Silk Road forums
Discussion => Shipping => Topic started by: bluedev1 on July 17, 2013, 08:58 pm
-
Isn't using the same return address a slight risk, for all parties involved?
-
Yes, if they continue to use the same address over and over it should start to worry you, imo.
-
But why would you get so may mails from all these places in this town so far away? Wouldn't it be better to mail it like a actually business - repeat customers?
-
There could be a lot of reasons you'd get a bunch of stuff from one city, and that's nobody's business excepts yours anyway.
The riskier thing is for LE to get on here, make a purchase from a vendor, and take note of the return address. IIRC, the postal service now photographs or scans all priority mail. Not sure what the reason for that is or if access to that is even possible for LE, but if they could access it for investigative purposes, then they might start connecting dots with you and and inconceivably uncoincidental small number of others that have received packages from similar return addresses.
e.g. LE receives package from Pablo and takes note of return address. Looks up addresses that have also received packages from this return address. Now let's say they buy from a few more vendors, and take note of all the return addresses. Some of those vendors are using the same return address over and over rather than rotating them regularly.
Now, it's possible they could amass the data on all shipments made from these return addresses, and can find Shipped To addresses that they have in common. Easily searching the data, they see it just so happens out of the 50 million pieces of mail, only ten people -- we'll call them Bad Luck Brians -- received packages from more than one of these return addresses and on multiple occasions -- which, after doing some statistical analysis, turns out to be about as likely to be mere coincidence as winning the lottery. Now they have some potential felons to investigate. No bueno.
If I'm missing something here let me know, but it seems to me vendors ought to have a large directory of local businesses that send mail out regularly and be using as many different legitimate return addresses as possible all the time, like for every order a different address.
-
There could be a lot of reasons you'd get a bunch of stuff from one city, and that's nobody's business excepts yours anyway.
The riskier thing is for LE to get on here, make a purchase from a vendor, and take note of the return address. IIRC, the postal service now photographs or scans all priority mail. Not sure what the reason for that is or if access to that is even possible for LE, but if they could access it for investigative purposes, then they might start connecting dots with you and and inconceivably uncoincidental small number of others that have received packages from similar return addresses.
^what he said
-
There could be a lot of reasons you'd get a bunch of stuff from one city, and that's nobody's business excepts yours anyway.
The riskier thing is for LE to get on here, make a purchase from a vendor, and take note of the return address. IIRC, the postal service now photographs or scans all priority mail. Not sure what the reason for that is or if access to that is even possible for LE, but if they could access it for investigative purposes, then they might start connecting dots with you and and inconceivably uncoincidental small number of others that have received packages from similar return addresses.
e.g. LE receives package from Pablo and takes note of return address. Looks up addresses that have also received packages from this return address. Now let's say they buy from a few more vendors, and take note of all the return addresses. Some of those vendors are using the same return address over and over rather than rotating them regularly.
Now, it's possible they could amass the data on all shipments made from these return addresses, and can find Shipped To addresses that they have in common. Easily searching the data, they see it just so happens out of the 50 million pieces of mail, only ten people -- we'll call them Bad Luck Brians -- received packages from more than one of these return addresses and on multiple occasions -- which, after doing some statistical analysis, turns out to be about as likely to be mere coincidence as winning the lottery. Now they have some potential felons to investigate. No bueno.
If I'm missing something here let me know, but it seems to me vendors ought to have a large directory of local businesses that send mail out regularly and be using as many different legitimate return addresses as possible all the time, like for every order a different address.
+1
Boy, being a good vendor is so hard. I have huge respect for those guys :)
-
The thing is, we don't really know how thought-out vendors' processes are. And if they were to explain exactly how they do things, it might reveal stuff that compromises the security of the whole operation. So I'm not expecting any vendors to come on here and talk about what they do, why they do it, etc..
I'm not suggesting I have thought through this issue as if my life depended on it, as perhaps vendors have, and so maybe using repeat return addresses isn't as big an issue as it seems, if the return address is for, let's say, a major Amazon or eBay store. In that case, I guess there would be much less of a concern.
I just want to be clear that there is a reason the Subject of this thread is a question. Obviously I've thought a little about it but I still don't know for sure what to expect from a super-super-stealth vendor. Some things we see, like their packaging, other things we don't, like what they do with their bitcoins.
-
The thing is, we don't really know how thought-out vendors' processes are. And if they were to explain exactly how they do things, it might reveal stuff that compromises the security of the whole operation. So I'm not expecting any vendors to come on here and talk about what they do, why they do it, etc..
I try very hard to believe that the average silk road vendor takes more precautions, is more knowledgable, and of a higher caliber than my average street dealer. And, based on the tech-savvyness/knowledge necessary to do it without being caught, this is probably the case. Believe me, I have a lot of respect for vendors doing what they do - it's risky, dangerous, impressive, and a wonderful convenience for me as a customer.
