Silk Road forums
Discussion => Newbie discussion => Topic started by: WhisteBlower on April 05, 2013, 12:24 am
-
Ok, so we blew the whistle off the "price fixing"/"Cartel formation" scandal that had people in an uproar and had a lot of vendors with egg on their face. And we were right. We have little birdies everywhere.
Now, we are debating whether to blow the whistle on a few very serious events that have been going on around here. On one hand it could cause a bigger uproar then the last whistle blowing we did.. and not sure if the minions would be able to even do damage control with a straight face. On the other hand, we have a moral responsibility.. as there;s a lot of trust in the integrity of the team/leadership/security/anonymity of this place. Suffice it to say it's been keeping us up at night. Are debating the pros and cons. But this is not sensationalism folks. This is some serious shit.. and if when we blow the lid off this, eyes will pop. We're just debating within our own team how to do it delicately. Stay tuned.
Whistle Blower
-
SOooo Whats the serious scandal just come out and blow the whistle already suspense is killing me
-
Patience grasshopper. We are well informed, but doesn't mean we are wreckless. Patience.
-
Patience grasshopper. We are well informed, but doesn't mean we are wreckless. Patience.
blow that shit already!
-
you're as much talk as kim jung un. all bark no bite, gtfo!
-
If it will benefit the community, go ahead!
-
cliffs on "price fixing"/"Cartel formation"?
-
tuned in.
-
Seems like shit but I'm following just in case
-
*Very* Serious Scandal!!!! LMFAO
This guy is so full of shit. The only bright idea he ever had was his name, and he only came up with that because when Julian Assange whistles, this guy blows him.
Modzi
AKA "The Cartel Boss"
-
Go on...
-
Very interested to see this. Something smells fishy...
-
/me gets the popcorn out and hands it around
-
/me gets the popcorn out and hands it around
Potential drama AND free virtual popcorn? Thank you kindly ;)
But really, if there is stuff going down it would be nice to know. We have lost quite a few in the past couple months.
-
what the scam starts from the top ???
-
Waiting with bated breath...
-
You people realize that the last few days.. there have been some very bizarre happenings around these parts. The scammers and whatnot. But the underlying issue is, a person(s) were able to REPEATEDLY send out messages from account names that are simply blocked from being registered/created. "ADMIN" "SR STAFF" "VENDOR SUPPORT" "CUSTOMER SERVICE" etc
Come on, fucking "ADMIN"? Try registering a name using "admin" anywhere in the name. Add a bunch of letters and numbers but keep "admin" in there, and it wont let you register. Let alone with a bloody SPACE in the username. Yet "SR ADMIN" and "ADMIN" were *repeatedly* used.
Then the widthrawl system was frozen for a good day, to prevent a massive flight of coin out of here. I am no genius.. but it seems like there are some who might have either figured out some exploit(s), or other possibilities. I think that's all I'll say for right now.. I've got a lot to think about with what to do with the information I might or might not possess.
Ask yourself, my friends, how were those names repeatedly being used. And I mean repeatedly, even up until today. Ponder. Think. Dig. Ask yourself some questions that might present some ugly answers.
I know a lot. But that's because I have "birdies" that tell me things.
-
*Very* Serious Scandal!!!! LMFAO
This guy is so full of shit. The only bright idea he ever had was his name, and he only came up with that because when Julian Assange whistles, this guy blows him.
Modzi
AKA "The Cartel Boss"
LOL
-
God won't let you expose DPR as the real Jesus Christ.
The secret must be kept
-
You people realize that the last few days.. there have been some very bizarre happenings around these parts. The scammers and whatnot. But the underlying issue is, a person(s) were able to REPEATEDLY send out messages from account names that are simply blocked from being registered/created. "ADMIN" "SR STAFF" "VENDOR SUPPORT" "CUSTOMER SERVICE" etc
Come on, fucking "ADMIN"? Try registering a name using "admin" anywhere in the name. Add a bunch of letters and numbers but keep "admin" in there, and it wont let you register. Let alone with a bloody SPACE in the username. Yet "SR ADMIN" and "ADMIN" were *repeatedly* used.
