Silk Road forums
Discussion => Security => Topic started by: IamaLizard on May 06, 2012, 01:35 am
-
I noticed after clicking to buy a product there is a field for my address/etc. Is this field auto encrypted or do I encrypt my info with their public key and then paste it? Thanks
-
Hey yeah encrypt your address with the public key on there vendor page, then paste it in, you can also use this for messages over SR but this is up to you.
-
Is this field auto encrypted or do I encrypt my info with their public key and then paste it?
Both! SR encrypts your address for you, but most of us tend to agree that encrypting it further with the vendor's public key is the best bet. It only takes seconds, and you ensure that the vendor (or anyone with his private key...) is definitely the only one who can read it.
-
Silk Road does not encrypt your address for you. they store it on a mounted encrypted volume, so if the server were compromised, your address would be viewable in plaintext unless you encrypt it yourself. Even if Silk Road did encrypt it for you, don't you want to take control of your own security instead of relying on an anonymous hidden service admin?
-
how do you know this
I'ma take a guess and say....he doesn't.
Also, OP, some vendors require you to PGP everything from 'Hi I fucked your mom.' to '-insert address here-'. Some only require it for your address. Some don't even require that. If you're paranoid, encrypt everything. If you're like me and don't give a fuck, only encrypt your address. :P
-
I guess I don't know it as fact, but it was discussed at length on the old forum. they also claim to delete addresses as soon as orders are put in transit, but during one recent change, lots of "deleted" PMs, and transaction histories suddenly returned. I guess my point is that you should take your own encryption into your own hands, and not count on anyone else doing it for you
-
I guess my point is that you should take your own encryption into your own hands, and not count on anyone else doing it for you
Exactly. Even if SR's encryption was considered foolproof, there's no reason to avoid the added security of PGP, redundant or not. It takes me literally 2 seconds to encrypt a message if I already have the vendor's public key saved.
-
Regardless of the competence of SR's encryption, you wanna use your own anyway. This just ensures that you aren't using encryption that appears to be encryption, but really is nothing more than a backdoored imposter.
It is for this same reason that you should only use encryption software that is open source.
-
he knows this because SR claims to have fully server side encryption of addresses and essentially the only way to do this is to store everything on a mounted encrypted drive
What this means is that SR server securely encrypts addresses only when the power to their server is cut or the drive is unmounted , because the keys must be stored in RAM so data can be dynamically decrypted/encrypted
What this means is that if the attacker locates the server while it is still running, or wait for it to start running again, they can get the keys by cold booting the RAM into a forensics laptop
It also means that if the server is rooted the attacker gains full access to encryption keys
It also means that DPR can decrypt whatever he wants
if you use GPG none of these issues are present.
SR could be using chasis intrusion detection technology and have the RAM secured with encapsulation material, that would make the physical attack harder but not impossible, but I doubt he is doing this because it would mean he almost certainly would have shipped the server to a colocation facility after configuring it himself
-
Does this also apply when sending a message, for example a question to a vendor?
-
It's entirely up to you what you consider sensitive.
-
I'm not sure here but isn't it the nature of tor itself that 'rogue' outgoing nodes can intercept unencrypted traffic passing through them. So in theory, could read your address. Because when you submit a form on SR it passes through the network unencrypted between you and the server?
-
what I was trying to get at was that none of us know for sure how the server is set up. SR claiming that there's server side encryption of data doesn't really make it so.
This is very true. Just claiming something doesn't make it so. We all respect SR and trust it to an extent, but this whole thing is anonymous and carries great risk. We must all take our security into our own hands.
I'm not sure here but isn't it the nature of tor itself that 'rogue' outgoing nodes can intercept unencrypted traffic passing through them. So in theory, could read your address. Because when you submit a form on SR it passes through the network unencrypted between you and the server?
I honestly don't know enough about the workings of Tor, but I was under the impression that all data going through the network was encrypted, and that your personal computer or network would have to be compromised for it to be accessed. However, as discussed above, you may as well pretend that Tor encrypts nothing, and always take extra measures to secure your private information.
-
With hidden services Tor encrypts data up to, but not including, the time that it has already arrived to the server. With non-hidden services, Tor encrypts data up to the point just prior to it arriving at the server, the exit node decrypts the final layer to reveal the plaintext. This means that exit nodes can spy on plaintext data sent through Tor to the normal internet.
-
Not quite getting my head round the tor system fully, but think I'll take your advice and use PGP always. Think I finally got my head round the basics last night after really careful studying of the pinned tutorial. Still not sure about signing yet, but I'm sure that will be another adventure!
So are .onion address' a server somewhere that acts as an exit node to itself? So therefore unless someone was physically able to monitor the server itself they wouldn't be able to see the plaintext?
-
So are .onion address' a server somewhere that acts as an exit node to itself? So therefore unless someone was physically able to monitor the server itself they wouldn't be able to see the plaintext?
Eh you're off from a tech standpoint but your conclusions are right. Always use PGP since you can't trust any other party besides yourself, this applies to SR's servers too.