Silk Road forums
Discussion => Silk Road discussion => Topic started by: Limitless on December 01, 2011, 03:28 am
-
Hay ya'll I'm a new seller, and while I don't have a whole bunch to offer, I have been getting several ppl wanting to purchase items from me. However of about 10 ppl who contacted me and wanted to purchase the item(s) (they actually paid but I cancelled there orders) NOT ONE PERSON KNEW HOW TO ENCRYPT there address.
I'm wondering from other sellers out there is this an issue for you? Do you/would you sell to buyers who didn't use pgp to encrypt there address? I've had to apologize and cancel several orders kindly reminding them of the importance of pgp and encrypted addresses. I offered to help them get set up but sadly they just moved on.
I'm wondering from other vendors do you sell regardless if a buyers address is encrypted or do you l cancel orders for this reason too?
-
As a vendor I don't view buyers who do or don't encrypt their addresses as different. The benefit of encrypting their address is only for the buyer's peace of mind. I don't see how it affects the vendor in any way.
However, if I'm having a discussion with a (potential) buyer then I certainly favor using GPG encryption since PMs are kept on the server and accessible by both parties for a month (or however long they stay around until they're auto deleted). Address on the other hand are deleted immediately upon shipment confirmation.
Do you mind if I ask for your reasoning why you won't send items to buyers who don't encrypt their address?
-
Wait, they paid, and sent you their addresses, and you cancelled on them because they didn't encrypt the addresses.
Really?
Would you have cancelled on them if they weren't double-spaced?
Lighten up, Francis.
You've already alienated at least10 people.
If a client wants to send you their address, for you to cancel their order because you don't like the format it came in is just silly - and even sillier if you expected them to re-send it in the format that you did want. What the fuck would that accomplish - it's already been sent once in the clear.
If your customers ask you questions, by all means answer them. But don't start thinking it's your job to educate them, and punish them if they don't meet your expectations.
-
What up everyone,
From a buyer perspective I have more peace of mind knowing only the seller I selected can decrypt my sensitive information. I honestly started this week, and this is something fairly new to me. I however learned how to use PGP, and I like it. I think its honestly up to you, but why turn someone away. As it is getting BTC is difficult enough. I agree with madamebradley and Variety Jones.
ColdFrost
-
I encrypt communication, but rarely encrypt my address. Why should I? It goes to a safe place so i don't have to worry about it. Plus, I hope you are deleting those addresses quickly.
-
Hmmm..If this is Going To Be a Hard-Core Policy (encrypting PM's or Messages)then this HAS TO BE ANNOUNCED here on Forum. 1. All newbies will have to Learn/Use PGP
2. They probably dont know about Wiki as well as Posting Their Key 3. Vendors may have to share an address such as Tor Mail.
Between figuring out how to get Bitcoins and now Crypting Messages...your talking about a fairly good idea, but man. I have mixed feelings on this.
-
I would be worried about sending something to someone who is careless/lazy enough not to encrypt their address. How careless/lazy are they going to be about receiving and using my product (I don't sell product)? How stupid were they in acquiring bitcoin that could be traced? If someone is smart enough to get tor going, get bitcoin, log on and make a purchase........why can't they go the last 5 yards? If I was a vendor, I'd want to avoid the stupid people anyway.....stupid is what stupid does.....and they would end up just causing a headache later.
I won't buy from auto43 for that very reason, he doesn't have a damn public key, so I can't encrypt my address.
-
Do you mind if I ask for your reasoning why you won't send items to buyers who don't encrypt their address?
Firstly, I was only looking out (or so *I* thought) for the buyer. I also thought it was common to send your address encrypted. On my buyers account I always send my address encrypted either at the check out process or in a pm to the vendor.
In fact the vendors I've dealt with ALWAYS wanted my address sent encrypted. (in fact some vendors wanted any pm's sent to them to be encrypted too) I thought it was a good practice and I thought I'd institute it. However it seems from the sellers above I should do away with this practice. So it seems instead of (trying) being helpful I may have alienated some buyers huh?
It's an easy fix to be sure, that's why I came here to ask seasoned veterans there opinion. Now if someone could give me the real link to SR I'd be very happy :D Thanks for your ideas gentlemen!
Plus, I hope you are deleting those addresses quickly.
Lol, I don't save messages. EVER. I delete them right after I read them. Maybe I don't really understand the security measures inherent in SR but that's what *I* do. I've done sales online to get the money to open my SR account and no one ever had a problem with encrypting there address or any other communication with me.
My take away from this appears to be if they (the buyer) don't care then I shouldn't either. If they don't want to encrypt there address then I'm cool with it too :D In fact I just changed my profile to reflect this now. (Hopefully I signed in to the real SR?)
