Silk Road forums
Discussion => Security => Topic started by: kmfkewm on September 11, 2012, 10:40 am
-
In this thread I would like if we bring up and analyze likely threats to the security of SR and the participants engaging in the market here. Let's discuss the vulnerabilities that law enforcement will likely attempt to exploit and brainstorm and present ways to counter them. I will get the ball rolling.
One thing that I enjoyed about OVDB is that sellers had trust status assigned to them and all of the trusted sellers had reputations on private forums to be concerned about. One of the most glaring vulnerabilities SR has is also one of its strengths: anyone can become a vendor and the price of becoming a vendor is relatively cheap as compared to the amount of customer intelligence that can be obtained. As DPR has no presence on the private scene, it will be difficult for him to implement such a system. Additionally, such a system indeed opens up further vulnerabilities: if the person who assigns trust becomes compromised then the trusted vendors will all eventually come to be compromised, at least all additional vendors. Additionally, Tarpaulin and Fairydae clearly show that trust is not perfect security measures, even when long standing difficultly obtained reputations are on the line. I do believe that this sort of system protects from federal infiltration more than it does from scammers. Still, it seems foolish for us to not take advantage of the long standing reputations and history of the private source scene, especially when several of the vendors here have some history and reputation on established private forums. Additionally, the feedback system here is seemingly easily gamed. Some additional system of trust and reputation should be implemented here. One idea is from Undrugged, a site some of you may remember. I believe a similar system is in place on SafeorScam. The system is simply a variant of a web of trust, where participants can cryptographically say how much they trust other participants. A great deal of care must be taken in assigning trust, because if you say that you highly trust a person who later turns out to be a federal agent or scammer, the amount of trust others have in you will be diminished. In fact, I believe that it may be worthwhile to pursue a software system that makes the management and visualization of WoT easy for participants here. This will possibly help us to identify organized scammer and law enforcement infiltration: after one such infiltration is identified we can be more suspicious of the 'nodes' which have assigned trust to the infiltrators.
Of course the primary threat to customers is that their order will be intercepted and result in a CD or raid. We have long discussed the possibility of interception detection technology, and I am strongly of the opinion that obtaining an easily implemented open source design for such technology is something that should be viewed as a top priority. Perhaps we can find people on SR who have the required skills for such a thing and form a sub group dedicated to the implementation of this technology. When coupled with fake identification or other non-linkable boxes, interception detection technology can potentially remove the risks associated with package interceptions, this would be the single greatest increase possible for the security of SR customers. The entire process of designing this technology absolutely must be publicly viewable and real time.
Another thing I see as a serious threat to security is mis/dis information. This is false information, either unintentionally or intentionally introduced, respectively, in an attempt to degrade the security of participants. Misinformation may come from participants who want to help but who are themselves not as knowledgeable about subjects as they think they are. I see this frequently, users give what they think is good advice but in reality is bad advice. I see this even more on some clearnet forums where even the administrators suggest that people stay away from Tor and instead use VPNs. They may say things like "Tor exit nodes can spy on traffic, you should avoid Tor and use VPNs". This is not applicable here as Tor is essentially required to access SR (in between sites like tor-proxy aside), but is a good example of what could be either mis or dis information. In the cases where this is misinformation, it is largely due to lack of sophisticated security knowledge on the part of the person making the claim: chances are they have read some news article that discusses Tor exit nodes spying on traffic, and have jumped to the conclusion that Tor is not safe. Of course someone with appropriate security knowledge will recognize that VPNs are just as vulnerable to exit node spying as Tor is, making the suggestion at best being based on an incorrect comparison between Tor and VPN's. In the case of disinformation, it will be a federal agent making the claim, possibly even suggesting specific law enforcement agency owned VPN's that ought to be used in place of Tor. Unfortunately mis and disinformation tend to spread at exponential rates, a naive user who is presented with mis/disinformation will tend to take it at face value, and in an attempt to be helpful will propagate the mis/disinformation to other participants. Of course this can be devastating to the security of individuals and even to entire communities.
I would like us all to think of ways to combat mis and disinformation here, but I will present a few suggestions. First it would perhaps be helpful if some users who are widely recognized as being security specialists are given special titles identifying them as such. More value should be given to information coming from them than information coming from people who have not been recognized in such ways. How we can safely and fairly identify such users is a matter that warrants further discussion. Also, in some cases even experts have differing opinions, we need to recognize this as well. Furthermore, it could be exceptionally dangerous if law enforcement manage to gain control of accounts that are titled in such a way that trust is assigned to them.
Another potential way to counter mis and dis information is to expect that citations be included for any claims regarding security, at least where it is possible to provide citations. Additionally, perhaps threads should exist for security discussions where all substantial claims are required to have citations backing them.
Another major attack vector is in the software suggested to users. Without any doubt law enforcement are going to be providing "secured" virtual machines that are actually backdoored. I suggest that the sale of virtual machine images and similar be banned on the silk road market: there is no need for these services as independent secured live operating systems already exist (see Liberte and Tails), and the the time and skill required to audit an entire live operating system is such that we can safely assume that none of the live operating systems offered for sale on the silk road marketplace will be audited. Software is another area that is ripe for exploitation, and although I have previously said that we should not ban the sale of software I now have changed my opinion. I believe that sales of software should be banned on the silk road marketplace, or that we must use a strict auditing process. I can clearly see a benefit to allowing users here to offer software that will assist in the security of vendors and customers, as well as generally make life easier. However the risk of law enforcement exploiting this by encouraging vendors to use restricted access backdoored software is far too great. Software made available through Silk Road absolutely must be open source, publicly available and audited. Preferably we could find how many of the users here are fluent in different programming languages, and create teams of people who audit software. The people creating software are not barred from making profit, nothing stops people from donating to their efforts. One could easily say that this is counter productive to the spirit of a free market, however the fact remains that software distribution is a major attack vector, and I believe that our security is more important than the right of a person to sell software here in a restricted fashion, indeed the model could not be worse than one in which the only people buying a product are the only ones incapable of properly auditing it. A million arguments can be given for keeping closed source or restricted access software available here: vendors could be using advanced security techniques to isolate said software (realistically, almost none of them will be), vendors could independently get the software audited themselves (realistically, none of them will), it is up to the buyer and their responsibility if they are successfully exploited through this attack vector (true enough, but if a vendor is exploited in such a way all of their customers are put at risk, as much as it goes against my beliefs regarding other things I truly believe that regulation for the good of the community is acceptable in this instance, there are far too many vendors who do not appreciate the risk of running unaudited software and far too many vendors who naively trust anyone who makes enough posts and seems friendly). Additionally, it does not violate the principles of a free market if DPR opts to restrict the sale of closed source and restricted access software: it is his marketplace and he is free to do with it as he pleases.
