Silk Road forums
Discussion => Security => Topic started by: bigjt on June 05, 2012, 06:31 pm
-
Hey guys,just wanted to give you all a quick heads up,mainly for people in the UK i guess,a friend of mine said that the Police have been round to see him asking about his Internet activity,he said they knew about SR,now i dont know the whole thing he only sent me a quick text and has not replied back to mine,i have been thinking and my guess is that someone who supplied him something got busted and they got his details off his pc,or could they have been tracking my friends activity?? this has concerned me as i have letters inbound due to arrive anytime,anybody got any thoughts on this??
-
Sounds like bullshit to me.
He's obviously been blagging to his skag head friends (who are all informants by the way) "oh yeah I found some amazing site called Silk Road" and they tipped the police off.
You address get's deleted as soon as the sender puts it into transit, and he should be using PGP anyway so there's no concern there. The UK Police can't infiltrate SR or Tor unless they were pretending to be a seller, which legally they can't do as they can't supply drugs, he didn't order anything off a new seller with no feedback did he then get an empty package?
People use some common sense.
-
My thoughts are ... sounds like BS. LE monitoring his TOR activity isn't very likely, a vendor being busted who kept records of his customers ... if one existed, I guess, hopefully no vendors are that incompetent. Either scenario doesn't put you in danger, unless you ordered from the same busted vendor.
-
Yeah guess you guys are right,i dont really know all the technical in's and out's of tor,when i read his text it got me a bit worried thats all.
-
Yeah guess you guys are right,i dont really know all the technical in's and out's of tor,when i read his text it got me a bit worried thats all.
Having previously worked for the security services I can tell you it's definitely not the police who are interested in Tor, especially with their 30% budget cuts. Law enforcement are interested in the suppliers not the buyers.
-
Well when i do finally get some more info out of him i will let you know.....
-
its deffo a myth or wishfulll thinking that all vendors dont have record of addresses after in transit ive seen a few times people asking the vendor to make sure they sent to right addy when late and they check so they must keep some record till transactions finished
i did it when 1 of mine was late and i had FE and he told me what address hed sent to a week after in transit and i never sent pgp
no im not saying which 1 .i bet 90% do and when someone scams saying never arrrived they want to no that address and look out for it and warn others so must have record till transaction finished
-
its deffo a myth or wishfulll thinking that all vendors dont have record of addresses after in transit ive seen a few times people asking the vendor to make sure they sent to right addy when late and they check so they must keep some record till transactions finished
All the more reason for vendors to use TrueCrypt full drive encryption and a hidden container so when law enforcement do finally catch them the buyers are protected.
I can see myself ending up needing to make a custom version of TrueCrypt for Silk Road, which isn't too bad, I've done it before. It could create a code every time you mount the encrypted partition containing buyers details which you would need to log into Silk Road as a vendor. Or perhaps make it so you simply couldn't log into Silk Road as vendor unless the site detected you were running a properly full drive encrypted OS. This of course would require some kind of Tor compromising script or firefox addon, but it would only be sending data to and from the Silk Road site so not insecure.
-
OP:
-have you any more detail or specifics, circumstances etc...were they regular bobby's, Det's or what?! ...may either be obvious they're working on some flimsy bit of intel or "know" more by their choice of language...
Thanks
-
Remember, anonymity is your best defence, bar none.
Definitely agree with this. As long as you can keep yourself anonymous, you don't have to worry about any of the other stuff.
-
Yeah guess you guys are right,i dont really know all the technical in's and out's of tor,when i read his text it got me a bit worried thats all.
One thing you might wish to bear in mind is to keep your status on Silk Road to yourself. If you friend were truly under surveillance, then the fact that he sent you a text message to warn you would only serve to make you a possible target. Remember, anonymity is your best defence, bar none.
Guru
LE can pull your cell phone history a lot easier than your TOR history, but let's see what your friend says when he gets back to you.
-
...its being reported that uk met are taking info from suspects mobiles (cellphones) which seems to include those being "questioned", call
history and messages were mentioned but as we know theres more than just the 2 esp iphones which have location db {depending on
whether you've managed to switch this off etc}, and what stops an officer taking copies of ANY data on a phone even if its just the 2 items they
are legally allowed access to ?!
