Silk Road forums
Discussion => Newbie discussion => Topic started by: Bl1ndsCl0sed on July 25, 2013, 01:54 am
-
Hey everyone,
Looking to make my first purchase once my coins come through. I've been reading up on PGP, and I'm wondering: Is is necessary to encrypt normal messages (ie. 'send a message') to vendors?
Or, is it *only* necessary to encrypt when sending Name + shipping information?
Thanks a lot!
-
Just imagine that LE is reading your message, and ask yourself how bad it would be. Many vendors actually request that you NOT encrypt messages that do not contain sensitive information because it takes extra time to decrypt them and they have lots of messages to answer. So, a general question with no incriminating language: probably don't need to encrypt. Question about product or prices, something you wouldn't want a prosecutor to read aloud in court: definitely encrypt.
-
Okay so, something along the lines of: "Hi, I'm a first time buyer and I wanted to make sure that was okay with you before placing an order"
That *could* theoretically be used against me, but there isn't anything specifically incriminating in the message. So that would be okay non-encrypted?
Thanks for the help. Really trying to avoid slipping up here.
-
Maybe you could just say, "I'm new and wanted to make sure you were ok with it." I'm sure the vendor would understand what you mean. That doesn't seem incriminating, does it?
-
Hmm that seems like a good idea. I suppose I would have wanted to add something like "I hope that you wont require me to FE, as I've read to never do that."
These are the thing's I'm worried about.
-
I've noticed several vendors require you to FE, especially if you're new. I just continue on to the next one. Yea, you'll see on here over and over never FE.
-
Meh, if you are new, find a trusted vendor and FE if asked. Buyers need to earn trust the same as vendors.
As far an encryption, I would say PowerToCharm hit the nail on the head. But to that end, I would say anything that doesn't reveal your location, name, etc, is fine to leave unencrypted. Many people send their addresses unencrypted too, IMO this doesn't really decrease security unless you are worried that SR is selling your messages or something (not very likely). If you want to be cautious tho, encrypt your address.
-
But to that end, I would say anything that doesn't reveal your location, name, etc, is fine to leave unencrypted. Many people send their addresses unencrypted too, IMO this doesn't really decrease security unless you are worried that SR is selling your messages or something (not very likely). If you want to be cautious tho, encrypt your address.
That is a bit more along the lines of what I was expecting. Do you think it would only annoy a vendor to be receiving encrypted messages that don't contain personal information?
-
If it's sensitive information, it gets encrypted. No ifs',ands',or buts'. If you don't want the prosecutor to read it aloud as evidence... encrypt it.
-
If you're worried about your message and the vendor doesnt mention it on his seller page, go ahead and encrypt. What is the worst that could happen? If the vendor specifically asks otherwise, respect that and send clear messages. Encryption is for buyer safety only, honestly, but unless it's a direct order or has personal information in it, a clear message should be fine.
As for FE, I FE'd with Mahakala on some 2C-B and it went perfectly. If it's a trusted vendor, I say go for it. Also, you can change feedback I believe, so if it never arrives, you can go back and change that 5/5 rating.
-TrippingSquares-
-
If it's sensitive information, it gets encrypted. No ifs',ands',or buts'. If you don't want the prosecutor to read it aloud as evidence... encrypt it.
And what about if they get the other party's private key huh? Not only can they then read the message as evidence but they can also prove cryptographically who sent it and who it was sent to...
Don't get me wrong, GPG is a good plan... but our real security comes from blending in with the masses. Don't do anything that stands out too much, and nobody will be looking at you anyway. You really think any police force has the resources to prosecute everyone buying a few things on SR? (for the oblivious, that was a rhetorical question).
[...] Do you think it would only annoy a vendor to be receiving encrypted messages that don't contain personal information?
Personally, if someone encrypted a message that was completely mundane and pointless... then it might bug me a little bit. But I would not look down on someone for trying to be more secure, so I wouldn't hold it against anyone for 'needlessly' (in my mind) encrypting messages.
Some customers do, some customers don't. There are plenty of senior buyers that only encrypt their addresses, or do not even do that (no PGP at all). Do what makes you feel safe, and do it because you know what it is keeping you safe from.
-
I am a young vendor so I don't know how much weight to give my two cents... I welcome messages from prospective buyers, whether encrypted or not. I figure it's a decision to ultimately to leave to the discretion of the individual (well, what choice have I, anyhow). I've been given a buyer's public key because he/she wanted a little more security to our correspondence(s) and that was totally fine.
-
I think the whole "anything that you wouldn't want a prosecuter reading out loud in court" tip is pointing you in the wrong direction.
See most information such as questions about product, permission to buy from them, ect are not necessary to encrypt because the trick of silk road is to not be caught. It's more of an annoying chore for the vendor.
See, as long as you encrypt identifying info(addresses) the only real way to get caught using silk road is if the vendor is undercover LEO, encrypting any information sent to this vendor is useless as they already have the private key whether it is an undercover or a compromised account so anything could be used in court against you, this is unlikely.
Obviously there are real life ways to get caught using silk road but if you keep your silk road info unencrypted on a text file on your desktop or some stupid shit like that then you deserve to be caught.
I digress encrypting "So how do you use DMT properly?" or "Can I place an order?" is essentially useless as long as your personal info is ALWAYS encrypted.
-
I just sent a message to a vendor that I think I should have encrypted
"Will the kids at my middle school appreciate the quality of your MDMA?"
-
I just sent a message to a vendor that I think I should have encrypted
"Will the kids at my middle school appreciate the quality of your MDMA?"
Humans at that age? I'd rather dose them up with barbiturates. Any sedative'll do.
I kid, I kid.