Silk Road forums

Discussion => Newbie discussion => Topic started by: OneL on August 05, 2013, 12:22 am

Title: Newbie Question
Post by: OneL on August 05, 2013, 12:22 am
Hey, first of all sorry for my bad english. (and for my newbie question :P)

Should I be pgp'ing my address when I make an order? What will happen when i forgot to pgping my adress ? Have i worry when i order a order without pgping my adress? (German)

Thank in advance

420
Title: Re: Newbie Question
Post by: Psyche on August 05, 2013, 12:31 am
Hey, first of all sorry for my bad english. (and for my newbie question :P)

Should I be pgp'ing my address when I make an order? What will happen when i forgot to pgping my adress ? Have i worry when i order a order without pgping my adress? (German)

Thank in advance

420

If you don't use PGP to encrypt your address then either nothing could happen or you could get raped in the ass in federal prison.

We don't know who operates silk road. If DPR turns out to be a fed or informant or he gets caught somehow and the FBI starts recording addresses and you DO use PGP then all they'll get is unintelligable garble but if you sent it in clear-text then you're basically fucked.

I doubt SR is a honeypot but not using PGP is just idiocy that can not be afforded in a business like this.
Title: Re: Newbie Question
Post by: Annex on August 05, 2013, 12:33 am
Yes, you should always PGP your address to the vendor. In the event that SR is compromised, It is best that only you and the vendor can read your communications.

If you PGP the only way anyone could read your address is to get your vendors private key.

Don't worry too much, if SR is compromised, it's very unlikely that the police would even bother investigating small quantities and if you don't have them anymore i.e. you've already had a good time, then you're sweet as punch.

Yes, PGP in the future its not that hard and there are a ton of tutorials on it
No, don't worry that you didn't use PGP too much

Hope this helps,

Annex
Title: Re: Newbie Question
Post by: OneL on August 05, 2013, 01:03 am
Thank you for your answers!

Could somebody show me a pgp tutorial ? The official PGP Software is not freeware right?
Title: Re: Newbie Question
Post by: Psyche on August 05, 2013, 01:21 am
Thank you for your answers!

Could somebody show me a pgp tutorial ? The official PGP Software is not freeware right?
https://securityinabox.org/en/gpg4usb_portable

This is a clearnet link so access it with caution obviously.

Also PGP is open source therefore it is free, if someone tries to sell you PGP(especially a compiled version) they are scamming you and possibly infecting you with malware.
Title: Re: Newbie Question
Post by: OneL on August 05, 2013, 01:32 am
Thank you!

I dont understand why i have to write my name and email, which name and email shall i write in ? My real name (I don't think so) and my email with which i'm registred here?

I'm a bit confused :/
Title: Re: Newbie Question
Post by: Psyche on August 05, 2013, 01:43 am
Thank you!

I dont understand why i have to write my name and email, which name and email shall i write in ? My real name (I don't think so) and my email with which i'm registred here?

I'm a bit confused :/
Typically people use their contextual identity in the name field, like for you it would be "OneL". For email many used to use TOR Mail but that's compromised now so  you can just put any fake one. DO NOT use your real email obviously, anyone with your public key(the key you share with others) can see this information plainly.

Also make your key size as large as possible(4096bits) the larger it is the more "futureproof" it is NEVER have it be below 2048bit.

Make sure not to use the same PGP key on the darknet and on the clearnet. This can obviously be used to identify you. I even use different keys for different websites. i.e. one for silkroad, one for silkroad forums, one for other marketplaces ect.

The less linkages the better.
Title: Re: Newbie Question
Post by: OneL on August 05, 2013, 02:01 am
Thank you very much for helping me!

Ok, i tried to endrypt and decrypt messages successful.

But when i encrypt for example my adress, i encrypt it for the key from the vendor and for my key. Do the vendor not need my pgp key and the password for my key?