Silk Road forums

Discussion => Security => Topic started by: Silk Road Encounter on February 13, 2012, 01:40 am

Title: Dangers involved in the flash drives being sold on SR
Post by: Silk Road Encounter on February 13, 2012, 01:40 am
It's basically Silk Road in an impenetrable black box, from what I gather.  A flash drive, designed to offer everything silk road, without the risk of being found out.

The issue I have with these flash drives is I don't have any proof that they do what they claim.  And suppose they do work as intended.  Who's to say that law enforcement isn't selling them with keystroke loggers in them?
Title: Re: Dangers involved in the flash drives being sold on SR
Post by: redforeva on February 13, 2012, 02:02 am
I wouldnt accept any electronics or programs off the SR (.exe) Just because too easy to put nasty code in a poly...
Title: Re: Dangers involved in the flash drives being sold on SR
Post by: v01d on February 13, 2012, 03:11 am
I wouldnt accept any electronics or programs off the SR (.exe) Just because too easy to put nasty code in a poly...
I agree. Not calling any vendor out, but I personally feel better building and securing my own system. More peace of mind.
Title: Re: Dangers involved in the flash drives being sold on SR
Post by: res on February 13, 2012, 03:30 am
It's simple to make one yourself anyway.....
Title: Re: Dangers involved in the flash drives being sold on SR
Post by: respect on February 13, 2012, 01:24 pm
The thing is, it's a potentially valuable service. But it requires the ultimate trust in the vendor. The kind of review that the system should undergo would really only be capable of being performed by someone who wouldn't need one of these systems anyway. And this would be an extensive, time consuming analysis. You can't just get this and take a look around inside and be like, yep, looks good. It would have to be observed in an operational environment for an extended period of time while capturing all data it transmits and looking for some back-channel communication. As a person who could do something like that, there's no way I'd bother without getting paid. It's a lot of work and a pretty big responsibility. I wouldn't put my approval on it unless I was damn well sure of it. And whose gonna pay me? The vendor? Conflict of interest. And the only kind of approval you could ever put on it, anyway, is "It hasn't done anything bad, yet". That's why compromised systems aren't "repaired". They're wiped and re-installed from scratch (or re-imaged). With gigabytes of binary data to review, you can *never* be sure.

I've thought about doing something like this as well. But really, it's the kind of thing that needs to be generally applicable and publicly available, undergoing extensive public review. Like any of the many available LiveCDs out there.

Maybe the guy's got good sincere intentions and maybe he doesn't. Maybe the people who buy and use it will be in good hands, and maybe they won't. There is no guarantee. And only time will tell and there's always that "yet" ghost trailing it. It's a potentially successful endeavor. But unfortunately, a failed security concept.
Title: Re: Dangers involved in the flash drives being sold on SR
Post by: CaptainSensible on February 13, 2012, 09:34 pm
Really, you might as well figure out how to create your own bootable USB drive with the ability to access the Tor network.  Software like Liberte Linux and Tails need pretty regular updates, so what's the point of buying software that'll be obsolete in a few months. 
Title: Re: Dangers involved in the flash drives being sold on SR
Post by: Spedly on February 14, 2012, 03:00 am
Those vendors would have to pay me to use their flash drives.
Title: Re: Dangers involved in the flash drives being sold on SR
Post by: abuttelmao on February 14, 2012, 04:12 am
It should go without saying that you should never outsource your security to anyone else.  Once your security is out of your hands, you might as well be posting your personal information out in the open.

I'm not accusing anyone of anything, but if YOU can't secure YOURSELF, then you can never be sure that you're secure at all.  There's no one on SR I would trust enough to put my security exclusively in their hands, including vendors and SR himself.
Title: Re: Dangers involved in the flash drives being sold on SR
Post by: hoffa on February 14, 2012, 07:19 am
Hey guys agree makes me very nervous given the shear quantity of key logging, gps tracking softwares that are currently available and so easily hidden!

Wouldnt mind a step by step guide to building your own? if anyone has this, It would be awesome to post it up or send me a PM. Willing to throw some coins your way as a thank you!

Hoffa
Title: Re: Dangers involved in the flash drives being sold on SR
Post by: v01d on February 23, 2012, 11:33 pm
Hey guys agree makes me very nervous given the shear quantity of key logging, gps tracking softwares that are currently available and so easily hidden!

Wouldnt mind a step by step guide to building your own? if anyone has this, It would be awesome to post it up or send me a PM. Willing to throw some coins your way as a thank you!

Hoffa

My guide is here:
http://dkn255hz262ypmii.onion/index.php?topic=9067.0
Liberte or full disk encryption + virtualization are your best bets.