Quote from: Magic Moments on December 18, 2012, 05:49 pmFrom what we have been reading on the forums, even if Silk Road had been compromised, as long as the users are following the rules about PGP and the vendors are being safe there should be no real problem for us. Is this true? I mean, even if it was the pigs running the site now, what could they really do?The problem with your scenario is that, according to multiple vendors who have posted about this, somewhere between 75 and 90% of buyers do NOT use PGP to encrypt even their shipping address information. I have seen multiple threads where vendors have lamented this fact, and wondered aloud why it is that so many people simply refuse to do the right thing, and use PGP? Some vendors on here just refuse to use PGP, and insist that their customers use dodgy sites like Privnote.com. A few months back, there was a post by an Aussie gent (Winters86) who made some interesting claims: - They claimed they were from a family with several members who are high-ranking officials within Australian law enforcement. - They claimed to have seen a confidential report discussing potential strategies for combatting sites that vend drugs through the mail, and that use Bitcoin. Silk Road was specifically mentioned. - The two most salient points they made were as follows:  1. PGP is terrifying them, every new user who learns it and helps others learn, closes a possible loophole they where planning to exploit. 2. User ignorance of the technology being used (Tor, PGP etc) is the their single best hope for any kind of serious action against the SR community.  Security / Australian LE Report on BC/SR  on: August 26, 2012, 01:11 AM  http://dkn255hz262ypmii.onion/index.php?topic=38319.msg431562#msg431562 I would have thought that the publication of this information would have led DPR to change their stance on PGP -- I had hoped that they might see fit to make its use mandatory. Unfortunately, that was not to be. Many people appear to view PGP as a nuisance, instead of the superb security tool that it is. Without direction coming from the top, it would appear that widespread adoption is simply not going to happen. As much as it pains me to say this, DPR's attitude is actually aiding and abetting law enforcement. The long and the short of it is, that people who have used their heads, and followed best practices, have relatively little to fear. Unfortunately, those people appear to be only a tiny minority. Although the instructions when signing up for a Forum account are quite explicit --warning people not to use a real email address -- nevertheless thousands of people on the site _have_ used real, traceable clearnet email addresses. If the Forum membership database is ever hacked/breached, it's gonna be a literal bonanza for law enforcement. NC