Silk Road forums

Discussion => Security => Topic started by: SuperDimitri on January 05, 2012, 09:34 am

Title: Vending MUSTS
Post by: SuperDimitri on January 05, 2012, 09:34 am
Hi all. I would mainly like feedback from Vendors (obviously), Mods, and long time members.
I jumped in head 1st, thanks to one kind member, was slowed down to think.
After all the reading, I am still confused. I see a LOT of different answers, protocols, etc
I keep being told to read the forums, but I have taken to calling it slurry. It's always a mix, never a definitive.
I thought I wanted to vend, but now, I am not so sure.
What are the absolute MUSTS to be a vendor?
Do I really need to be a computer whiz? Is that what it takes to be a good, and SAFE vendor?
Please, I need good knowledge. Spreading the love is great, but the freedom to do so is even greater. I searched for vending musts, requisites, etc, didn't find anything, and there is no sticky, that is why I posted.
Thanks in advance.
SD
Title: Re: Vending MUSTS
Post by: Laughing Man on January 06, 2012, 11:31 pm
Practicing good digital security is only half the issue, performing good opsec is in my opinion even more important and harder to do.
Title: Re: Vending MUSTS
Post by: SuperDimitri on January 07, 2012, 12:18 am
See, I don't even know what that is. It really seems you need IT background to be successful here. Is this Operating Security?
I am just now trying to learn about VM's. Then I have  to learn about SILC. I searched it, and only found 2 threads, that just called it SILC.
then I need to learn how to spoof the MAC. Anything else? Any tutorials on this?
Want to spread my love, but not get an STD. Freedom 1st!
Title: Re: Vending MUSTS
Post by: Laughing Man on January 07, 2012, 12:26 am
Opsec = operational security, such as not leaving fingerprints on your packs, changing up your shipping methods to avoid profiling, changing shipping locations as much as possible to avoid profiling, etc. The smaller the town you live in, the harder this is.

As for everything else you just listed, all of it can be found out easily with some googling.
Title: Re: Vending MUSTS
Post by: zifnab on January 07, 2012, 12:49 am
For the somewhat paranoid, learn what you have to for minimum to moderate recommended vendor security then go 3 steps further. For the truly paranoid, you never stop learning and evolving.

In regard to opsec, its mostly just common sense. On the more complex side there's a lot of standard procedures but if they're standard then they're known. Try to get a little creative with this, improvise, be unpredictable.

I'm still relatively new when it comes to the online component but isolation seems to be the watchword; there are several good tutorials lying around here somewhere....
Title: Re: Vending MUSTS
Post by: SuperDimitri on January 07, 2012, 01:04 am
I haven't been able to find any actual tutorials on here. Everything gets jumbled together. 32 pages of posts, read the titles, try to decide what is pertinent, it's just all been very frustrating. I just read a post that was from July(!) that I thought should have more to it, but just a few responses.
My opsec I am not too worried about. Fingerprints are one, but this is 2012, DNA rules the day. I have some crafty ideas on that.
My main concern is online anonymity. My knowledge is contained in the bio-world, and so I am not as brilliant as most on the forums seem to be with the digi-world.
I'm on 20 days straight if reading. Haven't researched this much since school days! I hear, check the forums, check the forums, but it's all jumbled into a slurry of info and smartass comments, and arguments over the "correct" protocol. No offense, but this is why I asked for Mods, Vendors, and Senior affiliates to sound off. If 5-6 mods all chime in with the same answers, and info, then I can feel a bit more secure. I'm not asking for their personal info, just a little wing to chill under and learn.
So yeah, a SBS Tutorial would be GOLD. Meaning, if it was good, pertinent, and from successful vendors, I would pay for that info. Paying to learn from mistakes isn't my cup-o-tea.
And maybe I was just meant to make the locals happy. Though, I am still very interested and intrigued.

For the truly paranoid, you never stop learning and evolving.
Damn strizzy.
Title: Re: Vending MUSTS
Post by: Laughing Man on January 07, 2012, 01:14 am
Everything you have asked for is around, and we get tired of repeating things for every new user. Search around and read up, we all had to at one point or another.
Title: Re: Vending MUSTS
Post by: mseller on January 07, 2012, 01:19 am
Well of publishing on forum any security tek poses security risk, dont you agree?
If you start to read and read those threads it will just confuse you. That threads mainly started as detecting origin of hidden services and for us mortals, without funds to understand it will just continue to confuse us.
As a client, knowing how to run a tor, use truecrypt and store all sensitive info on encrypted drive, use PGP and wipe anything stored on "normal" drive is the must.
Running tor and having bookmark of SR from encypted drive is also safe.
Anything else, ware gloves when do a packaging and other things is also a must. Use common sense is also a must.
Finding good way of btc excange.
DNA is expensive test and unlikely would be ever use (and to whom will that DNA be compared?)

That all you must learn and understand yourself - its not good if somebody put it on the plate - that way you will never learn.
Title: Re: Vending MUSTS
Post by: SuperDimitri on January 07, 2012, 01:32 am
If you start to read and read those threads it will just confuse you.

That all you must learn and understand yourself - its not good if somebody put it on the plate - that way you will never learn.

