Silk Road forums

Discussion => Newbie discussion => Topic started by: pine on May 15, 2013, 01:02 am

Title: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: pine on May 15, 2013, 01:02 am
PGP Club Progress Report:

Everything is going very smoothly. People are really beginning to get their tradecraft together on SR. There are few networks with the same level of commitment to secrecy and anonymity, that shall pay a great dividend to us in the end. The permeable network is the platypus of the future.

--

That said, most of you could benefit from realizing a thing or two about PGP labeling, which is about linkability, read this carefully:

1. Using a different name (nym technically) for your PGP public key than your SR Forums username is not a good idea. People with large keychains aren't going to be able to find the right public key for you in a couple of months time because they'll simply forget the association unless they made a record of it originally.

In addition to this, this practice does not even remotely help your anonymity. These forums are page scraped by about a dozen LEO software agents every day, they can import all your public keys and make associations with your usernames since anybody who imports your PGP public key can see what PGP nym or label you've chosen, no brain surgery required.

If SR is hacked then they can also associate (from any PGP encrypted messages sent) the PGP public key keyID in use with the same username/nym you had on the forums. This is not best practice!

2. Using the same public key or username on SR as on SR Forums is idiocy pure and simple. You must become unlinkable. This is achieved by the simple expedient of using two different usernames and two different public keys. 1 nym/public key pair for SR, and the same for SR Forums. This way you are not linkable and you are not confusing anybody either.

3. Many vendors also use the same nym/public on these forums as they do on SR e.g. the Vendor Roundtable. This too is foolhardy. Do not copy this. Pine is right and they are wrong. It's of course one thing to have a SR vendor username on the forums with respect to their own feedback threads, but completely another to be socializing generally with the same nym.

I recommend that vendors deliberately play with different writing styles depending on which identity they're using. It doesn't require perfection and millions of hours of work, it just requires enough difference to throw off a full writeprint match. I am completely certain that LEO are building or have built sophisticated software for authorship recognition analysis. Fortunately, unlike PGP key labeling, this is a case in which obfuscation helps rather than hinders.

I shall quote Project PolyFront once again, to emphasize how the concept of anonymity truly works:

Quote
The literal definition of anonymity is a state of namelessness. A more technical definition of anonymity is the state of being indistinguishable from a given set size. As an example, imagine a closed communication interface with several hundred members. If all of the members use the name 'anonymous' to make their posts, they are indistinguishable from each other based on naming information (however, they may not be anonymous based off IP information). However, they are not indistinguishable from those who are not a part of the system. If two people have access to an anonymous suggestion box, any suggestion in the box may be anonymous but the set size is two. The higher your set size is, the more anonymous you are.

-- Project PolyFront

http://pz65gyca5nrafhrf.onion/PolyFront_2/polyfront.htm

Viva la Revolution!
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: StExo on May 15, 2013, 01:17 am
I agree with nearly all your points on this Pine, especially #1! I don't know how many times I've had trouble remembering who is who on my keychain and having to find their PGP key again on the forums or their profile to import in and recognise which one is theirs, a huge waste of my time and does nothing to benefit them.

I would have followed your tip about differentiating accounts but since I have been here over a year and started out pretty dumb on security associating my forum account and buyer account with my PGP there is little I can change about that. However, I am also a vendor, this is a well known fact amongst a few people and was also published a while ago although with no specific link as to which one - a separation which I do maintain, plus I use more than 5 different buyer accounts in the event 1 is compromised, all different passwords of course.
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: bighorn on May 15, 2013, 02:09 am
Thanks. I will get my keys in order.
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: Laissez-Faire on May 15, 2013, 08:47 am
Excellent post Miss/Mister/Anonymously Gender Neutral Pine!

You may or may not have ever given this thought, but the information you share and the help you give to those that are new will no doubt save some from injustices they'd otherwise be dealt had it not been for the help from you and the other caring folk on here that impart their wisdom.

So thank you!

On another note... I'm curious... would multiple platypus be referred to as platypuses? platypii? platypus' ? or simply platypus? I'll leave you all to ponder that one (and no cheating!)


(yes google is cheating)


Laissez-faire!
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: pine on May 15, 2013, 09:47 pm
Excellent post Miss/Mister/Anonymously Gender Neutral Pine!

:))

You may or may not have ever given this thought, but the information you share and the help you give to those that are new will no doubt save some from injustices they'd otherwise be dealt had it not been for the help from you and the other caring folk on here that impart their wisdom.

So thank you!

Why thank you but it is a small price to pay so I can annoy LE agents :)

On another note... I'm curious... would multiple platypus be referred to as platypuses? platypii? platypus' ? or simply platypus? I'll leave you all to ponder that one (and no cheating!)


(yes google is cheating)


Laissez-faire!

It is platypuses or platypus I should think. But how does one indicate ownership of an object by multiple platypuses? It is the subject of much confusion in the platypii community.
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: Logic on May 15, 2013, 09:57 pm
Good information. When I saw your thread about bumping this thread I thought you were starting a new forum account but logged into the pine one because you were really high or something.