But if I think about some of the pot dealers I had in high school, or even one coke dealer in college who were particularly not-in-tune with how to do their job safely, and in a couple cases just plain dumb, who I would not want as a silk road dealer.
I am not a very knowledgable person about the security involved with being a vendor - I would need to be before being willing to become one. I just sort of hope deep down that vendors take the time to think about what it looks like to have packages all leaving from their house going all over the country looks like, and so forth. It's their job to think about this stuff, not mine. And that's why I pay their prices and don't complain.
I also think even if the DEA or HLS or whomever is even on to the seller because they use a repeat address, the only time they'd go after the buyer is maybe if they need more information about the seller. I don't believe everything I read on the forums but I do feel confident that in most cases the customer really is too small of a deal for anyone to care about. Even if they get and arrest a vendor, and the vendor is dumb enough to keep the 500 addresses they've ever sent to, I can't see an international police crack-down and 500 buyer arrests all simultaneously made or whatever.
tl;dr
I can't think if significant upsides or downsides to maintaining or always changing an address. So maybe a compromise. Change it up every 3 months?
-
Good point. I've always felt a little safer on the buyer side.
So let's look at it from the perspective of long-term survival of this black market. I think we could all agree that a major headline 'DEA Sting nets drug ring operation of 35 major drug dealers from Silk Road' or something to that effect would pretty much shut down the site, because everyone would stop buying. That is the DEA's wet dream. But beyond that, if they were able to do such a thing, they would certainly also want to make a point to not allow other sites to pop up in their place. And they could have leverage in preventing that by keeping a tally of buyer addresses through the aforementioned scenarios. So then maybe another site comes in and tries to fill the gap. They start watching the packages being shipping to those addresses, because you know people want drugs and they're going to keep buying them if they are available. Then eventually, another sting. This could go on for a while. So all the while buyers are protected but vendors are being taken out, and eventually we're left with shitty vendors or no vendors. Obviously a very hypothetical story here but it could happen, no?
-
Here's the problem: DEA has postal service photographing every piece of mail into a massive database. A few pieces here and there get intercepted, some are accidentally opened, some are opened by spying a-holes delivered by mistake, and some are opened on court order. All gets thrown into the database. At some point the numbers start to add up. Keep using the same address and you'll get flagged. It would be best to either fake a return address, or just use a real address, only different, every time. Who cares if it gets intercepted and the sender knew nothing about it?
-
greencrack: can you link to a source citing that it's specifically the DEA having them photograph every piece of mail? I heard they were being photographed but not specifically why or for who. And it seems a bit odd that the DEA would do this, at least for domestic mail. If anything I would think it more likely to do with the NSA but I would like see some confirmation about the details this. thanks
-
The main reason I am always changing my returns is because customers give false names, write address wrong. I copy/paste what they put package goes out gets returned to sender. At this point I have to assume the worst and never use that address again. I have to assume this package shows up at this company is opened, even with good steal simple curiosity on their end may cause product to be found, and its possible LE is called. Wouldn't be shocking if for a bit after that post office workers in that region are looking for anything with that return.
-
Even if they get and arrest a vendor, and the vendor is dumb enough to keep the 500 addresses they've ever sent to, I can't see an international police crack-down and 500 buyer arrests all simultaneously made or whatever.
I saw this happen in Germany. It was a clearnet site and many homes got searched. Not even drugs, it was about illegal fireworks. Most of the 'criminals' they were looking for were 12-18 year old kids who wanted loud firework.
-
Vendors should use a different return address for every single piece of mail.
-
There could be a lot of reasons you'd get a bunch of stuff from one city, and that's nobody's business excepts yours anyway.
+1 for that. You have a business relationship with a company in another part of the country. Maybe you're a contractor and they're sending you work (which is very common). Or maybe your ordering from a catalog. Who knows? It's not your mail carrier's concern.
I wouldn't sweat the people at your local post office. They don't give a fuck what's in your package (as long as it doesn't reek of weed. Hell, they're more likely to steal your shit than call the cops.
It's the postal inspectors that you need to worry about. The integrity of the packaging is far more important than the return address.
People seem to be unaware of the sheer scale of the USPS. They aren't worried about small quantities for personal use in the mail. They've got bigger fish to fry. Large packages and express mail is what is subjected to the most scrutiny (although it's not drugs they're looking for in express mail -- that's another topic not related to Sr or this discussion).
So no, I wouldn't lose any sleep over it if you're otherwise happy with the vendor.
-
The main reason I am always changing my returns is because customers give false names, write address wrong. I copy/paste what they put package goes out gets returned to sender. At this point I have to assume the worst and never use that address again. I have to assume this package shows up at this company is opened, even with good steal simple curiosity on their end may cause product to be found, and its possible LE is called. Wouldn't be shocking if for a bit after that post office workers in that region are looking for anything with that return.
Yep, I have several return addresses I utilize.
Had a recent 'return to sender' thing happen to me.
So... won't be using that particular address again.