Silk Road forums
Discussion => Security => Topic started by: kmfkewm on May 29, 2012, 07:17 am
-
Someone in another thread mentioned that privnote is an additional layer of trust with no purpose. I think this statement deserves a full thread. Privnote decreases your security versus sending your address in plaintext. The entire design is flawed from the bottom up. Now your sensitive information is on the privnote server. They can access it. You send the link to it on the SR server. Anyone who pwns the SR server can intercept the non-encrypted privnote url and do a MITM attack, being the first person to read the original message they can then make a new message that copies it and forward THAT url on. You have added absolutely no security and have reduced your security by sharing your address and order with privnote for fuck knows what reason, because they have a catchy name and people want to play spy with "self destructing" notes I guess.
If you want to play spy you should use real tools like GPG that actually work for their intended purpose when used correctly. Failing that, you should just send your address in the clear because at least then only someone who pwns SR can intercept it, and SR is a hidden service drug forum running on an at least semi-secured server.
-
Oh and just so you know if privnote cooperates with the feds, it wont be illegal for them to view your allegedly self destructed communications with no warrant 180 days after you send them if they argue that they are essentially E-mails. E-mails require no warrant for interception if they are on a server for longer than 180 days, and there is no law saying an E-mail provider needs to delete E-mails entirely after you select to delete them. Another little "a wiretap, but not a wiretap" loophole in the USA law.
-
I would rate its security somewhere between sending a plain text e-mail and sending a GPG encrypted e-mail, leaning heavily towards the plain text side!
I have to confess though I do use Privnote to protect the mailing addresses I use for my customers to send cash in exchange for Bitcoins as many of them are new to cryptography and haven't yet mastered GPG - as such I do worry more about the information remaining on their hard drives if sent in an e-mail as opposed to being removed from the site after a certain amount of time.
As you say this doesn't protect you from man in the middle attacks, even though Privnote do use SSL and also there's a risk that after the note is deleted it could still be recovered by Privnote themselves and handed to LEO.
Of course you would still need the corresponding message containing the Privnote link to demonstrate context e.g that a person had uploaded their address specifically to receive illegal drugs, and not just to receive a CD but I agree it's something of a risk and could in itself prompt further investigation.
In an ideal world, everyone would master GPG and we'd have no need of such sites!
V.
-
I think GPG should be mandatory for sending all addresses as a security measure for us all. I consider myself fairly computer savvy, and it took a bit for me to learn encryption through GPG. That being said I learned it and in hindsight, it really wasn't that hard.
The way SR is setup, already weeds out those either too lazy or not intelligent enough to access the site. Learning how to encrypt is another security "clearance" to eliminate users that may be detrimental to our community.
Hell, most of the better vendors require PGP already for sensitive shit. It isn't that hard, if somebody can't follow step by step instructions with screen shots, I don't think they're fit for SR.
-
I would rate its security somewhere between sending a plain text e-mail and sending a GPG encrypted e-mail, leaning heavily towards the plain text side!
Yep, very heavily.
I have to confess though I do use Privnote to protect the mailing addresses I use for my customers to send cash in exchange for Bitcoins as many of them are new to cryptography and haven't yet mastered GPG - as such I do worry more about the information remaining on their hard drives if sent in an e-mail as opposed to being removed from the site after a certain amount of time.
Alternatively you could use an anonymous remailer. There are even a couple that can be reached from within the Tor network, but chances are the email will still be sent in plain text through the clearnet at some point.
Most people using anonymous remailers prefer to use GPG with them.
As you say this doesn't protect you from man in the middle attacks, even though Privnote do use SSL and also there's a risk that after the note is deleted it could still be recovered by Privnote themselves and handed to LEO.
I'd say that's quite high, it would be simple for them to replicate any data submitted to their site. As for MitM attacks, sometimes they're rebadged as an Internet filter (censorship tool) and sold as a commercial product.
Of course you would still need the corresponding message containing the Privnote link to demonstrate context e.g that a person had uploaded their address specifically to receive illegal drugs, and not just to receive a CD but I agree it's something of a risk and could in itself prompt further investigation.
Essentially it is security through obscurity: relying on only one or two people knowing the URL and that's it. The SSL doesn't really do anything if their generated URLs can be predicted in any fashion.
I wonder what method they use to derive the URLs? Is it using /dev/random or /dev/urandom? Are they silly enough to use a SHA sum of the content or the source address? Is there a predictable algorithm? And could whatever method that is being used be susceptible to an attack that would reveal some notes or even specific notes?
In an ideal world, everyone would master GPG and we'd have no need of such sites!
Yes, both within Tor and in the clearnet! I'd like to see a world in which the majority of email is encrypted and the only unencrypted things being sent are things like mailing lists.
-
I have seen a lot of vendors who don't set up PGP. There is literally no reason why someone can get shit to sell, buy packing materials, buy a vendor account and not use PGP. That is fucking absurd, and a vendor account should not even be able to be purchased if you don't include a key with it.
It takes literally five to ten minutes or less to set this up.
-
Oh and just so you know if privnote cooperates with the feds, it wont be illegal for them to view your allegedly self destructed communications with no warrant 180 days after you send them if they argue that they are essentially E-mails. E-mails require no warrant for interception if they are on a server for longer than 180 days, and there is no law saying an E-mail provider needs to delete E-mails entirely after you select to delete them. Another little "a wiretap, but not a wiretap" loophole in the USA law.
Not really trying to defend privnote here, theres no reason to use it.
But does privnote ever have the private key? I'm pretty sure the encrypted text is sent to the server only. server's never see anything beyond a hash tag (IE when you ask google.com for goole.com/#kmfkewm_is_awesome, google's servers never see kmfkewm_is_awesome unless it scans it via JavaScript and sends it), I was under the impression the server stored the encrypted text, sans key, and the client did they private key generation/encryption/decryption. So unless the private key generator was trash, privnote shouldnt be able to view the notes unless they can break AES.
Browsing the source seems like it may do this, but i've honestly not watched the traffic that goes back/forth or looked at the algorithm that closely.
-
even after reading http://blog.pablohoffman.com/how-privnote-really-works this I will still never use privnote again. Staying out of jail is priority for me. GPG is a much better solution.
-
I wonder what method they use to derive the URLs? Is it using /dev/random or /dev/urandom? Are they silly enough to use a SHA sum of the content or the source address? Is there a predictable algorithm? And could whatever method that is being used be susceptible to an attack that would reveal some notes or even specific notes?
http://blog.pablohoffman.com/how-privnote-really-works
my opinion is that privnote is probably a federal honeypot :P
+1 all of this ↑↑
-
So just out of curiosity I had to test this... using a packet sniffer and Firefox I watched and observed traffic going anywhere during an encryption/decryption.
Encrypt "this is a test note"
Client encrypts the note, and sends the encrypted note to the server/
Client sends POST to privnote.com with "body=U2FsdGVkX182xK%2BVqBr47divr9JukLU%2Fcn%2FE7wbZSX%2BD7SqYQ9m2D%2BBxZOfjxX8J%0A&sender_email=&reference="
Server Responds With "https://privnote.com/n/ejejizoiebcxdruh/"
Client appends locally generated key and displays
"https://privnote.com/n/ejejizoiebcxdruh/#dxxbyvvhxxhistjy"
Viewing https://privnote.com/n/ejejizoiebcxdruh/#dxxbyvvhxxhistjy
Client sends a request to privnote.com at "/n/ejejizoiebcxdruh/"
Privnote sends back HTML that redirects to /n/destroyed/#dxxbyvvhxxhistjy
Client sends request to privnote.com at "/n/destroyed/" with referer set to /n/ejejizoiebcxdruh/
Privnote sends back HTML with <input type="hidden" id="noteinput" value="U2FsdGVkX182xK+VqBr47divr9JukLU/cn/E7wbZSX+D7SqYQ9m2D+BxZOfjxX8J
"/>
Client decrypts locally with the hashtag as the key, no further communication is done with the server.
