Silk Road forums
Discussion => Security => Topic started by: dreamxweaver on October 22, 2012, 05:37 pm
-
So, since it shows up at page 1 when searching for pgp encryption I bet many people have seen and thought about it.
They say nothing gets stored. It's fast, no (illegal) software needed.
But, is it safe? Does anyone know more about this site? Or willing to share thoughts?
Probably lots of people use it and all kinds of confidential info was send through there. I'm just not so sure about it not storing stuff, since TEXT needs to go into a database to be translated into 1010 (for example) right?
Then again.. who knows what kinds of information is stored/send by legit software cracked by an undetected cracker with a virus...
-
So, since it shows up at page 1 when searching for pgp encryption I bet many people have seen and thought about it.
They say nothing gets stored. It's fast, no (illegal) software needed.
But, is it safe? Does anyone know more about this site? Or willing to share thoughts?
Probably lots of people use it and all kinds of confidential info was send through there. I'm just not so sure about it not storing stuff, since TEXT needs to go into a database to be translated into 1010 (for example) right?
Then again.. who knows what kinds of information is stored/send by legit software cracked by an undetected cracker with a virus...
This has been discussed time and again on here. There are no less than 38 posts that mention igolder.com.
If you're too lazy to learn to use PGP on your own box, go ahead and use igolder -- it's your funeral. Don't expect any mail from us when you're in prison.
-
No it is NOT safe. Any encryption done by a third party is not safe. This goes for privnote, igolder, etc. It requires you to send your information to them. You don't know what they do with it. It's very well possible they store it, or even share it with the police.
Either use PGP correctly (gpg4win on windows, gpg through the command-line on Ubuntu), or do not use PGP at all, and send your address to the seller unencrypted.
-
first, i am not saying that i recommend the site... but i do have a question i am curious about peoples opinions on
obviously this is a horrible idea to unencrypt anything because it would require a private key which completely negates the point of a private key
but do others think it is actually safer to put an address in clear text into SR rather than using a software like igolder?
even if you did put in your address, and they happened to save it... as long as the only thing they had was your address and you didnt mention anything else, it kinda seems to me i would rather let them have the address than for the SR servers to potentially store my address unencrypted
again i am not saying either is safe and i think people should set up their own encryption, i just was thinking about which would be the lesser of two evils
-
Interesting question. I guess it all gets down to who you trust more, SR or igolder.
If you send your address to your seller unencrypted, the address will be on the Silk Road database unencrypted, at least for some time. This means the Silk Road operators can -theoretically- freely read it.
If you send your address to igolder (or privnote), the operators of those sites can freely read it, but SR can't.
So if you don't use proper PGP, it's a question of who you want to have your sensitive information. In that case, I'd opt for SR because the risk of it being a honeypot set up by LE is a lot smaller. Also, SR is a hidden service, while igolder and privnote are clearnet sites. This means LE can issue a warrant for the servers of those websites, but for SR they can't because they don't know where the server is located.
So in that case I'd argue that your address is safer on SR than on privnote/igolder.
-
If topics were on here earlier, it;'s not always easy to search and find answers to specific questions.
Plus, what's wrong with popping up new threads about it?
igolder can be used by anyone. Anyone can enter a random name, address etc. so even if they would show/sell it to cops, how would anyone know what it is used for? Unless ofcourse, the cops search the public keys on SR. But that takes a shitload of time and money.
gpu4win is not working for me atm. So I use pgpdesktop, which works fine by me.
In any case, anyone can encrypt something at any place, and since it doesn't have to be their address, who can ever in a million years prove that it was you who encrypted it on igolder?
Remember: sometimes same questions can be buried within a forum. Or could be outdated. So stop bitching about it, unless the exact same question pops up several times within 1-3 pages.
Either give your thoughts about the question or shut up about the search function. I'm not a complete moron ok?
-
I would recommend just downloading PortablePGP, its very easy to use.
iGoulder might be working with LE, you never know. They could have their computers set up to log every encryption that uses the public key of sellers on SR, since these keys are freely available for anyone with a computer to get. They can then give your address to LE.
Its highly unlikely that they will do this 1) iGolder is an established trading company much older than SR and 2) LE wants to find the sellers, not buyers. Buyers can't give LE any information about the seller that they can't find by simply joining SR and reading the sellers profile there is really no point. They also are going to have a hard time getting any kind of warrant based on the fact that you encrypted you address with someone's public key, they can't even prove you sent them you address and they can't prove you were buying anything illegal. Its legal to buy things on SR as long as the thing you are buying is legal and its legal to send your address to someone in an encrypted format even if that person is a known drug dealer.
In the end, its your choice. Its faster to use gpgtools or portablePGP once you get them set up anyway because you can use a keychain and everything and have your own key.