Silk Road forums

Discussion => Security => Topic started by: Creamsicle on July 23, 2012, 04:19 pm

Title: Vendors- Buyers that send unencrypted address when placing an order
Post by: Creamsicle on July 23, 2012, 04:19 pm
Vendors, what do you usually do when a buyer places an order with you and does not encrypt the address? I have had someone do this, and checked their stats and it is not their first purchase so you would think they know better. Does this seem odd to you? It was a very small order, but I imagine they are just testing me out, but I am not sure if it is wise to fill orders that are sent unencrypted.
Title: Re: Vendors- Buyers that send unencrypted address when placing an order
Post by: adam420 on July 23, 2012, 04:25 pm
i will just send it. cause some doesnt know how PGP works . if you dont feel comfortable with it. just ask them to put there address in a privatenote.


 
Title: Re: Vendors- Buyers that send unencrypted address when placing an order
Post by: digitbh on July 23, 2012, 07:22 pm
Just advise them that in the future when dealing with you that you require PGP, otherwise you will cancel the order. You should also put that up on your profile page that all messages need to be sent using PGP.

In the case of safety, SR does encrypt these messages when sending them over the network between buyers and sellers. It shouldn't be an issue. Just make sure after sending the package to delete any record of the message (if it was a PM). Hopefully the buyer does the same.

After a while SR will delete any record of the transaction and the order details will be gone for good.

I'm not a vendor, but if someone sent me a message without PGP I would give them the benefit of the doubt and tell them next time to do so.
Title: Re: Vendors- Buyers that send unencrypted address when placing an order
Post by: Darkwave on July 23, 2012, 09:32 pm
No, just cancel it, don't dawdle.

Darkwave
Title: Re: Vendors- Buyers that send unencrypted address when placing an order
Post by: NFHC on July 23, 2012, 10:13 pm
It's not worth the business if they are too stupid.
Title: Re: Vendors- Buyers that send unencrypted address when placing an order
Post by: eJ3k1 on July 23, 2012, 10:28 pm
Encrypting the address is an extra way to protect the buyer. As a seller, I don't really see how not using it puts you at risk.

Some buyers find it very hard to use PGP, and others just don't really care (in some jurisdictions, buying a small amount of drugs isn't something you persecuted for). And to be honest, TOR alone already provides pretty strong encryption. Using PGP within TOR is optional.

Of course you can reject their orders, but I wouldn't, because it doesn't threaten the seller.
Title: Re: Vendors- Buyers that send unencrypted address when placing an order
Post by: b0lixtrader on July 24, 2012, 12:32 am
Just throwing it out there. It might not be a big deal for some if your caught buying drugs in person.  But i think sending and receiving drugs through states is a total different offense.  I think its the same as drug trafficking.
Title: Re: Vendors- Buyers that send unencrypted address when placing an order
Post by: NFHC on July 24, 2012, 01:50 am
Of course you can reject their orders, but I wouldn't, because it doesn't threaten the seller.

this is assuming the site hasn't been compromised. if it were, it might help with profiling packages.
Title: Re: Vendors- Buyers that send unencrypted address when placing an order
Post by: eJ3k1 on July 24, 2012, 08:19 am
this is assuming the site hasn't been compromised. if it were, it might help with profiling packages.
Yes that is true. But then again, buyers can also be LE. So if they want to profile packages, they can also do it that way.

If the site gets compromised, and many customers send their addresses unencrypted, then maybe the seller is at risk.
Title: Re: Vendors- Buyers that send unencrypted address when placing an order
Post by: madhater on July 24, 2012, 06:37 pm
Not that big of a deal when i first started using sr i always used pgp, now i've gotten to the point where it seems pointless sr is pretty safe if you wanna learn pg though it can be tough i suggest 'GPA' use the clipboard to write ur msg then there key to encrypt some pgp sofwares to complicated
Title: Re: Vendors- Buyers that send unencrypted address when placing an order
Post by: knicknack on July 24, 2012, 06:49 pm
i will just send it. cause some doesnt know how PGP works . if you dont feel comfortable with it. just ask them to put there address in a privatenote.

I've never trusted privnote.
Gpg is tried and trusted.
I think it's the only way to go and not that difficult to learn how to do.