is it normal for a vendor to reply without using their own PGP?

not trying to sound super sketchball here just i wrote to AtomicLove using their PGP in regards to stealth and their response was "No, I don't have great stealth, but a 100% success score never had apack go missing" i sure might as well just put on a tinfoil hat but any vendor not replying in their own PGP just seems kinda sketchy to me


Comments


[6 Points] Vendor_BBMC:

What's the matter with you? Wasting a vendor's time by encrypting a question?

He replied in clear text so that you can learn from him when its appropriate to write in the secret code.


[5 Points] ziz1:

They were able to decrypt the PGP message that you sent them without problem. They were not sending you any personally identifiable information, so they just sent the message in the clear. Seems reasonable.


[4 Points] Aluminum_Foil_Hat:

does the vendor have your public key? Non sensitive stuff doesn't need to be encrypted. Product, quality, shipping are all things that should be in the public profile.


[3 Points] DareToHope:

Does the vendor even have your public key? Unless your a decent client for them and its sensitive information the vendor isn't going to to encrypt a damn thing for you. Most vendors are lazy and managing THAT many keys can become an issue pretty fast.


[3 Points] RAILING_SPEED:

I don't care if a vendor uses plaintext if we're not talking about anything sensitive.


[3 Points] Goypride:

These words were written : -PGP 3 times -Sealth 2 times -Sketchy 2 times

On a 3 sentences topic.


[1 Points] None:

Why is it sketchy? If they aren't sending personal identifying information, there's nothing to worry about. If it gets seized, all they'll get out of your account is that you asked about stealth.

Vendors get a lot of PM's and orders, and sometimes their OPSEC only allows for a certain amount of time on the markets and TOR is (relatively) slow to boot. It isn't usually worth the time to encrypt and decrypt inquires. This is why the big vendors have such crap communication.


[1 Points] None:

If he used his own PGP key to encrypt you a message, you wouldn't be able to decrypt it.


[1 Points] darknetpotter:

Most vendors haven't replied to me in PGP, I don't even message in PGP unless I'm typing my address. The only time I did was when I was a total noob and thought everything had to be encryped or LE would be at my door.


[1 Points] Hank_Vendor:

encryption is for sensitive info. now I know you were asking about stealth. but the vendor will not share ANYTHING he considers sensitive with you even if you have encrypted your question

I find its usually the people who are asking simple questions by pgp who encrypt it to the wrong person the first two times.


[0 Points] onionpagesADMIN:

If we understand what you're explaining, you sent the vendor an encrypted message, and they replied to your message in cleartext, while assuming they were able to decrypt what you sent to them.

 

If we put our tin foil hats on, we can imagine a scenario where LE is posing as a vendor and is sending cleartext messages as evidence of communication (they wouldn't be able to prove the message they sent you contained what it did if it was sent to you encrypted).

 

If we take the tin foil hat off, we would proceed with caution and advise the vendor to continue communications strictly encrypted. If they don't comply, well fuck'em.


[0 Points] ElectronicExorcist:

Sadly, that is completely normal. Almost every time I send an encrypted message to a vendor, they reply unencrypted. I generally even include my public key in the message I send them and ask for them to reply encrypted. But almost none of them do. I would really expect that all vendors use PGP at any and all opportunities, but apparently it doesn't work that way. It kind of sketches me out, but it seems to be the way of things.


[0 Points] aisforAmphetamine:

You fail to state whether or not you bothered to post your own public key. BIG difference. Because fuck you if you think I'm going to track it down on your page assuming your even a part of the minority who posts it.