-
I can tell you what I've said on here previously.
I don't work directly with the Police any more but my bank has to file reports for suspicious account activities and as such we occasionally liaise with specialists from drug task forces and financial crimes units.
The last two senior officers I spoke to seemed unaware of the concept of Bitcoins altogether. I am sure they're aware of Silk Road vicariously but considering the difficulty of mastering even the basic concepts of using it, I doubt we have much to worry about.
I know this because in my experience the Police seem to have only the most basic degree of computer literacy at best. Any complex work involving digital forensics and so on seems to be farmed out to the private sector on a regular basis rather than be managed in house, mainly I think because it's cheaper to do that on an ad hoc basis than train and maintain the knowledge of your own officers.
Admittedly I don't speak to people in SOCA or live in a major Metropolitan area so there may well be more tech savvy officers out there but the degree of cunning and resourcefulness required to detect someone's activities on here is huge, provided a person takes the reasonable precaution of encrypting their machine, only using the Tor browser and GPG to arrange purchases, obtaining Bitcoins anonymously and so on.
I have also read a little of the literature related to AML (Anti Money Laundering) procedures as supplied to the Police and have yet to find any reference to Onion Routing, P2P Currencies or the Silk Road.
Of course we shouldn't be complacent - we have the upper hand for now but we're aware of the weaknesses and should always make sure we're vigilant against potential visits by the Police.
V.
-
Anything further come of this OP?
-
Your friend is a piece of shit who can't keep his mouth shut, and now he's coming up with ridiculous lies to cover for the fact that he was running his mouth.
If the police could infiltrate tor, they'd be coming after bigger fish than your mate that's for sure
-
Your friend is a piece of shit who can't keep his mouth shut, and now he's coming up with ridiculous lies to cover for the fact that he was running his mouth.
If the police could infiltrate tor, they'd be coming after bigger fish than your mate that's for sure
Of course we've known for some time that any fool with access to your ISP's records can see that you're running Tor in the first place - it's just not possible through traffic analysis alone to prove you engaged in a specific transaction on Silk Road for instance. If this is a problem you can use a "bridge" to obscure your Tor traffic. More information about this on request.
I keep an eye on the Crimeline periodical in the UK which details new legal issues for Criminal Defence Solicitors. Not one case I have seen so far in the three years I've been reading it involves intercepted Tor traffic. Indeed this kind of evidence is inadmissible in UK courts as Security Services argue it would reveal too much about their methods to allow it.
V.
-
Yes i have all the details now,i spoke to him today in person and here is the story......Leicestershire Police rang him Saturday to ask if they could come and speak to him about somethings,they came round that day,said that information had been taken from a pc that was involved in a drugs raid,this was the guy he had bought Ket off,apparently there were hundreds of addreses on his computer and my friends was one of them.The Police asked if they could look at his computer and asked him about what he knew.He obviously said he did'nt know fuck all about it and he had a clean lap top so was ok and they left.
I'm surprised there have not been more people talking about this if lot's of addreses were recovered.Well thats what i found out just thought i would let you know.
-
Yes i have all the details now,i spoke to him today in person and here is the story......Leicestershire Police rang him Saturday to ask if they could come and speak to him about somethings,they came round that day,said that information had been taken from a pc that was involved in a drugs raid,this was the guy he had bought Ket off,apparently there were hundreds of addreses on his computer and my friends was one of them.The Police asked if they could look at his computer and asked him about what he knew.He obviously said he did'nt know fuck all about it and he had a clean lap top so was ok and they left.
I'm surprised there have not been more people talking about this if lot's of addreses were recovered.Well thats what i found out just thought i would let you know.
Can you get the vendors name please?
-
So, do you know it was an SR vendor that was busted, or are you just assuming it was?
-
Yes i have all the details now,i spoke to him today in person and here is the story......Leicestershire Police rang him Saturday to ask if they could come and speak to him about somethings,they came round that day,said that information had been taken from a pc that was involved in a drugs raid,this was the guy he had bought Ket off,apparently there were hundreds of addreses on his computer and my friends was one of them.The Police asked if they could look at his computer and asked him about what he knew.He obviously said he did'nt know fuck all about it and he had a clean lap top so was ok and they left.