Google Analytics is used, but only the URL, the hash tag is not sent (the hashtag is the key).
So it really comes down to the encryption algorithm which is here:
https://github.com/mdp/gibberish-aes/blob/a693e7ebcfa10c8bb7973d90682fb2927ecc8302/src/gibberish-aes.js
The weakest point is going to be the key, which is generated client side.. by..
function random_string(C) {
if (C === null) {
C = 16
}
var B = "abcdefghijklmnopqrstuvwxyz";
var D = "";
for (var A = 0; A < C; A++) {
pos = Math.floor(Math.random() * B.length);
D += B.charAt(pos)
}
return D
}
I think it'd be a pretty far leap to actually guess the client key due to even tiny amounts of latency that cannot be easily accounted for (what JS's random is seeded on)
UPDATE: Thinking more about it, without the PRNG being a bit stronger, it is fairly weak. Although it is AES-256, they need to improve their key generation to use a real PRNG
-
I wonder who even started the whole using privnote as an alternative to PGP. It's weird that site comes out of nowhere and states that it's a great way to send "secret" messages because they delete it right after it's read but no one can prove whether they keep logs or not for the feds to extract. I also think it's a huge honeypot and they run filters to target certain messages.
-
I wonder who even started the whole using privnote as an alternative to PGP. It's weird that site comes out of nowhere and states that it's a great way to send "secret" messages because they delete it right after it's read but no one can prove whether they keep logs or not for the feds to extract. I also think it's a huge honeypot and they run filters to target certain messages.
There is plenty that can be proven by watching the data that gets sent back/forth, and you have the code available because its all client side.
It being a honey pot seems a bit unlikely, it would be pretty difficult to actually figure out what any of the rows on their servers contain, without a lot of extra info that would not be easily available without surveillance of the client.
-
Raven,
One question to ease my mind:
When you say you used a packet sniffer, do you mean a "real" packet sniffer like Wireshark or just Chrome/Firebug's XHR viewer?
I ask because if the site was using flash to do the communication it does not want you to see, these requests would not show up in Chrome/Firebug. If you were using Wireshark or similar, you'd still see them.
-
here some more details about them and the privacy seal they were awarded
https://www.european-privacy-seal.eu/awarded-seals/certified-privnote
-
But does privnote ever have the private key? I'm pretty sure the encrypted text is sent to the server only.
You're thinking from the point of view of a buyer who is worried about his address being disclosed. But the feds target sellers not buyers. If privnote were a honey pot it would work like this: DEA agent encrpyts his address and sends it to the seller with privnote. Privnote requires java to be enabled which can be used to identify the seller. Once the order is delivered with contraband there is only one person who opened the privnote.
I probably just have an overactive imagination, but all the same I'ma opt out of visiting website links given to me by buyers.
-
Raven,
One question to ease my mind:
When you say you used a packet sniffer, do you mean a "real" packet sniffer like Wireshark or just Chrome/Firebug's XHR viewer?
I ask because if the site was using flash to do the communication it does not want you to see, these requests would not show up in Chrome/Firebug. If you were using Wireshark or similar, you'd still see them.
A real packet sniffer, but I also don't have allow Flash unless I know what its doing. On the same note I didn't see any flash objects when I skimmed the source.
At the end of the day I'd recommend using GPG over PrivNote, the tutorial at http://dkn255hz262ypmii.onion/index.php?topic=131.0 or http://p3lr4cdm3pv4plyj.onion/guides/shepj.html is pretty straight forward that anyone should be able to follow it. GPG puts the security more in your hands, no reason to have to trust that nothing changes on PrivNote's side or such.
But does privnote ever have the private key? I'm pretty sure the encrypted text is sent to the server only.
You're thinking from the point of view of a buyer who is worried about his address being disclosed. But the feds target sellers not buyers. If privnote were a honey pot it would work like this: DEA agent encrpyts his address and sends it to the seller with privnote. Privnote requires java to be enabled which can be used to identify the seller. Once the order is delivered with contraband there is only one person who opened the privnote.
I probably just have an overactive imagination, but all the same I'ma opt out of visiting website links given to me by buyers.
PrivNote requires JavaScript, not Java, but given a fairly clean system JS shouldn't be able to identify you.
Like I said anyway, I recommend GPG far before PrivNote only using PrivNote because GPG is too hard is a pretty lame excuse. I just wanted to know a bit more raw fact as to what PrivNote was doing and if it was at all secure.
-
I wonder who even started the whole using privnote as an alternative to PGP. It's weird that site comes out of nowhere and states that it's a great way to send "secret" messages because they delete it right after it's read but no one can prove whether they keep logs or not for the feds to extract. I also think it's a huge honeypot and they run filters to target certain messages.
I agree. Out of nowhere a bunch of noobs are like fuck yeah privnote!
here some more details about them and the privacy seal they were awarded
https://www.european-privacy-seal.eu/awarded-seals/certified-privnote
Big deal, reading that page just makes me laugh.
Certied Privnote makes use of data minimisation measures: No extra information besides notes' contents and users' IP addresses is required to use the service. Messages are deleted upon initial retrieval or after 30 days if they have not been retrieved at all. IP addresses are not stored but only used for the purpose of communication.
This says next to nothing. So private, you only need to reveal an IP address and the contents of your communications. How is that even award worthy? That is true for any conceivable messaging system. What else are they going to do, I guess they could make you register with a credit card or show photo ID. So private of them to not make you do that !! Messages are deleted says not much , how they are deleted matters more there. Maybe they do not log IP address, I guess that is better than them keeping it forever.
The service guarantees the confidentiality of the notes by using both, a browser and a server site encryption as well as an SSL transport security mechanism.
That shows a complete lack of technical knowledge on their part. The type of encryption used by privnote is notoriously insecure, you can not fuxxing have purely server side encryption that is in the slightest bit secure unless you are using really advanced and not even practical almost entirely only theoretical crypto systems. Privnote is not. SSL keeps communications confidential between you and privnote, big deal that is not anywhere near what is required for secure client to client communications.
When sending the URL to the recipient of a note, the note's creator should keep in mind that there may be a certain risk that third parties intercept this communication, get knowledge of the URL and thus may be able to access the message in plain text. The actual risk depends on the communication channel of choice (phone, fax, SMS, instant messaging, email etc.).
Well at least they know that! Yes Privnote is much more secure if you encrypt the URL with GPG prior to transferring it over a potentially insecure channel , but it is in turn much much much much much more secure if you just encrypt the message with GPG in the first place.
Privnote is trash. It is a completely flawed design. It deserves no privacy awards. You are safer to not even use it.
-
but how do you really feel about privnote kewm?
-
kmf is a competing vendor in the private communications sector :P
bad kmf! bad!
-
kmf is a competing vendor in the private communications sector :P
bad kmf! bad!
running hushmail?
-
nope I run supersecretmail certified by privacyiskewl.info and even though I require credit card payment and photo ID I pinky swear not to share it with anyone and to keep you ultra secure by encrypting all stored messages with AES-ECB-256 !!!
-
if i can be serious under this nym for once :P i hope your work is going well. i know all sorts of luddite peeps going back to the crypt one crew that think se is gonna be the coolest thing since sliced bread.
