Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - oracle

Pages: 1 ... 7 8 [9] 10
121
Vast majority of users are waiting for the marketplace to open before committing themselves to a forum account. A lot are also hesitant given the events are barely two weeks old, and are browsing as "Guests". When the market opens and starts operating smoothly (which all indications are that it is soon, and will), tons of old users (and new) will influx into both the market and forums. With Atlantis gone, BMR's recent closure and reports of Sheep Market Place being compromised in several ways, Silk Road seems poised to rule the roost again.

122
Security / Re: -WARNING- safe-mail.net, not so safe
« on: October 18, 2013, 03:10:59 am »
All people need to do is stop being lazy and learn PGP. I know it seems intimidating at first but once you wrap your head around it it gets easier. Encrypting your emails with PGP is the way to go..

The crux of the matter. There's no reason NOT to use PGP other then sheer laziness or incompetence. If you're too lazy to figure it out, you will pay the price.
If you're too incompetent or your intellect is inferior to most.. then you shouldn't be involving yourself in things that could/will harm or penalize you legally.

Safe-mail could be be run by the top Mossad and CIA techs for all it matters. If you're using strong PGP encryption, it doesn't matter.. the contents of your communications are safe. And if you're logging into the service via TOR, your location can not be determined.

It is as simple as that.

123
Security / Re: How to Keep the cops out?
« on: October 17, 2013, 05:38:37 am »
I think 'FriendlyChemist' is unfriendly LE and set up DPR for a big scam. Why else would he disappear after being "killed" by redandwhite. They are the same people: confidential informants or cops. Probably thought they could follow the money trail but DPR paid out Technocash through 3rd party and they got nothing, so cops tried again a few months later.

FriendlyChemist and redandwhite were the same person. It was not LE. It was a scam. And completely unrelated to the staged "hit" in Maryland.

124
Off Topic / Re: Fedex tracking is looking suspicious
« on: October 16, 2013, 10:15:34 am »
Ok so Monday I mailed out 6 packages via fedex. All 6 packages were dropped off at different fedex drop boxes within the same city, and all 6 packages were mailed to different houses in the same city, so they should have the exact same tracking update as they were all sent via fedex express 2 day service. However 5 of the packages said they departed the sort facility today at the exact same time while 1 package updated about 1 hour later than the first 5 and it did not say departed, it just updated saying in transit. This seems kind of odd since all the packages came from and are going to the same town with the same 2 day shipping. why would one have a different update time and not say departed like the other 5 but say in transit... is this something to worry about or is it just standard fedex tracking update.
Generally what does the tracking update say if a package has been seized?

Not that it's my business.. but this post is quite revealing. Probably not the best idea to post specifics like this. It's a rather detailed scenario and given that LEAs are watching this forum like hawks..

125
Security / Re: Secure email?
« on: October 16, 2013, 10:10:45 am »
Or send an encrypted message with a privnote link to another encrypted message. Wouldn't be the first time.

126
Off Topic / Re: Fedex tracking is looking suspicious
« on: October 16, 2013, 10:03:13 am »
ok so 5 out of the 6 packages left the superhub yesterday evening and updated that they are at my local sort facility as of early this morning. The other 1 didnt leave the superhub untill early this morning about 12 hours after the other 5. however is still says it is on time for delivery today which seems impossible if it is truly 12 hours behind the the first 5......

You're over-thinking it. Tracking is never perfect. Breathe, your packages will all arrive.

127
Security / Re: Secure email?
« on: October 16, 2013, 10:01:30 am »
By 'thing' I hope you're referring to safe-mail. PGP should be used religiously on the new SR server messaging system regardless.

Remember on the previous site.. many vendors would insist or demand that only sensitive messages be encrypted, and that they don't have the time to decrypt non sensitive information. Frankly, my advice is to ignore that and explain that you will only be using PGP. Even an "are you in stock?" should be encrypted IMHO.

A few extra seconds of a vendor's oh-so-precious time is not something you should accommodate at the expense of your own security. Always assume that any communication can be read and analyzed at any point in time present or future.

128
Security / Re: Secure email?
« on: October 16, 2013, 09:51:13 am »
Yes, should be. Even non personal information should probably be encrypted. Doesn't take any more time on your part.. and you would be amazed the kind of identifiers even seemingly 'non personal information' might potentially reveal.

Your scenario is an acceptable method given both your safe-mail password is complex, your PGP password is extremely complex.

There's no point in even starting an email with "Hi.. sorry I've been busy with work/family (whatever). Here's my address and shipping information -----BEGIN PGP MESSAGE----- etc"

It should be more like:
-----BEGIN PGP MESSAGE-----..etc  and nothing else. Encrypt your pleasantries.. you'll be better served.

