Quote from: P2P on May 16, 2013, 02:16 amWhile I do think perhaps you are overestimating the LEAs investigating (if they even are, actively) this site, I think that overestimation of the enemy is always a good thing, especially when considering best practices for personal safety.I'm just wondering about that last little paragraph you wrote at the end of #1. Are you saying since they can associate the PGP with a forum name that using a PGP associated with your forum name is not best practice? Only if you are also using the same username or PGP public key on your SR account. It's like this:If you're called Alice on SR, you should have a public key for Alice, with the name field as "Alice". On SRF, you should be called Bob, and have a separate public key for Bob, with the name field set to "Bob".A clean separation of identity. Many people don't realize their PGP keys are not intended to be anonymous by default which is why I wrote the Anonymous PGP tutorial in my sig.Quote from: P2P on May 16, 2013, 02:16 amBecause I don't know how linking a PGP message to a forum name helps them at all. In every post, we are consciously making an effort to maintain our anonymity. LE can read every post I've ever made here; it will not help them. And I assume it is the same in your case, in DPR's case, in everyone's case. So I don't really understand why that's an issue. They can tie the PGP to a name, but so what? They can't decode the message to get any sensitive information (which is what we use PGP for), so I'm not sure why it's a bad thing that they can "connect" the message to a name. The issue is that if you goof up somehow, and you're a vendor, they still don't have your SR identity so you cannot be prioritized for deanonymization. Another reason is that if they link your SR and your SRF accounts, they can perform stylometric attacks to deanonymize you if they suspect they know your real identity and have a bunch of text elsewhere you've written up.Not many people realize that stylometric attacks are capable of being scaled up, it seems like science fiction but it is not. The public is simply not aware of the Orwellian nature of the technology and ignorant of its rapidly advancing sophistication.The fact of the matter is that if the The Federalist Papers were written today, the authors would have been hounded and vilified by opponents. Truly free speech is becoming a truly rare commodity.Finally the best reason is that there is no reason to give any more information to the enemy than is necessary. Who knows how they shall use it, but let's not find out.Quote from: P2P on May 16, 2013, 02:16 am"Connecting" things doesn't necessarily mean you're really solving anything. If a package is seized and is "connected" to the business you put on as the return address, and LE pursues that, it will be a textbook dead end. Same thing here.Actually it is not. If LE continue to collect packages with the same or similar return addresses, they shall present this information at any trial as evidence of the volume the vendor was processing.