-
Unfortunately, and despite a lot of effort towards achieving it over several years actually, a secure forum system created by/for and funded by people from the drug scene is something that will probably never exist. Two people who were paid to program it fucked off and accomplished nothing. Additionally, despite a lot of effort towards design, it is pretty apparent that professional grade security designs must come from true professionals and not security hobbyists or illegal forum security Gurus (even the best ;) ) ... (not mentioning Guru, who may be a professional cryptographer for all I know). I am not convinced that anyone in the drug scene has the skills required to make such designs, myself included, and any attempts to do so may very well end up being counter productive and giving a false sense of security when in fact they could harm security. Furthermore, it is not at all smart to have security software made by illegal groups specifically for protecting illegal activity from law enforcement, merely using such software would cast strong suspicion on any users. Also, only criminals will audit it, and as I said before I am not convinced that the drug scene has the talent required to audit or create such a product in the first place, multiple attempts have failed and a lot of money and time has been wasted. Also, only criminals will use it and that is simply not secure, especially in contexts where security directly correlates with crowd sizes and diversity of crowd sizes.
However I do have some good news. I have been closely following developments of a fairly similar in goal although substantially different in implementation and design and entirely unrelated in association project, and it is nearing completion of the first Beta. It will not be very well suited for a very large forum like SR, because the security comes with a large performance price and this in turn limits the amount of people who can receive a single outgoing message to approx one thousand. Unfortunately, the more messages a person sends through the system the less the security guarantees can be, so simply scaling the number of outgoing messages for every 1,000 members will not be the best idea and sending 20 copies of every message to support a 20,000 member forum will result in substantially worse security versus restricting your group sizes (really better thought of as "message recipient size" since the concept of a group is entirely defined by the sender of a message) to 1,000 members.
I have been spending a *very* large amount of my time learning the language this is being written in so that I can audit the code, and I believe I have achieved proficiency enough to properly assess the correctness and security of the implementation of the algorithms used, as well as the over all design (which is in fact a composite of various algorithms from various academic papers written by true security experts) . I think the end result will at the very least be a much more secure and anonymous alternative to GPG, Tor (although it still uses Tor, it adds mixing on top of it) and E-mail / private messages, with a substantially lower learning curve required to make use of it as compared to GPG (more similar to sending a PM on a forum, or using a forum, with the crypto and anonymity stuff taken care of in the background outside of user awareness). it is also well suited for forumesque structured group communications, for groups consisting of one thousand members or less. It does technically support larger groupings, although it rapidly and linearly-per-extra-thousand-recipients becomes less suitable for secure/anonymous group communications after a message recipient size of 1,000 is reached. I expect a beta as well as the entire source code and some free to use servers running the server component will be publicly available within two months, the message forwarding, mixing, a provably secure cryptographic packet format, other base encryption systems and a lot of other required components are finished (I have gone over it and it looks fine to me, although earlier prototypes had poor code quality) and now the developers are working on message retrieval, which requires the implementation of a private information retrieval system. After that is accomplished the system will be ready for Beta, although of course it will be unwise to use it until it is audited by as many people as possible, I will give it my seal of approval though (of course pending my review of the rest of the code whenever they are done with it, and as long as my confidence in my proficiency in the language / auditing abilities remains stable for some period of time, I have surprised myself two or three times but generally I am fast learner and spend over a dozen hours every day focusing on learning this ;) )
It is also nice to note that it uses established cryptographic libraries and only wraps them or composites them together into larger systems, implementation of crypto primitives is best left to very very very skilled people and of course only after an implementation has been publicly audited by many professionals can it be trusted.
-
it's a shame that you're so pessimistic about this especially when i think that you're one of the people with the skillz to get it done but i must agree with you, it must be done by pros. after all the first thing they teach you in a security engineering class is to leave crypto to cryptographers, and the first thing they teach you in a crypto class is to not try this shit at home. :P
i don't think scalability is a problem. the vast majority of customers on sr couldn't be fucked to run something like se, this would be more for private groups where there's like 50 people max. even the big places like cca or df wouldn't come close to creating a scalability issue.
i knew the ruby people had fucked off but i didn't know they were being paid. that's a shame too. i'm optimistic that with the combination of decentralization and online scene blowing up that there'll be security professionals getting involved in projects like this with the online drug trade in the forefront of their mind. (i guess that on the internet, nobody knows that you're a dog but security engineering is one thing where it's not *that* hard to figure out if somebody knows what they're talking if you yourself know what you're doing.) i mean, i'm a really boring person online, and one of my irl drug friends is a cryptographer whose name ends in "ph.d." i'm sure there are more people like me or people like my friend lurking and ready to dive in, just waiting for somebody to rescue them from the public scene or a noob board.
-
Ruby people fucked off, Java people fucked off, I have come to the conclusion that you can trust anonymous people on the internet with money for drugs and you will receive them, but if you pay someone for code they will fuck off.
Hopefully scalability would be a problem, fifty people mixing messages together does not lead to much security. If a system is as point and click easy as a php forum and offers anonymity and security better than Tor or GPG, I would imagine it would be used by a decent number of people. Especially since there are so many people who are always complaining about how much a pita it is to use GPG. Those people would love to double click on an icon, have a program that looks nearly identical to a phpbb forum pop up, click on the pseudonyms/groups of their desired message recipient(s), type their message in, press the nice looking send button, and not have to know how to do anything else. People who know how to use GPG will like this as well, although may be more attracted by elliptic curve crypto offering nearly double the strength of RSA 4,096, or by provably secure mixing to protect them from end point timing correlation attacks, or padding to protect them from fingerprinting attacks.
I do know some about security, particularly traffic analysis, but I have thus far focused far more on learning theory (such as what the types of attacks and defenses are, how they work, etc) than the skills to implement such a system (of attacks or defenses) with any language. The bulk of my "applicable" security knowledge is related to operating system hardening and server administration. However now I am focusing much more on learning implementation skills, and I am pretty satisfied with my theoretical knowledge (especially of traffic analysis, when it comes to crypto I know more than most but less than most who try to learn much about crypto ;) )
-
Hell, most of the better vendors require PGP already for sensitive shit. It isn't that hard, if somebody can't follow step by step instructions with screen shots, I don't think they're fit for SR.
renegade where are these step by step instructions? I read the Tor site's instructions but couldnt make head or tail of it.
-
http://p3lr4cdm3pv4plyj.onion/ - GPG tutorial
-
Ruby people fucked off, Java people fucked off, I have come to the conclusion that you can trust anonymous people on the internet with money for drugs and you will receive them, but if you pay someone for code they will fuck off.
this reminded me that there's also a (small) group of people mostly from public scene doing paid work on the interception detection stuff that bk talked about. it uses gsm now instead of rfid, so you don't even have to go near your po box. would you like to join us? :)
-
Ruby people fucked off, Java people fucked off, I have come to the conclusion that you can trust anonymous people on the internet with money for drugs and you will receive them, but if you pay someone for code they will fuck off.
Hopefully scalability would be a problem, fifty people mixing messages together does not lead to much security. If a system is as point and click easy as a php forum and offers anonymity and security better than Tor or GPG, I would imagine it would be used by a decent number of people. Especially since there are so many people who are always complaining about how much a pita it is to use GPG. Those people would love to double click on an icon, have a program that looks nearly identical to a phpbb forum pop up, click on the pseudonyms/groups of their desired message recipient(s), type their message in, press the nice looking send button, and not have to know how to do anything else. People who know how to use GPG will like this as well, although may be more attracted by elliptic curve crypto offering nearly double the strength of RSA 4,096, or by provably secure mixing to protect them from end point timing correlation attacks, or padding to protect them from fingerprinting attacks.
