Silk Road forums
Discussion => Security => Topic started by: _Bangarang_ on July 22, 2012, 09:26 pm
-
Hi all,
Recently messaged a vender to create custom listing ( you know who you are, no need to say his name he is very respected here )
I used his key and mine to create an encrypted message and sent it to him via the messaging system. He replied back asking me to reply next time in plain text. Any ideas why?
Regards,
Bangarang
-
because it was not sensitive info?
we vendors have a lot of messages to go through
-
What information do venders consider sensitive? I would like to be on the same page :)
-
What information do venders consider sensitive? I would like to be on the same page :)
Your address for when you make a purchase.
-
Sensitive info is anything that can link communications to you or narrow it down to someone like you.
You never know what kind of information will pin point you. Be vague, talk about business only and anything that gives details on anything about you should be PGPd.
-
I consider a message like
"I have my coins on order at the exchanger. looks like it will be tomorrow before I have them in my account. As soon as the coins are ready, I will be down for a z of blow"
to be a sensitive message. If it were intercepted, it would give an attacker an idea of what kind of BTC transactions to be looking for (by the vendors price on the product), that the exchange is happening today, and that there will be an order placed tomorrow. And while that might not seem like damning evidence, it is evidence none the less.
point is, if your vendor doesn't want to deal with decrypting pgp messages for your/their security, then they probably don't want to go through the hassle of cashing out your bitcoins, so choose another vendor who actually cares about your security as much as the care about theirs.
-
I consider a message like
"I have my coins on order at the exchanger. looks like it will be tomorrow before I have them in my account. As soon as the coins are ready, I will be down for a z of blow"
to be a sensitive message. If it were intercepted, it would give an attacker an idea of what kind of BTC transactions to be looking for (by the vendors price on the product), that the exchange is happening today, and that there will be an order placed tomorrow. And while that might not seem like damning evidence, it is evidence none the less.
point is, if your vendor doesn't want to deal with decrypting pgp messages for your/their security, then they probably don't want to go through the hassle of cashing out your bitcoins, so choose another vendor who actually cares about your security as much as the care about theirs.
Dingdingdingding!
Act as if everything you put into SR is completely public. GPG is critical to security.
-
only send your address unencrypted. use your key for everything else.
what the fuck is your deal? you're trolling these forums offering no useful information/insight.and with the name u have ur lucky u havent been banned yet. nobody here likely beleives that u really are the DEA so why go around acting like a cockhead? as far as im concerned you're only one step above that eeee/tbbssecurity motherfucker. go smoke a pole somewhere else and fuck off.
-
only send your address unencrypted. use your key for everything else.
what the fuck is your deal? you're trolling these forums offering no useful information/insight.and with the name u have ur lucky u havent been banned yet. nobody here likely beleives that u really are the DEA so why go around acting like a cockhead? as far as im concerned you're only one step above that eeee/tbbssecurity motherfucker. go smoke a pole somewhere else and fuck off.
I don't know, I think USAdea is offering a great public service here at SR. If you just look through all this posts and then do the exact opposite of what he says, you've an awesome guide on how to do SR properly.
-- Agent Pine