I'm surprised there have not been more people talking about this if lot's of addreses were recovered.Well thats what i found out just thought i would let you know.
So any idea which seller it was?
-
..ooops
-
Yes i have all the details now,i spoke to him today in person and here is the story......Leicestershire Police rang him Saturday to ask if they could come and speak to him about somethings,they came round that day,said that information had been taken from a pc that was involved in a drugs raid,this was the guy he had bought Ket off,apparently there were hundreds of addreses on his computer and my friends was one of them.The Police asked if they could look at his computer and asked him about what he knew.He obviously said he did'nt know fuck all about it and he had a clean lap top so was ok and they left.
I'm surprised there have not been more people talking about this if lot's of addreses were recovered.Well thats what i found out just thought i would let you know.
OP needs to post the name of the vendor ASAP, by ASAP, I mean yesterday.
-
- nice, a vendor recording & storing addresses or perhaps just a recent transaction?!
- isn't mentioning more "names" here going to be joining the dots, esp if lets say LE are monitoring this post?!
[just my 2 pence worth]
-
- nice, a vendor recording & storing addresses or perhaps just a recent transaction?!
- isn't mentioning more "names" here going to be joining the dots, esp if lets say LE are monitoring this post?!
[just my 2 pence worth]
Contacting DPR about this.
-
Yes i have all the details now,i spoke to him today in person and here is the story......Leicestershire Police rang him Saturday to ask if they could come and speak to him about somethings,they came round that day,said that information had been taken from a pc that was involved in a drugs raid,this was the guy he had bought Ket off,apparently there were hundreds of addreses on his computer and my friends was one of them.The Police asked if they could look at his computer and asked him about what he knew.He obviously said he did'nt know fuck all about it and he had a clean lap top so was ok and they left.
I'm surprised there have not been more people talking about this if lot's of addreses were recovered.Well thats what i found out just thought i would let you know.
Vendors name would be great right about now!! But I'm a bit fuzzy on the whole 'he had a clean laptop and they left' thing. So did they actually start rooting through his hard drive upon the visit by local Leicestershire police?? Surely if they were serious they would have took it away for analysis and arrested the guy?? sure he would get out on bail but it sounds a bit odd to me.....I hope OP can clarify a bit more!? Would be great.
-
Yes i have all the details now,i spoke to him today in person and here is the story......Leicestershire Police rang him Saturday to ask if they could come and speak to him about somethings,they came round that day,said that information had been taken from a pc that was involved in a drugs raid,this was the guy he had bought Ket off,apparently there were hundreds of addreses on his computer and my friends was one of them.The Police asked if they could look at his computer and asked him about what he knew.He obviously said he did'nt know fuck all about it and he had a clean lap top so was ok and they left.
I'm surprised there have not been more people talking about this if lot's of addreses were recovered.Well thats what i found out just thought i would let you know.
Vendors name would be great right about now!! But I'm a bit fuzzy on the whole 'he had a clean laptop and they left' thing. So did they actually start rooting through his hard drive upon the visit by local Leicestershire police?? Surely if they were serious they would have took it away for analysis and arrested the guy?? sure he would get out on bail but it sounds a bit odd to me.....I hope OP can clarify a bit more!? Would be great.
Yeah I'm in two minds about this. On the one hand, it is a concern but on the other it's got some holes in.
Anyway I have contacted DPR to see if he can shed some light by asking if there is any K vendors that been away for any length of time recently that would coincide with this. Hopefully he might be able to illuminate the situation because if it is true then something can potentially done to help people, if there is no evidence then Bullshit can be called and we can all chill-the-fook-out.
-
Yes i have all the details now,i spoke to him today in person and here is the story......Leicestershire Police rang him Saturday to ask if they could come and speak to him about somethings,they came round that day,said that information had been taken from a pc that was involved in a drugs raid,this was the guy he had bought Ket off,apparently there were hundreds of addreses on his computer and my friends was one of them.The Police asked if they could look at his computer and asked him about what he knew.He obviously said he did'nt know fuck all about it and he had a clean lap top so was ok and they left.