I believe that a culture of paranoia is essential for the ongoing security of the silk road community. How we can instill such a culture is an open question. A great many of the participants here are naive not only to criminality (most having probably never participated in an organized crime enterprise before, or having had many run ins with authorities), but also to technical security. Particularly it is important for DPR to have mistrust of everyone. I believe that if he places trust in others, that eventually he will trust a malicious party who could do damage to the silk road community. In the past I have seen him engage in activities that strike me as being somewhat naive, offering positions of technical privilege in the form of job offerings (in fact even I was offered such a position fairly early on, based off seemingly nothing other than my apparent skill with server hardening). It is in the best interests of DPR and SR to consider that everyone participating on SR is a federal agent. On the other hand it is also clear that he will need assistance with securing and maintaining silk road. I strongly suggest that he creates a thread for brainstorming and technical assistance in regards to SR, and asks for any help in that thread, to be thoroughly analyzed by the larger community and implemented by him and him alone. every additional person with privileged access to or information regarding the SR server is an additional attack surface for law enforcement to target, every job opening that offers access to privilege or information is a potential opening for federal law enforcement infiltration. He will be wise to recognize this, and to assume that all participants here are interested in deanonymizing him and compromising SR.
Public sites are important, centralization is bad, compartmentalization is key. Nobody can doubt the role of a large public site such as SR. SR has single handedly transformed the online drug dealing community from a comparatively small community to a mainstream phenomenon. Indeed this is a key event, somewhat of a tipping point if you will, and in fact in line with the Netwar theory of such groups: that they will start small and eventually grow to the point that they spiral out into the mainstream. We should always have a public marketplace. That said, having a single point of failure is bad. In fact there are an abundance of private forums and the world of online drug trading will not go away if SR falls. However, I believe it is important for people here to branch off into private forums with restricted membership. There are several advantages to this. For one, it will help keep communication channels open in the event that SR is severely compromised. Even on tight knit private forums, an act such as being hacked or shut down can fragment membership and lose participants as communication ties that rely on the centralized node are cut. An additional benefit is that restricted membership forums inherently grow more resistant to scammers over time, if a private forum consisting of 600 participants on SR is created, as scammers start to be identified the ratio of scammer to legitimate accounts will grow in favor of legitimate accounts. On a public site such as SR, scammer accounts are a fully renewable resource. Even infiltration by law enforcement can be stymied by implementing restricted membership private forums: on SR mass registration of law enforcement accounts can go on indefinitely but on the hypothetical private forum, the ratio of legitimate to law enforcement accounts is unlikely to change much from what it initially is. Additionally, if small groups from SR splinter off into private communities, there are techniques to reduce the damage of even multiple law enforcement infiltrations: requiring multiple people to vote on all new members and keeping records of who votes to grant membership can quickly identify topologies. The effectiveness of this may be limited unless law enforcement nodes can be identified.
Additionally, communications technologies that inherently support compartmentalized and massively distributed group interactions are important. Thankfully a great deal of development time is currently being spent on such technology.
Another thing I would like to mention is the role of intelligence in such an organization. The importance of this is frequently overlooked. It would be strongly beneficial if SR could rally hackers friendly to the cause to try and pwn law enforcement personnel, intercept their communications, identify the law enforcement accounts on SR, etc. All forms of intelligence gathering should be employed against our enemies as information is what wins wars. of course securing our own information is of utmost importance, addresses should be encrypted, hardened systems used, Tor used, great care taken in protecting our shipments from being flagged, etc. However, defensive security is only one half of the battle, and it is equally important for us to gain as much intelligence on law enforcement as we possibly can.
The strength of a public site like SR is certainly in its community. Utilizing the community to its full potential is important, and this importance is reflected in several of the other things I have discussed in this thread.
Another thing we must always be careful about is becoming complacent. We must always remember that we are engaging in illegal activity, and that it is the job of law enforcement to hunt us down and imprison us (of course it being their job does not excuse them from responsibility, and they should be harshly punished for their crimes against humanity). All too often I see people here who seem to have forgotten this. When I see posts from people wanting to use credit cards to pay for their drugs here, it makes me cringe. We should never let convenience out weigh security, and we should never forget that we do indeed need security as we are engaged in highly illegal behavior. This is not E-bay, do not be confused by the friendly nature of this implementation of drug trafficking into thinking it is anything other than drug trafficking. Don't be fooled by friendly posters, the federal agents are sometimes the ones you least expect.
-
Aye ! Very thoroughly though through and very important points.
Lets copy this system and integrate a WOT -> http://dkn255hz262ypmii.onion/index.php?topic=41506.0
Cheers!
-
not sure what is your point. I think treat assessment, have to be sort of dynamic thing based on counter intel. I think assessment of some kind of abstract treats, is kind of mental deviation and quite useless. Treat is always concrete, if any.
SR is a game changer, private scene is totally ingrown and shitting on SR profusely, for SR making life for them much more miserable. You can say SR this and DPR that, but what SR is done actually, it educated millions of people about new ways of getting drugs.
-
Fuck, can you condense that for me?
"Every person is responsible for their own privacy and safety and in turn should pass that info and help onto others who may need it. Trust on a private network, while not obsolete, should be given in only the rarest of circumstances, if any."
How does that work?
-
After a dab, it was a big much to digest in one sitting but, i agree with many of KMFKEWM's points.
-I feel that I get too complacent, even though I do a good job at keeping my real identity and activities unknown. For example, drop spots to me are a must. No matter what anyone says, ordering illegal drugs in your own name, to your own address is never the best idea. I don't care what type of plausible deny-ability you have, if it never comes to your address and the location cant be traced to you, I feel safer.
