Silk Road forums
Discussion => Security => Topic started by: MetalMan2 on March 22, 2012, 02:58 am
-
Just wanted to let everybody know about PGP (GnP) / Enigmail / Thunderbird was EASY to setup with Tormail.net. I've been communicating with THE FLIPSIDE via this method and it is a hell of alot easier than encrypting a clipboard message and posting it via SR PM's. I highly suggest it!!! If you need details email me at metalman@tormail.net or hit me up here.
-
how do you get thunderbird under tors wing tho?
-
how do you get thunderbird under tors wing tho?
There is some basic setup that you need to do for Tor. Go to Tormail.net and you can find the setup info. Pretty straight forward.
-
As MetalMan suggested, communicating via GPG/Tormail is 100% secure, and pretty straight forward to set up and very easy to use.
We highly recommend this thread for new GPG users. Although it is written for Mac users, the instructions should apply to Windows users as well.
9 Easy Steps- An OSX Tutorial for Setting up Tormail with Thunderbird/Enigmail
http://dkn255hz262ypmii.onion/index.php?topic=8235
Peace
The Flipside Crew
-
One thing to note with that guide (and the one on tormail's site) is that I found it didn't work as Socks v4 but is fine if you set it to v5. I have no idea whether this affects the security and I e-mailed the tormail admins about it but they haven't responded yet.
/tinfoil hat time
I'm also a little concerned by the fact that the password is limited to 25 characters. Normally I'd consider that more than enough but you can't use special characters either. Seems odd to me especially considering how hyper cypherpunk tor things usually are.
And for the entire tinfoil catsuit: I recall recently reading something about tormail being run by the russian security services.
-
Socks4 works fine for me and everyone I know. It may be an issue on your end.
I have heard that Tormail has some "Russian connections" at least. Someone posted a link a while back. You would think if it were some International/Russian LE agency running it, they would cover themselves well. Russia just "automatically" seems kind of "suspicious" in my opinion. Some random "off-shore" country would make a better front. I intend to investigate further.
Have you emailed the Tormail admins re: the password issue? 25 does seem a bit low, and the "special characters" issue has concerned me as well. If it were some Russian/International agency abusing (or not) Tor's vulnerabilities in 'Exit Nodes' (or something like that. please correct me) to harvest IP's, I would think the password issue is most likely just a mistake they overlooked, no matter what the situation.
Regardless if you are using GPG none of these issues should be of any concern. And all the more reason to rotate between "off-camera" public-wifi or otherwise anonymous hotspots.
But I am curious about the "Russian connections" and password issue. Email names also must start with a letter and don't allow special characters either. A less "tin-foily" possibility would be that it was simply "sub-par" programmers that designed the "character" aspect of the code. Doesn't really sound like the work of proffessional LE IT techs to me. But what do I know? ;)
Does anyone have any more information?
Peace
The Flipside Crew