I do know some about security, particularly traffic analysis, but I have thus far focused far more on learning theory (such as what the types of attacks and defenses are, how they work, etc) than the skills to implement such a system (of attacks or defenses) with any language. The bulk of my "applicable" security knowledge is related to operating system hardening and server administration. However now I am focusing much more on learning implementation skills, and I am pretty satisfied with my theoretical knowledge (especially of traffic analysis, when it comes to crypto I know more than most but less than most who try to learn much about crypto ;) )
The problem, from my perspective, is not so much about technology as it is about people. The weakest link in any security system is the end-user. If you're dealing with unsophisticated end-users.... Like the old saying goes: "Build an idiot-proof system, and nature will come up with a better idiot."
I'm old enough to remember the crypto wars of the 1990s. Then FBI-Director Louis Freeh was crying to all and sundry that the end of the world was nigh. Criminals would soon be using robust crypto, and without a backdoor law enforcement investigations would simply grind to a halt.
The Cypherpunks, for their part, believed that the public would adopt crypto en-masse -- their unofficial (unspoken) motto was, "Build it and they will come."
Both of them were wrong, and for the very same reason -- both camps did not account for human nature, in particular, end-user sloth. In the case of the operators of The Farmers' Market, I have read comments by people who knew them in real life, and they stated that they were told repeatedly what they were doing wasn't safe. Doing things properly would likely have taken them outside their comfort zone, and they preferred to stay with what they were comfortable with. You'll see the same thing on here, with people asking: "Do I really have to learn to use GPG?"
The FBI found that criminals were not adopting strong crypto, for the most part, as it was hard to use. The Cypherpunks found that the general public were not embracing crypto for the same reason. Furthermore, in general, the public simply did not (and goes not) perceive a need for it. They simply rationalize that the state would never be interested in them or their activities. You'll even see such sentiments expressed here -- the government isn't interested in small time buyers/dealers.
Frankly, very few people have the knowledge (nevermind the discipline) to use the tools appropriately. As you said, people just want to be able to click on a button, and not have to think about what they are doing. You make a system for these types of people, and you end up with something like Hushmail.
Guru
I think the issue with a lot of the groups making security software is largely one of usability, as you allude to as well. For all of the great security technology they have made they completely neglect a shiny and simple user interface. They are so technically advanced that what they see as a very simple to use system is for others something that is immensely difficult to master, or even if it only requires an hour for the average user to learn to use they do not have an hour to spend on learning it. Instead of 'build it and they will come' the cypherpunks motto should have been 'build it and then make an awesome intuitive GUI for it, and cleverly 'abstract' away the low level details into simpler concepts, and they will come'. For example, I think that the idea of calling public keys 'open locks' and private keys 'keys' would be far more beneficial to the average users ability to understand how public key crypto works, even though to someone even slightly versed in cryptography it sounds stupid. The major hurdle to getting people using security technology is to spend far more time and effort on user interfaces and simplified terminology than has been spent thus far.
A system like Hushmail for idiot-proof encrypted E-mail can very well be secure, it just can not be entirely server side. If there is an application that simply allows a user to double click an icon, select a pseudonym to send a message to, type their message and hit send....the goal of Hushmail is accomplished without the major security flaws. The problem with Hushmail was not the simplicity of using the system, it was the inherently flawed design of the system.
The best security applications are those that do not even appear to be security applications, but rather appear to be applications that the user would use for their non-security features. If you do not have a product that people want to use, it will not be used by anyone other than enthusiasts and smart people in certain situations who know that they need security to protect themselves. This is not to say that usability should come before security, but where it can be allowed for the most usable security systems should be implemented (IE: User selected delay on messages through a mix, rather than firing cycles of ten hours set by the mixes on the path), and a ton of time needs to be spent on user interfaces. Also a lot of thought needs to go into abstraction / simplification of any underlying security concepts that users are absolutely required to be exposed to, and as much as possible should happen in the background without the user being exposed to it at all.
-
Ruby people fucked off, Java people fucked off, I have come to the conclusion that you can trust anonymous people on the internet with money for drugs and you will receive them, but if you pay someone for code they will fuck off.
this reminded me that there's also a (small) group of people mostly from public scene doing paid work on the interception detection stuff that bk talked about. it uses gsm now instead of rfid, so you don't even have to go near your po box. would you like to join us? :)
Yes that sounds fun, although right now I am very busy working on other things.
-
Seems like it wouldn't be that difficult to get GPG built into the SR PM system. Vendors enter their public key on a profile page, and then any messages to that vendor would automatically get encrypted before being saved to the SR db. Then it is up to the vendor to decrypt on their end. Even better, why not make this functionality available to buyers as well.
I know some vendors complain about the hassle of decrypting messages, so ask that only sensitive stuff get encrypted. So maybe there could be a checkbox on the PM page like "encrypt this message".
-
Then I guess you could do it client side with js. The idea was just to make gpg a bit more accessible to users.
-
Server side encryption is fail, javascript encryption is less fail but still is fail.
-
( Re: using privnote is less secure than sending your address plaintext through SR -TRUE
Lets say a person doesn't PGP. Stupid I know. Just go with it for now. You want to hid your communications from DPR and LE. WHAT DO YOU DO?
answer: privnote
Is there anything else?
-
GPG is a pain for sure.
But it's the only way to do things imho.
-
( Re: using privnote is less secure than sending your address plaintext through SR -TRUE
Lets say a person doesn't PGP. Stupid I know. Just go with it for now. You want to hid your communications from DPR and LE. WHAT DO YOU DO?
answer: privnote
Is there anything else?
I would rather trust plaintext over SR than privnote because we don't know privenotes intentions and sure they tell you they delete your messages but how can we be sure?
-
( Re: using privnote is less secure than sending your address plaintext through SR -TRUE
Lets say a person doesn't PGP. Stupid I know. Just go with it for now. You want to hid your communications from DPR and LE. WHAT DO YOU DO?
answer: privnote
Is there anything else?
I would rather trust plaintext over SR than privnote because we don't know privenotes intentions and sure they tell you they delete your messages but how can we be sure?
I absolutely agree.
When you have a system as good as gpg why bother with anything else?
People say they can't get it to work but I bet that would change if there were no other option :)
-
I propose that anyone signing up for SR (vendor, buyer, anyone) has to go through a tutorial where they have to encrypt, decrypt messages to a fake bot of some sort - if they don't respond properly to an encrypted message (because they didn't properly decrypt it) then they won't get an account...
At the very least, I have been pushing for a way to disseminate public keys easier - there should be a way for vendors to look up buyers' public keys easily... As it is now, you have to have a conversation beforehand in order to ask for the public key... This is just retarded.
Same for the forum - there should be a field in users' profiles that includes their public key. I'm even told that this functionality already exists in the SimpleMachinesForum backend.... Please just turn it on!
-
Please all have a look at pidder.de !
They seem to have created a really great implentation of an encrypted social network which is also non readable by the server side.
Now integrate BTC and GPS dropshipping and we are ready to go..
hopefully they will open source it sometimes soon ....this really seems very very promising.
-
About clientside javascript encryption...
if feds bust SR server they can change the javascript code so it's as bad as sending plaintext over SR.
PGP isn't that hard to learn with the tutorials on the forums, SR should put links to those threads on the signup page or send them to new people in a private message.
