Silk Road forums

Discussion => Silk Road discussion => Topic started by: SelfSovereignty on January 10, 2013, 06:04 am

Title: Something odd happened to me: can you unsend a personal message...?
Post by: SelfSovereignty on January 10, 2013, 06:04 am
So I tried to view an interesting-looking thread, and it gave me a "that topic is missing or you do not have permission to access it."  Again and again it did this -- I assume the poster just deleted it, and being a regular SR user who wasn't really paying much attention I don't even remember what the thread subject was beyond being something that made me nervous for a moment.  But then right after that, I got the notification of a new private message -- so I opened my messages... and there's no new messages.  Plus the notification is gone now.

I'm used to looking past unreasonable paranoia and obviously this is most likely just some funky coincidence, but I'm puzzled -- I didn't think it was even possible to unsend a private message?
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: Confused on January 10, 2013, 06:13 am
Probally a glich
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: Confused on January 10, 2013, 06:14 am
I'm not computer savy, I think when Admins are upgrading something things get fucked up.
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: astor on January 10, 2013, 06:27 am
When an account gets deleted, do their PMs to other people get deleted too? Maybe the spammer PM spammed you and then his account was deleted.
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: SelfSovereignty on January 10, 2013, 06:41 am
That is a really good thought, yeah... except that my presence is hidden and I haven't gotten a single spam message since setting it to never show me as online.  Oh well, it's not a big deal -- I just hate it when things I have no explanation for happen, that's all.
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: dbz4u on January 10, 2013, 06:45 am
The much scarier version is that someone hacked the forum and is manually deleting posts/forum sliding topics. Faint but real possibility. And please don't start a thread based on this comment without some sort of substantiation, this is merely putting a possibility out there, not trying to stir up controversy

The only reason i mention this is i know someone who works for a police department and says that the fuckin local PD has hacked SR. I honestly don't know any specifics

Please don't quote me on this outside of this thread. This is second hand knowledge, i have no information about the specifics of the hack or anything.
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: dbz4u on January 10, 2013, 07:02 am
The much scarier version is that someone hacked the forum and is manually deleting posts/forum sliding topics. Faint but real possibility. And please don't start a thread based on this comment without some sort of substantiation, this is merely putting a possibility out there, not trying to stir up controversy

The only reason i mention this is i know someone who works for a police department and says that the fuckin local PD has hacked SR. I honestly don't know any specifics

Please don't quote me on this outside of this thread. This is second hand knowledge, i have no information about the specifics of the hack or anything.

Lol.  I highly doubt that the local PD has hacked SR.
As do I. However my friend assures me that PGP has been cracked, and that the feds currently use 1024 bit encryption, not the paltry 512 we use. I want to call bullshit so badly, but can you ever be truly sure what we're using is safe? After all we are using publicly released software that has been around for years, i'd think a government capable of writing stuxnet could crack it. You will never see me write sensationalist crap like this outside of this thread btw. This is all conjecture on my part.

hash collision attacks were thought to be theoretical at one point, just sayin
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: SelfSovereignty on January 10, 2013, 07:04 am
Forgive me, but I think your friend is mistaken.  Either that or he just likes to talk big and isn't careful enough about his lies.

PGP encryption (public key cryptography or asymmetric ciphers) hasn't been *proven* to be secure.  Nobody has a mathematical proof that it can't be cleverly undone completely.  But to my knowledge, nobody in the entire world has discovered a way of doing it -- and there may not actually be one.  Just because nobody has a mathematical proof doesn't mean that there isn't one, bear in mind.
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: dbz4u on January 10, 2013, 07:10 am
Forgive me, but I think your friend is mistaken.  Either that or he just likes to talk big and isn't careful enough about his lies.

PGP encryption (public key cryptography or asymmetric ciphers) hasn't been *proven* to be secure.  Nobody has a mathematical proof that it can't be cleverly undone completely.  But to my knowledge, nobody in the entire world has discovered a way of doing it -- and there may not actually be one.  Just because nobody has a mathematical proof doesn't mean that there isn't one, bear in mind.

