Silk Road forums
Discussion => Security => Topic started by: Mcrad on May 01, 2013, 10:52 pm
-
Hey guys, just wanted to do a poll on tormail vs. riseup email services,
riseup doesnt use a .onion URL. though RiseUp uses a setup where you must either know 2 members already using riseup, or submit a small paragraph on why you would like to be a part of the riseup community. which was brought the question into my mind...
WHICH IS ACTUALLY SAFER?
(safety is my main concern as it should be with all my fellow roaders)
-
bitmessage is worth a look.
send me a mgs
BM-optYPKsVBXbEz72wftTg5rB14gX7XBP4J
Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers.
-
Hey guys, just wanted to do a poll on tormail vs. riseup email services,
riseup doesnt use a .onion URL. though RiseUp uses a setup where you must either know 2 members already using riseup, or submit a small paragraph on why you would like to be a part of the riseup community. which was brought the question into my mind...
WHICH IS ACTUALLY SAFER?
(safety is my main concern as it should be with all my fellow roaders)
All are as unsafe as each other by default.
All are as safe as each other when accessed through the Tor Browser Bundle, and using PGP to encrypt all communcation.
- grahamgreene
-
Hey guys, just wanted to do a poll on tormail vs. riseup email services,
riseup doesnt use a .onion URL. though RiseUp uses a setup where you must either know 2 members already using riseup, or submit a small paragraph on why you would like to be a part of the riseup community. which was brought the question into my mind...
WHICH IS ACTUALLY SAFER?
(safety is my main concern as it should be with all my fellow roaders)
All are as unsafe as each other by default.
All are as safe as each other when accessed through the Tor Browser Bundle, and using PGP to encrypt all communcation.
- grahamgreene
I noticed Gmail was an option in the poll, don't use GMail with TOR. I've had others tell me they've ended up getting locked out of their accounts because Gmail has a security feature that will try to lock accounts if you are trying to access it from so many random IP addresses around the world because it looks like someone is trying to hack into the account from an unusual location. I recommend Tormail, especially because the location of the tormail server is unknown just like SR. So it makes it less likely to be seized for LEO to be able to view the contents. And hopefully they use full disk encryption on the server anyways. But no matter what...use PGP to encrypt any sensitive info or any information that may identify yourself.
-
I noticed Gmail was an option in the poll, don't use GMail with TOR. I've had others tell me they've ended up getting locked out of their accounts because Gmail has a security feature that will try to lock accounts if you are trying to access it from so many random IP addresses around the world because it looks like someone is trying to hack into the account from an unusual location. I recommend Tormail, especially because the location of the tormail server is unknown just like SR. So it makes it less likely to be seized for LEO to be able to view the contents. And hopefully they use full disk encryption on the server anyways. But no matter what...use PGP to encrypt any sensitive info or any information that may identify yourself.
Gmail will ask you to solve a captcha then ask you to confirm that you're the owner of the account by answering your security questions / confirming your identity via text message. There are a number of ways to receive text messages online without actually possessing a phone so that's not a problem, just an annoyance at times.
As far as Tormail being less likely to be seized by Law Enforcement Organisations, that may very well be the case; however, it is also entirely possible - and entirely plausible - that Tormail is actually run by law enforcement.
As I mentioned above, people are generally far too comfortable with Tormail and fail to encrypt their sensitive and incriminating messages because they think Tormail is safe. That makes it the perfect opportunity for law enforcement to grab some low hanging fruit.
Never underestimate the enemy; always overestimate their abilities and zeal, and modify your behaviour to reflect that overestimation. PGP should be used for ALL messages regardless of their content, especially when discussing illegal business. The number of people that get caught doing various things that they shouldn't be as a result of information that they did not consider pertinent is very high indeed.
- grahamgreene
-
bitmessage is worth a look.
send me a mgs
BM-optYPKsVBXbEz72wftTg5rB14gX7XBP4J
Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers.
Bitmessage is great ! Dont forget to torify it via Settings -> Proxy. Otherwise you could leak your IP!
-
I noticed Gmail was an option in the poll, don't use GMail with TOR. I've had others tell me they've ended up getting locked out of their accounts because Gmail has a security feature that will try to lock accounts if you are trying to access it from so many random IP addresses around the world because it looks like someone is trying to hack into the account from an unusual location. I recommend Tormail, especially because the location of the tormail server is unknown just like SR. So it makes it less likely to be seized for LEO to be able to view the contents. And hopefully they use full disk encryption on the server anyways. But no matter what...use PGP to encrypt any sensitive info or any information that may identify yourself.
Gmail will ask you to solve a captcha then ask you to confirm that you're the owner of the account by answering your security questions / confirming your identity via text message. There are a number of ways to receive text messages online without actually possessing a phone so that's not a problem, just an annoyance at times.
As far as Tormail being less likely to be seized by Law Enforcement Organisations, that may very well be the case; however, it is also entirely possible - and entirely plausible - that Tormail is actually run by law enforcement.
As I mentioned above, people are generally far too comfortable with Tormail and fail to encrypt their sensitive and incriminating messages because they think Tormail is safe. That makes it the perfect opportunity for law enforcement to grab some low hanging fruit.
Never underestimate the enemy; always overestimate their abilities and zeal, and modify your behaviour to reflect that overestimation. PGP should be used for ALL messages regardless of their content, especially when discussing illegal business. The number of people that get caught doing various things that they shouldn't be as a result of information that they did not consider pertinent is very high indeed.
- grahamgreene
+1