I'm surprised there have not been more people talking about this if lot's of addreses were recovered.Well thats what i found out just thought i would let you know.
Vendors name would be great right about now!! But I'm a bit fuzzy on the whole 'he had a clean laptop and they left' thing. So did they actually start rooting through his hard drive upon the visit by local Leicestershire police?? Surely if they were serious they would have took it away for analysis and arrested the guy?? sure he would get out on bail but it sounds a bit odd to me.....I hope OP can clarify a bit more!? Would be great.
Yeah I'm in two minds about this. On the one hand, it is a concern but on the other it's got some holes in.
Anyway I have contacted DPR to see if he can shed some light by asking if there is any K vendors that been away for any length of time recently that would coincide with this. Hopefully he might be able to illuminate the situation because if it is true then something can potentially done to help people, if there is no evidence then Bullshit can be called and we can all chill-the-fook-out.
yeah yeah....that should clear it up a bit ay!! I just checked out the vendor i used lately in the UK and they made a post on profile today so phewww!! hope all is good still....fingers crossed!!
-
UK vendor Online High went missing a few weeks ago, he had K listed.
He disappeared quite suddenly and a number of buyers were refunded by SR
-
UK vendor Online High went missing a few weeks ago, he had K listed.
He disappeared quite suddenly and a number of buyers were refunded by SR
Hmmm this is looking shitter by the minute. Perhaps someone should do a post about this, gunna wait till I hear back from DPR.
-
This story still seems like bullshit to me. Why would the police waste their limited resources going round and interviewing a small time K purchaser? Seriously?
-
This story still seems like bullshit to me. Why would the police waste their limited resources going round and interviewing a small time K purchaser? Seriously?
If they have previous then they potentially would, also if they found what is basically a database....they'd take full advantage of that.
-
I'm thinking this is bullshit too... What kind of vendor wouldn't encrypt his drive? And the wording suggests that the vendor stored it on a hard drive...
a) why didn't he use a usb?
b) why wasn't it encrypted?
c) why didn't he just use a magnet to clear everything? (This benefits him as much as it benefits his buyers).
There was a raid in the UK where a huge network of forgers were caught. They estimated it to be a business with about 12 Million pounds of profit yearly. Information about this is on hackbb. I think his friend may have been caught up in that. Indirectly (eg. some part of his info was used on one of the fake IDs) or directly (eg. purchased an ID).
-
I'm thinking this is bullshit too... What kind of vendor wouldn't encrypt his drive? And the wording suggests that the vendor stored it on a hard drive...
a) why didn't he use a usb?
b) why wasn't it encrypted?
c) why didn't he just use a magnet to clear everything? (This benefits him as much as it benefits his buyers).
There was a raid in the UK where a huge network of forgers were caught. They estimated it to be a business with about 12 Million pounds of profit yearly. Information about this is on hackbb. I think his friend may have been caught up in that. Indirectly (eg. some part of his info was used on one of the fake IDs) or directly (eg. purchased an ID).
No offense but you are being unrealistic as fuck lol. Since when does anyone say "Hold on inspector, can you wait a few seconds while I just rub magnets over my hard drive so I can delete all the incriminating evidence please, you just go and make a cup of tea and take a seat and then you can take me in" also you aren't taking into account that not everyone does every single security step there is and some people are stupid and could give in to the pigs. What you do is run upstairs and flush all your shit or maybe you don't even think that far ahead and just freeze, it all depends on the individual.
Also you haven't taken into account the possibility he had no time. What if it did happen and they kicked down the door when he was out or in the bath or in the middle of banging his Mrs. Don't leave you much room for maneuver.
It's not realistic to talk about what people SHOULD do. It's what people ACTUALLY do that means anything in these situations.
Anyway DPR got in touch with me, will update ya shortly.
-
I'm thinking this is bullshit too... What kind of vendor wouldn't encrypt his drive? And the wording suggests that the vendor stored it on a hard drive...
a) why didn't he use a usb?
b) why wasn't it encrypted?
c) why didn't he just use a magnet to clear everything? (This benefits him as much as it benefits his buyers).
