Silk Road forums
Discussion => Security => Topic started by: peterkoff8273 on May 09, 2012, 12:20 am
-
So obviously its suicide to use a screen name for the darknet (especially the SR) which isn't isolated from your IRL/clearnet identities. But what about passwords? I accidentally used the same password for the SR and other sites as I do for facebook. Assuming the feds tracked me down for illegal shit on the darknet, they could match my facebook password to this one and fuck me with it, right? For the record none of my passwords are on written down, neither on paper nor digitally.
Should I abort all of my current screen names?
-
Yes. Sneaky isn't it? But clever, it's the kind of thing that would catch out many even tech-aware people.
You should use different passwords for the darknet, than on clearnet.
-
Thanks. It sucks, my facebook got hacked and I used my onionland password on impulse. Oy vey, how sad. Bai Peter, its been good not knowing you.
edit: Unless, what if I just changed my password for the darknet sites? Idaf about this sites name really, but I like a few names on other sites.
-
Thanks. It sucks, my facebook got hacked and I used my onionland password on impulse. Oy vey, how sad. Bai Peter, its been good not knowing you.
edit: Unless, what if I just changed my password for the darknet sites? Idaf about this sites name really, but I like a few names on other sites.
You should assume SR itself is run by a branch of the government. I doubt that is the case, but it ought to be your default assumption about the state of play. SR is deliberately setup so that this could actually be the case, and it wouldn't matter a jot, so long as you use PGP and have no associations between your SR account and yourself.
The second you create associations between your darknet and clearnet identity, you've destroyed the utility of Tor if somebody comes after you. Obviously there's many a slip betwixt mouth and cup, but why make LE's job easier?
-
Thanks. It sucks, my facebook got hacked and I used my onionland password on impulse. Oy vey, how sad. Bai Peter, its been good not knowing you.
edit: Unless, what if I just changed my password for the darknet sites? Idaf about this sites name really, but I like a few names on other sites.
You should assume SR itself is run by a branch of the government. I doubt that is the case, but it ought to be your default assumption about the state of play. SR is deliberately setup so that this could actually be the case, and it wouldn't matter a jot, so long as you use PGP and have no associations between your SR account and yourself.
The second you create associations between your darknet and clearnet identity, you've destroyed the utility of Tor if somebody comes after you. Obviously there's many a slip betwixt mouth and cup, but why make LE's job easier?
Amen to this, +1 karma for you pine.
BTW if the passwords are properly salted they shouldnt be able to be matched. But never assume anything is, a large number of sites don't even hash/encrypt their sensitive information.