Silk Road forums

Discussion => Security => Topic started by: EarlyCuylerTOR on April 06, 2013, 08:25 pm

Title: Custom Listing A .onion.to Link?
Post by: EarlyCuylerTOR on April 06, 2013, 08:25 pm
Just curious if this is ok security wise.  Haven't run across it before.  Had a custom listing link sent to me as a xxxx.onion.to link.  I just changed the link and opened it through Tor normally.  Is everything ok then?
Title: Re: Custom Listing A .onion.to Link?
Post by: EarlyCuylerTOR on April 06, 2013, 08:40 pm
Yeah that was my concern as well.
Title: Re: Custom Listing A .onion.to Link?
Post by: uyjulian on April 06, 2013, 11:45 pm
yeah delete the .to and everything should be normal.
Title: Re: Custom Listing A .onion.to Link?
Post by: NW Nugz on April 07, 2013, 02:41 am
Be sure the Silk road address is exactly correct. The .to could be a distraction so you will not notice another trick? probably not though.
Title: Re: Custom Listing A .onion.to Link?
Post by: EarlyCuylerTOR on April 07, 2013, 12:22 pm
Quote from: NW Nugz on April 07, 2013, 02:41 am
Be sure the Silk road address is exactly correct. The .to could be a distraction so you will not notice another trick? probably not though.
 

Good thinking.  I'm checking now. 

It's the correct site, just strange I suppose.  Maybe the vendor was doing it to ease his use of SR.  He never answered why when I questioned it though.  Used this vendor before with no problems so I assume all is well.  Just one of those things that make you question.
Title: Re: Custom Listing A .onion.to Link?
Post by: grahamgreene on April 09, 2013, 01:36 am
Quote from: EarlyCuylerTOR on April 06, 2013, 08:25 pm
Just curious if this is ok security wise.  Haven't run across it before.  Had a custom listing link sent to me as a xxxx.onion.to link.  I just changed the link and opened it through Tor normally.  Is everything ok then?

I would never buy from a vendor that utilises onion.to instead of the Tor Browser Bundle. While it's always possible that they are accessing onion.to through a VPN, I simply would not trust a vendor that doesn't even take the most BASIC security precautions - after all, if they're not even willing to protect their own information, how could you possibly think they would protect yours?

This kind of lax approach to security conjures up images of the vendor printing out addresses to keep a record of who ordered what without having to decrypt a file and just leaving the print-outs lying around, or leaving their Silk Road account logged in when they're not around.
I can almost guarantee that if this vendor ever gets taken down by Law Enforcement that he/she will have a list as long as his/her arm of previous customers and open orders.

Avoid at all costs.

- grahamgreene