Quote from: onesickpuppy on July 10, 2013, 11:38 pmQuote from: paxpax on July 10, 2013, 11:26 pmAn interesting idea for an attack and I would imagine successful. I would think that if the DEA had ownership of the site they would simply shut it down. However should I be wrong, than an easy way to combat this type of attack is register ones key at any of the pgp key registries. Users would pull the key (based of a torrified email address) and use that rather than what is posted on SR. I highly doubt vendors would go through the trouble though. Would be nice though.I don't think they would shut it down immediately. They would collect as many addresses and communications as possible, sort them by highest purchase and then in one fell swoop, go after the biggest purchasers, and then shut SR down all in parallel in a shock and awe maneuver. This is what they do with CP sites, let peds go about their business, until enough info is collected. Yep. That appears to be their typical MO. Quote from: onesickpuppy on July 10, 2013, 11:38 pmAlso the problem with key registries is that they are centralized and are subject to infiltration by LEA. They could simply change any public keys stored in any central place should they identify any of them as being the ones from SR vendor pages. Who the hell periodically checks that?Folks just be careful okay?Part of the problem about the authorities changing keys on keyservers, is that there would have to be a coordinated effort -- ALL of the keyservers would have to have the keys changed. Remember not all the keyservers are in the U.S. Tampering with this would be risky... eventually SOMEONE would notice, and the jig would be up. FWIW, I check my keys periodically, to make sure they haven't changed on the keyserver. (I have, on occasion, noticed dubious signatures have been added to some of my keys, but that's the extent of the changes that I have ever observed take place, and that's over the course of a decade..)Nightcrawler4096R/BBF7433B 2012-09-22 Nightcrawler <Nightcrawler@SR>PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB8F1D88EBBF7433B   MIT clearnet keryserverPGP Key: https://keys.indymedia.org/pks/lookup?op=get&search=0xB8F1D88EBBF7433B  (IndyMedia https: clearnet keyserver)PGP Key: http://qtt2yl5jocgrk7nu.onion/pks/lookup?op=get&search=0xB8F1D88EBBF7433B (IndyMedia .onion keyserver)PGP Key Fingerprint = 83F8 CAF8 7B73 C3C7 8D07 B66B AFC8 CE71 D9AF D2F0