Is this the correct link now? http://silkroadvb5piz3r.onion/index.php
-
Is this the correct link now? http://silkroadvb5piz3r.onion/index.php
Yes, this is the new and improved SR URL. :)
-
Is this the correct link now? http://silkroadvb5piz3r.onion/index.php
Yes, this is the new and improved SR URL. :)
awesome thanks for verifying that, AND for your input. One day I wanna be grow up to be the seller you are :p
-
Is this the correct link now? http://silkroadvb5piz3r.onion/index.php
Yes, this is the new and improved SR URL. :)
awesome thanks for verifying that, AND for your input. One day I wanna be grow up to be the seller you are :p
Awww <3
Treat everyone with respect and karma will do the rest!
-
no reason to send away all of those sales, that sucks - all those convo's must have been awkward lol
-
It should just be a rule everyone learns to accept, IMO. Its not hard to figure out,but I don't know why the people writing the how-to's can't grasp that they are just making the concept more difficult to grasp than it has to be.
-Your keypair has a public key,which you share with others, so they can use it to encrypt messages they send to you. The other half of your keypair is your private passphrase,which you need to enter to decrypt any message that was sent to you that was encrypted with your public key. -
Is this correct? Because I couldn't gather this from the writeup in the security section, after reading it 3 times (sorry to complain,but it really is just confusing)
-
Honestly,
I see little point in cancelling the order once you have already seen the address. What sense does that make?
I know you want to reinforce the use of encryption but there are many out there who simply do not care and nothing will change that; furthermore, in my experience most of my buyers use encryption minus a few exceptions. Overall I am not too concerned
-
It only hurts the buyer by not encrypting. It doesn't effect the vendor one bit. I sometimes remind them to get pgp in the future, but, I wont turn down an order just because its not encrypted.
-
Lighten up, Francis.
hahaha, great line from a great movie.
-
no reason to send away all of those sales, that sucks - all those convo's must have been awkward lol
no not really, because it was on the listing as well as my profile. I find it funny how much pgp is stressed on the forum side, however in reality I'm finding it's not really used that often. (at least with the buyers I've dealt with)
Again, it's all good, and I went through my listings and removed the references to pgp being necessary. All criticisms have been received constructively.
-
??? hey sorry bro.... i get your point about using encryption for the sake of having buyers keep their info a little safer,
So you get my point but then you say....
but, what you have written here reeks of retardation. and or, you're a trolling LEO. dunno.. ???
8) peace
I know post count is important (to you) but damn, really? That's all you got? Im a trolling leo or I'm retarded? So the fact that you can understand my point (YOUR WORDS) should probably make you which one?
1) Retarded
2) a troll
3) or ???
:o
-
I think it might just protect the buyer if the site were hacked and taken over, or something like that...in reality, encrypted or not, we depend a whole lot on our vendors being who they say they are, but pgp makes us 'feel' better, more than anything, smacks of being professional and careful in what we do.
If I see a public key--and I look--I'll happily encrypt, but I've not found a lot of consistency among vendors in this area, some post it in every ad, and some just post it on profile, and some don't post a public key at all... it's not always obvious where it is...and most vendors that like to chat a bit, blow it off.
I bank a lot on karma, I guess, and try to act right, and go with the flow. I doubt an encrypted addy is going to save me from any serious persecution, if it comes. It's good to learn it, and like others, I"ve spent my time teaching newbies how to encrypt and decrypt, but sometimes I think people get false sense of security from stuff like this. As far as buyers go, we don't have a lot of protection if a vendor goes bad. Vendors are more protected--as they should be--and we don't have any info about them, thanks to bitcoins.
So, for me: falls into the 'Not that big a deal' category, and I think this was just a bit of misunderstanding, no problems at all: vendor meant well, was just trying to encourage security, no need for vendetta here.
-
for those that are paranoid the best reason to encrypt all your communications is to help protect yourself from a dea takeover of the SR site. i'm not suggesting that this is or will be the case. and there are other issues to wrestle with if that does happen (bitcoin tracking, etc.) but encrypting does stop the SR site itself from seeing your communications.
i'm just about out of tinfoil. gotta run to the store now.
-
what about privnote? is that secure?
-
Call me crazy, but I don't want my mailing address stored on some site associated with the sale of illegal drugs. The chances of it being found by LE may be small, but I don't want to risk that. Encrypting my address makes me feel much more secure, even if it's a false sense of security. I definitely wouldn't buy anything on Silk Road otherwise.