-
Maybe I've got the wrong end of the stick here, but the time between the message being sent and delivered is seconds - that's not a huge window for someone to replace a legitimate privnote with a dummy one
-
I don't use any form of encryption. I don't buy domestically so I don't see the point.
-
Fuck Privnote, go to PGP Club instead.
The way to make everybody use PGP, is if you change the buyer's frame of reference. Right now it's usually seen as major drag, a annoying thing that gets in the way of what you want.
But, it is easy to make PGP cool! I mean, it's military grade encryption for fuck's sake, how many civilians get to play with military grade anything? There's the spooky mystique aspect to it. Look at how many people love the Mission Impossible movies, books about secret agents etc. Everyone!
So... PGP is one of those things James Bond would have in his intellectual toolbox surely.
I am convinced that the majority of people who don't use PGP can use PGP, but they are either ignorant of what it means, or they are procrastinating about learning it because it initially seems taxing. But deep down they all know they should learn PGP and become better people as a result etc.
It's not enough to have walk-throughs, you need marketing spin, jazz, drama, all that stuff. And peer pressure from your cool SR friends who can't believe you're stuck in the 90s with freaking plaintext... You'll see more PGP Club propaganda in future.
PGP Club is relatively successful. With the help of Guru, Louis and a few others we're well on track to teaching the PGP handshake to 100 SR users, about 3/4 of the way there now, only counting those who contacted me directly. If those 100 SR users show just 1 other fellow the operation, then that's 200. In this way you can slowly and organically grow awareness over time in a community. It's not like slotting coins to receive soda, there is no instantaneous change, learning is more like gardening, sometimes a thaw kills your stuff, other times there's a leap forward in growth everywhere. There's no other way to achieve it, this is how learning with groups works. Eventually we'll reach a tipping point, where 51% or so of SR are PGP fluent, and then it'll simply become a defacto standard and our work will be done forever, it'll unfold without prompting.
I somewhat fantastically compared this PGP-less situation to how in the Battle of Stalingrad relatively few soldiers were given a rifle, while the others were simply given 1 ammunition clip or nothing at all in the charge against the enemy. However, it's not quite as fantastic a metaphor as it sounds at first. People with PGP fluency are like that solider with the rifle, if it doesn't get passed on, then is not entire enterprise is called into question in the long run? Network resiliency is determined by soft things, like knowing PGP, so I encourage other PGP geeks to leap from the laurels and spring into coming up with creative ways of pushing newbs into PGP threads and such. In particular, at source, where a buyer or vendor is using plaintext.
For the Greater Good comrade! An army moves as fast as its slowest solider.
-
The problem with PGP is that it's more or less unnecessary for the vast majority of users. There's no incentive for Bob buying $60 worth of MDMA to take extra steps in the process since it isn't actually unsafe for him.
Whether or not it would be beneficial to the community as a whole is debatable too, since there's already enough evidence of people openly selling drugs.
-
There's no incentive for Bob buying $60 worth of MDMA to take extra steps in the process since it isn't actually unsafe for him.
the cognitive dissonance is strong in this one
He may be on to something, I got stopped tonight in my car rolling face last night, and told the cop it was only $60 worth, and the cop got angry and tried to say it was $100 worth cause they can only arrest you for $100.. anyway long story short is they had to let me go!
-
The problem with PGP is that it's more or less unnecessary for the vast majority of users. There's no incentive for Bob buying $60 worth of MDMA to take extra steps in the process since it isn't actually unsafe for him.
Whether or not it would be beneficial to the community as a whole is debatable too, since there's already enough evidence of people openly selling drugs.
So much wat
-
Instead of 'build it and they will come' the cypherpunks motto should have been 'build it and then make an awesome intuitive GUI for it, and cleverly 'abstract' away the low level details into simpler concepts, and they will come'.
+1 Exactly!
-
Lets say a person doesn't PGP. Stupid I know. Just go with it for now. You want to hid your communications from DPR and LE. WHAT DO YOU DO?
answer: privnote
Is there anything else?
If the vendor at least uses PGP and it is just the buyer who can't deal with it, then this is a viable work around:
http://dkn255hz262ypmii.onion/index.php?topic=33117.0
-
I don't use any form of encryption. I don't buy domestically so I don't see the point.
Which just means it will be local police who are after you. You don't need to be extradited to go to prison.
-
I don't think any of you get what I'm saying. Police don't give enough of a shit about small buyers to warrant spending money and man hours tracking them down, that's a fact. There's virtually no added risk for someone buying small amounts without PGP. Therefore there's no incentive for your average joe to use it.
And to the idiots joking about $60 being the magic number below which no one gets prosecuted (which isn't even what I was saying), I've got one for you: how about anyone without PGP is going to be instantly arrested and charged the second they place an order. That's about the same as the way you summed up my argument.
-
I don't think any of you get what I'm saying. Police don't give enough of a shit about small buyers to warrant spending money and man hours tracking them down, that's a fact.
In a number of places, but there are definitely others where they do care. Just because it is true where you live is no reason to encourage practices which may be very dangerous in other parts of the world. Your gram of MDMA may not mean much to your local cops, but in other parts of the world it can lead to years in prison.
There's virtually no added risk for someone buying small amounts without PGP. Therefore there's no incentive for your average joe to use it.
Then that's a risk that each buyer needs to make. Vendors should all be using PGP/GPG as a standard practice (they can also use PrivacyBox to receive messages from those buyers who refuse to use it).
And to the idiots joking about $60 being the magic number below which no one gets prosecuted (which isn't even what I was saying), I've got one for you: how about anyone without PGP is going to be instantly arrested and charged the second they place an order. That's about the same as the way you summed up my argument.
Your argument basically amounted to: I don't think that I am at risk by not using encryption for the amount I buy and the fact that it is not imported, so the same should be true for everyone else.
The first part of your argument may or may not be true, but at the end of the day it is your choice (until all the vendors insist on using PGP and then they've made the choice for you). The second part of your argument; that it is okay for all other buyers, who may be in very different jurisdictions with very different laws is where you are full of shit. Just because you believe that your decision is right for you, does NOT mean it is right for anyone else here.
-
Read what I wrote again. I was responding to the notion that everyone should use PGP by saying that it isn't RELEVANT to everyone because most people are buying small quantities and therefore not at risk of having their houses raided and their computers searched. NEVER did I say that PGP had no place.
Yes in an ideal world it would be nice if people would use the best security available to them, but the fact of the matter is that it won't happen until it becomes a necessity rather than an extra layer of security.
Giving negative karma to someone because they have a different opinion? grow up.
-
Read what I wrote again. I was responding to the notion that everyone should use PGP by saying that it isn't RELEVANT to everyone because most people are buying small quantities and therefore not at risk of having their houses raided and their computers searched. NEVER did I say that PGP had no place.
Yes in an ideal world it would be nice if people would use the best security available to them, but the fact of the matter is that it won't happen until it becomes a necessity rather than an extra layer of security.
Giving negative karma to someone because they have a different opinion? grow up.
I never gave you negative karma, but you're going onto the top of the list of folk on the PGP Wall of Shame tomorrow unless you repent! :)
Privnote is almost certainly an FBI honeypot. They will, if they haven't already, perform a bait and switch on the script. It is possible to use Javascript to deanonymize people on the Tor network. For example, and this is a really really crude example, it is possible to instantly crash the TBB firefox browser using Javascript. Then you most likely would likely restart Tor to get the TBB up and running again. If you do that enough times, then you can be deanonymized by an enemy watching for connections to the Tor network and using the timing information. It's just the fundamental principal of counting at work.
And that's probably not the attack vector, but there are more intelligent ways of using a script to achieve the same goal.