-I think of everyone as a cop. Until proven otherwise, then I still suspect. Every post made, every comment or review is being read by officers who would think nothing of taking you away from your family, job, and current lifestyle. It might just be a little blow to you but, its a felony and a notch on the belt to a cop. I'm often surprised there isn't a sticky reading "EVERYTHING YOU SAY ON THIS FORUM IS BEING COLLECTED AS EVIDENCE BY THE FEDS "
-I've often wondered if SR has any form of counter surveillance. Just the other night I spent a while mind mapping what counter surveillance for a place like SR could look like. More than 2,500 years ago an old wise China Man wrote about the need for Spy's. I agree. *They have spies amongst us, we probably don't have spies amongst them. That's an issue.
-I agree, software sales on the road bring a huge security risk. As KMFKEWM said, "Windows 7 Darknet Edition" could really be well paid federal agents attempt at infecting and infiltrating the road. Risk outweighs reward I feel.
-A team of "Experts" should be assembled. However, being anonymous in this case can be a bad thing as we should fall back to point #1 and assume everyone is a cop!
-I'm very interested in the photosensitive package tampering device. Agreed it would need to be open source. I don't think it would be too difficult. I don't know what parts are available but, I assume it could done using any SoC and basic radio-shack parts. Biggest thing would be tampering. If its open source, it would be easy to reproduce and replace if the package was nabbed by LEO. This aspect would need to be hashed out more thoroughly as I can already think of a few solutions to this. This is pretty basic stuff, no offense but, until you start thinking about tamper proofing, this is basic Hardware Engineering 101.
I assume (or hope) there is already some process thought through in the event of infiltration, server takeovers, etc. Maybe I'm wrong.
-
After a dab, it was a big much to digest in one sitting but, i agree with many of KMFKEWM's points.
-I feel that I get too complacent, even though I do a good job at keeping my real identity and activities unknown. For example, drop spots to me are a must. No matter what anyone says, ordering illegal drugs in your own name, to your own address is never the best idea. I don't care what type of plausible deny-ability you have, if it never comes to your address and the location cant be traced to you, I feel safer.
-I think of everyone as a cop. Until proven otherwise, then I still suspect. Every post made, every comment or review is being read by officers who would think nothing of taking you away from your family, job, and current lifestyle. It might just be a little blow to you but, its a felony and a notch on the belt to a cop. I'm often surprised there isn't a sticky reading "EVERYTHING YOU SAY ON THIS FORUM IS BEING COLLECTED AS EVIDENCE BY THE FEDS "
-I've often wondered if SR has any form of counter surveillance. Just the other night I spent a while mind mapping what counter surveillance for a place like SR could look like. More than 2,500 years ago an old wise China Man wrote about the need for Spy's. I agree. *They have spies amongst us, we probably don't have spies amongst them. That's an issue.
-I agree, software sales on the road bring a huge security risk. As KMFKEWM said, "Windows 7 Darknet Edition" could really be well paid federal agents attempt at infecting and infiltrating the road. Risk outweighs reward I feel.
-A team of "Experts" should be assembled. However, being anonymous in this case can be a bad thing as we should fall back to point #1 and assume everyone is a cop!
-I'm very interested in the photosensitive package tampering device. Agreed it would need to be open source. I don't think it would be too difficult. I don't know what parts are available but, I assume it could done using any SoC and basic radio-shack parts. Biggest thing would be tampering. If its open source, it would be easy to reproduce and replace if the package was nabbed by LEO. This aspect would need to be hashed out more thoroughly as I can already think of a few solutions to this. This is pretty basic stuff, no offense but, until you start thinking about tamper proofing, this is basic Hardware Engineering 101.
I assume (or hope) there is already some process thought through in the event of infiltration, server takeovers, etc. Maybe I'm wrong.
2nd that ! thanks OP ! great comments are here!
The tampering issue is already solved.
One time rfid key which is sent and which only the receiver knows ..device is a cmos which deletes itself upon light etc...no way to reproduce that...fuck the FEDS!
-
thanks for starting this thread. Security has always been the highest priority for this operation/experiment/enterprise, or whatever you want to call Silk Road. From early on, it has been a balancing act and learning experience to engage security experts to improve our systems and practices without opening those systems up to the threat of an attacker. There are pros and cons and risks to every security related decision. I see nothing wrong with you discussing these matters here, though. I'm sure some useful ideas will come of it. Thanks for your interest.
-
First of all, thank you for taking the time to write this post, I appreciate it. Most of the points I agree with immensely, especially about remembering not to get lax about security.
Another thing I would like to mention is the role of intelligence in such an organization. The importance of this is frequently overlooked. It would be strongly beneficial if SR could rally hackers friendly to the cause to try and pwn law enforcement personnel, intercept their communications, identify the law enforcement accounts on SR, etc. All forms of intelligence gathering should be employed against our enemies as information is what wins wars. of course securing our own information is of utmost importance, addresses should be encrypted, hardened systems used, Tor used, great care taken in protecting our shipments from being flagged, etc. However, defensive security is only one half of the battle, and it is equally important for us to gain as much intelligence on law enforcement as we possibly can.
I'm not sure I agree with you here. So far we have only used defensive security, and I believe that is why we are still here. If we begin to actually make coordinated attacks, or even try to organize coordinated attacks, it will certainly bring much more LE attention our way than would be pleasant. Right now, to be honest, we are more or less small fish. Sure, SR is somewhat of an innovation in terms of its size and the fact that it's an online drug ordering service, but to be honest it doesn't handle enough drug traffic and is decentralized enough not to be worth LE pursuing. But we start becoming involved in direct attacks against them, and that will change. It will be worth the effort to target and bring down.
Basically what I'm trying to say is that a offensive effort against LE would bring more attention upon SR than it would be worth in anything we might gain through the attack.
If you want to do something like that, please disconnect it from SR, at least in name.
-
Cashing out BTC and laundering your funds and not doing it correctly. That is by far the biggest threat to vendors using the Road.
-
i am interested in how you would be able to go about admitting new people into private forums seeing as how anybody can be LE.
i have a strong interest in learning about these forums because I fear losing connection with vendors who make my life much more wonderful. the best i can do now i just collect their public keys, email addys, etc...
If new people were admitted into the private scene, what kind of standards would be required? i mean, what good reason do all these cyber-vets have to trust me? i know i'm just a quiet acid-head with positive intentions but what good is that here? i've been in this business IRL for a long time, but i don't expect my street cred to extend to the interwebs ;D
this is the only part that sounds like more of a risk than a security measure. even though i'd love to be in those forums, i'd rather they stay safe so they can pull the strings just right for the public scene.
