Further explanation of Web of Trust.

In reference to this post.

https://www.reddit.com/r/DarkNetMarkets/comments/2loixp/how_le_might_read_our_pgp_messages_and_how_we_can/

Couldn't a vendor easily check their vendor home page via their account or a throwaway "buyer" account and see that their public key has been compromised?

Or is the fear that it is changed temporarily the 100 or so orders/messages etc. that slip by unbeknownst to the vendor allow a bunk public key to be imported into buyers GPG keychain expose those people. I'm just trying to wrap my head around this and I'm sure I'm making it more complicated than it needs to be.

Haven't been on the market places in a while and trying to be up to date safety wise.

Also pretty relevant to me as I would often clean house and delete all my saved PGP public keys. Maybe after getting confirmation I should just vault my keychain with my most trusted vendors as I am generally dealing with as few as possible, generally only 2-3 a year.

Anybody educated on this topic, some feedback and clarification would be greatly appreciated. =P


Comments


[5 Points] purpletastesgood:

> Couldn't a vendor easily check their vendor home page via their account or a throwaway "buyer" account and see that their public key has been compromised? 

yes i guess that is possible but maybe the market has code to prevent such a thing. or perhaps they only execute their malicious code when a buyer sends their address after a puchase?

sapiophile suggests some great things in that post but the solutions are unrealistic. if you want an easy way to make sure the market isn't forging pgp keys, just verify the vendor's pgp key in multiple places. use 3 or 4 different markets and grams. most vendors are on multiple markets anyways so that should work. edit: it's not foolproof but it should be sufficient.

and i'm sure you know ths but don't use the market's built in encryption. write your message in a local text editor, then copy and paste your ciphertext into the market website.


[2 Points] sapiophile:

To be fair, my concern that I raise in that post is not really anything that has ever been shown to actually happen. It's more about keeping the tightest ship possible, to keep LE's costs as high as possible. But for the time being this threat is largely not realistic or relevant for most people here.

However, that doesn't meant that it won't become frighteningly relevant, and it could happen at the drop of a hat and we'd have no warning at all. Also, if a vendor is concerned that they might be outright targeted by LE, I would not trust that what they see on various markets is what random buyers are seeing.

I actually discuss the ideas you raise in the comments of that post a bit. Yes, checking keys from multiple sources is a great idea, and probably "good enough" for the time being, for buyers (but there's still no harm in vendors shipping out their key fingerprints).

And yes, I would definitely recommend at least saving the fingerprints of your common vendors' keys, if not your full keychain, as each time you have to re-acquire a public key is another opportunity for foul play. Having good, persistent key storage is a big part of what makes TOFU (Trust On First Use) have any value as a security method. However, this requires keeping that data well-secured and potentially even well-hidden, if you're intending to keep it in a situation where you'd want a clean house.

Any further questions, don't hesitate to ask. But I will be the first to admit that this "threat" is mostly theoretical (for now) and is almost certainly not a part of anyone's standard practices, that I know of. I do still sincerely wish that vendors would ship their key fingerprints in their packs, though - it's an easy step that addresses this problem very effectively.