129
Off Topic / Re: Fedex tracking is looking suspicious
« on: October 16, 2013, 09:46:27 am »
FedEx is well aware (as is UPS, USPS, DHL, Royal Mail, Aust Post ..etc) that people use them to ship contraband. While it's true they don't need a warrant to open packages (as they're a private company), they're also in the business to make money. Time = money, and reliability = money. As one poster said, they don't have the time to be opening packages (unless it's a blatant attempt to mule drugs) and quite frankly know that if they go down that slippery slope of playing police and opening packages.. people will not use their service. They're shipping packages for profit, not to enforce laws. From my understanding, FedEx also has resisted attempts by the authorities in the past to open up packages "suspected" to contain drugs because they know the bad press will hurt their bottom line.

That said, USPS absolutely *does* require a postal inspector to be presented a verified warrant before opening up a package.. and can not do so willy nilly. They're not a private business, they're nearly broke, and short staffed. And again, time = money.

Most processing center employees could not give enough fucks to bother with reporting 'suspicious' packages that might contain drugs.

There are pros and cons of both FedEx via USPS.. but USPS has a slight edge due to the legality involved in opening someone's mail.

Tracking updates have been known to be dodgy and inconsistent with both USPS and FedEx. FWIW.

130
Silk Road Discussion / Re: Reserved vendor names on forum
« on: October 16, 2013, 09:34:50 am »
From the looks of this, seems to be a case of attempted cyber-squatting. How petty.

"transfer the accounts"? Meaning the OP took advantage of this entire unfortunate debacle and registered well known vendor names in hopes to sell them back their names? Please.

131
Silk Road Discussion / Re: Who is the new DPR?
« on: October 16, 2013, 09:10:40 am »
but does this thread have any meaningful purpose other then gossip and guessing games?

Nope, that's its sole purpose.

You'll feel right at home here, Oracle ;)

Touche, sir.

132
Security / Re: Secure email?
« on: October 16, 2013, 08:44:08 am »
Just to put some perspective on how important it is to use PGP in conjunction with a TOR based email service (or email accessed via TOR) -

(taken from the old Cypherpunks mailing list)

"..if we assume that the NSA can factor any number with the speed of the special number sieve, and has 10^9 mips of computing power (doubling every 1.5 years) we can make the following estimations:_1_

Using these assumptions, the NSA could crack a 1024 bit key in ~11 days, a 1536 bit key in 10 years and a 2048 bit key in 26 years. _2_ Note that this would require the full resources of the NSA, however. Thus, even the mighty resources of the NSA could only crack 42 1024 bit keys in 1996

Now, comes 4096 bit. It would take the combined processing power of every computer in the world thousands of years to crack 4096-bit encryption."

Personally I never use anything below 4096 bit PGP encryption. This is in addition to TOR.

Here's the rub (devils advocate) - PGP encrypted data with 4096 bit encryption could still be compromised within seconds. How? Human stupidity. Easy pass-phrase, written down pass-phrase, re-used pass-phrase (lets say you use the same password to access your Gmail. If you're under such heavy scrutiny that some government is diverting resources and funds to find a way to see what you don't want them to see.. they WILL get your Gmail/Facebook/Hotmail/Twitter passwords one way or the other. And they will try those first. So don't), key-loggers, cameras, whatever. And if you're just so important.. then who knows, even thermal/heat detection technology to capture your finger movements on your keyboard from a short distance.
Not to mention decrypting and leaving the plain text lying around/saved...

(I'm by no means an expert in computer security, cryptography, RSA, password entropy etc.. but these stats are pretty basic).

Trust the technology, but never trust the weak link - the user.

tl;dr - no such thing as "secure email". use 4096 bit PGP for anything "secure" and don't fuck around with pass-phrases


edit: shitty grammar


133
Security / Re: Secure email?
« on: October 16, 2013, 07:15:42 am »
Torbox : http://torbox3uiot6wchz.onion
in conjunction with PGP is rather secure.

You're welcome.

134
Security / Re: The OPSEC Reading List
« on: October 16, 2013, 07:13:45 am »
dieAntwoord has posted some useful OPSEC information as well as links. He was kind enough to PM a few useful links a few days back.

Here (clearnet):

http://grugq.github.io/blog/2013/10/09/it-was-dpr/ is the orig post
http://grugq.github.io/resources/ has good info too


Well written and thought out.

135
Silk Road Discussion / Re: Who is the new DPR?
« on: October 16, 2013, 07:09:51 am »
It should not matter. He's a trustworthy individual who's not LE, who was close to the previous DPR.
It is not my place to comment on what threads and posts deserve to be locked (either risking the integrity of SR or compromising the anonymity/security of it's administration)... but does this thread have any meaningful purpose other then gossip and guessing games?


Pages: 1 ... 7 8 [9] 10