Silk Road forums

Discussion => Shipping => Topic started by: Nikodym on March 08, 2012, 07:05 am

Title: Flood USPS tracking website with tracking requests from Tor?
Post by: Nikodym on March 08, 2012, 07:05 am
I've seen numerous references to the perils of tracking DCNs over Tor, and how it allegedly flags packages. Is there actual evidence or supporting claims for this? It wouldn't be hard to test empirically if you had a lot of identical packages with DCN to test it out on to build a data set for analysis. On the other hand, it couldn't be that hard to make a bot to that works through Tor to constantly check DCNs either. I'm not sure how you would know which range of DCNs to be using, but maybe they're issued sequentially or with some other recognizable pattern so you aren't wasting requests on expired or unissued DCNs. If the hypothesis of Tor DCN tracking = bad is true, this could totally overwhelm their efforts to flag packages, and I suspect it would also shed some light on whether or not this is actually a problem.   
Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: anon911 on March 08, 2012, 07:16 am
TOR isn't illegal. Most people I know that use it are using it as a free VPN/proxy not for buying drugs.
Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: shock1171 on March 08, 2012, 07:19 am
ive used tor to track packages that were legit legal items to see what would happen. nothing ever happened and they went through just fine.

i probably still would never track a package on tor if was coming from SR though, just for precautionary reasons.
Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: Nikodym on March 08, 2012, 08:12 am
TOR isn't illegal. Most people I know that use it are using it as a free VPN/proxy not for buying drugs.

Legality has nothing to do with it. Just because using Tor isn't illegal doesn't mean it isn't suspicious. A bit of suspicion is all they need to stop a package and have a dog walk by it or throw it in the xray and then ring the judge for a warrant...
Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: kmfkewm on March 08, 2012, 08:29 am
I have heard second hand from several people who claim to know for certain, that customs and postal agencies gather the data from package tracking and use it for intelligence. Even if they are not currently doing this, the fact is they could very easily do it, and the majority of packages that have tracking checked with a Tor exit node probably contain illegal items.
Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: THANTOS on March 08, 2012, 03:18 pm
Quote
I have heard second hand from several people who claim to know for certain, that customs and postal agencies gather the data from package tracking and use it for intelligence. Even if they are not currently doing this, the fact is they could very easily do it, and the majority of packages that have tracking checked with a Tor exit node probably contain illegal items.

No way! 

It would be the farthest from "easy to do" - it would require tons of dedicated resources and built in risk-assessment software . . . it'd would be an extraordinarily expensive venture to bust buyers . . . which seems pointless, why move down the ladder??

The majority of packages tracked with a Tor exit node contain illegal items?  Wow - that's a leap and a half man, there is  no way know, speculating would be pointless, it'd be like me saying your name is probably either Chris or Steve - it's a baseless guess without any possibility of real determination either way.
Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: kmfkewm on March 08, 2012, 09:54 pm
Quote
No way! 
It would be the farthest from "easy to do" - it would require tons of dedicated resources and built in risk-assessment software . . . it'd would be an extraordinarily expensive venture to bust buyers . . . which seems pointless, why move down the ladder??

It would require the IP log database from the tracking website and a computer to query it looking for through the list of IP addresses for known Tor exit nodes and then seeing which addresses are tied to those packages. By no means would this take an extraordinary amount of resources or expense.

Quote
The majority of packages tracked with a Tor exit node contain illegal items?  Wow - that's a leap and a half man, there is  no way know, speculating would be pointless, it'd be like me saying your name is probably either Chris or Steve - it's a baseless guess without any possibility of real determination either way.

Why would you check a shipment with Tor if you didn't want it to be traced to you? Isn't that the entire point of using Tor? Why would you not want a package to be traced to you? Even if it isn't the majority of packages, I would bet my life that a significantly higher % of packs checked via Tor contain illegal items than packs not checked via Tor. I can say that your name is probably John if you live in the United States and are male. It is also probably significantly more likely for you to fit that profile as an SR member, than for you to be a Chinese female.

Go ahead and check all of your drug shipments with Tor if you want. IMO it is a good way to get your shit flagged.
Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: zuckerberg on March 08, 2012, 11:53 pm
 KMFDM is right.  he is one of the only people on here that knows his shit  .   RESPECT  bro.   u = elite.
Quote

It would be the farthest from "easy to do" - it would require tons of dedicated resources and built in risk-assessment software . . . it'd would be an extraordinarily expensive venture to bust buyers . . . which seems pointless, why move down the ladder??

 
YO thantanos ,  brah,  the Tor Exit Node list is publicZz .  Have you evar tried connectings to IRC or MtGox via TOR?   How do ya think TEH IRC networkZ ban everyone from connecting via Tor?   How do you think Mt. Gox bans everyone from tc peeing via Tor? 

Aint not very hard to do!!@$  It would take liek about 8 lines of code give or take.  And itz .... already done .... on almost all IRC networks and on MtCocks.