-
not sure what is your point. I think treat assessment, have to be sort of dynamic thing based on counter intel. I think assessment of some kind of abstract treats, is kind of mental deviation and quite useless. Treat is always concrete, if any.
SR is a game changer, private scene is totally ingrown and shitting on SR profusely, for SR making life for them much more miserable. You can say SR this and DPR that, but what SR is done actually, it educated millions of people about new ways of getting drugs.
I merely point out that in a system which presents infinite ability to register new participatory nodes, there is infinite potential for massive flooding of LE and scammer nodes, and the private scene has found ways to minimize this that SR would be wise to consider. Also private scene for the most part gives not a shit at all about SR and indeed lots of people from older forums use SR.
Fuck, can you condense that for me?
No, I suggest that if you want to read it you take your fucking Ritalin instead of selling it here.
-I feel that I get too complacent, even though I do a good job at keeping my real identity and activities unknown. For example, drop spots to me are a must. No matter what anyone says, ordering illegal drugs in your own name, to your own address is never the best idea. I don't care what type of plausible deny-ability you have, if it never comes to your address and the location cant be traced to you, I feel safer.
Indeed, the thought of getting something to an address tied to my name seems strange to me.
-I think of everyone as a cop. Until proven otherwise, then I still suspect. Every post made, every comment or review is being read by officers who would think nothing of taking you away from your family, job, and current lifestyle. It might just be a little blow to you but, its a felony and a notch on the belt to a cop. I'm often surprised there isn't a sticky reading "EVERYTHING YOU SAY ON THIS FORUM IS BEING COLLECTED AS EVIDENCE BY THE FEDS "
A good perspective to take.
-I've often wondered if SR has any form of counter surveillance. Just the other night I spent a while mind mapping what counter surveillance for a place like SR could look like. More than 2,500 years ago an old wise China Man wrote about the need for Spy's. I agree. *They have spies amongst us, we probably don't have spies amongst them. That's an issue.
Agreed entirely. The more intelligence we can gather on law enforcement, the better it will be for us.
-I agree, software sales on the road bring a huge security risk. As KMFKEWM said, "Windows 7 Darknet Edition" could really be well paid federal agents attempt at infecting and infiltrating the road. Risk outweighs reward I feel.
Indeed it probably is federal agents. It is either federal agents or it is someone who clearly cares far more about making a buck than they do the security of anyone here. If they complain I hurt their business, fuck em, good.
-A team of "Experts" should be assembled. However, being anonymous in this case can be a bad thing as we should fall back to point #1 and assume everyone is a cop!
yes we should assume everyone is a cop, but having a team of experts will be helpful. Then we can know who to turn to for auditing software. maybe DPR would like to organize the creation of interception detection technology, I am sure some combination of the members here working together could craft a design for these. it needs to be done in the open though, publicly. Also I wonder how many people here have experience with hacking? Let's pwn some LE networks and gather intel. How many here have LE in their family? We need to start utilizing the member base as an intelligence apparatus.
-I'm very interested in the photosensitive package tampering device. Agreed it would need to be open source. I don't think it would be too difficult. I don't know what parts are available but, I assume it could done using any SoC and basic radio-shack parts. Biggest thing would be tampering. If its open source, it would be easy to reproduce and replace if the package was nabbed by LEO. This aspect would need to be hashed out more thoroughly as I can already think of a few solutions to this. This is pretty basic stuff, no offense but, until you start thinking about tamper proofing, this is basic Hardware Engineering 101.
This aspect is already thoroughly hashed out. The device contains in volatile memory a seed for a PRNG that transmits every so often after a set time delay. Exposing the device to light triggers the photovoltaic cell which in turn triggers a wiping mechanism to irreversibly wipe the volatile memory and clear the seed. Unless the customs officers can remove the device without triggering the photovoltaic cell, or they get better luck than winning the lottery, the idea is sound. We have the theory of how such a device would work and basics about its design completely understood and it is solid, the issue is simply on the implementation details and for that we will need some specialists with hardware and signals knowledge.
Cashing out BTC and laundering your funds and not doing it correctly. That is by far the biggest threat to vendors using the Road.
I agree that it is a very serious threat to security.
i am interested in how you would be able to go about admitting new people into private forums seeing as how anybody can be LE.
i have a strong interest in learning about these forums because I fear losing connection with vendors who make my life much more wonderful. the best i can do now i just collect their public keys, email addys, etc...
If new people were admitted into the private scene, what kind of standards would be required? i mean, what good reason do all these cyber-vets have to trust me? i know i'm just a quiet acid-head with positive intentions but what good is that here? i've been in this business IRL for a long time, but i don't expect my street cred to extend to the interwebs ;D
this is the only part that sounds like more of a risk than a security measure. even though i'd love to be in those forums, i'd rather they stay safe so they can pull the strings just right for the public scene.
It is all a matter of proportion. On a public forum where people can register infinite accounts, scammers have infinite ability to register new accounts and so do LE. On private forums with restricted access membership, when a scammer burns one account out they have a lot of trouble to get a new one. With LE if they get 10 accounts into the private forum they will have more trouble to get a thousand new ones than on a forum where they can merely register a thousand accounts, one for everyone in their department. The initial invitation is a tricky subject though. Historically we have brought people over from forums such as bluelight on the assumption that law enforcement had not massively nym flooded it. It might be a safe assumption that the older an account someone has related to drug trafficking, the less likely they are LE, simply on the assumption that at some point in time law enforcement will use automated systems to massively register nyms on open sites, and the ratio of LE to non LE will dramatically change after that point in time. it is a tricky problem indeed, and one that warrants close attention. Public forums are immensely popular and in fact I am all for them even in favor of private forums, but countering nym flooding attacks is a serious priority that is worthy of a great deal of consideration. Perhaps some web of trust will end up being the best way to manage this.
-
thanks for starting this thread. Security has always been the highest priority for this operation/experiment/enterprise, or whatever you want to call Silk Road. From early on, it has been a balancing act and learning experience to engage security experts to improve our systems and practices without opening those systems up to the threat of an attacker. There are pros and cons and risks to every security related decision. I see nothing wrong with you discussing these matters here, though. I'm sure some useful ideas will come of it. Thanks for your interest.
