Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Dread Pirate Roberts

Pages: [1] 2 3 ... 18
1
Silk Road Discussion / Re: Inigo arrested?
« on: December 20, 2013, 01:38:55 pm »
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Silk Road has not been compromised even if the allegations are true. Neither had access to sensitive material. I will make an announcement later to address the concerns this has raised.
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJStEgqAAoJEMyyOOR8/t+867AP/RpjCq1B3WSYgnscbZU+UZOy
K0AGMM7tmu1DV1pr2S379YjVxQeUWeTbwDYhaYcWkDBDshnlpSd97fwAL1YVrBQx
jWE08tyo1sd1v5F/HajCx0DC2L5NeqD4UTDd6Dl2AOeBI4pZ+Ah/Q4VoB9cOBQGw
lSbjBY2U4redqBeRd1mFR8N+f3XmxYXzmB4Mf8ddvQkl62HmkwRwA27uUExt73uj
f3/EYVc/XjPgKG345S8yUwcGxLQcfoRM7UosbSGeEaDvvWjfZ6qQw4p7CbqIimHu
IOT6dhFcPmoVdiZGDvjtM3jXfF2sTi5mclGp/4axsrvOWZlCbrobE9EuJnGvscU4
ekU90vtcviES9XEJAr9XGOGgzY/OBf1xpj0iRY7rBDHUqA/FjfSULxqanZYhh0Wn
webHldrjylBRKM0PsnQdPn1CVGj8ThwB6SLfd0WEN1FEQt0hXP3uK1zDOri/fIcJ
Pnvf3jxYNcw9Q+2OW6QpZ/7t+S2E0yiifbNCobAMI18mrynuw3pk/xumg6t2WF/j
YHRpbTfFCCsbiPwR8P9CcUNQ5Iqcc2ewq4GOPx053aL/Vo/nfPdu/9hrRpfF3U5E
J7rFvAStaejxH7/vNxZRrTTiwrrc6njsFJHXWVAJjd+fHLI1efptbc8Kzwms9Yl0
0nzLjAJPFZOv6y7gP8tG
=lDZd
-----END PGP SIGNATURE-----

2
Silk Road Discussion / DPR's New PGP Key
« on: December 19, 2013, 07:45:49 am »
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512


Please all find my new PGP key attached below. Replace the old key and use this with immediate effect.

New Key Fingerprint: 5A48F5D050E9905262B4799DCCB238E47CFEDFBC

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJSsqJ5AAoJEPMoGw8w0+tz1jgP/jeixSrY/mpuXOocF4QBKYkt
wCPrR0BIentVjmjzAikIqR5+VqK9iOWX1xZYFxAq+ZbkKzoOYphbg4tidTYQ6LT4
dlq+fRUOlfhLnokQsu38v4VMOeg1WsY5Ix3WnlyAJUrg7pkLsD2hdQB+wgfEiY+S
Y8N34qR17FMujoxJzavr6wx0oHm8Zba9jJAstiiabRlID9b/2Jp9ClfK0baKS8Vx
LqOO+j/z8Zw7XVnnjOAOnhMzNyqkYgVv4gm785fFeWNEIRZASdUIL4P1h0W1LH+4
iXbOyiLfElajRj2bfDmazXF2bKaojRCTOiVaTJSRhBMfvLq/DRdm3gF1ktjhLJdd
+p293j28oaaVdak56MdEpriN67NdY4drpGcmHyKSPrGTHfx6ZlRA7Ghl3enhbCFP
8IjYAMGVpZRR9/1xO/YUh+OwFzGTJQVNGjyey8clLa0jX5aOZV10R6JVkninYOYI
KrcqZSeDhlu5ZQ/ofZhQK4e2d9EOKemF/YFrm2I/79ksuLYM5Onk1VaPqIZjaqFz
b67676fTpqvWMRuokM4+QNkDyGX+TdB56w22HXmUjG0h9cUbyq52O1BTxYMKF538
sgWWTex/IJoI/MayakFW2ZmxUPaT9zojXt5qagJQ/yXmLnJr65mKX/1IzXPQ9MFE
xKbODP1/N8+nmsm2UZPZ
=vfUM
-----END PGP SIGNATURE-----



