Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - kmfkewm

Pages: 1 ... 182 183 [184] 185 186 ... 249
2746
It is pretty apparent that they have done large scale traffic analysis of mail for many years now, but being able to detect contraband in the flow of mail is different than creating topologies of addresses. It is a great reason why vendors should never use the same return address twice though. But then you open yourself up to statistical analysis, look at how much more often this person gets mail from random names in the same state versus the average, why would that be ??? Maybe the best bet is to use a single real return address with one per customer. That avoids linkability if one pack is seized while still allowing for you to not receive mail in suspicious patterns. Of course it also means each vendor you work with needs to have saved somewhere the return address they use for you though.

2747
Well they need to scare people from LSD in some way, I guessing confusing MDPV cannibal zombies with LSD hippies is one way to do it. MDPV is such a shitty drug it has an enormously high correlation with psychosis.

2748
Security / Re: Simple way to make and remember secure passwords
« on: May 29, 2012, 07:36 am »
some things require passwords with a special character some without, that is why past couple years my passwd list has gotten so big.

now i just learned some can use whitespace ...

for simplicity (cut and paste) and security, (i do not need to write it down), a couple ideas.

have you downloaded your car insurance card? is the vin # on it ? copy and paste, maybe add couple *>!.

or a lot of us are on linux. since i found out i can use whitespace with truecrypt--

remembering what line in what file is easier for me than actual 20 character randomness.

so open a random file for example in /usr/src/linux/ablkcipher.c . pick something like

"if (likely(!(walk->flags & ABLKCIPHER_WALK_SLOW)))"

lines starting with #, such as

#include <crypto/internal/skcipher.h>   

are not operable in the script so you can modify to make it stronger and help you remember which line you chose. example

#include <crypto/internal/skcipher.h> <ThisOne>
hidden in plain sight. easier for me to remember file and line and copy and paste

forensics people would likely discover that password after an analysis of your machine shows the frequency and pattern with which you opened it, then they could just diff it and assume this one is a password. They try to make a time line of all of your actions, and it is going to look strange if they discover that you always open some random file with <thisone> in it prior to doing things that require a password to be input. 

2749
Security / Re: Privnote is disabled when I use Tor for SilkRoad
« on: May 29, 2012, 07:28 am »
Well this is probably a good sign. There is no doubt there are people on a task force after SR and they probably go after a lot of these msg srvcs like tormail, hushmail, and privnote.  At least if LEO is trying to engage SR, this shows you their current low-level in the cat and mouse game.

LEARN PGP! I know If this place is still here in 2 months, I will be learning it because Im gonna be a vendor.

LE has already pwnt two drug forums through Hushmail handing over decrypted E-mails, only completely retarded people continue to use Hushmail
EVERY SINGLE MESSAGING SERVICE THAT HANDLES ENCRYPTION ENTIRELY SERVER SIDE IS COMPLETE AND UTTER TRASH

2750
Oh and just so you know if privnote  cooperates with the feds, it wont be illegal for them to view your allegedly self destructed communications with no warrant 180 days after you send them if they argue that they are essentially E-mails. E-mails require no warrant for interception if they are on a server for longer than 180 days, and there is no law saying an E-mail provider needs to delete E-mails entirely after you select to delete them.  Another little "a wiretap, but not a wiretap" loophole in the USA law.


2751
Someone in another thread mentioned that privnote is an additional layer of trust with no purpose. I think this statement deserves a full thread. Privnote decreases your security versus sending your address in plaintext. The entire design is flawed from the bottom up. Now your sensitive information is on the privnote server. They can access it. You send the link to it on the SR server. Anyone who pwns the SR server can intercept the non-encrypted privnote url and do a MITM attack, being the first person to read the original message they can then make a new message that copies it and forward THAT url on. You have added absolutely no security and have reduced your security by sharing your address and order with privnote for fuck knows what reason, because they have a catchy name and people want to play spy with "self destructing" notes I guess.

If you want to play spy you should use real tools like GPG that actually work for their intended purpose when used correctly. Failing that, you should just send your address in the clear because at least then only someone who pwns SR can intercept it, and SR is a hidden service drug forum running on an at least semi-secured server.

 

2752
All of the high tech mail scanning gear I have seen is completely impractical for use in mass scanning. Systems that can detect drugs in a package with 100% certainty are not so scary when you learn that it takes them five minutes to scan a single package. I am sure they will continue to make technological improvements in this area, and maybe some day it will be practical for them to automatically scan every piece of mail for contraband, but right now this technology is rarely used outside of prisons and for scanning mail that has already been set aside for more thorough analysis after it was flagged for other reasons. 