I am glad that you support this thread. I want to congratulate you on the enormous success of SR and helping to protect so many people from LE. Sometimes I may come across as critical of some of the choices you have made but I assure you that I am extremely grateful that you have managed to bring the internet drug scene to the mainstream in a way that nobody else has ever managed to do. SR is an awesome experiment and I think that it is extremely important that you are not defeated by law enforcement, not only for your sake but for the sake of the future of the online source scene, something which you and this site are now very much the face of.
-
so theoretically (very basic theory, that is) would a private scene with trusted, long-term, cash spendin' people AND AN ESCROW SYSTEM become a mecca that'd very hard to reach by LE?
does this already exist?
-
so theoretically (very basic theory, that is) would a private scene with trusted, long-term, cash spendin' people AND AN ESCROW SYSTEM become a mecca that'd very hard to reach by LE?
does this already exist?
To the best of my knowledge SR is the only drug trading community currently around with an escrow system, however I do not keep up with private scene forums anymore. It may not be very hard for LE to reach in that they could easily obtain a presence, but it would restrict the number of participating accounts they could obtain. One of the biggest advantages I see in private forums is merely decentralization. If SR is taken off line right now it will be a tremendous set back and a lot of people will lose touch. If there are a hundred private forums to fall back on, SR still works great for the public market, but if it is compromised the overall damage done will be minimized and regrouping will be a quicker process. Don't take my posts to mean that I think SR should break apart into a bunch of private forums, I just think we need to address issues of nym flooding, redundancy, decentralization and add more cost to obtaining participating nodes (not necessarily financial cost either).
and found that LE obtains a search warrant and searches the place of delivery for drugs. I think it's unlikely they are going to do a CD or raid. You can think of them as faithless sluts, if you like, who have taken a new lover. They'd take any technique with them if it could contain evidence. Personal computers, mobile phones et cetera. Full hard drive encryption is a countermeasure. You'll be better off to get an anonymous drop place and pick up drugs there.
In most cases they do a CD if they don't send a love letter, however sometimes they do a knock and talk.
-
After a dab, it was a big much to digest in one sitting but, i agree with many of KMFKEWM's points.
-I feel that I get too complacent, even though I do a good job at keeping my real identity and activities unknown. For example, drop spots to me are a must. No matter what anyone says, ordering illegal drugs in your own name, to your own address is never the best idea. I don't care what type of plausible deny-ability you have, if it never comes to your address and the location cant be traced to you, I feel safer.
-I think of everyone as a cop. Until proven otherwise, then I still suspect. Every post made, every comment or review is being read by officers who would think nothing of taking you away from your family, job, and current lifestyle. It might just be a little blow to you but, its a felony and a notch on the belt to a cop. I'm often surprised there isn't a sticky reading "EVERYTHING YOU SAY ON THIS FORUM IS BEING COLLECTED AS EVIDENCE BY THE FEDS "
-I've often wondered if SR has any form of counter surveillance. Just the other night I spent a while mind mapping what counter surveillance for a place like SR could look like. More than 2,500 years ago an old wise China Man wrote about the need for Spy's. I agree. *They have spies amongst us, we probably don't have spies amongst them. That's an issue.
-I agree, software sales on the road bring a huge security risk. As KMFKEWM said, "Windows 7 Darknet Edition" could really be well paid federal agents attempt at infecting and infiltrating the road. Risk outweighs reward I feel.
-A team of "Experts" should be assembled. However, being anonymous in this case can be a bad thing as we should fall back to point #1 and assume everyone is a cop!
-I'm very interested in the photosensitive package tampering device. Agreed it would need to be open source. I don't think it would be too difficult. I don't know what parts are available but, I assume it could done using any SoC and basic radio-shack parts. Biggest thing would be tampering. If its open source, it would be easy to reproduce and replace if the package was nabbed by LEO. This aspect would need to be hashed out more thoroughly as I can already think of a few solutions to this. This is pretty basic stuff, no offense but, until you start thinking about tamper proofing, this is basic Hardware Engineering 101.
I assume (or hope) there is already some process thought through in the event of infiltration, server takeovers, etc. Maybe I'm wrong.
2nd that ! thanks OP ! great comments are here!
The tampering issue is already solved.
One time rfid key which is sent and which only the receiver knows ..device is a cmos which deletes itself upon light etc...no way to reproduce that...fuck the FEDS!
I could put something in a package to see if its been tampered with?? do you have a link to more onto on this?
Thanks
-
After a dab, it was a big much to digest in one sitting but, i agree with many of KMFKEWM's points.
-I feel that I get too complacent, even though I do a good job at keeping my real identity and activities unknown. For example, drop spots to me are a must. No matter what anyone says, ordering illegal drugs in your own name, to your own address is never the best idea. I don't care what type of plausible deny-ability you have, if it never comes to your address and the location cant be traced to you, I feel safer.
-I think of everyone as a cop. Until proven otherwise, then I still suspect. Every post made, every comment or review is being read by officers who would think nothing of taking you away from your family, job, and current lifestyle. It might just be a little blow to you but, its a felony and a notch on the belt to a cop. I'm often surprised there isn't a sticky reading "EVERYTHING YOU SAY ON THIS FORUM IS BEING COLLECTED AS EVIDENCE BY THE FEDS "
-I've often wondered if SR has any form of counter surveillance. Just the other night I spent a while mind mapping what counter surveillance for a place like SR could look like. More than 2,500 years ago an old wise China Man wrote about the need for Spy's. I agree. *They have spies amongst us, we probably don't have spies amongst them. That's an issue.
-I agree, software sales on the road bring a huge security risk. As KMFKEWM said, "Windows 7 Darknet Edition" could really be well paid federal agents attempt at infecting and infiltrating the road. Risk outweighs reward I feel.
-A team of "Experts" should be assembled. However, being anonymous in this case can be a bad thing as we should fall back to point #1 and assume everyone is a cop!
-I'm very interested in the photosensitive package tampering device. Agreed it would need to be open source. I don't think it would be too difficult. I don't know what parts are available but, I assume it could done using any SoC and basic radio-shack parts. Biggest thing would be tampering. If its open source, it would be easy to reproduce and replace if the package was nabbed by LEO. This aspect would need to be hashed out more thoroughly as I can already think of a few solutions to this. This is pretty basic stuff, no offense but, until you start thinking about tamper proofing, this is basic Hardware Engineering 101.