Then the widthrawl system was frozen for a good day, to prevent a massive flight of coin out of here. I am no genius.. but it seems like there are some who might have either figured out some exploit(s), or other possibilities. I think that's all I'll say for right now.. I've got a lot to think about with what to do with the information I might or might not possess.
Ask yourself, my friends, how were those names repeatedly being used. And I mean repeatedly, even up until today. Ponder. Think. Dig. Ask yourself some questions that might present some ugly answers.
I know a lot. But that's because I have "birdies" that tell me things.
i have asked that same question about how those names keep getting created and used. we never got an answer.....
and to add to the weird things happening in the last few days:
tormail went down for couple days and comes back
blue sky traders (who has a link to sr bmr and such on their main page) quit accepted tormail
probably a coincidence though
-
You haven't gotten an answer because these are the forums, and neither samesamebutdifferent nor i have any access to that kind of information!
-
I hate to be a wet blanket about that space in the user name but perhaps you should check out my SR profile.. http://silkroadvb5piz3r.onion/silkroad/user/bd04ff5584
The rest of it I can't comment on.
-
You haven't gotten an answer because these are the forums, and neither samesamebutdifferent nor i have any access to that kind of information!
I don't know, birdies tell me things too. Usually things like "Take it, it'll be fun"
-
You haven't gotten an answer because these are the forums, and neither samesamebutdifferent nor i have any access to that kind of information!
I don't know, birdies tell me things too. Usually things like "Take it, it'll be fun"
dude if youre talkin to birds i want whatever youre on!
I hate to be a wet blanket about that space in the user name but perhaps you should check out my SR profile.. http://silkroadvb5piz3r.onion/silkroad/user/bd04ff5584
The rest of it I can't comment on.
"invalid user(s)" LOL
-
Okay, alright, you broke me... You and that damn infernal little bird! I just can't take it anymore!
We did it.
It was us, again. And you caught us, again.
The Cartel. It was the Cartel.
Modzi
-
You haven't gotten an answer because these are the forums, and neither samesamebutdifferent nor i have any access to that kind of information!
Scout has a point and he's being pretty frank. I don't think we should hold him and samesame responsible for security failures on the main site. But there are people over on the main site that are specifically tasked to uphold certain minimum security standards and they've been mum. That's the disturbing thing...
-
invalid user? that is interesting. I've done nothing with the account yet as I'm waiting for my coins to come in. hmmm
well, if search works, my SR name is Abby Normal.. with a space between the two words
-
You people realize that the last few days.. there have been some very bizarre happenings around these parts. The scammers and whatnot. But the underlying issue is, a person(s) were able to REPEATEDLY send out messages from account names that are simply blocked from being registered/created. "ADMIN" "SR STAFF" "VENDOR SUPPORT" "CUSTOMER SERVICE" etc
Come on, fucking "ADMIN"? Try registering a name using "admin" anywhere in the name. Add a bunch of letters and numbers but keep "admin" in there, and it wont let you register. Let alone with a bloody SPACE in the username. Yet "SR ADMIN" and "ADMIN" were *repeatedly* used.
Then the widthrawl system was frozen for a good day, to prevent a massive flight of coin out of here. I am no genius.. but it seems like there are some who might have either figured out some exploit(s), or other possibilities. I think that's all I'll say for right now.. I've got a lot to think about with what to do with the information I might or might not possess.
Ask yourself, my friends, how were those names repeatedly being used. And I mean repeatedly, even up until today. Ponder. Think. Dig. Ask yourself some questions that might present some ugly answers.
I know a lot. But that's because I have "birdies" that tell me things.
This is fairly unconvincing, how strictly is this set up? Technically there are multiple instances of the same letter, who is to say the D is a D, I have seen the same crap break profanity filters. Scammers are not scandals.
-
Another example of names with spaces:
Sugar Mama
http://silkroadvb5piz3r.onion/silkroad/user/aace915f06
-
It's a fucking inside job.
Too much cash at stake. Staff will rip off the till just like anyone.
