Silk Road forums
Discussion => Newbie discussion => Topic started by: catalan on June 17, 2013, 09:01 pm
-
I'd like to post this on the shipping board, but I'm a newbie so I guess this will just have to do for now.
I was reading the Terrible Stealth thread and saw chriscalderon's reply (http://dkn255hz262ypmii.onion/index.php?topic=173260.msg1245212#msg1245212), which echoes my own sentiment:
It is unfortunate. Some compatriots of mine and myself were having tea in the Captain's quarters discussing that we feel as if vendors are disproportionately in power - bear me out in this thinking.
I know about dead drops, using other people/addresses, PO boxes etc... but all still fundamentally pose the problem that once a package is identified a determined investigator can follow it through to you.
So, thinking that it must be possible to devise a better way, the cogs in my grey goo have recently been turning on this; and I now have an early stage, outline proposal on which I would be interested to hear the thoughts of the community at large.
Essentially, the idea is to create a Chaum mix-net within the postal system. Node operators would publicly offer a legitimate mail forwarding business, which can receive instructions via PGP-encrypted message and payment by BTC. On receiving a package, it is encapsulated in a new envelope and forwarded accordingly. Buyers could chain numerous forwarders thus requiring ALL to be compromised for their anonymity to be broken.
The two most obvious attack vectors would be correlation of packages in/out at each node (can be mitigated with consistent packaging and weights, although the possibility of LEA embedding tracking devices remains) and the identification/flagging of particular nodes as warranting close attention.
A separate (but very real) risk exists in dishonest node operators, who might steal goods in transit. Similar trust safeguards to other marketplace transactions would need to be employed.
Significant cover traffic (in the form of either legitimate or dummy mail) could mitigate against both risks.
I'm not entirely clear in my own mind whether instructions should be embedded within the outermost message envelope (removed at each hop) and instructions for each downstream hop decrypted at each stage or whether such control messages can safely be transmitted "out of band" (i.e. over the Internet).
Is this idea utterly daft? Or does it already exist? If not, why not? Perhaps we can spec it more thoroughly and make it happen.