I assume (or hope) there is already some process thought through in the event of infiltration, server takeovers, etc. Maybe I'm wrong.
2nd that ! thanks OP ! great comments are here!
The tampering issue is already solved.
One time rfid key which is sent and which only the receiver knows ..device is a cmos which deletes itself upon light etc...no way to reproduce that...fuck the FEDS!
I could put something in a package to see if its been tampered with?? do you have a link to more onto on this?
Thanks
It is fairly simple in theory. The device would consist of a small amount of volatile memory which holds a PRNG seed. A PRNG seed is some initial entropy that deterministically influences the output of a pseudo random number generator. The device would also have an RFID tag capable of transmitting, battery powered RFID can transmit significant enough distances. The volatile memory is hooked to a photovoltaic ('light sensing') cell. After making the package, you would put the device in it and then close it up. Then wirelessly activate the device and load a seed to it. Now when the package is opened light will enter it triggering the photovoltaic cell causing the seed to be wiped from the memory. This makes it impossible for LE to analyze the device to reset it to a non-compromised state. When the package arrives at a fake ID box, the recipient could use an RFID wand to scan for a pattern that they could know because they have shared knowledge of the seed. If they detect this signal, then light never hit the photovoltaic cell, if they do not then either there was a malfunction or an interception. Since they know there was an interception, they can just avoid going to the box store, and since the box is obtained with a fake ID it can not be linked back to them.
There are more fine details that would need to be worked out, but that is it in a nutshell. it may even be possible to have it broadcast its interception status after some predetermined time delay, through the cellular network and to a burner phone.
We have most of the theory figured out, now the trick is to translate that into a step by step list of instructions on how to create these devices with easily obtained materials, and perhaps to program an open source controller for it.
-
[/quote]
It is fairly simple in theory. The device would consist of a small amount of volatile memory which holds a PRNG seed. A PRNG seed is some initial entropy that deterministically influences the output of a pseudo random number generator. The device would also have an RFID tag capable of transmitting, battery powered RFID can transmit significant enough distances. The volatile memory is hooked to a photovoltaic ('light sensing') cell. After making the package, you would put the device in it and then close it up. Then wirelessly activate the device and load a seed to it. Now when the package is opened light will enter it triggering the photovoltaic cell causing the seed to be wiped from the memory. This makes it impossible for LE to analyze the device to reset it to a non-compromised state. When the package arrives at a fake ID box, the recipient could use an RFID wand to scan for a pattern that they could know because they have shared knowledge of the seed. If they detect this signal, then light never hit the photovoltaic cell, if they do not then either there was a malfunction or an interception. Since they know there was an interception, they can just avoid going to the box store, and since the box is obtained with a fake ID it can not be linked back to them.
There are more fine details that would need to be worked out, but that is it in a nutshell. it may even be possible to have it broadcast its interception status after some predetermined time delay, through the cellular network and to a burner phone.
We have most of the theory figured out, now the trick is to translate that into a step by step list of instructions on how to create these devices with easily obtained materials, and perhaps to program an open source controller for it.
[/quote]
Wow.. I'd be interested in that.. but its gotta be easy to make and use... sounds complicated... but I'm sure with a good step by step it could work
-
i am interested in how you would be able to go about admitting new people into private forums seeing as how anybody can be LE.
i have a strong interest in learning about these forums because I fear losing connection with vendors who make my life much more wonderful. the best i can do now i just collect their public keys, email addys, etc...
If new people were admitted into the private scene, what kind of standards would be required? i mean, what good reason do all these cyber-vets have to trust me? i know i'm just a quiet acid-head with positive intentions but what good is that here? i've been in this business IRL for a long time, but i don't expect my street cred to extend to the interwebs ;D
this is the only part that sounds like more of a risk than a security measure. even though i'd love to be in those forums, i'd rather they stay safe so they can pull the strings just right for the public scene.
build your own forum with a group of like minded individuals from even this forum. Use it as a suppliment, but definately vote on new member additions based on their rep (It is a tough vote to get started, and the only rep that most of you know is the rep from SR) but in time, you will be able to vote someone into membership who has more of a thumb on the pulse of these already existing private communities also. There is quite a bit of talk on the few (semi) private boards I frequent more about security of vendors, and news releases of issues surrounding our scene, because some of the members of these boards are deeper connected than your average joe, and they keep others informed, but don't blather on about inner workings here in the public. then the info trickles slowly down friend by friend until it is public knowledge. Without rambling too much, if you have folks you get along with regularly here on SR, build a forum for yourselves. IF your friends turn out to be LE, and not alot of action is done in public, they are likely to not stick around too long (I guess) because it seems like just water cooler chat. Then after your initial group feels comfortable with the others on the group, then votes can begin for new members. It is my personal vision that the public SR site should be where vendors make their bones (so to speak) by dealing with wide customer base, high order count, and lots of time spent each day keeping up, then they are able to graduate to a more private setting in a position of supplying others who want to build a long term rep for themselves, and another generation of dealers is born. The food chain moves up, and SR maintains the "frontlines" of higher scam rates and larger LE presence, while the ones who have built empires (3jane, few others that I am too out of it to name right now...btw, fried due to finding some left over molly from my ol' gal Jane) back to point. once these vendors graduate to private forums, sourcing FOR the sr vendors, escrow is now insignificant for a number of reasons, but quite simply, a scammer rep on SR can be fabricated to a fixed point, and in the private sector, a single confirmed scam, and word gets around pretty quickly, and he doesn't have a week of orders that have to be moderated in dispute to finally figure out he went rogue. I know I got off the point here, but kmf is right about a few things here. Collectively, we put too many of our eggs in the same basket, and when that basket drops, where will we be without a network of likeminded forums, stores, off site contacts, whatever.
BTW, if you want to start up your own forum for you and your friends, I have a surplus of FH invites, and can help you get started there if you want. I have already helped jameslink with his own shroom forum (haven't been on there in a bit), and another that I don't remember . Train of thought is derailing again, but I hope you get the point I am getting at.
-
kmf,
Thanks for your post, you've brought up some great points. Regarding the hacking/spying aspect there are some serious barriers. As AS/Anon has shown it isn't that difficult to penetrate random local police but these are targets of opportunity and not pinpointed targets. The FBI and DEA departments that would be targeting SR (Non-Fed LE doesn't have the resources) are also the ones that would be the most hardened against hacking attempts. It's not like the FBI's cyber crime div is going to be open to a SQL injection and, while the UDID op may or may not have pwnd an FBI laptop, I don't know of that many black hats that are going to be willing to blow a good zero day (or multiple ones) in the hope that that they MIGHT pick up some intel.
