Silk Road forums
Discussion => Security => Topic started by: Pillows on December 12, 2012, 05:01 pm
-
I just went to place an order from a vendor, put his PGP in and an gmail email address popped up. Is there any way that could possibly be safe at all...?
-
I just went to place an order from a vendor, put his PGP in and an gmail email address popped up. Is there any way that could possibly be safe at all...?
Any vendor stupid enough to use a GMail address DESERVES to get busted. Time to name and shame the cretin.
NC
-
Ugh, why oh why would anyone put a real address in as their e-mail for PGP... Personally I wouldn't work with this vendor. Just my opinion though.
-
It might just be a false/unused address to throw LE off the scent.
Does he advertise a tormail account on his vendor page as well?
Is gmail safe through tor? what if you pgp encrypt the message as well as using tor?
I don't know. What I do know is that it is a scary world out there and every body wants to kill me.
-
Any Google product is the most NON secured thing in the world as Google is a corporation doing nothing but data mining + working tight with every LE agency in the world.
if thatch a real gmail address thats the most stupid thing i have heard around here..
-
If he uses that gmail account through tor each and every time, yes it is exactly as safe as tormail.
That being said, if he knows enough to only ever use it through tor he probably wouldn't be using gmail at all.
-
If he uses that gmail account through tor each and every time, yes it is exactly as safe as tormail.
That being said, if he knows enough to only ever use it through tor he probably wouldn't be using gmail at all.
Exactly. The account would not only have to be setup through Tor, but would have to be accessed each and every time though Tor. Forget once, and Google has your real IP address. A further complication is that that Google keeps track of IP addresses used to access the account. If your IP address changes too often, e.g. originating in different netblocks, Google may insist that you use two-factor authentication, usually by sending a code to a mobile phone. That kinda defeats the purpose of using Tor.
Bottom line: avoid Google like the fucking plague.
NC
-
My PGP key has an aol address (something like Frank17@aol.com) which is a totally made up address, i have no idea if its even real...its not my address.
No idea if this vendor is doing that, maybe its his his real gmail address, who knows, but just saying it might just be a BS address.
-
I'm gonna give the dude a second to explain himself before I post his name since he's just starting out and I don't want to hurt his reputation if it's something that is insignificant. Waiting for a message back about it right now