I'm not vouching for this information beyond a certainty of a doubt, I'm merely relaying what I heard. Wouldn't be too hard to believe that the U.S. govt was relying on unreleased encryption though, and had secretly cracked consumer released software.

Like i said, only place you'll see me say that is here, I'm no spammer/hater
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: dbz4u on January 10, 2013, 07:14 am
I really didn't want to mention it, but i guess i have to make the baseless shit i said look like it has any sort of credibility. This friend is a radio encryption tech, hence why he would know this shit
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: dbz4u on January 10, 2013, 07:21 am
Man I hate when people.  Don't know what there taliking about.  Admins doing upgrades to the system.  Has to be done at night because not to much traffic.  Thats why there gliches.

I said 5 times this is not firsthand information. How much more clearly can i say don't take this as fact? Please understand i was very hesitant to post this, as i probably appear crazy to anyone reading the topic, and obviously that is not my intent. Really questioning whether the security methods you use are really secure isn't such a bad conversation to have, but that's a completely different topic
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: SelfSovereignty on January 10, 2013, 07:25 am
He's absolutely right, you know -- he's just relaying some personal information.  Frankly I don't think it's true information (I mean I believe his friend says this stuff, but I strongly believe his friend is wrong or is lying willfully).

I don't know what a "radio encryption tech," does, but honestly, that puts him in no position to know anything about the mathematics of cryptography.  I mean the guy at Best Buy who fixes computers can fix computers, but he still has no fucking clue how to write an operating system -- he can still kind of "fix it," though.
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: dbz4u on January 10, 2013, 07:32 am
He's absolutely right, you know -- he's just relaying some personal information.  Frankly I don't think it's true information (I mean I believe his friend says this stuff, but I strongly believe his friend is wrong or is lying willfully).

I don't know what a "radio encryption tech," does, but honestly, that puts him in no position to know anything about the mathematics of cryptography.  I mean the guy at Best Buy who fixes computers can fix computers, but he still has no fucking clue how to write an operating system -- he can still kind of "fix it," though.

He basically handles the radios of the PD, replaces them in the field and solves any glitches. Like i said i can't vouch 100% for this guys technical knowledge, however it doesn't exactly sound like a fairy tale to me. We do have the entire world's attention after all. As for the willfully lying, he has no qualms against my personal use of drugs or whatever, nor is he trying to scare me away from the site. He could have been misled somehow, entirely possible. The thought of lowly local LEOs hacking SR is scary though, however retarded the idea seems
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: astor on January 10, 2013, 07:34 am
The much scarier version is that someone hacked the forum and is manually deleting posts/forum sliding topics.

Great. While he's at it, maybe he can delete some of the spam too.
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: dbz4u on January 10, 2013, 07:36 am
The much scarier version is that someone hacked the forum and is manually deleting posts/forum sliding topics.

Great. While he's at it, maybe he can delete some of the spam too.
I think I'd welcome the spam deleting hacker overlords with open arms ;)
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: Confused on January 10, 2013, 07:47 am
Damn yo I just pointed out a little glitch and everybody goes crazy, chill the fuck out.  Man If  PD could hack into here they would have done that shit a long time ago. 
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: dbz4u on January 10, 2013, 07:53 am
Damn yo I just pointed out a little glitch and everybody goes crazy, chill the fuck out.  Man If  PD could hack into here they would have done that shit a long time ago.
Ha, my comment was slightly unrelated, just seemed a semi-appropriate place to post it. I apologize for destroying this thread  :-[

If my goal was merely to spread FUD, i'd have made one of those billions of troll posts like "when is SR going down?". This is merely something i heard from a friend irl
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: JezuzWazaMushroom on January 10, 2013, 09:32 am
Forgive me, but I think your friend is mistaken.  Either that or he just likes to talk big and isn't careful enough about his lies.