The irony here is that for us to go on offense against LE we face very similar challenges that LE has in coming after us. I think one of our best approaches would be to insert significant uncertainty into their equations. For example, creating a honey pot op whereby a SR cell slowly creates a vendor that deals in weight of H or blow and "accidentally" drops hints at their identity on various boards and various times so that LE can build a profile on them. While I hate to involve the innocent, if done right a patsy could be set up so that the mere act of targeting this "big vendor" creates PR or political blowback. An example here would be making a college age child of a senator or congressman look like they're moving serious weight through the road (though their not), letting LE do their constitution burning act, bust the innocent party and watch political hellfire and brimstone come down. This would certainly give any LE cold feet in coming after a vendor. Who knows, maybe even serious discussion of this would have the intended affect.
As far as the private working group, a cell based approach could possibly work out well. Remember that LS/AS was a pretty successful offshoot of anon (and only got busted when Sabu didn't Tor two of his IRC log ins, not because of anything tech) and in forming it they faced similar obstacles as we do here. With that said, I believe that sunshine is a great disinfectant.
Thanks again K!
-
thanks for starting this thread. Security has always been the highest priority for this operation/experiment/enterprise, or whatever you want to call Silk Road. From early on, it has been a balancing act and learning experience to engage security experts to improve our systems and practices without opening those systems up to the threat of an attacker. There are pros and cons and risks to every security related decision. I see nothing wrong with you discussing these matters here, though. I'm sure some useful ideas will come of it. Thanks for your interest.
thanks DPR for kind off endorsing this thread. Keep up the good work !
Maybe you can check out our thread here and give us an indication :)
http://dkn255hz262ypmii.onion/index.php?topic=41506.0
-I'm very interested in the photosensitive package tampering device. Agreed it would need to be open source. I don't think it would be too difficult. I don't know what parts are available but, I assume it could done using any SoC and basic radio-shack parts. Biggest thing would be tampering. If its open source, it would be easy to reproduce and replace if the package was nabbed by LEO. This aspect would need to be hashed out more thoroughly as I can already think of a few solutions to this. This is pretty basic stuff, no offense but, until you start thinking about tamper proofing, this is basic Hardware Engineering 101.
there's already a group being paid to make these, the main verilog guy fucked off with a roxi addiction but the rest of the team has stepped up and i have no doubt a design will come out soon
[/quote]
We are very very interested in this as it could be a real defensive device. Of course there should be 2-3 indicators..otherwise leo will just use darkrooms to open thee packages.
not sure what is your point. I think treat assessment, have to be sort of dynamic thing based on counter intel. I think assessment of some kind of abstract treats, is kind of mental deviation and quite useless. Treat is always concrete, if any.
SR is a game changer, private scene is totally ingrown and shitting on SR profusely, for SR making life for them much more miserable. You can say SR this and DPR that, but what SR is done actually, it educated millions of people about new ways of getting drugs.
SR is THE GAMECHANGER!
Iit will open up a pletora of agoras and be the origin of places where all our efforts can be concentrated to defy the governments and their every growing full spectrum dominance and total information awareness. Of course it begins with thee black marketeers..but SR is so much more ..probably most people cannot fathom that just yet.If not now, probably mankind will be really in a position soon where it can never ever free itself again.
-I think of everyone as a cop. Until proven otherwise, then I still suspect. Every post made, every comment or review is being read by officers who would think nothing of taking you away from your family, job, and current lifestyle. It might just be a little blow to you but, its a felony and a notch on the belt to a cop. I'm often surprised there isn't a sticky reading "EVERYTHING YOU SAY ON THIS FORUM IS BEING COLLECTED AS EVIDENCE BY THE FEDS "
A good perspective to take. ABSOLUTELY!
-I've often wondered if SR has any form of counter surveillance. Just the other night I spent a while mind mapping what counter surveillance for a place like SR could look like. More than 2,500 years ago an old wise China Man wrote about the need for Spy's. I agree. *They have spies amongst us, we probably don't have spies amongst them. That's an issue.
We should get out bountys for people putting wifi pineapples with solar cells (google it) near police & DEA HQ. and we need to bring more hackers over.
In this war we are all on the same side.. and dont dare to tell us this is not a war.
This aspect is already thoroughly hashed out. The device contains in volatile memory a seed for a PRNG that transmits every so often after a set time delay. Exposing the device to light triggers the photovoltaic cell which in turn triggers a wiping mechanism to irreversibly wipe the volatile memory and clear the seed. Unless the customs officers can remove the device without triggering the photovoltaic cell, or they get better luck than winning the lottery, the idea is sound. We have the theory of how such a device would work and basics about its design completely understood and it is solid, the issue is simply on the implementation details and for that we will need some specialists with hardware and signals knowledge.
thanks for elaborating on this ! we couldn't search for the info for lack of time!
First of all, thank you for taking the time to write this post, I appreciate it. Most of the points I agree with immensely, especially about remembering not to get lax about security.
Another thing I would like to mention is the role of intelligence in such an organization. The importance of this is frequently overlooked. It would be strongly beneficial if SR could rally hackers friendly to the cause to try and pwn law enforcement personnel, intercept their communications, identify the law enforcement accounts on SR, etc. All forms of intelligence gathering should be employed against our enemies as information is what wins wars. of course securing our own information is of utmost importance, addresses should be encrypted, hardened systems used, Tor used, great care taken in protecting our shipments from being flagged, etc. However, defensive security is only one half of the battle, and it is equally important for us to gain as much intelligence on law enforcement as we possibly can.
I'm not sure I agree with you here. So far we have only used defensive security, and I believe that is why we are still here. If we begin to actually make coordinated attacks, or even try to organize coordinated attacks, it will certainly bring much more LE attention our way than would be pleasant. Right now, to be honest, we are more or less small fish. Sure, SR is somewhat of an innovation in terms of its size and the fact that it's an online drug ordering service, but to be honest it doesn't handle enough drug traffic and is decentralized enough not to be worth LE pursuing. But we start becoming involved in direct attacks against them, and that will change. It will be worth the effort to target and bring down.
