Silk Road forums

Discussion => Security => Topic started by: Heyenezz on January 23, 2012, 02:17 am

Title: How would LEO Attack SR?
Post by: Heyenezz on January 23, 2012, 02:17 am
****Don't Delete!!! The arrests and paranoia thread was deleted****

Since safety is important, and we can't be safe without understanding what weaknesses LEO would exploit, we ought to ask how would LEO attack SR?

If they were to attack SR, how could they do so most effectively, and how could we defend against this specific attack most effectively?

Input is much appreciated.

Edit: LEOs already have computer scientists, detectives, the FBI, and the federal apparatus behind them. Any idea we think of has likely been thought of by them already. We're more likely to hurt ourselves by not considering how LEOs could attack SR. Just think about the issue logically.
Title: Re: How would LEO Attack SR?
Post by: zifnab on January 23, 2012, 02:24 am
Your posts to date imply you could *possibly* be LE and even if you aren't, we know they monitor these forums. I suggest no one gives them any ideas to play with.

Heyenezz, i mean no offense by that comment. Just being careful.
Title: Re: How would LEO Attack SR?
Post by: Heyenezz on January 23, 2012, 02:51 am
How do my posts make me seem like a LEO? Check out my post on how to purchase bitcoins securely.

The cops or the experts they work with will understand security better than almost any of us. There are few ideas we could give the police to help them catch us that they have not already thought of. They already have the FBI , not to mention many detectives and computer scientists.


We're more likely to hurt ourselves by not thinking through the questions I posed. The whole reason open source software is more secure than closed source software is because it can preserve security even when everyone knows its design. Truecrypt and Tor are both open source.

If SR can't maintain that level of security, then this site is likely doomed.


Title: Re: How would LEO Attack SR?
Post by: a_blackbird on January 23, 2012, 03:18 am
TL;DR - Don't be sloppy.  Human laziness is our biggest security hole.

In another thread, someone mentioned that if a few buyers and sellers got busted, it would scare everyone else off before LE could make a case against more people.  So one thing to think about is what the end goal of an LE action would be - would they set out to find the SR server(s) and bust the admins, an operation that would be much more time, money, and manpower intensive - or would they be content with sowing sufficient seeds of FUD (by making a few busts, making an example of those people, and publicizing the fuck out of it) such that the SR economy and community would dry up on its own?

My 0.02 BTC, which is nothing but pure speculation:

While I think that the DEA probably has a serious hard-on for trying to find out who runs SR and where the servers are, I think there have to be sufficiently technical people inside the DEA to know that tracking down where the servers are and who's running them is impractically difficult.  Even if the pigs knew where the servers were, they might not even be subject to US jurisdiction - for all we know, they could be in China.  (Well, OK, probably not China, given the Chinese attitude towards Tor - but you get the idea.)  So unless someone accidentally or intentionally leaks information (how many people even have information to leak?) that somehow leads back to SR admins or servers, I don't see them wasting resources here.

Technically, I think it would be fairly easy for LEO to go after buyers, should they choose to do so - create a seller account, sell something to someone, and bust them.  Arresting a buyer might make some oinker's stats look good, but because of the distributed nature of the Internet, it's likely going to have to be a federal operation, not some city/state bacon department, and due to the anonymity factor, the buyer wouldn't be able to lead them back to the seller, so I just don't see this as all that likely, either.  That said, LEO might still create a seller's account, and they might get lucky and stumble on a buyer that wants to purchase large quantities for resale.  However, any buyer that orders up 100 grams of molly from a new seller that has no transaction history might as well just turn himself in and save everyone the trouble.

Going after the sellers isn't going to be easy, either, unless the sellers get sloppy - obviously any return address that appears on someone's package isn't going to be real, so LE could purchase a whole bunch of packages from a bunch of different vendors and it wouldn't really tell them anything other than "damn, there are drug dealers all over the world." 