Their nuclear and biohazard scanning equipment seems to be much better from the technical papers I have read on them, versus what I have read about drug scanners. They want to be able to detect radiation and biological attacks with extremely high precision, and apparently are capable of doing so in some cases. On the other hand bombs are still mailed through, and anthrax has been but they totally revamped their biological attack detection systems after that happened. Their counter terrorism equipment seems to be much better, but still apparently has limitations. 

2753
Most of you have probably used drugs that were inside of assholes or other body orifices at some point in time, probably even a few different peoples.

2754
Off topic / Re: What a bunch of losers on this site
« on: May 29, 2012, 01:59 am »
Obviously a troll..fuck off and go do something productive with your life besides posting worthless shit that nobody want's to hear.

Not that obvious really

2755
Security / Re: tails livesys + proxychains
« on: May 27, 2012, 08:13 am »
Tor is on port 9050

2756
Shipping / Re: airlines
« on: May 27, 2012, 04:19 am »
Airports are risky to smuggle things through if you carry them on your person, but people do get away with it. I think it would be much safer for you to simply open up a box when you get there and have someone mail it to you.

2757
I find your story unlikely, if you contacted USPS about the package it would imply about as much guilt as signing for it and you would likely still be charged and arrested. Usually when a package is sent to the wrong address it means one of two things, the vendor scammed you and wants to lower the chances that you will complain about it, or they accidentally screwed up who they gave tracking to or sent a package to.

2758
http://www.fbi.gov/dallas/press-releases/2012/fbi-and-u.s.-postal-inspection-service-announce-reward-for-information-leading-to-the-arrest-and-conviction-of-the-person-s-responsible-for-the-recent-mailings-of-white-powder-letters-in-the-north-texas-area

actual link contains pics and other stuff

Quote
Kevin F. Kolbye, Acting Special Agent in Charge, Dallas, Federal Bureau of Investigation (FBI), and Randall C. Till, Inspector in Charge, Fort Worth Division, U.S. Postal Inspection Service (USPIS), announce a reward of up to $150,000 for information leading to the identification, arrest, prosecution, and conviction of the person(s) responsible for the recent mailings of letters containing white powder in the Dallas/Fort Worth area. The reward flyer is posted below.

During the week of May 7, 2012, over 20 letters containing white powder were received by early childhood development centers, elementary schools, and an aerospace-related business. These letters were received in Texas and several other states. The FBI, USPIS, local law enforcement, and local fire department hazardous materials teams responded to each location and field screened the letters for the presence of toxins or poisons. To date, none of the mailings have contained hazardous materials.

Each letter was sent through the U.S. mail and featured a postmark from North Texas. It is highly likely these letters were sent by the same person responsible for mailing over 380 letters, beginning in late 2008, each of which contained a non-hazardous substance. This person has sent letters to elementary, middle, and high schools; day care centers; churches; government offices; U.S. Embassies abroad; restaurants; and other private businesses. A sample letter is posted below.

The author has and continues to reference subjects such as al Qaeda and the Nazi SS, which is believed to have been included for shock value rather than to express any sincere sympathy or affiliation. In a recent letter, he used the terms “Scooby Doo” and “triple dealer spy” and made reference to CIA counterintelligence and FBI internal affairs.

The sender has taken steps to conceal his activities and prevent law enforcement from finding physical evidence of his crimes, including his fingerprints. A flyer announcing the reward along with possible details about the subject has been posted on the Dallas FBI website (www.fbi.gov/dallas) and on the USPIS website (postalinspectors.uspis.gov).

Although mail is screened for toxic substances prior to delivery, the public is reminded to take the following precautions should they open a piece of mail with a powdery substance in it.

    Leave the immediate area where the powder was spilled but keep yourself separated from individuals who have not been exposed to the powder. Do not attempt to clean up the powder and do not move the letter. Isolate the area where the spill has occurred.
    Wash hands immediately.
    Call 911 and advise them of the receipt of the mailing.
    Remember, all instances of white powder in this matter have tested negative for a toxic substance. The white powder, however, should still be handled with caution until verification of its lack of toxicity is received.


Anyone with information concerning these letters should contact the FBI at 1-800-CALL FBI (1-800-225-5324) or by visiting https://tips.fbi.gov.

2759
Drug safety / Re: How to measure mg and g without scales?
« on: May 26, 2012, 11:03 am »
If you have a known starting weight the best way to do it sans-scale is with liquid as sickboy mentioned. Another technique is to powder all of it to a very dusty texture and make equal looking piles on grid paper, but this is much less accurate. You should always use a scale though because unless you weighed it yourself you will not know for certain exactly how much starting material you have, vendors sometimes give extra and with some drugs a few mg extra is too much. With other drugs it is less important though, I never use a scale to measure ketamine because I don't care if I am off by 100 MG.

2760
Drug safety / Re: noob Q
« on: May 26, 2012, 10:59 am »
yes

Pages: 1 ... 182 183 [184] 185 186 ... 249