Silk Road forums
Discussion => Security => Topic started by: nabuchodonosor on September 30, 2012, 10:33 am
-
Probably stupid question, but...
A buyer sent me a message on SR: do I have PGP. I don't. My question is what it is for, a mean, I know very good what it is for in the reality, but when one is buying something on SR, I can see his address, so this is simple. So what is the point? The only explanation I can see is that he put false data to SR, and want to send me real data via mail+PGP, am I right or there is something else.
-
Well, by using PGP to encrypt his address rules out the possibility of LEO sniffing exit nodes or similar and also being able to read his address and message. You should definitely be using PGP dude, just to provide an extra bit of safety for your buyers, if LEO manage to get control of your computer all of your buyers are at risk.
-
Thanx. I'm gonna do it today ;)
-
If i post my PGP key on this site and LE copy the key, won't they be able to read all my sent messages?
-
As a buyer if and when i see a vendor with no PGP key listed, I start to think that they are not doing everything possible to protect my transaction and now normally find myself browsing other listing for a more secure vendor. I want a vendor that takes the time with PGP as if they are cutting corners and taking the easy route how much effort are they putting into other stages of shipping
. If we believe that SR will never been compromised we should lay off what we are smoking and take another cautious look at what we are doing on a regular basis, I hope this site is around for decades but want to protect myself in case it is not
A public key is just the lock that a vendor gives you to put on your message, they are the only ones with the key to unlock the message. so LE can have all the public keys they want doesn't mean that they would spend the time or effort to crack code and if you use a good pass-phase it would make it very difficult for them to do so.
-
As a buyer if and when i see a vendor with no PGP key listed, I start to think that they are not doing everything possible to protect my transaction and now normally find myself browsing other listing for a more secure vendor. I want a vendor that takes the time with PGP as if they are cutting corners and taking the easy route how much effort are they putting into other stages of shipping
. If we believe that SR will never been compromised we should lay off what we are smoking and take another cautious look at what we are doing on a regular basis, I hope this site is around for decades but want to protect myself in case it is not
A public key is just the lock that a vendor gives you to put on your message, they are the only ones with the key to unlock the message. so LE can have all the public keys they want doesn't mean that they would spend the time or effort to crack code and if you use a good pass-phase it would make it very difficult for them to do so.
Thanks for the info. Exactly what i wanted to know.
cheers