That said, at the risk of stating something absurdly obvious, if there are any sellers out there that have ever been fingerprinted (not just for an arrest, but anything that would cause your prints to end up in a central database somewhere, such as getting a teaching certificate, a security clearance, etc), you would be well advised to make sure that your fingerprints are nowhere on your packages.  One thing that LE could do fairly easily would be to start buying up packages from different vendors and testing those packages for DNA or fingerprints.  It would seriously ruin your day if some trivial arrest for jaywalking 5 years ago turned into a 15-20 year sentence for drug trafficking just because your thumbprint was on a piece of bubble wrap.

I can think of all kinds of other vectors for LE to cause problems for people - but they're all similar to the one I just mentioned and they take advantage of the same basic security flaw in every system - human laziness.  That's our biggest security hole.  People need to be mindful of the tracks they're leaving or not leaving.  They need to be mindful of what data they are storing (should not be any!) and think about what would happen if the cops busted in their door right now - what would the pigs find, and what would it lead to?  There have been enough pissing contests on here between assorted people who claim to know all kinds of shit about computer security - and that's all nice and interesting (and amusing to watch at times) - but the bottom line is that staying safe, keeping this community going, and keeping your ass out of the pokey is much more reliant on good operational practices than it is on making sure you've got the latest whiz-bang computer security features enabled.  I don't mean to downplay the need for encryption, network isolation, strong passwords, and all of that shit - but using those tools *properly* is the most important thing.  The fact that you use PGP doesn't mean shit if you have a 5-character passphrase.
Title: Re: How would LEO Attack SR?
Post by: zifnab on January 23, 2012, 03:35 am
The fact that you use PGP doesn't mean shit if you have a 5-character passphrase.

Thats so true.

@Heyenezz: Hey, i said no offense, right? Yeah, you're more recent posts are admittedly more in the spirit. I just don't think we should start posting up elaborate scenarios in which *they* win.

a_blackbird is spot on about laziness being the deadliest flaw. In my case, i'm doubly protected by geography but most of you aren't, so it's just common sense to take whatever precautions you can and be consistent about it. A saying about 'fruit' and 'low' comes to mind...
Title: Re: How would LEO Attack SR?
Post by: kmfkewm on January 23, 2012, 03:42 am
two attacks are very attractive:

human intelligence gathering massive amounts of customer addresses, this would be done via a nym flooding attack with persona management software allowing a small team of agents to operate hundreds or even thousands of distinct personalities / nyms on SR.

Membership observability of the Tor network if bridges are not used will allow any attacker who can monitor some of the Tor directory authorities to enumerate Tor client IP addresses. If such an attacker also orders from vendors here to get postmarks, they could intersect the list of people who live in a certain radius of where the package was sent from with the list of all Tor users, and probably majorly hurt vendor anonymity. This would then need to be followed up on with small surveillance team operations monitoring all of the potential suspects looking for patterns associated with participating as a vendor on silk road. Or simply monitoring of their mail boxes until a dog hits on a pack and they get a warrant to raid and get all the other evidence that they are participating as vendors. Tor doesn't hide the fact that you are using it (unless you use bridges) and the postal system doesn't hide the rough geolocation of the person who sent a package...when those two crowds are intersected the third crowd produced may be (will likely be) small enough for surveillance operations to narrow in on the vendor. In many cases they may not even need to watch more than one person, particularly if the vendor lives in a small rural area and ships from near it.

I see these as two of the most likely attack scenarios. A third likely attack scenario is the monitoring of bitcoin exchanges since about 90% of people here (my estimate) are not properly using Bitcoin and think that it is inherently anonymous when in reality the transaction history is inherently entirely public and fully linkable, making it quite unanonymous unless additional measures are taken.

A fourth likely scenario is the compromise of the SR server, either after it is traced (people here are putting far too much faith in the anonymity of Tor hidden services, when in reality they can be traced with fairly little effort / skill level / legal power / some combination) or after it is remotely pwnt by hackers (people here are also putting too much faith in the SR admins security abilities, and he is putting too much faith in Tor and Bitcoin although he is probably himself fairly safe as a Tor client if he knows how to further anonymize bitcoin). After the server is pwnt the attacker could simply harvest addresses for a few months and interpol could coordinate a fairly tremendous international operation against large numbers of people who do not use GPG to encrypt their addresses. Or they might even try to MITM people who use GPG encryption, measures need to be taken against this as well.