Stop recommending that *anybody* uses privnote. I'd rather, like kmfkewn, that newbies used plaintext messages to SR rather than using privnote (and that's not a sound recommendation either, it's just that it's better than your idea).
Again, you're heading to the PGP Wall of Shame right now. But Pine will forgive you and all your sins if you repent :)
-
Read what I wrote again.
I did. Did you actually read what I wrote?
I was responding to the notion that everyone should use PGP by saying that it isn't RELEVANT to everyone because most people are buying small quantities and therefore not at risk of having their houses raided and their computers searched.
I'll say it again: this is a SUBJECTIVE assessment based on YOUR interpretation of the level of threat to YOU. Categorical statements that anyone can correctly determine the threat level and not use increased levels of security based on the quantity of a product purchased are based on the false assumption that laws, law enforcement resources and law enforcement priorities are the same in all locations.
NEVER did I say that PGP had no place.
Yes in an ideal world it would be nice if people would use the best security available to them, but the fact of the matter is that it won't happen until it becomes a necessity rather than an extra layer of security.
And who determines when it is necessary? You? If that were the case all domestic purchases below a given threshold would be handled in plain text, regardless of jurisdiction.
I can think of a number of places, including places I've lived, where that would be a very bad idea.
This is the crux of the problem with your approach. You assume that your threat assessment will match everyone everywhere. It won't.
I'm guessing you're American, right? Well, if you want that USA-centric approach to become reality then you're going to have to wait until the Stars and Stripes are flying over every parliament in the world and the UN is disbanded because we're all living in the United States of Earth.
Giving negative karma to someone because they have a different opinion? grow up.
For having a different opinion, never. For encouraging others to engage in insecure practices which could lead them to jail or worse (capital punishment is still a possibility for drug offences in some parts of the world), definitely.
-
Also, it should be noted that repentant sinners get positive karma and privnote's servers don't get attacked, because that is looking seriously tempting these days. The only thing preventing that right now is the minute possibility that privnote might actually be a legitimate business.
Otherwise it's all like IMA CHARGING MAH LASERS and a crazed pine laughing hysterically.
-
Giving negative karma to someone because they have a different opinion? grow up.
I never gave you negative karma, but you're going onto the top of the list of folk on the PGP Wall of Shame tomorrow unless you repent! :)
I think that was directed at me, but it can be difficult to tell because he never quotes the text he's actually responding to. Plus it looks like he was the one who brought me to -6. :)
-
Giving negative karma to someone because they have a different opinion? grow up.
I never gave you negative karma, but you're going onto the top of the list of folk on the PGP Wall of Shame tomorrow unless you repent! :)
I think that was directed at me, but it can be difficult to tell because he never quotes the text he's actually responding to. Plus it looks like he was the one who brought me to -6. :)
Heh, I know, I got a whack of negative karma for a thread proposing we make suspected kids/newbs on SR acquire drug testing kits and read a harm reduction letter on appropriate dosages for their DOC etc. Seems like no good deed goes unpunished! :D
-
Giving negative karma to someone because they have a different opinion? grow up.
I never gave you negative karma, but you're going onto the top of the list of folk on the PGP Wall of Shame tomorrow unless you repent! :)
I think that was directed at me, but it can be difficult to tell because he never quotes the text he's actually responding to. Plus it looks like he was the one who brought me to -6. :)
Heh, I know, I got a whack of negative karma for a thread proposing we make suspected kids/newbs on SR acquire drug testing kits and read a harm reduction letter on appropriate dosages for their DOC etc. Seems like no good deed goes unpunished! :D
Of course not, but we knew that heading in. :)
-
PEWPEW.
-
I'm not an advocate of Privnote, and I'm not American. Can we drop the assumptions?
I agree with you that law enforcement priorities etc aren't the same in every location. But it's about resources. It's not an efficient use of resources to use high tech computer hacking techniques to bust someone over personal quantities because the punishments are relatively minor. In places where laws ARE harsh enough to make it worthwhile, generally speaking those countries are less developed and therefore lack the technical knowledge or ability and probably have a corrupt legal system and wouldn't need the extra proof anyway (Singapore would be the big exception, I'd definitely use every form of security available if I was crazy enough to order anything in the first place).
And who determines when it is necessary? You? If that were the case all domestic purchases below a given threshold would be handled in plain text, regardless of jurisdiction.
I don't decide, the people decide. I'm saying that when there comes an incentive to use PGP then people will. Right now I don't see there being an incentive for the majority of users.
-
FBI set up a site that was not on Tor. Everyone who was part of private forums called it out as a federal honey pot from the day it opened, because nobody knew the group of people who ran it and their cover story was that they came from a mixed martial arts forum that had a drug section and just so happened to decide to branch out into the dedicated drug forum scene out of the blue. They encouraged people to not use Tor, and said it was for scammers to hide themselves. Then they blocked Tor because they claimed it was being used to DDOS the server. For the forums entire lifespan it was called a federal forum. We called them Drug Zone Feds, instead of Drug Zone Forum. Their admins name was LEOnidas.
The girl who got busted used no security at all. She gave customers her phone number. She got payment to a donation site for some relative of hers with a medical disorder, when she wasn't taking cash in the mail or western union. She was probably the least secure person to ever sell drugs online. If the DZF sting is the best the cock suckers at the FBI have, then I seriously feel a mixture of relief in knowing that they are never going to be able to bust me and a strange sense of fear in thinking of how easy it must be for seriously bad people to run circles around them.
OMG I cannot stop laughing :D
-
And they say the Feds have no sense of humour...
Guru
None at all Agent Guru! 8)
-- Agent Pine
Actually that was a good thread, these two comments deserve to be copypasta forever:
Imagine you decided to sell drugs on a public drug forum. You spend 8 hours a day answered pm's and packing orders. You like to get high before you go online because it makes the busy work of answering the messages seem like more fun. Time flies, you're doing great! You ship a lot of orders, your customers like the product, feedback is all positive. You start to plan your retirement to Cabo and start buying your super hot model gf jewelry so she'll be amenable to moving with you to a third world country. You do more drugs, live virtually 24/7 in the ether, shipping all day and answering messages all night. You are a budding kingpin. Little by little though, you get sloppy. You stop wearing gloves when handling product or packages. You tell a lot of your friends who come over to party how much money you are making on the Internet. You sell off your excess product to "friends of friends" who stop by occasionally. You sell your BTC to people on Ebay using your real name. You leave fingerprints, personal information, and tracks all over the Internet and real life.
If you do this correctly, everyone will say "damn, he had good product, but what an idiot!".
Don't get high on your own supply. Protect your precious life from your own destructive tendencies.
Imagine someone offered you a job buying drugs on SR and posting to the forum 8 hours a day working with their money. (and getting paid for it) This undercover agent would be highly knowledgeable about routes of administration, local trends, prices etc. They would discuss their many purchases, and give the impression they were a big fish with plenty of disposable income who wasn't too worried about losing a dollar here or there. Slowly but surely they would gain the trust of forum members through their consistent and voluminous postings. They would be confidant, sociable and act like a leading authority on drugs and their use. They would eventually gain the trust of the community, and have a rock solid reputation. Once reputation was established they would elicit certain behaviors through PM, in an effort to gain privileged information. Then a sting would go down, probably on multiple sellers simultaneously. They'd probably want to establish criminal conspiracy as well as trafficking. It's social engineering, and spys have been using it since the beginning of time.
If this is done correctly, people will say "I never would have suspected it was him"
Trust no one.
tldr;
1. Don't get overconfident. Get proper sleep/food and strictly regulate any use of product, ideally don't take any at all.