-
Another example of names with spaces:
Sugar Mama
http://silkroadvb5piz3r.onion/silkroad/user/aace915f06
Yeah and my name is MODZIW and it has a space at the end (the space is silent).
http://silkroadvb5piz3r.onion/silkroad/user/14845f6687
Modzi
-
Fair enough, but "SR Admin" or "SR Staff" or "Vendor Support" or even just "Admin".....
cmon people. There is no reason why those are being continuously being passed around like peace pipes. Try to register "admin" or "security" @ Gmail or even an ESP on "our side" such as Tormail.
Fuck no! You'll get stopped right at the registration process and sternly told "You can not register names containing X Y Z"
Smokecrack (and MANY OTHERS) echoed the same thing.. the fact that it keeps happening and just the other day resulted in a massive scam. Blocking the Bitcoin address that is being used to scam is only putting a bandaid on something. (And yes, I'm positive thats the only temporary work around that they've implemented). But without clamping down on the ROOT cause, scammers will continue to do this and scam newbies until SR blocks the wallet address that's being used. Is that an adequate solution?
(Full disclosure. I'll just come right out and say it. I don't know any of the scammers, but I *do* know someone who figured out how/why this is happening, and they were the one that told me that the only fix SR has put in place is that when a scam is perpetrated and reported, they quickly put the scammers BTC address into a field titled "Invalid" as if it was an... invalid address. But that is NOT a proper/professional fix. "Admin" or "Staff" will just pull the scam again and again a few days later on new members and this will keep happening. And yes, I said it. I know someone who knows why/how its happening and what the PROPER fix should be. I'm saying that publically now).
-
Another example of names with spaces:
Sugar Mama
http://silkroadvb5piz3r.onion/silkroad/user/aace915f06
Yeah and my name is MODZIW and it has a space at the end (the space is silent).
http://silkroadvb5piz3r.onion/silkroad/user/14845f6687
Ok. Do you have "Admin" or "staff" or "SR Support" in your name anywhere? No.
Modzi
-
Another example of names with spaces:
Sugar Mama
http://silkroadvb5piz3r.onion/silkroad/user/aace915f06
Yeah and my name is MODZIW and it has a space at the end (the space is silent).
http://silkroadvb5piz3r.onion/silkroad/user/14845f6687
Ok. Do you have "Admin" or "staff" or "SR Support" in your name anywhere? No.
Modzi
Holy shit man, this guy must be a next level SR member. He signed a message as you modzi.
Just blew my mind man
-
The only reason he "worked it out" was because I saw both the thread where the solution to the scammers was posted and the thread he posted to saying he was getting an invalid account error when he tried to transfer money and thought they could be related (put any software fix in and there's bound to be bugs).
The solution is elegant as a short term stop as it does mean that no money can be sent. Those bulk emails that the scammer sends out can be deleted but if someone has already read it and has it open in their browser then they'll never know until after the money is transferred. It's way too late then.
Yes, it appears that there was a bug and he was impacted but really, the solution is the quickest way to protect people while they deal with the scammer account.. after all, the scammer never tells people to drop the bitcoins on him, he always gives an address to send it to. I can think of no other way that could quickly stop that address from receiving money.
-
Abby - thats all good and fine, but you're missing the point. He *KNOWS* unequivocally how these guys are temporarily using names like admin/staff/support/customer service etc for purposes that are obviously intended to defraud. I know this for a *FACT*, because he proved it to me today (and someone else who unwittingly became used as proof). Do a search, some random gentleman today said he got a message from Admin and then when he tried to message the guy back, he deleted the admin account. Do you think that is normal? Or in any way should be overlooked? *NO*!
I think people are not understanding the issue. Smokecrack and other forum members know what Im talking about.
-
now you're talking about something different and something I can only guess at. my guess it was a sql injection attack because it hasn't been hardened but I'm really just guessing. Whatever it is, I hope it PMd the real admin and told them so they can take steps to seal it.
-
Another example of names with spaces:
Sugar Mama
http://silkroadvb5piz3r.onion/silkroad/user/aace915f06
Yeah and my name is MODZIW and it has a space at the end (the space is silent).
http://silkroadvb5piz3r.onion/silkroad/user/14845f6687
Ok. Do you have "Admin" or "staff" or "SR Support" in your name anywhere? No.