-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFKyn+YBEADFg1+IOgZmYcjwnkN0CKqdFwo1RzQeNoTuwmw3W2PNfWW/1KoY
XOwLWyHHBllibAF08Cva71lw8hI2/rvWxYhTno/QdZ/VP2JoocGtY+xRVXECCK0q
Xjg5CBCISYP23JoorPQPxSN7y2iwVdL9SSBF7yNebWj6K7439bw45OQox8autNa2
jSva1HUkABZz1sy3KXlsj+leDrLPiK3HprFhQp6bvk8AEnp+f1xZ2eNr0EmZQc0x
OYlaOJlj6MrnYdsHExowhwRvl3AzTHhG6yWPHi1R/ug5khA7lZNqRhXXSpW8I/9l
NJL9lwzcF6LClxHbwIb5PipsbJda2SG55mFJUZRv6qrp6WlngTMv2wCGrKr4mHCy
smsd1WjEgHXjPCQ8oZI2rxSXlXUEcpFC+AQN+UzWSKAo1tZhCvkLDqEyl13LvhU1
NsisU74ZcJSiW5Hqf8jVXLT+l93NkEIu3EjmCZeNORZOxhW9Uj5RzSwgPZqDrJEC
yZrKXBlPnb36Y5vY+M+gleFsP1ZPXvr+li8R6eTfL5NDhGdVEMX6fe6CuBkeWQMv
Y62FWxy2RSd2UYKDzczk6UomVjJmTc1T+JhmXrjiJnfiUL4jEvOHuos6g45CH2rw
6TTleXk1YJEYvh8RtvcPxHYHfj+QY/+//H9r5KnkesX3kuN19GBfd/BLswARAQAB
tC1EcmVhZCBQaXJhdGUgUm9iZXJ0cyA8c2lsa3JvYWQ2b3dub3dmay5vbmlvbj6J
Aj0EEwECACcFAlKyn+YCGwMFCQHwnJoGCwkIBwMCBhUIAgkKCwMWAgECHgECF4AA
CgkQzLI45Hz+37xTlg/8Cy5Pzc5VK7Yvg1I1/OnRsX4Tf5hV1w7c92m94BiXrfQV
xMY4hakFlmdSTg863v61YBMK3coKc45b/v/Bokjn23HFyUfYg09vQS1v2VZ3P63k
oNM+nerY5O4JQuO8H+ZaCl1/7xm7fVdg/yPEGMeEfbycSyHai5BZthBjakouvO4n
Zl1gu6WjJW0vJc+1pZCKgARy1FzGB/X9hvliyD+1PuTMC715QgmnQGCi03LMNb5n
YNFEqrExv6tZRea4FRA+u0OxnQmvOZYqia+UiYdRhhel128UjksTewUzzkQU/b3k
ObkvWw5MpFZOanP4y2KpQlwp9L1x1DpZfKPhEH9Hoqq6WFuTe+sGxPAdXkVOayyy
4iGt14xFDufUTRWAuj+rRvGKp9rt2zm4lxkaua2BhKGyR4KEwfywPHUlgERX7Ihi
Cp6XwNA+ke0fpuJegejbqPkesfEa6E3HrOaBiAlvjyHjwqPo0zy94ZDCl1P6s3hX
/SXcWRQEJUzjTnOe97mXr+lGSg2zoerD87zoIt9W9awiK23x8lfKdXLSlF7obuCX
JFgVJWgJRfMvMZniDWR6fr+hazAkC7a55Grg0EX4amkgO04i7BVhbNFB1Fwn0V4f
opbpXherz6sIcimRUJFasyLnAY+jThd/2VvJdY/NMnYEc6oeCvlg1JvbmA+Bbau5
Ag0EUrKf5gEQAKqWMqKGc9CpMmOZx2WRNs4+80n+9dMeg5GuSNPP6P2lEXNf2lYB
s5uytdB8osT+HGxORxbfiwLowN3Iv0J+MC3udvdFWsIf06ZHoysTU/4ffbyRTdg4
s7QzzTK5HGPdtM5KWW3F1hwVzwbQBi353FyD+vMDomUFpKE04WMmm+WzTBkO+SJJ
s0UTdDcdGaTRwx9Jnp4Ut4TteFBiPwV46oJeTQ0hqgHmTdt8Q8VACzy/vEUT2G9P
llqe/LFeqMzTqWFyXlUfsx7soeSh/+g2SyKh7h1S57E4cawymyxDLxXaHUO3Sd25
uuauYadLvOWxvN2WAkPegpcwvy2aSMlGlbiOwGMF3qEyhqc4Ci7UWSdVAlSFbn4I
Ol8CLxueP0F2/0asJjx3iAcGh2HWFPZRotbEgIn+cvykTeUvIZd3DbP8XYBQvfXa
0ykozBABMR3+qiOzL1Jll3r3OKL46Qxt36uIIGPMXOgoXMWryfLWohCmAXAP6OEb
FeGbFwMOnw7dXFiu43wsj83K+LIh+8QcfZlNDpN1bs6jH1czD3uB7kytMF5Zv8KM
nA/x/DIx2nRfoRRaNrBgpnNesXC2Y8ufhbCQk6HzwXlN5KcmWuTV197QPfTJPsbo
MuBBNsHdC7t6qERmKbgqJIdhqCREqHFjh37VqUPvP5t6OhbTCnnoYf65ABEBAAGJ
AiUEGAECAA8FAlKyn+YCGwwFCQHwnJoACgkQzLI45Hz+37yoixAAs3kAotMZ9ILm
npU2CwAUIfETSMqf7w8JeyzX01HvydO6XOOAy1BMgtcxuY/L64DFzHQ7sMGiDDQ0
7jEed6YG/SusNgctlva8FzEKtH9lM8aKD9+HKih10b8opIpn8l0ffSql0W+jrlvB
Mxe7JshTl8HRKd3fKnTzfcCjmBF4wfkUeauu7vbtvtF0+vCt4IstF62PG0c25fnU
2faAh4LVpQgAtOEzT7D3QticqfHGP3u8EQYFUKGCkzV8TYW6ZXIzbGuMS46LbNbt
kPmebV8xJ+6PQp7WpdubzbxwUEvA29YHRYUlj4GZpoH9i33SW4Q4BJ/qsj+5N4Fv
IBeNh5XnvozicBGyhJ8Kr58XhxnXbO9jvfvEk4eFtU/5mOl4jRC/7dCFQNivb8/z
iAYLiAxPb4grS1ScDk+SpAGm/K4XpETLSj461aGjm+kbNSAIHMiJzzccCceXjk2R
BON6NrTqyvL1PowsMcXsP/z3GKqhOMxeW4J6Sct5QOrBkKM9XNPg52tA+tYFLvlZ
YDBQPOpeqa0rcTJQ6TwcqIt7jwFZbgJXoigjm3U0w3GRF7SBZJljfAeA2Uv9Fo6b
YtOiQCJ+WuF78/9Pkx2DmrR97awsa+2F1KzGaRK3arUClH3qxYof9yoh9vYA5FSq
knMWzEmq90TVXa/r9A5vupzTCxz1XwM=
=tv2s
-----END PGP PUBLIC KEY BLOCK-----

