Silk Road forums
Discussion => Security => Topic started by: poopiepants on April 21, 2012, 02:34 pm
-
Do PM's to Sellers need to be encrypted if is a general question not including sensitive information like an address?
-
Depends on how security conscious you are. I try to encrypt all of my messages, others send everything unencrypted. You could ask the seller what he/she prefers?
-
Encrypt. Fucking. Everything.
The fact that anyone would not do this, even for a simple message, just blows my mind. Yeah, it might take a little extra time, but GPG is easy to learn/use, and wouldn't you rather know that all your messages are stored in ciphertext where no LEO can possibly read them, no matter what kind of worst-case scenario might ever befall SR? The fact is, even if you're not exchanging order details, you're still participating in an illegal-in-pretty-much-every-jurisdiction-on-the-planet marketplace, and for all the things that SR does to try to protect its users, there's always the chance that something will go tits up, so in the end, you still need to take responsibility for your own security and COVER YOUR ASS.
And yeah, I know there are some sellers that would prefer that you only encrypt order details, and I know there are plenty more that don't use GPG at all. Those cats need to wise the fuck up.
-
Encrypt. Fucking. Everything.
The fact that anyone would not do this, even for a simple message, just blows my mind. Yeah, it might take a little extra time, but GPG is easy to learn/use, and wouldn't you rather know that all your messages are stored in ciphertext where no LEO can possibly read them, no matter what kind of worst-case scenario might ever befall SR? The fact is, even if you're not exchanging order details, you're still participating in an illegal-in-pretty-much-every-jurisdiction-on-the-planet marketplace, and for all the things that SR does to try to protect its users, there's always the chance that something will go tits up, so in the end, you still need to take responsibility for your own security and COVER YOUR ASS.
And yeah, I know there are some sellers that would prefer that you only encrypt order details, and I know there are plenty more that don't use GPG at all. Those cats need to wise the fuck up.
Speaking as a new seller, I would say please do encrypt everything. I change my keys on a regular basis as I live in the UK and can be legally required to provide any keys in my possession. This way even if LE could somehow get into my inbox on SR, I could argue that the information is unrecoverable as I no longer possess the keys to it. I am referring of course to messages containing information other than mailing addresses which sellers must delete as soon as they've finished with them. :-)
V.
-
Encrypt. Fucking. Everything.
A good rule of thumb is to always encrypt your reply if the original message sent to you was encrypted. As a buyer, I really hate when vendors get this wrong.