Also I'm pretty sure it's platypuses.
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: pine on May 16, 2013, 01:37 am
Platypus related karma for everybody! :))

I expected a huge influx of newbies posting facts about the platypus, not sure where they've gone to :-)
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: Logic on May 16, 2013, 01:49 am
I expected a huge influx of newbies posting facts about the platypus, not sure where they've gone to :-)

It would appear that they are busy playing the penis game.
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: P2P on May 16, 2013, 02:16 am
While I do think perhaps you are overestimating the LEAs investigating (if they even are, actively) this site, I think that overestimation of the enemy is always a good thing, especially when considering best practices for personal safety.

I'm just wondering about that last little paragraph you wrote at the end of #1. Are you saying since they can associate the PGP with a forum name that using a PGP associated with your forum name is not best practice? Because I don't know how linking a PGP message to a forum name helps them at all. In every post, we are consciously making an effort to maintain our anonymity. LE can read every post I've ever made here; it will not help them. And I assume it is the same in your case, in DPR's case, in everyone's case. So I don't really understand why that's an issue. They can tie the PGP to a name, but so what? They can't decode the message to get any sensitive information (which is what we use PGP for), so I'm not sure why it's a bad thing that they can "connect" the message to a name. "Connecting" things doesn't necessarily mean you're really solving anything. If a package is seized and is "connected" to the business you put on as the return address, and LE pursues that, it will be a textbook dead end. Same thing here.
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: pine on May 16, 2013, 02:57 am
While I do think perhaps you are overestimating the LEAs investigating (if they even are, actively) this site, I think that overestimation of the enemy is always a good thing, especially when considering best practices for personal safety.

I'm just wondering about that last little paragraph you wrote at the end of #1. Are you saying since they can associate the PGP with a forum name that using a PGP associated with your forum name is not best practice?

Only if you are also using the same username or PGP public key on your SR account.

It's like this:

If you're called Alice on SR, you should have a public key for Alice, with the name field as "Alice".
On SRF, you should be called Bob, and have a separate public key for Bob, with the name field set to "Bob".

A clean separation of identity. Many people don't realize their PGP keys are not intended to be anonymous by default which is why I wrote the Anonymous PGP tutorial in my sig.

Because I don't know how linking a PGP message to a forum name helps them at all. In every post, we are consciously making an effort to maintain our anonymity. LE can read every post I've ever made here; it will not help them. And I assume it is the same in your case, in DPR's case, in everyone's case. So I don't really understand why that's an issue. They can tie the PGP to a name, but so what? They can't decode the message to get any sensitive information (which is what we use PGP for), so I'm not sure why it's a bad thing that they can "connect" the message to a name.

The issue is that if you goof up somehow, and you're a vendor, they still don't have your SR identity so you cannot be prioritized for deanonymization.

Another reason is that if they link your SR and your SRF accounts, they can perform stylometric attacks to deanonymize you if they suspect they know your real identity and have a bunch of text elsewhere you've written up.

Not many people realize that stylometric attacks are capable of being scaled up, it seems like science fiction but it is not. The public is simply not aware of the Orwellian nature of the technology and ignorant of its rapidly advancing sophistication.

The fact of the matter is that if the The Federalist Papers were written today, the authors would have been hounded and vilified by opponents. Truly free speech is becoming a truly rare commodity.

Finally the best reason is that there is no reason to give any more information to the enemy than is necessary. Who knows how they shall use it, but let's not find out.

"Connecting" things doesn't necessarily mean you're really solving anything. If a package is seized and is "connected" to the business you put on as the return address, and LE pursues that, it will be a textbook dead end. Same thing here.

Actually it is not. If LE continue to collect packages with the same or similar return addresses, they shall present this information at any trial as evidence of the volume the vendor was processing.
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: Digital Buddha on May 16, 2013, 03:13 am
sub'd
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: pine on May 19, 2013, 05:58 am
Plaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaatypus!

Bump! :)
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: pine on May 23, 2013, 07:20 am
bump
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: SealTeam6 on May 23, 2013, 08:10 am
Pine I sent you a PM about this exact topic, I am still awaiting your response, but I believe from your post that you answered my question.  I would just like to confirm my assumption!
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: pine on May 23, 2013, 09:48 am
Pine I sent you a PM about this exact topic, I am still awaiting your response, but I believe from your post that you answered my question.  I would just like to confirm my assumption!

I'll check it out, I have a seriously huge number of PMs to reply to, so it could be a while, sorry about the delay.
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: SealTeam6 on May 23, 2013, 10:02 am
Pine I sent you a PM about this exact topic, I am still awaiting your response, but I believe from your post that you answered my question.  I would just like to confirm my assumption!

I'll check it out, I have a seriously huge number of PMs to reply to, so it could be a while, sorry about the delay.

Don't be sorry.  The people love and need u around here!  I'll wait!
Title: Re: [Anonymity Masterclass] PGP Club and the War on Linkability
Post by: Sooperknot on May 23, 2013, 09:22 pm
If LE continue to collect packages with the same or similar return addresses, they shall present this information at any trial as evidence of the volume the vendor was processing.

Surely this information is part of the vendor best practices FAQ, no?