Silk Road forums
Discussion => Silk Road discussion => Topic started by: Hydro2 on January 16, 2013, 12:17 am
-
I haven't done anything any suggestions
-
Learn PGP? 8)
-
Privnote requires Javascript to be enabled in order for it to work. As Twelve_Pickles wrote, take the time to learn PGP. It's not so hard after a little practice and it's by far the safest way to protect your info when sending it to a vendor. Also, be aware that the Privnote you send will be stored on a 3rd party server in PLAIN TEXT, where it has the potential to be seen by prying eyes with a warrant.
-
Privnote requires Javascript to be enabled in order for it to work. As Twelve_Pickles wrote, take the time to learn PGP. It's not so hard after a little practice and it's by far the safest way to protect your info when sending it to a vendor. Also, be aware that the Privnote you send will be stored on a 3rd party server in PLAIN TEXT, where it has the potential to be seen by prying eyes with a warrant.
Yeah privnote is about as safe as using Hushmail. And we all know how well that worked out (cf., The Farmers Market).
Privnote is a bad bad bad idea. Never use it.
-
I haven't done anything any suggestions
Updates to the TOR software are probably responsible for your perceived change in that site's functionality.
+1 for "use PGP" as well
-
I haven't done anything any suggestions
Updates to the TOR software are probably responsible for your perceived change in that site's functionality.
+1 for "use PGP" as well
This isn't the case. NoScript is configured to allow JavaScript by default in the Tor Browser Bundle, which has always been the case. You must have turned it off at some stage because it's definitely enabled by default. You do know you require a min. of 100 posts to give or receive karma?
-
I know my TOR's noscript changed behavior lately. It used to allow all by default as you say, and I left it that way as that's what TOR's developers recommend. I am farmiliar with the functionality of noscript as I've used it in regular firefox for years. It has changed in TOR, for me at least, within the past couple of weeks to no longer allow all by default.
the +1 I didn't mean to imply giving karma, I meant that I agree with the "use pgp" recommendation.
-
If that's the case, just click on the "NoScript" button and change what's required.
-
Privnote requires Javascript to be enabled in order for it to work. As Twelve_Pickles wrote, take the time to learn PGP. It's not so hard after a little practice and it's by far the safest way to protect your info when sending it to a vendor. Also, be aware that the Privnote you send will be stored on a 3rd party server in PLAIN TEXT, where it has the potential to be seen by prying eyes with a warrant.
Yeah privnote is about as safe as using Hushmail. And we all know how well that worked out (cf., The Farmers Market).
Privnote is a bad bad bad idea. Never use it.
I'm constantly amazed at how many people think it's safer to take their sensitive data away from Silk Road and entrust it to some 3rd party website with unknown credentials, i'd prefer people used plain text in the order box than use privnote, if LEO get hold of the order info they can follow the link just the same as a vendor so it's a total waste of time anyway.
-
Privnote isn't advisable, however, if you trust their explanation of how it works then it is sound, nothing is stored in plain text and even they cannot read messages.
Of course you're putting your trust in them not using additional code...
If their source was released it would be very nice as you could run it yourself.
-
Privnote isn't advisable, however, if you trust their explanation of how it works then it is sound, nothing is stored in plain text and even they cannot read messages.
Of course you're putting your trust in them not using additional code...
If their source was released it would be very nice as you could run it yourself.
Could you please elaborate on what you actually mean with this post? Privnote is stored on a 3rd party server when you send a message to another entity. Anyone with access to both the Privnote database (to retrieve note I.D's and "encrypted" contents) and the Privnote source code (to know which hashing algorithm is used) has full access to the decrypted contents of any note sent via Privnote. :)
-
Privnote isn't advisable, however, if you trust their explanation of how it works then it is sound, nothing is stored in plain text and even they cannot read messages.
Of course you're putting your trust in them not using additional code...
If their source was released it would be very nice as you could run it yourself.
Could you please elaborate on what you actually mean with this post? Privnote is stored on a 3rd party server when you send a message to another entity. Anyone with access to both the Privnote database (to retrieve note I.D's and "encrypted" contents) and the Privnote source code (to know which hashing algorithm is used) has full access to the decrypted contents of any note sent via Privnote. :)
http://blog.pablohoffman.com/how-privnote-really-works
http://wonko.com/post/privnotes-developers-are-either-stupid-or-malicious