2. Trust nobody. Not even Agent Pine or DPR. Doesn't mean being unfriendly, it means use your brain.
I'll add a third one: that is paralysis by being indecisive. You cannot allow FUD to get to you.
I've had people send me their private keys and pass-phrases. Don't do that. Your trust should be in cryptographic strength and over nyan thousand proxies, things that can be double checked and verified to be true.
-
you have to remember that tor and gpg usage among the drug scene is a relatively recent phenomenon though, until a couple years ago you needed to have undergrad-level cs knowledge to set up tor for yourself and almost nobody used gpg. bitcoin is even more recent, really nobody used it before sr (the killer app of bitcoin) took off. even today, many of the largest traders keep it old school and don't mess with gpg btc or fde, just cash in the mail, jabber+otr, and maybe tor or a vpn. don't even start about drug sites' security, shit, i'm aware of a bulk-type sourcing forum that's active now and hosted on proboards.com!
Natural Selection is ultimately going to bring the market around to our way of thinking. Might be slow, but I think we're in at the ground floor of an experiment that is going to rise and rise beyond nearly anybody's belief. The rules of the game have completely changed suddenly, it's just going to take the scene and LE a while to realize the full implications of an independent financial network, strong cryptography and real anonymity. Not one killer app, but 3 killer apps with synergistic qualities. This is the holy Trinity of economic growth, we're not going to ever experience a recession here within our lifetimes.
This is the industrial revolution of the black market. The black market was not substantively structurally different from 1700 to 2000. Contracts to generate trust and cooperative behaviors were never possible in RL. Here they are thanks to advanced cryptography. And that will make all the difference.
I'm aware that this might sound like hyperbole, but I don't think it is. I think the above is just a statement of fact.
-
There is more than a certain tinge of sadness, even deja-vu for me in your comments. Reading the cypherpunks mailing list back in the day, many of them were absolutely convinced that crypto-anarchy was not only inevitable, but that it was even imminent!
Well, I am not saying it's happening tomorrow in my comment, only that I do think it is inevitable. You have lost a little faith Guru, you need a little fire in your blood, you need to be hooked into a marvelous coca, a good fireplace and a comfortable chair like pine frequently is (:
This is not exactly religion, but sometimes there are big questions that cannot be definitively answered by analysis because they are too huge to calculate. But, we must still make decisions in this complex world, so sometimes we need a little faith, some intuitions to guide our path. Science is a very slow process after all. Motivation is important too.
The Truth is that Revolutions are not really Revolutions. They are the summation of perfectly logical incremental evolutionary steps which take the public by surprise. Take the most famous revolution, the French one. The thing about it is that there was no 1 revolution, there were many attempts at revolutions. Most were failures, and one of them changed the world permanently. Emily Dickinson has a nice quote from a poem about something else entirely that I think applies to revolutions: 'and then sense broke through'. That is how I see this subject. The solutions hammer away at our brains, and we see the shape of them generally, but eventually they break through. Efficiency is a natural law when both motivation and competition are there.
Why did it take until now for these separate technologies to exist?
Onion routing has existed in concept form at least for a long time. So has public key cryptography. So have ideas like Digicash and Bitcoin. In fact, I'd say all these ideas existed in 1980 or before. 30 years have pasted.
Why then, does the Silk Road exist today and not 4 or 5 years ago? The answer is simply that the black marketeers like myself were ignorant of them until recently. Sometimes it takes a while for things to crystallize, and then once they do they are off to the races. After all, the number of people knowledgeable of both high technology and the black market are relatively rare mammals. The Silk Road has changed that, now thousands of geeks see the money making potential here.
Needless to say, it didn't pan-out. David Chaum had some brilliant ideas for truly anonymous digital cash, even having it issued from a bank in the U.S. -- the Mark Twain Bank. Needless to say, governments today are even _less_ enamored with the idea, if anything, than they were then. Back in the day, the authorities were only concerned with drugs/money laundering. Now, of course, terrorism and its' funding have been thrown into the mix, meaning that there is going to be even more official (not to mention unofficial) resistance than we have ever seen previously.
Well, with all due respect, that is hardly surprising. You were fundamentally dependent on getting permission from the State to carry out your objectives. DigiCash, good idea, yes. But reliant on the government's tacit approval and the existing financial services industry (credit card companies in particular) with which it was actually competing! wat!
This is not a problem anymore. Bitcoins themselves will probably eventually become declared illegal or counterfeit by some dumbass bureaucrat in the United States, and then we'll get going proper without the clearnet exchanges.
BitTorrent has shown the way that it is possible to adopt a technology that is almost impossible to eradicate. The approach of DigiCash was closer to Napster than P2P in the way it relied on existing infrastructure and support from existing entities like Visa and the Mark Twain Bank. B$ relies on you having a computer and an internet connection, period.
The same thing with E-Gold. The guy who did it was great, had a brain and his heart in the right place. But he was also relying on the approval of the State for it to work. It didn't approve. And they tried to bang him up without any evidence.
Side Note: I believe David Chaum is the most likely candidate for being Satoshi, not sure why nobody else has mentioned this, it seems obvious. It pretty much all fits together like a hand to a glove.
In short. Don't rely on the enemy when you're working against his interests. That does not make any sense. Break the law instead. There's a lot geeks can and should learn from black market operatives, since we essentially are both of the same hacker ethos.
The rules of the game have completely changed suddenly, it's just going to take the scene and LE a while to realize the full implications of an independent financial network, strong cryptography and real anonymity. Not one killer app, but 3 killer apps with synergistic qualities. This is the holy Trinity of economic growth, we're not going to ever experience a recession here within our lifetimes.
Pine, with all due respect, this is little more than wishful thinking, although I would that it were not so. Strong cryptography is nothing new, relatively speaking. It was available two decades ago, in the form of PGP, cypherpunk and mixmaster remailers, to name a few of the tools developed then. There was even a form of anonymous digital cash by the name of "magic money".
See: http://koeln.ccc.de/archiv/cyphernomicon/chapter12/12.12.html
Bitcoins are, in a sense, almost the opposite of magic money, in that they were NEVER designed to be anonymous, unlike Chaumian digital cash.
I agree with you on the facts completely! I just draw different conclusions because I am pine and a little mad. I also think you are underestimating two things.
1. The *actual*, *practical* existence of easily applied tools to use those technologies we are talking about. Onion routing may have existed for a long time, but in whitepapers and elite comp sci circles on usenet or mailing lists. Only since the Tor Project has onion routing become available for the masses. The same thing with Bitcoin software. PGP has been around for a long time and has had tools for it for a long time, but it's only in the last 12 months that the online black market has begun to seriously start using it like Shannon has said before.
It would have been practically impossible to obtain publicly and popularly available useable software to complete pine's 'holy trinity' ten years ago, even five years ago. The cypherpunks were merely a decade or three ahead of their time, that is all. What is easy for them, was extremely difficult for everybody else.
2. The black market. You didn't have the (awesome) likes of pine, shannon, kmfkewn, dpr & co :)
See. all the points about 'tools' above are irrelevant without motivation. We got oodles of motivation. You need that kind of energy!
Have you any idea of how much money I can make off this place? Even bringing my most trivially simple black market business plans to market here gives me a yield of 100 - 1,000 percent returns on investment. The arbitrage possibilities are absolutely fucking intense, there's no other way of putting it. It all practically runs itself, it's great. I mean, I'd tell you more details but I don't want people working out how I operate and cutting into my margins lol.