I think those are the four most likely things that will happen. You can protect yourself from all of them but I doubt more than 5-10% of the users here are. Most of the people protected from these sorts of attack are from the private forum scene also, most likely, we have groups who have been working on their security and operating techniques for over a decade now after all....some of us are pretty close to being almost impossible to bust other than by human intelligence (ordering product from a fed) or surveillance (ordering product from someone who ordered product from someone who ordered product from a fed, if they do a long term multi-jurisdictional surveillance operation without actually inserting their own malicious nodes into the network. Using fake ID boxes and counter surveillance techniques can make this more difficult / expensive for them to do, but it is really hard to protect from surveillance of identified physical product routes). We are currently working on developing hardware that will detect essentially all interceptions, that idea will turn out to be a massive leap in security for us since interception is currently also one of the biggest risks involved with this.
Title: Re: How would LEO Attack SR?
Post by: kmfkewm on January 23, 2012, 03:46 am
The fact that you use PGP doesn't mean shit if you have a 5-character passphrase.

Thats so true.

@Heyenezz: Hey, i said no offense, right? Yeah, you're more recent posts are admittedly more in the spirit. I just don't think we should start posting up elaborate scenarios in which *they* win.

a_blackbird is spot on about laziness being the deadliest flaw. In my case, i'm doubly protected by geography but most of you aren't, so it's just common sense to take whatever precautions you can and be consistent about it. A saying about 'fruit' and 'low' comes to mind...

Actually if you are anonymous it doesn't matter if you have a password at all, GPG will still offer you protection. A 4,096 bit key is the same size regardless of the password used to decrypt it ;). Your password is to protect your encryption key not to protect your encrypted messages. Those are decrypted with a session key. Which is decrypted with your encryption key. Which is decrypted with your passphrase as the key.
Title: Re: How would LEO Attack SR?
Post by: a_blackbird on January 23, 2012, 04:00 am
Actually if you are anonymous it doesn't matter if you have a password at all, GPG will still offer you protection. A 4,096 bit key is the same size regardless of the password used to decrypt it ;). Your password is to protect your encryption key not to protect your encrypted messages. Those are protected with your encryption key.

Yeah, you're right, 4096 bits is 4096 bits, and if all the feds have is an armored text file, they don't have squat - but if they seize your computer and get a copy of your keyring, suddenly that passphrase becomes a hell of a lot more important.
Title: Re: How would LEO Attack SR?
Post by: Heyenezz on January 23, 2012, 04:03 am
A fourth likely scenario is the compromise of the SR server, either after it is traced (people here are putting far too much faith in the anonymity of Tor hidden services, when in reality they can be traced with fairly little effort / skill level / legal power / some combination) or after it is remotely pwnt by hackers (people here are also putting too much faith in the SR admins security abilities, and he is putting too much faith in Tor and Bitcoin although he is probably himself fairly safe as a Tor client if he knows how to further anonymize bitcoin). After the server is pwnt the attacker could simply harvest addresses for a few months and interpol could coordinate a fairly tremendous international operation against large numbers of people who do not use GPG to encrypt their addresses. Or they might even try to MITM people who use GPG encryption, measures need to be taken against this as well.

This is why we should frequently change our Tor identities and not link to any exit nodes while using hidden services.

When purchasing bitcoins, don't use any method that requires you to provide personal information, no matter how trivial this may seem. That means no name, no picture, no address, no bitcoin address hosted on your machine (I use instawallet, which I then transfer through other instawallets), no IP address (I access get-bitcoin through Tor), no nothing except perhaps a fake name and Tormail address used only for purchasing bitcoins from that particular exchange and certainly no links to your bank account. Your only methods of payment should be something like cash deposit or money order.

Title: Re: How would LEO Attack SR?
Post by: kmfkewm on January 23, 2012, 04:11 am
Actually if you are anonymous it doesn't matter if you have a password at all, GPG will still offer you protection. A 4,096 bit key is the same size regardless of the password used to decrypt it ;). Your password is to protect your encryption key not to protect your encrypted messages. Those are protected with your encryption key.

