tell, and given that SR's security appears to be quite good, there is no problem. This means that Krazys remembers it wrong or, since Krazys has gone to such lengths to show his "original message", that Krazys is flat-out lying. If he is lying, that means he is LE and this is just psy-ops. Or trolling. {Blargh retracts the following: Nightcrawler's suggestions are crap, though.}

The messaging system should ALWAYS be considered unsafe. None of SR should be considered safe. Take fucking care, people. But still, Krazys appears to be lying, or LE.

Send this
"So glad that you are up and running with this. I will order as soon as my $ ---> ฿ ---> my Silk Road account. "

to someone and see what they receive.
ACE
The only thing verified and replicated, from my side, is that ">" becomes ">". That isn't what I was talking about. I was talking about the other, far more significant parts of Krazys' claim. The ones about the message actually changing?

So now you've got the ball. Did anything else get fucked up?

I did the same and the only changes I notices were the transformatin of > to > as one would expect.  No other changes observed

NC
.
Just one more confirmation on the "Krazys is LE/psyops" theory, as far as I'm concerned. :)
Title: Re: SR messages hacked?
Post by: Krazys on December 26, 2012, 08:07 pm
I have recreated the "> to > " thing a few times but can't trigger any kind of automated "silk road is done"

krazys - was your message to chronic crew encrypted or not encrypted?  If you said either way I can't make it out. Thanks man
Sorry, not clear. It was NOT encrypted; otherwise I would be hiding out in the woods somewhere listening for helicopters. As it was I found it mildly concerning. but I have never considered the messaging system to be be secure anyhoo. 

Krazys, I'm not accusing you of trolling or making it up. I'm just saying that if someone is hacking messages and leaving scary warnings like that, then most likely hacking messages is all they are capable of doing.
No worries; this is the interwebs! My reaction to my own post would be, " doesn't write like a troll but given the subject matter ?"

Krazys is LE/FUD/Psyops. This is what I assume.
And I knew that might well be the consensus. Absolutely no way to prove it happened as anything can be spoofed, faked, cracked, etc..  All CC and DPR could verify is what message they received. So I knew that posting this was a risk. I just have an overdeveloped sense of responsibility for other cyber denizens; especially in places like this.  And no way to prove that either.

Given that I am on the record a few places in the forums as being a VERY Krazy person? I am surprised that there isn't more of a split between "LEO!" and "dude flipped/spaced out!"   ::) And I would certainly toss in a 10% me being right.

Title: Re: SR messages hacked?
Post by: BlarghRawr on December 26, 2012, 08:29 pm
I have recreated the "> to > " thing a few times but can't trigger any kind of automated "silk road is done"

krazys - was your message to chronic crew encrypted or not encrypted?  If you said either way I can't make it out. Thanks man
Sorry, not clear. It was NOT encrypted; otherwise I would be hiding out in the woods somewhere listening for helicopters. As it was I found it mildly concerning. but I have never considered the messaging system to be be secure anyhoo. 

Krazys, I'm not accusing you of trolling or making it up. I'm just saying that if someone is hacking messages and leaving scary warnings like that, then most likely hacking messages is all they are capable of doing.
No worries; this is the interwebs! My reaction to my own post would be, " doesn't write like a troll but given the subject matter ?"

Krazys is LE/FUD/Psyops. This is what I assume.
And I knew that might well be the consensus. Absolutely no way to prove it happened as anything can be spoofed, faked, cracked, etc..  All CC and DPR could verify is what message they received. So I knew that posting this was a risk. I just have an overdeveloped sense of responsibility for other cyber denizens; especially in places like this.  And no way to prove that either.

Given that I am on the record a few places in the forums as being a VERY Krazy person? I am surprised that there isn't more of a split between "LEO!" and "dude flipped/spaced out!"   ::) And I would certainly toss in a 10% me being right.
Actually, if DPR has the power to see messages and the like, he could look at what you sent and compare it to what CC received. I dunno if DPR has that power, but if anyone does, it would be him.