Silk Road forums
Discussion => Newbie discussion => Topic started by: Seb on September 01, 2013, 05:01 pm
-
Hello, I am wondering if I can get a serious response to this newbie thread. I am wanting to make a first time buy, while remaining as anonymous and untraceable as possible, and here are my questions/concerns:
1) When adding an item to my cart, it gives a small text box to enter the name and address to where the item queued for purchase will be sent. Does the information in this box go directly to the seller of the desired product? If so, could you just list your GPG key here followed by the encrypted mailing address information, or should I just enter in plain text the mailing address for the item to be shipped to?
2) I have a GPG key, but it is linked to a regular email accont (non-anonymous).... Is this safe? I would prefer to have a tormail account or something that is not linked with my real life name/information, but I cannot ever connect to tormail, nor am I aware of any other anonymous email provider.
3) Does the transaction require communication between the buyer and seller, or is the ordering phase 100% completed after entering the name and address while in the cart section and hitting place order.
I am sorry if this is redundant and lame to ask these questions, but I've sifted though the forums and haven't really found anything that lets me know how the buying process works, and how to ensure anonymity in a process that requires a mailing address to be entered. If you are able to help me out with these basic concerns, I would greatly appreciate it. Thank you for your time should you be able to help me out with answers to concerns. Please no links to SR wiki; it doesn't seem to shed light on my concerns.
-
Where applicable take the vendors pgp key and use that to encrypt your prefered drop address then paste that into the area provided.
you can make a pgp key for yourself without actually linking it to an active e-mail, just use a made up fake one
eg bingo@wazzer.net you are only using it to encrypt/decrypt.
you don't need to communicate with sellers unless extra info etc is required or unless you are feeling chatty but i expect in the early days you might just want to concentrate on the business at hand ;)
-
Where applicable take the vendors pgp key and use that to encrypt your prefered drop address then paste that into the area provided.
you can make a pgp key for yourself without actually linking it to an active e-mail, just use a made up fake one
eg bingo@wazzer.net you are only using it to encrypt/decrypt.
you don't need to communicate with sellers unless extra info etc is required or unless you are feeling chatty but i expect in the early days you might just want to concentrate on the business at hand ;)
So, like this?
-----BEGIN PGP MESSAGE-----
Comment: GPGTools - https://gpgtools.org
hQEMAxLRjTKzkutjAQf7Bn5/hujdencX+xpok/QgeBhWA2WVu9SaFrjgXaeaarv2
za20P4XGjFtXuXQXAMwIvdLPEjBrMoIYPd5V7jgaaQVNZeMCsUEoYV+xOm6pMBYe
5ilgjWYmc1xDW/khK7bkCqmqRZccrKY2aQNvmbfm5l5rS8dKyH6UGgq3P3D7xA6w
TeFToPMG8TcaolkMeuYzYkt8R9tA6BmMaaCc7Wy4NdIL+Gz+jU2beow8wlkEAQ/q
4wP8EIive1KY4hDg3a8kRoFZ6ADWObDC9JsrPujXt4rG1v2/ViLItNGSNaMFI4fj
Y/ccBcX0LUTNpXNfi1k+KJ16e9ztt7X+mqrZcv1olowuBAMDAuRSTlbc/m2Zvq4D
+ocl1h5U6DepKlNlrB7+2xN++zgeCJXVKONsD0toHtJNAbvzABkdge0RXFGDfrPe
6ojX+wcr4e4V1+uavyBZfwwMJSoYRPt3WmFCb7nCn/JzG2Kzhp2hgVnPjEGkd20r
CPEM6QPjPESW7wYaXFM=
=1s5U
-----END PGP MESSAGE-----
-
I don't really get using the vendor's pgp key to encrypt. Aren't the PGP keys that the vendors display there email address? Isn't that what those are?
-
This is an easy alternative I saw a vendor suggest:
http://www.hanewin.net/encrypt/PGcrypt.htm
I've used it a couple times. It seems to work.
-
No its there key so you can encrypt your msg to send to them imagine a vendor has to save every buyers key then decrypt a msg no use there key then send encrypted msg
new tormail at f3ljvgyyujmnfhvi.onion
-
Hey, welcome!