Yeah, you're right, 4096 bits is 4096 bits, and if all the feds have is an armored text file, they don't have squat - but if they seize your computer and get a copy of your keyring, suddenly that passphrase becomes a hell of a lot more important.

If the feds have located someone they know to be an encryption user, and the user continues to get any significant security advantage by using encryption, it just goes to show the feds are fucking incompetent. Most of them are. Some may not be. Unless you are running your military grade encryption algorithms in a secure compartmentalized information facility with two foot thick metal walls and constant surveillance on it, you are not getting the full advantages of military grade encryption. Short of that you could try things like keeping your laptop on you at all times and your home under surveillance to protect from hidden cameras hardware keyloggers etc, but keys and passwords and plaintexts leak so far away via so many channels (not to mention can be stolen in so many other ways) (LCD monitors can have their display reconstructed from several rooms distance away and through walls, via transient electromagnetic pulse analysis) that the only significant security benefit that encryption gives you is the ability to protect your anonymity and the ability to protect yourself from stupid attackers (ignorant to the fact that you use encryption, or ignorant to the techniques capable of stealing keys) and non-targeted attackers (someone randomly steals your laptop to pawn it)
Title: Re: How would LEO Attack SR?
Post by: TravellingWithoutMoving on January 23, 2012, 04:45 am
...dunno...ask them,,,
Title: Re: How would LEO Attack SR?
Post by: a_blackbird on January 23, 2012, 05:07 am
If the feds have located someone they know to be an encryption user, and the user continues to get any significant security advantage by using encryption, it just goes to show the feds are fucking incompetent. Most of them are. Some may not be. Unless you are running your military grade encryption algorithms in a secure compartmentalized information facility with two foot thick metal walls and constant surveillance on it, you are not getting the full advantages of military grade encryption. Short of that you could try things like keeping your laptop on you at all times and your home under surveillance to protect from hidden cameras hardware keyloggers etc,

That brings up another important point - risk assessment and cost/benefit analysis of countermeasures.  For the most part, no matter how many security precautions you've taken, there's always something else you can do that will make you +delta% more secure, but everyone's time, skill, and money are limited.  So, does the probability of the attack we're trying to prevent combined with the impact of the attack, if successful, really justify the resources required to defend against it?  Once you get past the basic security precautions that, for all intents and purposes, ought to be mandatory, I think the question becomes a lot harder to answer - and it definitely doesn't have just one answer.  The high-profile seller that's doing thousands of dollars in business per week is (or should be) likely doing a lot more than the average random buyer that picks up an ounce of weed every month or so.
Title: Re: How would LEO Attack SR?
Post by: BTCmachine on January 23, 2012, 06:18 am
Granted Paranoia is very good but only in moderation,

Ive always learned to stay a step ahead but never give the government to much credit, they use scare tactics simply on the fact that they know nothing and want a person to fess up,

If they have no evidence or anything against you directly associating your name with SR there really is no worry with any cybercrime case it is seriously hard to link the crime with a face since it is behind a monitor especially the many precautions like VPN changing mac ID so on so forth,

Although we are breaking the law there is only a few people out there that are actually criminals, people are generally kind by nature and if you arent used to constant pressure of the police then it might wear down on you at some point, if one has never experienced going to jail before it is a very life changing experience, one that no one would want to repeat

even though everyone may know not to talk to the police very few can do so under the pressure,

SR really gives alot of Ups to the dealer, we are doing something that looks ordinary especially with things like Ebay, amazon, and other sites that have trading sections,

We can utilize many tools to keep us anonymous, if you have ever seen the show DEA or anything crime related most of what they do is based upon taking out a small buyer and then moving up the chain which is physically impossible to do with SR,

Even if a police officers buy from a vendor it would be extremely hard for them to link it to you if you used an address that has nothing to do with you and are changing mail boxes every so often,

Just stay a step ahead and never give them to much credit, its innocent until proven guilty as long as you make sure that no evidence directly leads to you
Title: Re: How would LEO Attack SR?
Post by: therealstansmith on January 23, 2012, 07:48 am
man its sad to say but this topic is gonna get a lot of sellers busted... should of stuck with dont say shit to help leo
Title: Re: How would LEO Attack SR?
Post by: Heyenezz on January 23, 2012, 08:47 am
man its sad to say but this topic is gonna get a lot of sellers busted... should of stuck with dont say shit to help leo

How?