PGP encryption (public key cryptography or asymmetric ciphers) hasn't been *proven* to be secure.  Nobody has a mathematical proof that it can't be cleverly undone completely.  But to my knowledge, nobody in the entire world has discovered a way of doing it -- and there may not actually be one.  Just because nobody has a mathematical proof doesn't mean that there isn't one, bear in mind.

I could be wrong, but I think that if they could crack the Enigma machine in 1942 and in fact invented the first computer to do so, a modern team of dedicated people with super-computers capable of trillions of calculations could probably do it.

Even if they can, they aren't going to tell people about it.

My $0.02 - JWM
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: SelfSovereignty on January 10, 2013, 09:59 am
From Wikipedia (http://en.wikipedia.org/wiki/Enigma_machine): "Although Enigma had some cryptographic weaknesses, in practice it was only in combination with procedural flaws, operator mistakes, captured key tables and hardware, that Allied cryptanalysts were able to be so successful."

The Enigma cipher is just a complex substitution cipher.  Those are pretty weak.  PGP is based on public key cryptography, which requires factoring enormous integers in order to recover the private key.  It's a lot harder to break than a substitution cipher.
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: Nightcrawler on January 10, 2013, 11:13 am
The much scarier version is that someone hacked the forum and is manually deleting posts/forum sliding topics. Faint but real possibility. And please don't start a thread based on this comment without some sort of substantiation, this is merely putting a possibility out there, not trying to stir up controversy

The only reason i mention this is i know someone who works for a police department and says that the fuckin local PD has hacked SR. I honestly don't know any specifics

Please don't quote me on this outside of this thread. This is second hand knowledge, i have no information about the specifics of the hack or anything.

Lol.  I highly doubt that the local PD has hacked SR.
As do I. However my friend assures me that PGP has been cracked, and that the feds currently use 1024 bit encryption, not the paltry 512 we use.

No one with two working brain cells is using keys as small as 512-bits anymore -- not for the last 20 years or so, at least.  NIST, which sets standards for U.S. government agencies, advised that 1024-bit keys should be phased out by December 2010, two full years ago now. The current minimum standard calls for a pair of 2048-bit RSA keys.  Most prudent users generate 4096-bit keys, because today's computers are fast enough that the time saved by using smaller key sizes no longer matters.

I want to call bullshit so badly, but can you ever be truly sure what we're using is safe? After all we are using publicly released software that has been around for years, i'd think a government capable of writing stuxnet could crack it. You will never see me write sensationalist crap like this outside of this thread btw. This is all conjecture on my part.

hash collision attacks were thought to be theoretical at one point, just sayin

I think your friend is having you on. FWIW, hash collision attacks were always a possibility, just a remote one. The field is littered with broken hash functions: MD2, MD4, MD5,  to name just a few offhand.  I think that SHA-1 will be completely compromised in the next 5-10 years.  The SHA-2 hash functions seem to be holding their own, at least according to Schneier -- he's already on record as stating that the SHA-3 hashes may not actually be needed as soon as anyone thought as the SHA-2 family is proving to be better resistant to attacks than was predicted.

Nightcrawler <Nightcrawler@SR>
PGP-Key: 4096R/BBF7433B 2012-09-22
Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433B
http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090


Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: Jopular on January 10, 2013, 11:18 am
Your friend who works on police radios most probably seen a computer which was logged onto the silkroad or the forums.
Of coarse the police will have user accounts on silkroad and the forums for information gathering research purposes. It's too easy not to.
If a plod had a bit of spare time he might browse the road out of interest. It might be part of investigations too.
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: Nightcrawler on January 10, 2013, 11:36 am
August 11, 2011
Security Flaws in Encrypted Police Radios
http://www.schneier.com/blog/archives/2011/08/security_flaws.html

"Why (Special Agent) Johnny (Still) Can’t Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System," by Sandy Clark, Travis Goodspeed, Perry Metzger, Zachary Wasserman, Kevin Xu, and Matt Blaze.

