Silk Road forums
Discussion => Newbie discussion => Topic started by: phantomoto on July 22, 2013, 08:34 pm
-
Please advise Thanks
-
Short answer: YES.
Do not use hushmail. They betray their users, especially SR vendors and high-profile buyers.
Use tormail, or a similar system.
Tormail is designed using a rather clever system to accept incoming connections from other email servers, such as gmail, yahoo, hotmail, etc.
Tormail uses cheap disposable virtual private servers (VPS's) hosted in various countries with more lenient Internet-related laws in order to accept incoming connections, while using Tor exit nodes to send outgoing connections to email servers for outbound email.
It works surprisingly well.
These cheap disposable proxies run a lightweight Tor client and HAProxy, a reverse proxy intended for load balancing, but in this case, is used to relay connections from other email servers inside the Tor network to a Tor hidden service hosted by Tormail.
It's rather clever, and we should learn from this model.
-
yes, hushmail snitch, tor is the way to go, just type tor mail in the startpage search bar (top right) as stated on their page:
Notice to Officials - Abuse Complaints
This web site is just an informational web page.
None of Tor Mail's mail systems are hosted on this server, or on any server that you can find the IP address.
Siezing or shutting down this web site will have no effect on Tor Mail's services.
Tor Mail consists of several servers, a Tor hidden service, and an incoming and outgoing internet facing mail servers.
These internet facing mail servers are relays, they relay mail in and out of the Tor network, the relays are purchased anonymously and not tracable to us.
The only thing stored on the hard drive of those servers is the Exim mail server, and the Tor software.
No emails or logs or anything important are stored on those servers, thus it doesn't matter if they are seized or shut down.
We are prepared to quickly replace any relay that is taken offline for any reason.
The Tor Mail hidden service and SMTP/IMAP/POP3 are on a hidden server completely seperate from the relays, the relays do not know the IP of the hidden service.
Tor Mail does not co-operate with anyone attempting to identify or censor a Tor Mail user.
Tor Mail's goal is to provide completely anonymous and private communications to anyone who needs it.
We are anonymous and cannot be forced to reveal anything about a Tor Mail user.
-
tormail or not use pgp. never use tormail for bitcoin exchanges or any other place where you can't risk your account getting suspended for that use gmail. gmail won't let you signup from tor so you use tor+vpn
-
interesting
-
Yes, tormail operates like a lot of other anon onion services.
-
tormail or not use pgp. never use tormail for bitcoin exchanges or any other place where you can't risk your account getting suspended for that use gmail. gmail won't let you signup from tor so you use tor+vpn
Tormail does not need to "support pgp."
PGP SHOULD be purely clientside. If you are trying to use PGP encryption through some webmail interface, you are fucked.
Not only are you doing it wrong, but that webmail server knows everything you ever sent and received, and probably sold it all to LE.
-
Tormail does not need to "support pgp."
PGP SHOULD be purely clientside. If you are trying to use PGP encryption through some webmail interface, you are fucked.
Not only are you doing it wrong, but that webmail server knows everything you ever sent and received, and probably sold it all to LE.
lol you misunderstood what i said. i meant that whatever email provider you choose you have to use encryption. do you really want tormail to be able read all your emails? do you think they don't do it? there's nothing stopping them. pgp on hushmail is a complete joke. i frequently received emails from hushmail users who've enabled pgp signing. when i asked them if they know what pgp is and whether they want my pgp key i get no answer back. obviously the person has no clue what i'm talking about but uses hush because they think it's more secure than hotmail when it's not
-
tormail or not use pgp. never use tormail for bitcoin exchanges or any other place where you can't risk your account getting suspended for that use gmail. gmail won't let you signup from tor so you use tor+vpn
I think what he meant to say is:
Whether you use Tormail or not, use OpenPGP email encryption.
Never use your Tormail address for clearnet sites such as MtGox, etc. They are likely to block Tormail.
I suggest you use GMail for things like that, however GMail will not let you register a new account from Tor, so use a VPN for that.
Good advice.
I'd add that if you cannot afford a decent VPN, you can use McDonalds, Starbucks, etc. for their free wifi, since they cannot afford to track you too closely, and it's good enough for simply dissociating your Tor use with your residential broadband's IP.
ISPs have more money, and are legally forced to betray their subscribers with Oracle deep packet inspection servers listening to beam splitters and Sandvine servers to manipulate traffic.
The ISPs would be shot and killed if they refused.
-
I have signed up for gmail accounts only using TOR no vpn
-
Yeah. It is.
Although always keep your darknet and your clearnet identity completly seperate. Don't use a username on tormail (or silkroad or any darknet site) that you used on clearnet. And don't use your tormail outside of the darknet (such as on your Facebook, etc) because that can also be traced back. But yeah, if smart, tormail is the safest bet.
-
@AirshipAdmiral
Hey mate - I am a definite newbie here and still finding my way just wondering if I could ask a question RE Tormail?
It's been said that you should keep your clearnet and darknet identities separate - so does that mean I should be using my Tormail address for PGP or a clearnet email address??
Sorry if it's a silly question,, any help would be greatly appreciated ;D
-
so seems like tormail is solid NOT hushmail
and basically encrypt your msgs using a PGP key
....if you need to sign up for a BTC wallet then use tor + vpn (or tor directly) to open a gmail account and then use that gmail account to open your BTC wallet
does that sound about right?
thanks for the help!
-
You Guys are the Best! Thanks for for your advise It is much appreciated .
-
Best idea since sliced bread.
Go for it.
;)
-
Yes TORmail is great. The system really is pretty secure. My only real complaint is that the system is down fairly often which makes reliable communication rough.
For added security I would make sure you login using the 'Squirrel Mail' page at http://jhiwjjlqpyawmpjx.onion/squirrelmail/src/login.php
This is to ensure that absolutely no script is being run on your browser. You should have scripts disabled globally anyway though.
-
Undoubtedly the best option I know ;)
-
Signed up to Tormail yesterday and now use it for my PGP Key.. I couldn't access it through tormail.org but had no problems when using the onion URL that a very kind fellow forum member provided! Seems great to me - thanks for the info all :D