The FBI spends at least several times whatever SR is worth.

We're no smarter than the many experts they use. Think logically.

We're the ignorant ones, not them.
Title: Re: How would LEO Attack SR?
Post by: Silpheed on January 23, 2012, 10:04 am
For all I know, SR could just be one giant honeypot, started by LEO and every vendor is LEO and every piece of feedback is written by LEO.

And if people can register an unlimited number of buyer accounts, what is there to prevent scores of LEO buyers who act as shills for a web of LEO vendors (with no goods ever being mailed)? They would spend all their time collecting names/addresses and providing fake positive feedback (although I suppose SR would still get its cut).

Also, if LEO were to set up a reward of say, $1 million (payable in bitcoin of course), to anyone who could hack into SR, that might be big trouble.

Or say the biggest exchanges are seized and they start following the trail to real bank account numbers and profiling everyone.

I still think that vendors are safer than buyers, unless the packaging is sloppy or LEO orders something and find fingerprints or DNA. Or somehow the volume of money a vendor is getting or the volume of packages they send is setting off red flags somewhere. Or LEO start monitoring every potential place mail can be dropped.

I mentioned some other scenarios in this thread:
http://dkn255hz262ypmii.onion/index.php?topic=9297.msg86941#msg86941
Title: Re: How would LEO Attack SR?
Post by: pine on January 23, 2012, 02:38 pm
New thread related to this discussion, from a different point of view.

http://dkn255hz262ypmii.onion/index.php?topic=9529.0
Title: Re: How would LEO Attack SR?
Post by: Heyenezz on January 23, 2012, 08:54 pm
New thread related to this discussion, from a different point of view.

http://dkn255hz262ypmii.onion/index.php?topic=9529.0

The OP also asks what we could most effectively do to defend against LEO's most effective attack. You must be stronger than your opponent's strongest attack. So far, people only answer the 1st question of what LEO could do.

I think it's helpful to try to answer both questions because you can't defend against LEO's strongest attack if you don't know what that attack is.
Title: Re: How would LEO Attack SR?
Post by: therealstansmith on January 23, 2012, 09:47 pm
here is the thing i posted before that the most basic skills could be used to get everyone here and i believe it to the core. every one thinks of these last. if people want to protect themselves the best way is to not publicly speak of security flaws and helpful investigative tactics. the safest thing to do is not order from new vendors. the ones that have paved the way for this place should be the only ones. i dont think sr should grant seller accounts to anyone with $150 but its not to say they are not real vendors. do not buy and sell on the same account, however its bullshit like people being allowed to set up multiple accounts that make these forums a nightmare. and since it is out there and people are giving out these little tips for leo i will post a new topic on ways for sellers to be safe. and reasons why and hopefully they follow it if  not the reasons will be their downfall and we will lose a lot of them.
Title: Re: How would LEO Attack SR?
Post by: kmfkewm on January 24, 2012, 02:12 am
man its sad to say but this topic is gonna get a lot of sellers busted... should of stuck with dont say shit to help leo

How?

The FBI spends at least several times whatever SR is worth.

We're no smarter than the many experts they use. Think logically.

We're the ignorant ones, not them.