    Abstract: APCO Project 25a (“P25”) is a suite of wireless communications protocols used in the US and elsewhere for public safety two-way (voice) radio systems. The protocols include security options in which voice and data traffic can be cryptographically protected from eavesdropping. This paper analyzes the security of P25 systems against both passive and active adversaries. We found a number of protocol, implementation, and user interface weaknesses that routinely leak information to a passive eavesdropper or that permit highly efficient and difficult to detect active attacks. We introduce new selective subframe jamming attacks against P25, in which an active attacker with very modest resources can prevent specific kinds of traffic (such as encrypted messages) from being received, while emitting only a small fraction of the aggregate power of the legitimate transmitter. We also found that even the passive attacks represent a serious practical threat. In a study we conducted over a two year period in several US metropolitan areas, we found that a significant fraction of the “encrypted” P25 tactical radio traffic sent by federal law enforcement surveillance operatives is actually sent in the clear, in spite of their users’ belief that they are encrypted, and often reveals such sensitive data as the such sensitive data as the names of informants in criminal investigations.

I've heard Matt talk about this project several times. It's great work, and a fascinating insight into the usability problems of encryption in the real world.

News article. http://blogs.wsj.com/digits/2011/08/10/security-flaws-in-feds-radios-make-for-easy-eavesdropping/?mod=WSJBlog&mod=

The actual .pdf copy of the report ca be obtained at the folliwng clearnet link: http://online.wsj.com/public/resources/documents/p25sec08102011.pdf

After looking it over, all I can say is: "What a clusterfuck!"

Nightcrawler <Nightcrawler@SR>
PGP-Key: 4096R/BBF7433B 2012-09-22
Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433B
http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: dbz4u on January 10, 2013, 11:50 am
The much scarier version is that someone hacked the forum and is manually deleting posts/forum sliding topics. Faint but real possibility. And please don't start a thread based on this comment without some sort of substantiation, this is merely putting a possibility out there, not trying to stir up controversy

The only reason i mention this is i know someone who works for a police department and says that the fuckin local PD has hacked SR. I honestly don't know any specifics

Please don't quote me on this outside of this thread. This is second hand knowledge, i have no information about the specifics of the hack or anything.

Lol.  I highly doubt that the local PD has hacked SR.
As do I. However my friend assures me that PGP has been cracked, and that the feds currently use 1024 bit encryption, not the paltry 512 we use.

No one with two working brain cells is using keys as small as 512-bits anymore -- not for the last 20 years or so, at least.  NIST, which sets standards for U.S. government agencies, advised that 1024-bit keys should be phased out by December 2010, two full years ago now. The current minimum standard calls for a pair of 2048-bit RSA keys.  Most prudent users generate 4096-bit keys, because today's computers are fast enough that the time saved by using smaller key sizes no longer matters.

I want to call bullshit so badly, but can you ever be truly sure what we're using is safe? After all we are using publicly released software that has been around for years, i'd think a government capable of writing stuxnet could crack it. You will never see me write sensationalist crap like this outside of this thread btw. This is all conjecture on my part.

hash collision attacks were thought to be theoretical at one point, just sayin

I think your friend is having you on. FWIW, hash collision attacks were always a possibility, just a remote one. The field is littered with broken hash functions: MD2, MD4, MD5,  to name just a few offhand.  I think that SHA-1 will be completely compromised in the next 5-10 years.  The SHA-2 hash functions seem to be holding their own, at least according to Schneier -- he's already on record as stating that the SHA-3 hashes may not actually be needed as soon as anyone thought as the SHA-2 family is proving to be better resistant to attacks than was predicted.