Modzi
Holy shit man, this guy must be a next level SR member. He signed a message as you modzi.
Just blew my mind man
LOL I believe the term here is DUFUS! This guy need a title. I declare him to be Head Dufus. Actually I think I could ask DPR to officially dub him Court Jester of SR.
Modzi
-
You haven't gotten an answer because these are the forums, and neither samesamebutdifferent nor i have any access to that kind of information!
I don't know, birdies tell me things too. Usually things like "Take it, it'll be fun"
???
-
now you're talking about something different and something I can only guess at. my guess it was a sql injection attack because it hasn't been hardened but I'm really just guessing. Whatever it is, I hope it PMd the real admin and told them so they can take steps to seal it.
Now we're talking. I'm in touch with them about this and trying to help plug it.
Modzi - I don't appreciate you calling me dufus. I'm actually trying to help here. Not gouge people out of their money. Oh whoops. Sorry :)
But yeah, refrain from the name calling.. it's lame.
-
now you're talking about something different and something I can only guess at. my guess it was a sql injection attack because it hasn't been hardened but I'm really just guessing. Whatever it is, I hope it PMd the real admin and told them so they can take steps to seal it.
Now we're talking. I'm in touch with them about this and trying to help plug it.
Modzi - I don't appreciate you calling me dufus. I'm actually trying to help here. Not gouge people out of their money. Oh whoops. Sorry :)
But yeah, refrain from the name calling.. it's lame.
Yes fear mongering is saving me lots of money. Thanks manblower 9_9
-
Popcorn time
-
/me hands you the popcorn bucket.
I hate attention seeking emo drama threads.
-
I hate starting attention seeking emo drama threads. But it's a dirty rotten job and someone has to do it :)
FYI, its not as dramatic as you guys think. I'm in touch with a mod via PM and have demonstrated the credibility of what my friend knows (from a techincal and real world standpoint).. and from what I understand it's been kicked upstairs and will eventually plug whatever holes exist)...
-
/me hands you the popcorn bucket.
I hate attention seeking emo drama threads.
At least we get popcorn out of it.
-
I've passed the info along to the higher-ups --- hopefully it'll help, if WhisteBlower's friend is correct.
-
WTF is going on here?! Me and Scout working towards the same goal?!? Say it aint so :'(
-
If there is a security hole that was so easily found by someone and can be used to scam the community, then I'm pretty sure we are ALL working toward the same goal of getting that fixed!
-
now you're talking about something different and something I can only guess at. my guess it was a sql injection attack because it hasn't been hardened but I'm really just guessing. Whatever it is, I hope it PMd the real admin and told them so they can take steps to seal it.
Now we're talking. I'm in touch with them about this and trying to help plug it.
Modzi - I don't appreciate you calling me dufus. I'm actually trying to help here. Not gouge people out of their money. Oh whoops. Sorry :)
But yeah, refrain from the name calling.. it's lame.
I apologize for calling you names. It is the nouns that you don't like? Is this better, how about grandiose, bombastic and histrionic?
I hope you feel better now.
Modzi
-
If there is a security hole that was so easily found by someone and can be used to scam the community, then I'm pretty sure we are ALL working toward the same goal of getting that fixed!
If newbs are getting scammed by not being skeptical of messages they receive on a darkweb black market website, then I say good. The best way to learn is to burn. If it drives them away, they are better off, and so are we. If they stay and learn to be more security conscious, then welcome! You are no longer a newb. Congratulations!
Modzi
-
the scam starts somewhere :(
Im not saying much but why only 2 mods ? why does it take 2 days for a reply from Sr support? easy to say we dont know or have the staff?
guy makes 6000 grand a day :o but cant afford / doesnt want more staff all very convenient
a bit Machiavellian my friends :-X
-
I would hope to assume that most members of our community wouldn't fall for all of these stupid scams.
Unfortunately when ever I try and look good on man, I always get disappointed.
As is the case. There is no way to stop it. Without educating the newbs, history is bound to keep repeating itself.