No but the experts who made the tools you use are far smarter than they are
Title: Re: How would LEO Attack SR?
Post by: therealstansmith on January 24, 2012, 02:27 am
thank you.... and how much money can they use to catch people here... as much as theyd like. how much can we use to protect ourselves idk but i spent the last of mine on drugs so im screwed lol. but dont give them ideas to spend their dollars on to catch us
Title: Re: How would LEO Attack SR?
Post by: kmfkewm on January 24, 2012, 02:42 am
If I don't say how they are going to catch you how can you protect yourself 0_0
Title: Re: How would LEO Attack SR?
Post by: therealstansmith on January 24, 2012, 02:55 am
if i only order from people that are not LE and they dont screw up on packaging or get caught... the only way it would be found out is if i opened my mouth... or the mail man opened my shit... which still would leave the mail man with my illegally opened mail and illegal drugs... whats to say he even got it out of my envelope... then me and him battle it out. im finding that my time here in the forums is only hurting me and once i receive and review the shit im waiting on i am not coming back to the forums... im debating using sr anymore... it needs some work before i trust a place like this again
Title: Re: How would LEO Attack SR?
Post by: Heyenezz on January 24, 2012, 04:15 am
man its sad to say but this topic is gonna get a lot of sellers busted... should of stuck with dont say shit to help leo

How?

The FBI spends at least several times whatever SR is worth.

We're no smarter than the many experts they use. Think logically.

We're the ignorant ones, not them.

No but the experts who made the tools you use are far smarter than they are

But LEOs can hire the people of equal programming ability. It doesn't matter that the cops are dumb if their experts and detectives are more resourceful than anyone on your side. It's also a matter of man power. It may be that no one on LEO's side is smarter than anyone on our side, but LEOs would have more brain power just by having more people. Seriously, there's nothing we could think of that they have not thought of already.

For the record, I'm not worried about being busted, and it's not likely that many people will be busted on SR due to our low profile and various security measures. However, LEOs are likely to attempt disrupting SR in other ways once its contraband inventory grows large enough, perhaps by using various psychological tactics to scare buyers & vendors away.
Title: Re: How would LEO Attack SR?
Post by: Laughing Man on January 24, 2012, 04:42 am
The only real way to attack SR is to find its server and take it offline... which will not be an easy task.
Title: Re: How would LEO Attack SR?
Post by: therealstansmith on January 24, 2012, 05:28 am
or LE already in... i see people downloaded some app for phone... prolly created by le and you fucked... or theyll gain all of our trust create the ultimate in security and SR will employ its use and they will know enough to get everyone... any internet security is a joke... and how do you know that the encryption shit wasnt made to just give everyone a reason to type your messages in that program monitored by LE
Title: Re: How would LEO Attack SR?
Post by: QTC on January 24, 2012, 05:31 am
any internet security is a joke... and how do you know that the encryption shit wasnt made to just give everyone a reason to type your messages in that program monitored by LE
You are either some sort of federal psyop agent or hopelessly retarded.
Title: Re: How would LEO Attack SR?
Post by: Tranzshipper on January 24, 2012, 06:02 am
no doubts as SR grows, it becoming more attractive as resource to gather buyers info. LE no need to be very innovative in case with SR. if they will cut a deal with  admin they can get addresses of those who do not PGP.  quite I large number I guess.
Title: Re: How would LEO Attack SR?
Post by: therealstansmith on January 24, 2012, 06:26 am
any internet security is a joke... and how do you know that the encryption shit wasnt made to just give everyone a reason to type your messages in that program monitored by LE
You are either some sort of federal psyop agent or hopelessly retarded.
and you funny  :)
Title: Re: How would LEO Attack SR?
Post by: libertyfreedom92 on January 24, 2012, 06:39 am
I think forum users should be able to delete any of their post on here freely
Title: Re: How would LEO Attack SR?
Post by: kmfkewm on January 24, 2012, 10:43 am
The only real way to attack SR is to find its server and take it offline... which will not be an easy task.

It isn't that hard to trace Tor hidden services actually. And finding the server and taking it off line would be about the most retarded way possible to try and attack SR. They would use it for a human intelligence honeypot before anything. Or trace the server and keep it online to gather unencrypted addresses.
Title: Re: How would LEO Attack SR?
Post by: Tranzshipper on January 24, 2012, 01:57 pm
much better implementation of such trade would to host it distributed on users computers encrypted, as some sort of P2P network, then there is no host, no admin, less susceptible to different attacks. of course it is more easy to say then get it done.
Title: Re: How would LEO Attack SR?
Post by: Laughing Man on January 24, 2012, 09:26 pm
The only real way to attack SR is to find its server and take it offline... which will not be an easy task.

