Silk Road forums
Discussion => Security => Topic started by: weelili on July 17, 2012, 03:46 pm
-
I was just wondering.. I don't have great possiblities of buying bitcoins in my country.
Is it not safe enough to buy bitcoins with a verifyed (real name+real address) and then maybe put them through bitcoin fog?
This is what I'd do:
Create a mt.gox account and verify it on my usual computer+internet line at home. Buy bitcoins.
Use Tor Browser Bundle with cache turned off on the same computer+internet and get a bitcoinfog address. Send it to SR from there.
Not safe enough?
-
<removed>
-
But can they really track the bitcoins back to me if i sent them through bitcoinfog or an instawallet i created being connected to Tor?
-
<removed>
-
Yes, buying bitcoins at MtGox and then laundering them through Bitcoin Fog is a safe method. You can also send them directly to your SR account. Before your funds go to the vendor, they will be mixed in Silk Road's own tumbler. So it will be pretty hard to trace the transaction back to you. For small purchases, you don't need to use Bitcoin Fog (although apart from the fee, it doesn't hurt. And the more people use such a service, the more secure it becomes, so you're doing a service for the BTC community).
If you use that method, your own defense is somebody hacked the account, but you better have some pretty good answers as to why you bought the coins in the first place and you need to prove it wasn't you.
If you live in a decent country that respects basic human rights, you do not have to give any reason why you bought BTC! If the police come to you with questions, you shouldn't answer any of them. Also you don't need to prove it wasn't you, they need to proof it actually was you who owned all the addresses the BTC resided in.
But can they really track the bitcoins back to me if i sent them through bitcoinfog or an instawallet i created being connected to Tor?
They can see that you sent BTC from your MtGox account to another BTC address, but they cannot know or proof that the other address belongs to you. If you send them trough bitcoinfog, then the bitcoins get mixed with other people's bitcoins that it will be almost impossible to trace where they really went.
Take a look at the website www.blockchain.info. Here you can exactly see all transactions.
-
Alright, thanks for the info !
So just to feel better I could make 2 instawallets (I get a safety warning when I go to instawallet.org with Tor, thats no problem, right?) with two different Tor identities, get the BTC through them, of course not from Tor network but with my usual browser logged into MtGox, then through bitcoinfog and from there to SR and I should be safe even though the initial purchase of BTC was in my name.
Right...? Sorry for the repeated asking, I'm just a bit paranoid :)
-
please?:)
also, is anyone actually doing it like this or are people just saying its safe and still buying their BTC anonymously?
-
The safest way would clearly just be sending cash in to v1ad1m1r through the post, then him sending you the coins. But as I stated in a previous thread.. I strongly doubt the majority of SR'ers ordering small possession quantities of drugs, would ever be looked into that deeply should a package through the post be seized from thereon in. Using bitcoinfog is always a good idea though from what I can make out.
I take it the idea of using BCF is that if the SR servers were to be confiscated, the BC addresses wouldn't link back to an exchange (which holds your details), but rather to a BCF address? Which would greatly reduce the chance of you being found. If someone could clarify that is the idea of using BCF I would appreciated it. Because I'd imagine from the point of view of transfers FROM the exchange being investigated then there'd be no real benefit of BCF as there's no way to exactly prove the bitcoins have gone to a Silkroad account, and SR having a mixer, etc. So the way I'm thinking is that the only real point of BTC is protecting yourself against SR servers being confiscated at some point?
-
from what i understand bitcoinfog is a mixer too.
bitcoins are basically strings of numbers or whatever and you send them to bitcoinfog. bitcoinfog then does not send exactly your numbers out, bit mixes them with everybody elses.
that way you might end up sending bitcoins from people who ordered way heavier or more stuff, but with the btc going through bitcoinfog before LE would have no way of proving the bitcoins you originally bought were used to do something illegal, at least not by you(!).
-
dumbasses is who :)
-
care to elaborate? sorry, english is not my mother language and im not sure as to what that phrase means in this situation :)
-
If you live in a decent country that respects basic human rights, you do not have to give any reason why you bought BTC! If the police come to you with questions, you shouldn't answer any of them. Also you don't need to prove it wasn't you, they need to proof it actually was you who owned all the addresses the BTC resided in.
