Silk Road forums
Support => Feature requests => Topic started by: malacath on October 22, 2012, 02:44 am
-
I would like to see, in the window n your cart where you enter your address, a built in application that allows you to copy and paste a vendors PGP public key into a separate window and have SR automatically encrypt the plain text address you enter. I'm not sure if this compromises security, but it would be nice if it doesn't.
-
This should easily be doable with a Javascript; since it's all client side there wouldn't be any compromising of security. An example of such an implementation can be found here:
http://www.hanewin.net/encrypt/
-
This is indeed possible with javascript and there are working examples.
However I would not use it. If law enforcement took over the silk road servers they could inject hostile javascript to defeat the encryption. I would continue to use built from source code gpg on my own secure operating system.
Browser code is always trusting what the server sends you.
-
This is indeed possible with javascript and there are working examples.
However I would not use it. If law enforcement took over the silk road servers they could inject hostile javascript to defeat the encryption. I would continue to use built from source code gpg on my own secure operating system.
Browser code is always trusting what the server sends you.
Hear, hear! +1
-
I would like to see, in the window n your cart where you enter your address, a built in application that allows you to copy and paste a vendors PGP public key into a separate window and have SR automatically encrypt the plain text address you enter. I'm not sure if this compromises security, but it would be nice if it doesn't.
Unfortunately, the problem is that it _does_ compromise security, as StrangeHands has explained. The best place to encrypt your own data is on your own box, using software that you installed, and control. If the encryption is done server-side, then the server has your real address info, for a short period at least. Even if the encryption is done client-side, a modified Java applet could compromise your security in much the same way as was infamously done with Hushmail about 5 years back.
The _only_ safe way to proceed is to paste the already-encrypted data onto the server; that way, there is little to no chance of compromise.
-
Unfortunately, the problem is that it _does_ compromise security, as StrangeHands has explained. The best place to encrypt your own data is on your own box, using software that you installed, and control. If the encryption is done server-side, then the server has your real address info, for a short period at least. Even if the encryption is done client-side, a modified Java applet could compromise your security in much the same way as was infamously done with Hushmail about 5 years back.
The _only_ safe way to proceed is to paste the already-encrypted data onto the server; that way, there is little to no chance of compromise.
This very attack vector was used on an online bitcoin wallet site. The wallet site generated your private bitcoin keys on your system, encrypted them with your password on your system, and signed all transactions on your system. Safe right? Nope, one day the site got hacked and malicious javascript was injected to do the exact same thing as normal, but also send back the private key in plaintext.
Result, many people lost a lot of bitcoins and some clever hacker can now buy drugs for the rest of his life.
The company that got hacked was honest so I will not mention their name. I will mention blockchain.info which provides a similar "on your computer" javascript based wallet, when this went down they went out of their way to make a browser plugin that will warn you when the javascript has changed from the authorized code.
Most people need to trust repositories for making sure the software has not been tampered with, and this is decent security.
I am in the privileged position of being able to read the blockchain.info code myself and vet it personally. I am a bit of a geek.
The exact same attack used against bitcoin can be used if someone compromises the silk road to read addresses if a system such as you propose is implemented.
You should NEVER outsource your security. Delegate anything else in your life, but take security into your own hands.
-
good thought