It isn't that hard to trace Tor hidden services actually. And finding the server and taking it off line would be about the most retarded way possible to try and attack SR. They would use it for a human intelligence honeypot before anything. Or trace the server and keep it online to gather unencrypted addresses.

Anyone who isn't communicating with GPG is stupid and if busted because of that, I honestly wouldn't feel much sympathy.

much better implementation of such trade would to host it distributed on users computers encrypted, as some sort of P2P network, then there is no host, no admin, less susceptible to different attacks. of course it is more easy to say then get it done.

See the speakeasy thread in the OVDB subforum.
Title: Re: How would LEO Attack SR?
Post by: jochem on January 25, 2012, 08:41 pm
Trying to hide ways to crack SR does not help, if ways to do it (as explained in this thread) are just one google-search away. It's called security through obscurity and won't help you in the long run. Systems we use around here are secure by design. Flaws are known, because everything we do happens inside that design. If you leave the design, it doesn't work anymore. Tor is secure, PGP is secure. In that sense, talking about (not) being smarter than LE doesn't matter. The design and it's known limitations are to our advantage and the disadvantage of LE. Whether they know that or not (they probably know).

Where things will go wrong for people is if someone gets sloppy in using the systems secure or simply doesn't know how to. This is the human factor that we can not fully prevent for screwing us over.

Than there is the technical side: what if SR gets compromised. Now this is a real threat, as hidden services can be hacked just as easily as regular websites. If SR gets compromised, it doesn't have to be a big issue. Everybody is still anonymous if taken the proper precautions. The only thing that's really an issue is if they change some of the public keys. This would allow LE to read addresses, but at the same time would warn any seller that he (or whole SR) has been compromised.

But the big issue and I think the underlying cause of all our doubts regarding security is trust. We not only have to trust sellers, but also trust SR. We provide sellers with our addresses, which could be used to harm us (intentionally (they're LE) or unintentionally (sloppy with their private key)). We also have to trust SR that they won't run with our money (although that's not really a problem in the sense of jail-time). Trust is determined by a lot of factors and many of those are not enormously reliable if everyone is anonymous. If you have no way of identifying me, I can be anyone I want. I can have multiple identities or take the identity of someone who is anonymous as well.

In my opinion, trust it the biggest thing we have to work out for SR. By providing track records of sellers (e.g. feedback, forum posts) and buyers (probably also feedback and forum posts, although not implemented right now) and making sure that I always talk to the person I believe I do by linking the track record to the messaging/shopping system, I might have more faith in a seller. Same goes for a buyer, of course. This, again, would require me to put a lot of trust in SR - I have to trust that the 'identity' I create here doesn't get screwed up. SR should put everything to it to not get compromised, but even if they did, I still have my own memory and be able to identify real (whatever I know that checks out) from fake (whatever is screwed up).

Getting back to reality: if you're a small time buyer and take enough precautions (know how the systems work and use them properly), you don't have to worry that much. You're address leaking (if it's your real one) is probably not enough to get LE on your ass. Sellers are of course in a more dangerous position (as LE would love to take down the big timers, I presume). But sellers have their whole faith in their own hands, as only their own fuck ups can undermine their position.
Title: Re: How would LEO Attack SR?
Post by: Silpheed on January 25, 2012, 10:15 pm
As far as I'm concerned, people can do all the computer security they want, but the weak link in the chain is the fact that a buyer must provide a valid address, to a stranger, over the internet.

Is that stranger LEO? Is that stranger working for LEO? Is that stranger an informant for LEO? Is that stranger properly destroying every address they get? Is that stranger forwarding every address they get to LEO? One day will that stranger's computer be compromised by LEO? How much of that stranger's feedback came from LEO or someone working for LEO?

Every time a buyer makes a purchase, they have to trust that a stranger is not going to do anything harmful with that address. That address is where the trail begins.
Title: Re: How would LEO Attack SR?
Post by: Tranzshipper on January 26, 2012, 10:06 am
As far as I'm concerned, people can do all the computer security they want, but the weak link in the chain is the fact that a buyer must provide a valid address, to a stranger, over the internet.