1) This is where you should paste your encrypted address, using the vendors public key. Avoid using plain text when divulging personal information. If you need more help or practice with PGP let me know!
2) First off, tormail has been compromised. Or at least the last I heard it has been. As a buyer, I used a completely made up email. I don't even know if it exists or not, but I sure as hell am not connected to it. I don't really have a better answer, but unless you're a vendor I wouldn't worry about having a contact email associated with your key.
3) In my experience, there is no more communication needed. I've only used vendors that don't require FE, and I've never had to ask questions AFTER making an order. The first 5 or 6 orders I completed, I didn't even need to use the messaging function. I've only messaged vendors when asking specific details about listings, or asking ETA on when they'll have listings back up.
If you have any other questions let me know!
-
PGP isn't necessary when using the address box. You can use it if you really want to be stealthy though.
-
PGP isn't necessary when using the address box. You can use it if you really want to be stealthy though.
If you're going to take the time to download TOR, get bitcoins, and make an order I highly suggest you take the time to use encryption as well.
-
So if I use an encrypted message tied to a fake email in that box where you put your info during check out, the vendor will be able to decrypt it right? They're not expecting an actual email, right? I really see no reason to legitimately have an E Mail correspondence.
-
So if I use an encrypted message tied to a fake email in that box where you put your info during check out, the vendor will be able to decrypt it right? They're not expecting an actual email, right? I really see no reason to legitimately have an E Mail correspondence.
As long as your shipping information is accurate (check 3 times! I almost put an old zipcode in once) you should be fine.
If you do need to communicate with the vendor, there is a messaging system within SR. They can also contact you this way. The SR messaging system is not connected to your PGP key, although you can provide your key in a message.
99% of the time you won't need to worry about encrypting messages. But just be careful not to divulge identifying information!
-
Thanks a lot for the responses everyone; I appreciate the feedback. I definitely would use an encrypted message in the "insert address box" if I ever place an order, and am glad to know that the box does provide enough space to paste in my key as well as the encrypted message, thus helping maintain anonymity. Thank you all for taking the time to provide the feedback, I very much appreciate it, and hope you all have nothing but success in your dealings in life-
-
Have fun traveling the road!
-
Hi guys super fresh newbie and i dont know anything avout a PGP key, is it absolutle a must have or what i'm new to all this so i'm still trying to learn how to move around and find what i need on the sr, thanks
-
No its there key so you can encrypt your msg to send to them imagine a vendor has to save every buyers key then decrypt a msg no use there key then send encrypted msg
new tormail at f3ljvgyyujmnfhvi.onion
Hey, welcome!
1) This is where you should paste your encrypted address, using the vendors public key. Avoid using plain text when divulging personal information. If you need more help or practice with PGP let me know!
2) First off, tormail has been compromised. Or at least the last I heard it has been. As a buyer, I used a completely made up email. I don't even know if it exists or not, but I sure as hell am not connected to it. I don't really have a better answer, but unless you're a vendor I wouldn't worry about having a contact email associated with your key.
3) In my experience, there is no more communication needed. I've only used vendors that don't require FE, and I've never had to ask questions AFTER making an order. The first 5 or 6 orders I completed, I didn't even need to use the messaging function. I've only messaged vendors when asking specific details about listings, or asking ETA on when they'll have listings back up.
If you have any other questions let me know!
thanks this helped me too.
-
Thanks weaponstech!
-
Hi guys super fresh newbie and i dont know anything avout a PGP key, is it absolutle a must have or what i'm new to all this so i'm still trying to learn how to move around and find what i need on the sr, thanks
It is not a must, but very highly suggested. ESPECIALLY if you're involved in any illegal activity outside of SR. Some vendors require it.
It's not hard to do once you get it down, takes me less then 30 seconds now. It takes longer to type my address in TextEdit.
I just type out my address, select all, right click the selection, select services, encrypt, pick which vendor its for, encrypt, select all, copy, then paste in the text box on SR. This is of course on mac, so PC has a somewhat different process I'm guessing.
Make sure you get the whole thing, including the opening and closing identifiers.