Firstly, that's a big IF!
In the UK and indeed several European countries failure to mention facts during Police interview which you then rely on for your defence is a valid reason for Juries to infer guilt. Your silence is not an automatic defence - this is why I have so much fondness for the Americans Fifth Amendment!
Also, it's not necessary to necessarily access an exchanges records to prove you have bought Bitcoins (notwithstanding the fact that MtGox have publicly stated they would support enquiries from the Police of this nature) - it would be sufficient for any fool with access to your bank records to see you'd bought them.
This could prove VERY problematic if you're caught receiving contraband in the mail and then try to say you had no idea as to the contents of the package when you signed for it, if the Prosecution can then demonstrate you bought the No. 1 digital currency for trafficking in Narcotics.
The risk may be low but it is real, not theoretical. I work in a bank myself and we are obliged to file SARs (Suspicious Activity Reports) for any transactions of a possibly fradulent or otherwise illegal nature. As far as I know we haven't started monitoring accounts owned by exchanges yet but we do in practice comply with reasonable requests from the local Financial Crimes Unit for information - in theory a court order is required but in practice we cover our backs by supplying such information.
At my bank we refer to the Police euphemistically as our "friends from down the road." as technically we're not allowed to share Customers' data in this way. In practice the old boy "scratch my back" network is still running along merrily and we much prefer to quietly supply such information than face public scrutiny of the kind to which HSBC has recently been subjected for example.
Of course you'll say I'm biased as I sell Bitcoins for cash but as I said yesterday I am supplying a demand for obtaining BTC safely - I didn't create it!
TLDR : Police can and do view your financial information without a warrant, use cash to buy your Bitcoins!
V.
-
Well, the thing is...
If I use bitcoinfog and im buying anonymously, they wont have a reason to come knock at my door.
They certainly wont search my house just because I bought bitcoins.
So I guess as long as they dont have a reason to think I bought drugs in the first place, I should be fine.
-
So I guess as long as they dont have a reason to think I bought drugs in the first place, I should be fine.
"As long as" being the operative words. :-)
V.
-
Firstly, that's a big IF!
In the UK and indeed several European countries failure to mention facts during Police interview which you then rely on for your defence is a valid reason for Juries to infer guilt.
When I wrote "a decent country that respects basic human rights", I was definitely not referring to the UK.
I believe you are familiar with the movie V for Vendetta. It takes place in the UK. And not by coincidence.
You are absolutely right though. The right to remain silent, and the protection from being coerced to cooperate in your own conviction, are severely compromised in the UK. My previous post did not apply to that country, I should have pointed that out.
Also, it's not necessary to necessarily access an exchanges records to prove you have bought Bitcoins (notwithstanding the fact that MtGox have publicly stated they would support enquiries from the Police of this nature) - it would be sufficient for any fool with access to your bank records to see you'd bought them.
This could prove VERY problematic if you're caught receiving contraband in the mail and then try to say you had no idea as to the contents of the package when you signed for it, if the Prosecution can then demonstrate you bought the No. 1 digital currency for trafficking in Narcotics.
That is an interesting question.
If they can prove that:
1) you bought bitcoins
2) somebody sent you drugs
Is that enough to convict you for buying drugs?
Because in that case, you can screw over any BitCoin user by sending them contraband that have been packaged in such a way that it will get intercepted.
If it works like that indeed, somebody should send a few grams of badly packaged weed to the owners of MtGox. Mess them up a little for being so hostile to the SR community.
-
Why would they have that reason Vladimir?
I really have to agree with eJ3k1, only having obtained bitcoins cant be enough to go from "someone sent you a package with drugs, doesnt have to be you who ordered it" to "it surely was you, you bought bitcoins and send them somewhere".
I dont wanna waste your time, if you can convince me its riskier im going to use your service :) im pretty paranoid so im considering it anyway...
re-wording my question:
is the security level of:
using your service and at the same time buying and spending bitcoins for something else entirely (just sending them to a friend for the sake of argument)
and:
buying bitcoins non-anonymously and using a mixer
not the same?
in either case: we got drugs; we bought bitcoins; the payment for the drugs can not be proven.