Hhmm. This is the slurry I speak of, only in one reply this time. So, I did start to read all the threads, and yes, I am still confused.
And  if learning from a teacher is not learning, why are there schools? Why are there forums?
I like my food on a plate, not scattered about the dumpsters. I pay for my food, I don't scrounge around back alleys for it.

Everything you have asked for is around, and we get tired of repeating things for every new user. Search around and read up, we all had to at one point or another.
I know it's around, it's just not organized. I also highly doubt that everyone had to do it all by themselves. If they did, what's the point of calling it a community? If that's how it is, there is no community....right?
I have read, and read, and read. But there's just so much conflict, it's hard to decipher the truth. I sometimes feel like I am on C-SPAN trying to make sense of what those old rich fucks are talking about.
Yes, it's here, it's there, it's everywhere. There were SBS Tutorials for PGP, Ubuntu, etc, but not for Vendor Security. Seems to be the missing link.
Also, I must assume you have another AKA on here, because your # of posts definitely doesn't reflect that you've ever had to repeat yourself.
Title: Re: Vending MUSTS
Post by: mseller on January 07, 2012, 01:46 am
Nobody is busted imk on sr because security breach.
Let SR operators to work on security of the site.
If you want to be a vendor/buyer you must learn to trust your own conclusions.
There are many levels of paranioa and freaking out, but why to do that if you can not do nothing about.
What do you have from asking; example dwolla - Mgox -TH-SR ? My guess is good as yours. Trading bitcoin is legal.
Use your common sense and consider another fact - you never know who read this forum.
There is and issue of posting too many information to people who are to unsecure  and who tend to panic.
Title: Re: Vending MUSTS
Post by: SuperDimitri on January 07, 2012, 01:54 am
I have from asking, as it seems to be a good thing to tumble to avoid tracing back to SR. I know trading them is legal, so why does Gox block accounts if it's so legal to trade? Why is everyone opening up multiple wallets, on multiple sites, on multiple OS's, if it's all hunky dory?
I DON'T know who rads the forums, have I alluded to myself?
I wouldn't say I am freaking out, but definitely a paranoid. Who isn't?
So,are you telling me that I am safe as I need to be, by saying let SR ops work on security?
Title: Re: Vending MUSTS
Post by: mseller on January 07, 2012, 02:10 am
Does Mtgox blocked your account?  If not, why are you so worried? They sometimes ask ID especially while using tor.What that has to do with bitcoin legality?
Casino, Paypal, Moneybooker - they all ask for ID, why? If you can not answer yourself then you are better off this kind of activity.
"why this place is alive" thread is for hacking of server e.g. hidden service called silk road (why you are worried of this? You can not do anything about it, can you?)
There are a lot of hidden service what are hotter then SR and they operate a much longer then sr and they are still active.
One thing is hosting and securing site like SR and other is you and me and other SR users. (spoofing mac is security feature when hosting hidden service site)
Store all sensitive data on encrypt and run tor bundle from that encrypted drive.
Use pgp and do not use e-mail what has heathers.
When withdrawing coins from SR transfer it on your local wallet and then to any exchanger you want and in real cash.
Its important that btc address on your local wallet can be wiped out and nobody can identify you from that address.
You can also send coins from your SR account to another your SR account and from there send it to your local wallet.
Always change things, your MO, sometime use this route and sometime other.
I think you just have read to much and that your brain is boiling and you are over reacting in some.
And there is something other. Withdraw from forum - it can be addictive and prevent you to concentrate to priority things.
Sit down, and think how to not to leave a trace with knowledge and instruments what is known.
In this post I told you many things and its unlikely to anybody can even prove that you have any knowledge of SR.
Title: Re: Vending MUSTS
Post by: SuperDimitri on January 07, 2012, 02:24 am
Does Mtgox blocked your account? If not, why are you so worried? They sometimes ask ID especially while using tor.
Casino, Paypal, Moneybooker - they all ask for ID, why? If you can not answer yourself then you are better of this kind of activity.
Watch on yourself, store all sensitive data on encrypt and run tor bundle from that encrypted drive.
Use pgp and do not use e-mail what has heathers.
When withdrawing coins from SR transfer it on your local wallet and then to any exchanger you want and in real cash.
Its important that btc address on your local wallet can be wiped out and nobody can identify you from that address.
You can also send coins to another SR account and from there send it to your local wallet.
Always change things, sometime use this route and sometime other.
I think you just have read to much and that your brain is boiling and you worry over nothing.
Sit down, and think how to not to leave a trace with knowledge and instruments what is known to me.
In this post I told you many things and its unlikely to anybody can even prove that you have any knowledge of SR.

Yes.  I made the mistake of being on TOR when opening a new window to access my Gox. It happened because of said brain boil. Giving them my real info, and being locked out of my funds sucks, but once open, easy to alleviate that pain.
How do I wipe out the address on my local wallet? Just dump it for a new one once empty? Sorry for the newb Q's.

Thanks again!
Title: Re: Vending MUSTS
Post by: mseller on January 07, 2012, 02:28 am
Just wipe wallet.dat file (make sure that you have not any coins on it :)  )