Some questions about OpenBazaar

What is the mod team's position on best practices for buyers, at this point?

What is the community's position?

Are you trusting the built-in end-to-end encryption for addresses? Or are you recommending PGP in addition?

Is OB2 easily installed on Tails?
If it is, I assume this would be the recommended setup?
Or do you think checking the "Use Tor" option on OB2 will be enough?
In that case, there would be reliable end-to-end encryption, Peer to Peer, right?

Is Tor itself reliable in OB2? Does it fail DOWN? Meaning, if it can't connect via Tor, does it default to clearnet?

Is OB2 running in Tails with the "use Tor" option? Thus setting itself up as a Hidden Service automatically for more robust encryption and authentication?

Or is it the same as Whonix, where it has to be used as a clearnet store, being transparently torified by the Whonix Gateway?

What about chat on OB2? Are you trusting that, or are you recommending something like Pidgin-OTR?

I can't imagine anyone is going to go through the hassle of running an additional chat client, even if the knew the built in one is un-safe. (The OB devs say it is secure end-to-end)

Where is the average customer exposing himself while using OB2 today?

Assuming the most common use case (correct me if I am wrong), the avg buyer is running Windows 7/10, installing OB2, checking "Use Tor", funding his wallet from CoinBase, and then buying a gram of methamphetamine.

He is exposing his usage of Tor, which while not unique to the above case is still non-trivial. He is probably storing funds in an unencrypted wallet (OB2), in a Windows environment. (vulnerable to theft)
He his linking his IRL ID (CoinBase) to his drug-purchasing ID (OB2 wallet/PeerID), rather than just to a drug market (where his exact purchase is more easily obfuscated).

How easily are BTC transactions traced between OB2 nodes? Are there any special protections?

What am I missing?

What do customers need to do to protect themselves?

How are trustworthy moderators (on OB2) to be found? Where are vendors finding moderators?


Comments


[-1 Points] _PrinterPam_:

Yes.