Basically what I'm trying to say is that a offensive effort against LE would bring more attention upon SR than it would be worth in anything we might gain through the attack.
If you want to do something like that, please disconnect it from SR, at least in name.
We should be prepared at least for offensive action and we dont think any offensive action can be linked to SR as long as we do not leave "pawned by SR Defense Militia" gifs on their computers 8)
But a lot of intel could be gathered on operations on the way ..new customs techniques and personal which is targeting us.
Cheers & LONG LIVE THE ROAD!
-
Keep up the good work SRers ::) FTP
-
I agree with the need for people who want to live free colaberating but when the SR becomes a locked down police state with a general utilitarian philosophy of "We can't allow freedom of choice and association because the war with the cops is too important" then it has become too much like what it rose up to circumvent for me to hang around.
I'm with you that smart people working together in counterintel puroposed groups is highly necessary, as is re-turning the slaves they buy with with threats of jail and promise of money to work against the spirit of freedom they started hacking for in the first place, but that is just it. The spirit IS the center. People come and go and it could be as much a liability as an asset if you have locked yourself into an overly ridgid shop. The strength of open source is the strength of volutarism. People, for whatever reason, see fit to act in concert as they are all at once looking at the same goal. The paranioa that comes from an imperfect system of trust is another great asset in disguise. It keeps you awake and flexilble. How would it be to have a great plan all hatched out and ready to implement only to find a key member is either a cop or gets sloppy and taken out right at the crucial moment?
Everyone on your team is a potential failing point and any critical mission will suffer from too much control over it, much like the security issues Apple has had to admit lately, that went unaddressed for how long, a week or more, while a patch was already available and ready to port. Open source is more than words, its a phenomenon.
And I hate to be the one to say it but your quest for the whale, a noble quest and one that must be undertake because a whole lot more than a dope shop is at stake here, seems to have seperated you from the spirit of liberty. I can never let that go observed and unaddressed.
So yes, lets figure out how to watch them watch us. Lets figure out how to bog them down in the weight of a top heavy org where everyone feeds on a diminishing slice of stolen property. Lets not hesitate to analyze the nature humans and systems of humans living in the reality of mortality and scarcity and use these tools to know where those bogs are and steer clear of them ourselves. Lets never pass up a chance to point out the way things are heading to one of the proles who think everthings doing fine because the TV said so and they still have bling money. The way that eventually you run out of other people's money and scraps of paper hold less appeal. The way a generation of young soldiers is weary of pointless ocupation of other people's land while knowing that this is the source of nearlly all animosity held for their kind by foreign people's.
Let us make the crucial connection in the minds of proles and estabishment consumers of ill gotton gains alike that the weariness of the fighting forces combined with the timing of playing out the last cards that taxation and money creation have in thier deck will lead to the promises made to those, those who hack for evil, bear arms against non violent persons for evil, push papers that weigh on the necks of and destroy the lives of people, will BE BROKEN SOON! They will not be able to fulfill their blood oaths and a loyalty built on sharing of spoils disintegrates quickly.
Let us NOT fail to get back as many into our graces who may see the error of their ways that the process of forgiveness can begin. Let us be the agents to point out the truth and to shine it out of our very asses in how we conduct ourselves in a spirit of freewill and cooperation, not by clamping down on the dope site in a reign of control like a Bolshevek spreading "consent" to his ambitions because a critical mass of free people will not join them of their own volition.
In summary, don't try to turn the dope site into a virtual police state and carry on with fight in any way that is voluntary and stokes the fires of liberty and open colaberation.
They have huge economic problems bearing down fast on them and they know it. They are moving key pieces into a run at a checkmate as we speak.
But even then they lose. What happens to that precious spirit when it sells itself into bondage like the tax and inflation feeders have done and so many people have in so many ways from taking money to spy on people to just taking welfare of one kind or another? It stagnates. The enormous creative potential of humanity says "Meh, I don't give a fuck anymore".
The quality of all things produced wanes, at first with a boost in quantity but then that wanes. The capital factors that once made men mighty upon the earth as they passed from generation to generation, built upon by each as they stood upon the shoulders of their fathers are then deconstructed, the hunger for knowledge that produced them slowly lost until the knowledge passes too. And mankind regresses into a primitive state not seen for ages, a state that with the lack of a complex indusrial economy does allow for what these assbags lust after, control of everything, but what will be left. Would you rather be poor in 21st century America or relatively wealthy in 10th century Europe?
Our impovershed are overweight and have the internet, I consider that a higher quality of life, one where we were almost to the point where wealth creation turned a critical knee on the curve and a land of truly plenty might have seen us mint a new coin by which to trade the fruits of our labor, the coin of high art in all it's possible forms.
But nooooooooooo, a buch of power lusters have managed to convince a buch of envious fucks that producing wealth is evil and thier fellow man must BE CONTROLLED!
Ah crap, another book. Oh well, maybe I can sign it someday. Now lets talk patents and how they are in their essence just one guy using the force of an armed gang to make a claim of yet unrealized income, thus preventing him from trying as hard as might if he had to have an idea every day AND setting the stage for large orgs, protected by state nepotism and guaranteed handsome profits by the same, come in and buy all of the "cease and desist orders" to the point where nearly all tools of surival become thier "intelectual property". Check and mate.
But otherwise good people buy into this trap, hoping to be the one whos lottery comes in in a great idea or a few mediocre ones. They use thier machine of violence to create an injust avenue of exploitation, sell it as legitamate, because after all, it's the government and we all agreed, and then in the end consume their partners in crime along with everyone else.
This is the spirit we don't want anything to do with. It is the spirit of death and those poor chumps laboring away for the benifit of thier machine and the spoils it promises to grant them need to be shown this before it is too late for them. That is how we win. By keeping our eye of the fleeting spirit of liberty, not falling for old tricks in new clothes that undermine it and teaching others to do the same.....voluntarily.
/rant
-
AMEN !
-
I think assessment of threat have be related to assessment of one's vulnerabilities.
One of such common vulnerabilities which is poorly understood is been vulnerable while you learning new things. in matter to succeed in any UG activities individual or organization have to have ability to learn. you need to learn to change effectively.
if your adversary understand the way you learn, they can try to detect your learning efforts, anticipate the change resulted from learning, or even launch targeted attacks on a group’s “learning systems” which could degrade the group’s ability to adapt over time.