3
Newbie Discussion / Re: SR Keeps flagging me as a "DDOSer"!
« on: December 19, 2013, 02:14:47 am »
Make your you visit: http://silkroad6ownowfk.onion/

Note there is no /login at the end of the URL, this is the most common trigger to detect DDOS requests.

4
Silk Road Discussion / Re: Why wont SR DDOS back?
« on: December 17, 2013, 11:35:08 pm »
DDOS'ing is like being the playground bully throwing some weight around and only works for a while until a bigger one comes along. However if you can step back and find a more intelligent way to go about it, that is far more lethal in the long run for example installing a little surprise on the server to act as a backdoor no matter how well a source code might get tightened up.

5
Security / Re: TOR project now accepting BTC donations
« on: December 17, 2013, 11:14:28 pm »
Stickied.

6
Newbie Discussion / Re: New BIG marketplace!!! ** almost 3 times bigger than SR2 **
« on: December 17, 2013, 10:55:36 pm »
Use Tormarket at your own risk, I have another surprise coming out soon which should dwarf the last.

7
Silk Road Discussion / Re: Is the site down?
« on: December 17, 2013, 11:02:58 am »
We are still working on it. No estimated time until fixed.

Vendors did have their own URL to use to bypass the DDOS, however since they have leaked the URL we are not going to issue another one yet since it is useless to have if they cannot keep it a secret.

8
Off Topic / Re: Has anyone ever had dreams about SR?
« on: December 16, 2013, 04:30:24 pm »
No dreams, only nightmares on the nights that our team doesn't actually manage to sleep.

