Silk Road forums

Discussion => Security => Topic started by: onefishtwofishredfishblue on August 04, 2012, 08:12 pm

Title: i assume listed your priv and public key is a bad thig...
Post by: onefishtwofishredfishblue on August 04, 2012, 08:12 pm

i assume there are security issues/compromises that may happen through brute attack of the password to chance the passphrase.  idk if an admin wants to msg me and i can tell who it is so seller won't get barfed on...

Title: Re: i assume listed your priv and public key is a bad thig...
Post by: vlad1m1r on August 04, 2012, 08:20 pm

Quote from: onefishtwofishredfishblue on August 04, 2012, 08:12 pm

i assume there are security issues/compromises that may happen through brute attack of the password to chance the passphrase.  idk if an admin wants to msg me and i can tell who it is so seller won't get barfed on...

I'm surprised a seller would be that naive! Yes, you should post your public key only. If the private key has already been posted, I'd strongly recommend generating a new keypair, no doubt our more tech savvy forum members will confirm in due course.

V.

Title: Re: i assume listed your priv and public key is a bad thig...
Post by: 751a696c24d97009 on August 05, 2012, 01:15 am

Yeah a new set of keys would be the first thing I'd get in this situation if it were me. If I were a vendor and someone alerted me to this issue, I'd at least send them some free samples or put them on a priority shipping for life list. Good on you for telling them.

Title: Re: i assume listed your priv and public key is a bad thig...
Post by: onefishtwofishredfishblue on August 05, 2012, 02:11 am

I already messaged the seller about the key.  been like 8 hours.  guy is relatively new so i guess he doesn't log as often as most.   i was basically more concerned about my personal data than a handout, but if he throws something towards me im not going to trip.