Nightcrawler <Nightcrawler@SR>
PGP-Key: 4096R/BBF7433B 2012-09-22
Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433B
http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090

I appreciate a technical explanation any day of the week. However, i don't think the NSA announces when they've cracked an encryption algorithm, correct me if I'm wrong. All I'm saying is do the people declaring these algorithms uncrackable have multiple supercomputers that they can task to do whatever they want, whenever they want? If they are working with big computer clusters to test this stuff, i still doubt it'd be anywhere near the size or strength of an NSA installation. Just my 2 cents
Title: Re: Something odd happened to me: can you unsend a personal message...?
Post by: Nightcrawler on January 10, 2013, 12:48 pm
The much scarier version is that someone hacked the forum and is manually deleting posts/forum sliding topics. Faint but real possibility. And please don't start a thread based on this comment without some sort of substantiation, this is merely putting a possibility out there, not trying to stir up controversy

The only reason i mention this is i know someone who works for a police department and says that the fuckin local PD has hacked SR. I honestly don't know any specifics

Please don't quote me on this outside of this thread. This is second hand knowledge, i have no information about the specifics of the hack or anything.

Lol.  I highly doubt that the local PD has hacked SR.
As do I. However my friend assures me that PGP has been cracked, and that the feds currently use 1024 bit encryption, not the paltry 512 we use.

No one with two working brain cells is using keys as small as 512-bits anymore -- not for the last 20 years or so, at least.  NIST, which sets standards for U.S. government agencies, advised that 1024-bit keys should be phased out by December 2010, two full years ago now. The current minimum standard calls for a pair of 2048-bit RSA keys.  Most prudent users generate 4096-bit keys, because today's computers are fast enough that the time saved by using smaller key sizes no longer matters.

I want to call bullshit so badly, but can you ever be truly sure what we're using is safe? After all we are using publicly released software that has been around for years, i'd think a government capable of writing stuxnet could crack it. You will never see me write sensationalist crap like this outside of this thread btw. This is all conjecture on my part.

hash collision attacks were thought to be theoretical at one point, just sayin

I think your friend is having you on. FWIW, hash collision attacks were always a possibility, just a remote one. The field is littered with broken hash functions: MD2, MD4, MD5,  to name just a few offhand.  I think that SHA-1 will be completely compromised in the next 5-10 years.  The SHA-2 hash functions seem to be holding their own, at least according to Schneier -- he's already on record as stating that the SHA-3 hashes may not actually be needed as soon as anyone thought as the SHA-2 family is proving to be better resistant to attacks than was predicted.

Nightcrawler <Nightcrawler@SR>
PGP-Key: 4096R/BBF7433B 2012-09-22
Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433B
http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090

I appreciate a technical explanation any day of the week. However, i don't think the NSA announces when they've cracked an encryption algorithm, correct me if I'm wrong.
/
Quote

No, you're right, they don't announce it. But they also don't share the information they glean with other agencies, which might lead to knowledge of their capabilities, either.

All I'm saying is do the people declaring these algorithms uncrackable have multiple supercomputers that they can task to do whatever they want, whenever they want? If they are working with big computer clusters to test this stuff, i still doubt it'd be anywhere near the size or strength of an NSA installation. Just my 2 cents

Lenstra, et al. use clusters of computers to carry out their factoring operations. This then gives them an idea of just how much work is required to factor prime numbers of a certain size.
The point is, it give you a benchmark -- it's like saying the distance to a certain destination is 1000 km.  Walking will take you a certain amount of time; it will take less time with a car that can do 100 km/hr, and can be done in an hour with a jet that can do 1000 km/hr.

No one knows what the capabilities of the government are, at least those who know aren't talking about it.  Let's assume the NSA knows you've bought a few pounds of weed last year... what do you think they're going to do with that information?  Nothing, because sharing it risks compromising their collection methods, and the payoff isn't worth the risk.

Nightcrawler <Nightcrawler@SR>
PGP-Key: 4096R/BBF7433B 2012-09-22
Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433B
http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090