-
My first transaction on SR several months ago was before I knew about PGP. I sent it as plaintext in the shopping cart box and subsequently never used that address again. Every since then all sensitive and potentially incriminating writings I have encrypted. If a buyer doesn't care about their safety, it shouldn't become the vendor's job. A good vendor, in my opinion, will respond in the same way that they are contacted
-
Having the address on the site isn't good but it's not incriminating either. It's easy enough to put someone else's name and address in the form if you wanted to create some excitement in their life. The thing that really matters is whether you are caught in possession of something.
I believe you should encrypt all your Silkroad communications all the time. I just don't think this is something worth getting worked up about.
-
I would be worried about sending something to someone who is careless/lazy enough not to encrypt their address. How careless/lazy are they going to be about receiving and using my product (I don't sell product)? How stupid were they in acquiring bitcoin that could be traced? If someone is smart enough to get tor going, get bitcoin, log on and make a purchase........why can't they go the last 5 yards? If I was a vendor, I'd want to avoid the stupid people anyway.....stupid is what stupid does.....and they would end up just causing a headache later.
I won't buy from auto43 for that very reason, he doesn't have a damn public key, so I can't encrypt my address.
This ^^^
It's not about whether their data is safe (encrypted) from prying eyes, it's also an indication of how cavalier they may also be in real life. The customers that understand and use PGP exclusively do it because they understand that affords them more protection than not, which also includes protecting the vendor which as a bonus protects their ability to continue to recieve the products they order. many buyers use their legitimate name and address for their orders, not protecting that in some way from unintended recipients when conducting transactions on SR puts all of us at risk for SR attracting more attention from people we don't want the attention of.
-
It only hurts the buyer by not encrypting. It doesn't effect the vendor one bit. I sometimes remind them to get pgp in the future, but, I wont turn down an order just because its not encrypted.
This! Way to lose those sales for such a petty reason, bud.
If they don't want to encrypt, then who cares? Its not required by SR, and its not like it puts YOU (seller) in any danger.
As a seller myself, unencrypted addresses are easier/quicker for me to process because I don't have to go that extra step.
I've also been recommending https://privnote.com/ for messages and addresses.
If you personally want to require address encryption then you obviously can - its your business after all. But you WILL lose sales because of it.
-
Well why the fu*k did I learn how to use pgp when no one even cares if your info is encrypted or not? When I first got here phubaiblues helped me out a lot with questions and pgp issues. I'll always use it with a vendor who has a public key. If a vendor doesn't have a key chances are I will NOT do business with them.
I appreciate what the op is saying, and quite honestly I think it's a good idea. But ppl are lazy, and just want to buy right now. No one really wants to learn pgp, (hell the only reason I did was because I thought it was needed to make purchases) and I think it would be easier on the op to let the buyers do whatever they want.
I'd say make your public key available for those who want to use it but for those who don't, well don't sweat it.
-
I just now saw this thread and I was wondering where the listing for Hay is and why you would need to encrypt your address for delivery? I have livestock that need feeding and my own supply is running low. :D
Seriously though, why wouldn't you use it? It only helps protect yourself and that can't be bad can it?
As for me, I have not bought from a seller that cannot bother to get a PGP key for reasons stated earlier. Italian Pilot comes to mind and most of us know how that ended. Come to think of it I don't recall buying from a seller who has demanded it either. Something about the "demand" part of it turns me off.
Oh well, that's all I have to say about that.
P.S. Please be safe out there and take your time, this is not a race. Don't be in such a hurry to part with your btc.
-
I use every layer of protection available to me. There's just no reason not to from the buyer's end. I wrestled with ordering from VortexMilkMan for like a week because he didn't have PGP. I finally convinced myself that sending an addy through an off-site message service with absolutely no other info other than a subject line I sent to VM first and then the address would probably be hard to connect back to an SR transaction made at a different time. Or maybe it was staring at the picture of his product that convinced me :D
-
Limitless, it wasn't clear to me whether you had your pgp public key in your profile and recommended it but you seem to be looking for honest feedback.
In my opinion as a buyer (a paranoid buyer still waiting for bitcoins): as a seller you should recommend its use for addresses and provide your public key (as a buyer I wouldn't deal with a seller that didn't provide it), but not turn away orders that don't use it. It seems to be a protection mainly for the buyer. Or you could insist every communication be encrypted. As a buyer I'm more concerned about your packaging and stealth abilities and your feedback. As long as it's in your profile and clearly stated, I'm going to follow it. I think it's important for both parties to be comfortable with the security level of our part of doing what we're doing.
yakyak
-
A nice vendor taught me how to encrypt a message. This vendor preferred his/her clients used it so it took me two days of messaging but in the process I also found Truecrypt.
I cant wait for my bitcoins to come in so I can buy some more :P