There was a raid in the UK where a huge network of forgers were caught. They estimated it to be a business with about 12 Million pounds of profit yearly. Information about this is on hackbb. I think his friend may have been caught up in that. Indirectly (eg. some part of his info was used on one of the fake IDs) or directly (eg. purchased an ID).
When the police are knocking your door down you don't think about unscrewing your PC case and magnetizing your hard drive.
-
I'm thinking this is bullshit too... What kind of vendor wouldn't encrypt his drive? And the wording suggests that the vendor stored it on a hard drive...
a) why didn't he use a usb?
b) why wasn't it encrypted?
c) why didn't he just use a magnet to clear everything? (This benefits him as much as it benefits his buyers).
There was a raid in the UK where a huge network of forgers were caught. They estimated it to be a business with about 12 Million pounds of profit yearly. Information about this is on hackbb. I think his friend may have been caught up in that. Indirectly (eg. some part of his info was used on one of the fake IDs) or directly (eg. purchased an ID).
When the police are knocking your door down you don't think about unscrewing your PC case and magnetizing your hard drive.
Exactly.
-
Always worth keeping a rare earth magnet handy though in case you can get to the hard drive.
I always liked the solution used in Cryptonomicon. Wire up an electromagnet that runs around the inside of your front door, that way if you get raided the police will assist in wiling your harddrives as they carry your equipment out. It may take some finessing to allow you yo activate it when the police arrive but im sure it woukd be possible.
When will we get that update from DPR Lim?
-
* assist in wiping your harddrives.
-
I'm thinking this is bullshit too... What kind of vendor wouldn't encrypt his drive? And the wording suggests that the vendor stored it on a hard drive...
a) why didn't he use a usb?
b) why wasn't it encrypted?
c) why didn't he just use a magnet to clear everything? (This benefits him as much as it benefits his buyers).
There was a raid in the UK where a huge network of forgers were caught. They estimated it to be a business with about 12 Million pounds of profit yearly. Information about this is on hackbb. I think his friend may have been caught up in that. Indirectly (eg. some part of his info was used on one of the fake IDs) or directly (eg. purchased an ID).
These raids were ages ago, the court case has just been reported on tv, what makes you suspect a link to this instance?
There's nothing to suggest the op is bullshitting, and I've already warned my drop that it may be compromised just in case.
-
There's nothing to suggest the op is bullshitting, and I've already warned my drop that it may be compromised just in case.
Indeed. I have alerted DPR to the situation, waiting for a response.
-
I have asked the guy and he said he cant remember,he said that the return address was Leicestershire and the police were from Leicester also,all I know is he bought ket off him.really wish I could tell you the name but he said he cant remember,cant be to hard to narrow it down.
-
My friend was using tor on a linux live cd that's why his lap top was clean,I came on here to let people.know what I have been told to warn people and I get accused of bull shutting,cheers guys will keep my mouth shut from now on......
-
My friend was using tor on a linux live cd that's why his lap top was clean,I came on here to let people.know what I have been told to warn people and I get accused of bull shutting,cheers guys will keep my mouth shut from now on......
You did a good thing mate, people just get very sensitive about this sort of thing because of the trolls etc. I'm waiting for a response from DPR and this should help shed some light on things.
Hold tight peeps!
-
Always worth keeping a rare earth magnet handy though in case you can get to the hard drive.
I always liked the solution used in Cryptonomicon. Wire up an electromagnet that runs around the inside of your front door, that way if you get raided the police will assist in wiling your harddrives as they carry your equipment out. It may take some finessing to allow you yo activate it when the police arrive but im sure it woukd be possible.
When will we get that update from DPR Lim?
This doesn't really work, it may corrupt a little bit of data but it won't fuck your entire hard drive. I've tested it before. It also really really really doesn't work with SSD's (Solid State Drives) which are used in a lot of modern laptops.
-
My friend was using tor on a linux live cd that's why his lap top was clean,I came on here to let people.know what I have been told to warn people and I get accused of bull shutting,cheers guys will keep my mouth shut from now on......
no mate i wasnt accusing you of that...i just thought it was odd but its a good thing to inform people...i just wondered if maybe your friend wasnt giving u the full info thats all....