9
Newbie Discussion / Re: This market is a joke
« on: December 16, 2013, 04:20:24 pm »
Quote from: paulrevere on December 14, 2013, 02:30:00 am
This site is the biggest joke in the deep net, this will be my first and only post here because I was ripped off on my first and only order here. This place will not survive because there are much, much better options out there and some of them are doing it right. I would not be surprised to find out this place is run by the same thieves who ran sheepmarket.

This place is a joke, I am serious and not solely motivated by my anger at being robbed. Go look at Tormarket and then come back here and tell me I'm wrong.

I'm sorry paulrevere, can you repeat that please as I can't seem to hear you over the sound of laughter at their database leak.

10
Newbie Discussion / Re: A message from the captain dpr
« on: December 16, 2013, 02:55:57 pm »
There was a small bug in my messaging script yesterday which caused this message to be sent out to several random user ID's. There is nothing particularly sensitive in it and nothing to worry about.

11
Newbie Discussion / Re: Possible new market software?? Any interest?
« on: December 16, 2013, 08:17:54 am »
If you want to earn some bitcoin/cash then you can make proposals of any ideas you may have to me and if you can develop them I will happily fund it. Our key areas of interest right now are decentralized systems of communication and distributed trustless storage systems, some starting points for background research could be POND and also for storage Tahoe-LFS is a very good foundation.

In the coming months the next generation of hidden services will be coming about and so much of our own research into theoretical attacks and weaknesses in the network is focused on that and sadly we are struggling to lend a hand in expertise to such projects. We have already taken on some freelance developers who are working on better bitcoin mixing systems and other tools to help improve the anonymity of users. Making a new market software however I do not personally believe will work, Silk Road has a strong brand and when yo make it easy for people to set up their own market then it will also make it easier for scammers. Anyone intending to set up another market must be able to not only create their own market but be able to ensure it is secure which extends far beyond just the source code, I would go as far to say that is only where 20% of the security work goes.

12
Silk Road Discussion / Re: Security: Why claims are dangerous to believe
« on: December 16, 2013, 01:52:18 am »
Quote from: Public Enemy #1 on December 15, 2013, 11:11:17 am
There is no german hacker. No Zulu33.

The data was extracted over a couple of days last week.

A massive vulnerability was found in the search function of the site which allowed access to everything in their back end database.

The affected 3rd party Ruby gem is called Ransack.

All information relating users back to real-life identities was destroyed to ensure it could not be used against anyone.

Very possible that others less well intentioned also found this bug, I hope not but it is quite possible, as has been stated it was not some 0-day exploit. Just poor coding and lack of testing.

Only enumerated users between ID 10000 and ID 20000 for brevity and yes only buyer accounts with 1 or more orders.

Shame it came to this.


PE#1

Looks like we are not the only ones to find how easy that was.

13
Silk Road Discussion / Re: Taking bets on how long until registrations will open up again.
« on: December 15, 2013, 09:26:53 am »
This will be addressed shortly.

14
Silk Road Discussion / Re: TorMarket's Response
« on: December 15, 2013, 05:22:26 am »
I have spoken about this matter on the roundtable already but that information stays on the vendor roundtable for now. For the claims of Prof, if he believes I simply bought the information from a third party then he is gravely mistake as we still have the logs sending requests to the site and I stated several days before release we held a lot of data. It is however nice to Prof's statement in deteriorating English come through when he is under stress, that would perhaps explain where the coding from his shopping cart comes from.

Don't poke the bear, it will bite and the only person being dishonest in this situation has already been shown. If anyone doubts anything about this exploit, nationchemz has already repeated it himself after figuring out just how basic this attack is. The story about another person asking for a bounty could be true, but it wasn't us for sure and if anything only highlights Prof has been aware of the exploit for some time now and since nationchemz managed to replicate it then it is clear the "fix" of it is not true.

Protip to all other hidden services - if you are going to hardcode some guard nodes into your server then actually change them once in a while because once we know your guard nodes then it is trivial to find your IP under a DOS attack. This applies because even if you are in a virtual environment while we cannot retrieve the server IP, simply watching the guard nodes and correlating the traffic is simple work.

15
Feature Requests / Re: Opt-In Vendor Tax
« on: December 14, 2013, 10:10:17 pm »
I quite like this. Would you prefer set amounts (ie 0.1%, 1%) or would it be easier to allow vendors just to set their own contribution rate and show it publicly?

Pages: [1] 2 3 ... 18