This is the industrial revolution of the black market. The black market was not substantively structurally different from 1700 to 2000. Contracts to generate trust and cooperative behaviors were never possible in RL. Here they are thanks to advanced cryptography. And that will make all the difference.
I'm aware that this might sound like hyperbole, but I don't think it is. I think the above is just a statement of fact.
Unfortunately, I am forced to disagree. Rather than a statement of fact, I believe this is to be a statement of what you would _wish_ to be fact.
To quote Yogi Berra: "It's deja vu all over again."
I'll freely admit that things are different now than they were 20 years ago. Computers, networks, bandwidth are all better than they were then. I will also grant you that there is much less trust in the 'traditional' economic system, since the banksters crashed the economy in 2008.
Once again, this is nothing new. However, all of these are _not_ enough to bring about the changes that you envisage. In order for an alternative financial structure to be adopted, the older, more established system must be perceived -- by a clear majority of the public -- to be broken enough, corrupt enough, and painful enough to retain, so as to allow for the adoption of a new system. Correspondingly, the advantages of any new system must not only be clearly obvious to the public, but be overwhelming enough to spur its widespread adoption, even in the absence of government opposition.
One of my elderly relatives lived through the crash of '29, and the Great Depression that followed. She had NO use for the banks -- the worst word in her mouth was too good for the 'damn bankers'. After she died, we found money squirreled-away everywhere in her house. The difference between then and now, is that in her day, it was possible to deal almost primarily in cash.
What I believe is most important factor governing the adoption of any new socio-economic system, however, is human nature -- that has most certainly NOT changed. I believe we have become blinded by the speed of technological change and, as a result, have forgotten that people (and societies) change far, far more slowly. I will grant that the rate at which change appears to be taking place is accelerating, no doubt due to the velocity at which information travels today, but substantive changes are still going to take years, even decades.
I don't believe I am going to live long enough to see such a transformation as you envisage; depending on your age, you may not, either.
What is important to remember, is that money is, when you boil it down, essentially a social convention. Anything can be money. When the French originally populated what is now Eastern Canada in the 1600s, at one point there was a currency shortage. As a stop-gap measure, playing cards signed by the Governor, became the accepted currency.
Beads were considered valuable by the Indians; to the Europeans, beads were of little value, as they could be cheaply manufactured. To the Indians, however, they were a treasure as beads were made by hand, and required an enormous amount of labour to produce. The Europeans traded what they perceived as having little value, beads, to the Indians for what the Indians considered valuable -- beads. Furs were plentiful, and the Indians were quite happy to hand over the plentiful furs for the beads.
One only has to look back at history, and look at the resistance of the population to the adoption of paper money. For thousands of years, people had used coinage, usually made out of some proportion or other of precious metals. Paper money took a few generations to become established. Even as late as the mid-1940s, there were populations that were still leery of paper currency.
Fast-forward to today, where credit cards and electronic transactions are commonplace. I'm old enough to remember when they weren't, when all transactions were done on paper. I remember the first banking machines, and the first credit cards.
The first credit cards were not issued by banks, but by department stores. They were little metal plates, not plastic, and they were called, at least in this country, "Charge-a-plates". In my parents' day, there was little or no credit -- any credit that you might have had, was with individual merchants. The idea that one could have a plastic card that could allow one to walk into virtually any store and walk out with merchandise without having to lay down any coin or bills was quite literally the stuff of fancy.
It took several decades for credit cards to become entrenched, I would be extremely surprised if Bitcoins did not take a similar amount of time to become generally-accepted, if ever.
Guru
[/quote]
What you say is very interesting, and a great history lesson thank-you. I wouldn't think the "recession" is over yet. Far from it, I think it's going to get much worse before it gets better. You'll get your disenfranchised civilians alright. I think London and New York will be on fire in the next five years, riots up the wazoo. I mean how unlikely is a mass bank run today? Not that unlikely. People are shifting capital ASAP in the Eurozone right now I can tell you that for nothing, particularly in Greece, and the banking sector there is essentially doing a case of STFU everybody in case the entire market panics.
I don't think Bitcoin is the solution by the way, it's just the first one for us, we'll leapfrog onto something else ASAP when something better comes along with internal blind signature mixes etc. That would also greatly enhance anonymity and security for mass adoption. Bitcoin is the Netscape Browser of anonymous digital cash. It's crap at what it does. But it's the first one, so let's hold the horses.
I do think that network level changes will occur far faster in future than you envisage, essentially because "The Internet".
Anyway, enough talk. Let's simply wait and watch it unfold. I'll be busy turning the wheels of my various projects in the meantime. You could be right, or I could be right, there is no way to prove it in either case.
-
dood i am not awesome. and while i'm splitting hairs, onion routing was developed in 1998 and tor doesn't use onion routing anyway :P and who sez you need a computer or an internet connection to use bitcoin?
i also disagree with your assertion that crypto's been used in the drug scene only for a little while, that may be true for gpg but all the old school pros have been using otr encrypted chat since like 2005
Not even bodacious? :o
Onion routing at least existed in concept form in 1995 and "Tor Project" stands for The Onion Routing Project. Wikipedia also says Tor is an implementation of onion routing. So one of us is just wrong. True you can use Bitcoin without a computer in theory, but I doubt we'll be mining bitcoins with our brains any time soon. srslyyouguise.jpg
As for your last point, well, that was in the private scene so it doesn't really count.
And anyway, none of this is really relevant. It is still the case that you need an independent financial network to catalyze all of the rest i.e. good anonymity/strong crypto into a force to be reckoned with. It's like a stool, you take away a leg and it doesn't operate as a stool.
In summation as my counter argument: :P :P :P
-
I'm not an advocate of Privnote, and I'm not American. Can we drop the assumptions?
Fine by me.
I agree with you that law enforcement priorities etc aren't the same in every location. But it's about resources.
I agree with this.
It's not an efficient use of resources to use high tech computer hacking techniques to bust someone over personal quantities because the punishments are relatively minor.
And this is where I disagree again, it's back to a subjective assessment of the threat, though this time on the amount of resources required.
As Shannon has pointed out, police have used MitM attacks to bust low level buyers in the past.
In places where laws ARE harsh enough to make it worthwhile, generally speaking those countries are less developed and therefore lack the technical knowledge or ability and probably have a corrupt legal system and wouldn't need the extra proof anyway (Singapore would be the big exception, I'd definitely use every form of security available if I was crazy enough to order anything in the first place).
Ordering in Singapore. Talk about taking your life in your hands! Better off saving your money so that you can leave.
In places like that encryption is advisable for a whole bunch of reasons, not just drugs.
And who determines when it is necessary? You? If that were the case all domestic purchases below a given threshold would be handled in plain text, regardless of jurisdiction.
I don't decide, the people decide. I'm saying that when there comes an incentive to use PGP then people will. Right now I don't see there being an incentive for the majority of users.
Well, that's true. Now we've got to convince them that it is worth their while. Which is what PGP Club is trying to do.
Join us! :)
-
If you like your anonymity...never use privonote!!!!
-
About the only place on earth that would be more dangerous than Singapore would be Saudi Arabia. The religious police are worse than the Gestapo. Finally, they have no real written criminal code -- they use Sharia law, according to someone's interpretation of the Quran. Just in the last two years alone, women have been convicted and sentenced to be executed for witchcraft!
Yep, Saudi Arabia is a fucked up place. There may be a few places that would give it a run for its money as the capital of totalitarian dickhead-ville, like Somalia or Iran, but Saudi will really make them work for it.
P.S. Congrats on making Hero Member -- told you it wouldn't take yo long!
Cheers. It took a lot less time than I thought it would.