LOL LOL "TONS OF DEDICATED RESOURCSEZ ZOMG"     .  Yeh .  IT WOULD TAKE ALMOST A MILLION GILLION PARIS HILLION CPU CCYCLES TO CALCUALTED  THE OVERLAP BETWEEN SET A OF .TOR NODEZ. AND SET B OF .DAILY TRACKING IPS.   

srsly  man  that wzould take about   400ms - 10secodnds in an Intel Core i3     AND  OF COURZE depending on the size of the list of ppl that check tracking info.  Assuming one million hits per day (yeah USPSS IS SOOOO POPULAR  MOAR THAN CNN), it would take less than 10 seconds do the calculations on a $500 laptop.




Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: kmfkewm on March 09, 2012, 01:59 am
It wouldn't even take eight new lines of code there are already open source scripts made for detecting Tor and proxy IP addresses from log files.
Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: THANTOS on March 09, 2012, 02:22 am
Resources dedicated to determining if the user used Tor to track the package?  Nono, you misunderstood.

I write VB atm. . . so I understand that development of an application to detect this wouldn't be that big of a project- although any time you deploy anything in that type of context it's a bigger project than someone would imagine.. 

But I disagree about what would happen next, the resources and expenses associated with finding the packages that were sent, and then what?  You think a Postal Inspector will look at each of those packs?  You think a log will be created of the recipient or sender?  To do what with - exactly?

I don't understand what the grand design would be here.  And to what?  Prosecute a buyer?  lol, Seriously?

This isn't a computer question in my opinion, it's a matter of law and benefit.  Pursuing a conviction that won't stick isn't usually something Federal Agents have an interest in, and I fail to see how tracking a package with Tor is justification for obtaining a warrant to open the package, or even to invest 10 seconds in checking the package or the recipient address - too many outside variables.  I fail to see the end game, what this information could possibly be done with. 

I've tracked packages with Tor, I know of TONS of people who've tracked packages with Tor . . .

In other words I disagree with the premise that Tor = suspicion, and I would add that real-world experience supports my belief, not vice versa.
Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: Nikodym on March 09, 2012, 02:39 am
The fact is that it wouldn't be terribly difficult to incorporate a system to briefly stop Tor-checked packages. Once you had data about if a package was being checked with Tor, you could have the machines that scan and update DCNs indicate if they'd been Tor tracked and have that handler put it in an examination pile. Then all you need to do is have a dog walk by or throw them in an xray. If the dog hits or there's something pretty blatant in the xray, it's a simple call to the judge to get a warrant and check it out. If not, you throw it back. Maybe it's delayed a few hours or a day or whatever. It's not like the whole system has to grind to a halt. The overall costs to implement this aren't as great as you might think, and if they can do so under the guise of 'national security' I'm sure there's all kinds of funding available for it.

I agree that at present, it's unlikely that this is a common practice, especially given recent cutbacks. And also that the overhead to bust someone for a gram of weed or cocaine doesn't really justify. All that means is that they won't pursue every intercepted package. Bet your ass that they pursue some though, regardless of quantity. If not checking DCNs through Tor minimizes that risk, it's probably the prudent thing to do.
Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: kmfkewm on March 09, 2012, 04:11 am
It works great for intelligence. I have heard they also check sequential #s if one is found to contain drugs, on the assumption that the sender probably sent out multiple packs. This is how intelligence works, it helps narrow in on evidence so that resources are not wasted. Packs crossing customs in particular are checked. If they decide to spend the time window they have checking packs that have tracking checked with Tor, they are probably going to have higher interception rates than if they don't do this. I know of at least three international orders with major amounts of product in them (including blotter paper in two cases) that were snagged by customs after the tracking was checked with Tor, in some cases fairly frequently. If the checking of tracking with Tor was directly related to the interceptions or not is unknown, but I wouldn't be surprised. What legitimate reason is there for a pack from NL to USA to have tracking checked by ten different IP addresses from around the world / Tor exit nodes? This is certainly a red flag regardless of if it is being utilized as one or not, but the ease of utilization makes it seem almost certain that it is being utilized.

Checking tracking with Tor by itself may not be enough to get a package checked in the same way that having any other flag present may not be enough to get the package checked. But is it a flag? I would bet on it.

I have also heard from multiple people that these tracking checking systems are in place, one person who claimed to have a friend with inside knowledge about Canadian customs in particular was the first person to bring the concern of Tor exit nodes checking tracking to light on a private forum. Highly ancedotal evidence, but the claim makes logical sense if you think about it and I don't see any reason why someone would make up lies about customs doing things that are technically in their ability to do. Even if they are not right now it should always be assumed that they will, since they can.
Title: Re: Flood USPS tracking website with tracking requests from Tor?
Post by: BongoBingo on March 11, 2012, 08:38 am
It'd be fairly easy to do if you had a way of knowing which DCNs were "active".  You could basically brute force it with a script that'd generate a random number then send wget to pull the page.  The problem is, of the trillions of possible numbers, very few will be active.  You could get a DCN tag from the PO, then limit the number to a range within say 100 million above and below that number.  But then the few that get hit on that likely won't become a burden to the USPS to have them get a bit more examination.  They're going to be spread all over the US at different facilities.  Maybe a few extra packages at each.