Is that stranger LEO? Is that stranger working for LEO? Is that stranger an informant for LEO? Is that stranger properly destroying every address they get? Is that stranger forwarding every address they get to LEO? One day will that stranger's computer be compromised by LEO? How much of that stranger's feedback came from LEO or someone working for LEO?

Every time a buyer makes a purchase, they have to trust that a stranger is not going to do anything harmful with that address. That address is where the trail begins.

it is risk you have to take if buy small amount what worries. if buy for local distribution then keep in mind that even reputed seller can turn into informer informer at some point. but it is also a true that vendors and much higher risk and prime targets for LE. who cares about people buys small amount for personal use. NO GUARANTY. but such things can happens in any other place too, so not exactly relevant to SR and SR been best trade platform so far .
Title: Re: How would LEO Attack SR?
Post by: zifnab on January 27, 2012, 06:35 am
Giving valid addresses out isn't so much of an issue if you use common sense and take the necessary precautions. Also (though many will disagree with me) never, ever use your home address.

You can get pretty creative with this and there's tons of suggestion scattered about but my philosophy is; use a drop you know is secure to receive a package then rotate through your others. If you haven't received a package at a location, its still clean. If you rotate through enough of them, by the time you get back to the initial 1, it should once again be clean.

Why? Common sense; no LEA is gonna stake out a mail box for months on end unless you're moving serious weight...
Title: Re: How would LEO Attack SR?
Post by: Silpheed on January 27, 2012, 12:46 pm
Giving valid addresses out isn't so much of an issue if you use common sense and take the necessary precautions. Also (though many will disagree with me) never, ever use your home address.

You can get pretty creative with this and there's tons of suggestion scattered about but my philosophy is; use a drop you know is secure to receive a package then rotate through your others. If you haven't received a package at a location, its still clean. If you rotate through enough of them, by the time you get back to the initial 1, it should once again be clean.

Why? Common sense; no LEA is gonna stake out a mail box for months on end unless you're moving serious weight...

To use an address other than your residence, you would have to find an associate who would be willing to be busted for you (who would do that?), or maybe a business address which could be just as bad. If it's just some random address nearby, that could also be really bad because you're accessing someone else's mailbox.

Also, LEO don't have to stake out a mailbox if they're the vendor, or if they find a vendor willing to be an informant. LEO would see the address the buyer provided and they could simply email that address to LEO in that area, who could show up with a warrant soon after the delivery is confirmed; or email the parcel to local LEO, who could then perform a controlled delivery; or tip off a postal inspector, who could then perform a controlled delivery.
Title: Re: How would LEO Attack SR?
Post by: zifnab on January 28, 2012, 12:02 am
^ I did say people would disagree *shrug*. There's more than 1 way to do this. Also, whats the issue with sending to a business address? Or a hostel/YMCA? Or a hotel? Or a recently vacated shop house? Or, ect, ect, ect...

Get creative; there's so many, many more options, and don't tell anyone too many specifics. Preferably, tell no one irl anything...

Do not pick up packages immediately; they'd have to stake out the box and even a few days of that is a complete waste of man hours to bust 1 small time dude. Also, they'd have no way of knowing when the package would arrive via mail.
Or if they're delivering themselves, how would they know its meant for you if its not in your name and not to your house....?

Controlled delivery? Seriously...? They'd have to get you to sign for it - you'd do that? -.^
Controlled deliveries don't have a leg to stand on *unless* its to your home address and even then they'd have to *prove* you ordered it. If you've taken even basic precautions, there should be no link between you and your online persona.

Sample conversation:
Cop: We know you ordered these drugs off the internet.
You: I'd like a lawyer. please.
Cop: Give it up, we'll go easy on you...
You: I'd like a lawyer, please.
Cop: Don't make us angry, we can put you away for a long time.
You: I'd like a lawyer, please.
Cop: .... you're free to go....

Plausible deniability and silence are your friends; you should get to know them.
Title: Re: How would LEO Attack SR?
Post by: Tranzshipper on January 28, 2012, 01:06 pm
those who on long stretch in this biz, would worry about address much less, then any thing else