Silk Road forums

Discussion => Security => Topic started by: wsg on September 08, 2012, 02:01 pm

Title: Tracking package Is it wise? Want to learn security better
Post by: wsg on September 08, 2012, 02:01 pm
Well as a noob I got some tracking information and  went to the postal site and checked on the package....after I was thinking what a bad idea

1st  I use IE to access the site as I check packages all the time...   This would be a way to mark my ip I am guessing
2nd even with tor and all the masking could this not be a direct route to my computer as I would probably be the only computer on the internet to access this tracking number?
I am only a small time buyer and want to be secure, I am looking for small loop holes to close short of wiping my hard drive and encrypting everything in my life to just smoke the occasional joint :)
A lot of information is being posted about PGP but if we use tracking would this be an easy way to teace SR users.

I have bought from a trusted Vendor so I am not sitting here worried but just thinking of how to protect myself as well as all users of this site. I am new and have seen a ton of new members hoping others can learn from my mistake if it was one.
Title: Re: Tracking package Is it wise? Want to learn security better
Post by: kmfkewm on September 08, 2012, 03:19 pm
Checking shipping once in a blue moon should be fine as long as you don't track on TOR

Checking tracking without Tor is fine if you don't care that it links your IP address to the package
Title: Re: Tracking package Is it wise? Want to learn security better
Post by: wsg on September 08, 2012, 04:24 pm
Checking shipping once in a blue moon should be fine as long as you don't track on TOR

Checking tracking without Tor is fine if you don't care that it links your IP address to the package

I  agree that tor is probably better but since this is a unique querry could it be used to try to track the route back thru tor? Not understanding Tor this might be a stupid question
Title: Re: Tracking package Is it wise? Want to learn security better
Post by: sourman on September 08, 2012, 04:51 pm
^^It won't help them trace you through tor, but using it to check tracking may cause that package to be marked suspicious. The IPs that tor users appear to be coming from are public knowledge, making it easy for organizations to identify which visitor is using tor.
Title: Re: Tracking package Is it wise? Want to learn security better
Post by: kmfkewm on September 08, 2012, 05:17 pm
Checking shipping once in a blue moon should be fine as long as you don't track on TOR

Checking tracking without Tor is fine if you don't care that it links your IP address to the package

I  agree that tor is probably better but since this is a unique querry could it be used to try to track the route back thru tor? Not understanding Tor this might be a stupid question

Check tracking with Tor, your package could be flagged as likely contraband. Check tracking without Tor, you link your IP address to the package. Check tracking from Open Wifi from random locations frequently your address could be flagged as likely getting contraband. Check tracking from your own IP address and the package is strongly linked to you and good bye plausible deniability and good bye any benefit of using a fake ID box or similar. Don't check tracking and you wont know when it says "your package has been seized by the feds, ur gonna get ass raped" and then the benefits of using a fake ID box or similar are reduced and you can't clean house before the raid.
Title: Re: Tracking package Is it wise? Want to learn security better
Post by: jameslink2 on September 08, 2012, 05:32 pm
Or you could use any of the thousands of track my package sites that pull the info from usps. You can hit them with tor and they proxy the request thus not directly leading to you, and not showing as being from a tor exit node.

For example, when you track a package from e-bay it does not send you to the usps site, it grabs the info from usps and displays it to you thus proxying your request.

Title: Re: Tracking package Is it wise? Want to learn security better
Post by: wsg on September 08, 2012, 05:39 pm
Or you could use any of the thousands of track my package sites that pull the info from usps. You can hit them with tor and they proxy the request thus not directly leading to you, and not showing as being from a tor exit node.

For example, when you track a package from e-bay it does not send you to the usps site, it grabs the info from usps and displays it to you thus proxying your request.

Great simple solution now I really feel stupid  :)  Thanks
Title: Re: Tracking package Is it wise? Want to learn security better
Post by: peels4u on September 08, 2012, 06:59 pm
JamesLink is a genius
Title: Re: Tracking package Is it wise? Want to learn security better
Post by: kmfkewm on September 08, 2012, 07:24 pm
Or you could use any of the thousands of track my package sites that pull the info from usps. You can hit them with tor and they proxy the request thus not directly leading to you, and not showing as being from a tor exit node.

For example, when you track a package from e-bay it does not send you to the usps site, it grabs the info from usps and displays it to you thus proxying your request.

Ah yeah that seems to be a good solution also, forgot about those.
Title: Re: Tracking package Is it wise? Want to learn security better
Post by: Trinitron421 on September 08, 2012, 08:06 pm
Use third party tracking websites through tor if you MUST check your tracking. Tracking should only be used in resoloution, you should never have to load it yourself (but I know I am preaching to impatient bastards).
Title: Re: Tracking package Is it wise? Want to learn security better
Post by: wsg on September 09, 2012, 03:08 am
Use third party tracking websites through tor if you MUST check your tracking. Tracking should only be used in resoloution, you should never have to load it yourself (but I know I am preaching to impatient bastards).
I'm not an impatient Bastard  ::)just a curious one :P and now I feel like a schoolkid that got playing hookie I know I shouldn't check but i did and you are right,  there was no reason for it,  and I wont do it again  :)

Seriously I am glad I made the post it confirmed what I was thinking and hope to help others not be impatient.