Silk Road forums
Discussion => Shipping => Topic started by: gilbray on February 25, 2012, 07:49 pm
-
I've had a quick look around the forums and can't seem to find what i'm looking for.
I just wanted to know if anyone had been arrested, charged or even had the police come knocking, or even know anyone who has been as a direct result of using Silk Road? I'm not talking about normal drug deals just Silk Road transactions.
Thanks.
-
Search harder... some folks here have received love letters and some knocks.
Arrested? I don't think they'd come back if they were... at least I haven't heard of anyone "coming back" after an arrest.
-
This has been discussed before, and the threads always get deleted (much to my dismay, how are we supposed to protect ourselves without intel about how others got caught).
-
I wonder why they keep deleting the threads?
-
Because if people realize that interceptions, snitching, and sting operations are more common than they think they are, they won't want to buy drugs here. And when that happens, the admin loses the vig that he'd get on those purchases.
-
well im sure all of those things happen MUCH more often "on the street" or whatever, and that certainly doesnt keep people from buying there. SR is MUCH safer if all the general shipping/security guidlelines are followed.
regardless i agreee the threads shouldnt get deleted, if that's the case...
peace
-
Because if people realize that interceptions, snitching, and sting operations are more common than they think they are, they won't want to buy drugs here. And when that happens, the admin loses the vig that he'd get on those purchases.
Well shit. I didn't know that SR was going to basically cover stuff up to protect their own interests. Makes me kind of lose respect for them. I guess if this thread is deleted then we will know whats up
-
well im sure all of those things happen MUCH more often "on the street" or whatever, and that certainly doesnt keep people from buying there. SR is MUCH safer if all the general shipping/security guidlelines are followed.
regardless i agreee the threads shouldnt get deleted, if that's the case...
peace
lol
My very last post before that one was about a vendor who's been getting owned on a continuing basis because a customer who was under surveillance by homeland security bought something from her. Ever heard of operation raw deal, operation web tryp, operation ismene, the hushmail backdooring, the drug zone forum sting op, etc.? I was only talking about the online game when I said people get got often. Even SR has poor security, this site had SQL injections in the past for god's sake, I will bet anything the server is as hardened as wet tissue paper. If you're not paranoid, you should be. :-)
-
yes bro i've been around way before webtryp. and in that time, at least in my circle, and i'm certain in general, there have been way fewer busts than in the "real world"...and webtryp in particular was just because some vendors became a little to brave. to this day you can sill circumvent the analog act if you play it safe. and yes. i am still uber-paranoid at all times. ;)
-
sorry for assuming you were on the same level of awareness as most people on this forum, keep on keeping on brother. ;-)
-
well im sure all of those things happen MUCH more often "on the street" or whatever, and that certainly doesnt keep people from buying there. SR is MUCH safer if all the general shipping/security guidlelines are followed.
regardless i agreee the threads shouldnt get deleted, if that's the case...
peace
lol
My very last post before that one was about a vendor who's been getting owned on a continuing basis because a customer who was under surveillance by homeland security bought something from her. Ever heard of operation raw deal, operation web tryp, operation ismene, the hushmail backdooring, the drug zone forum sting op, etc.? I was only talking about the online game when I said people get got often. Even SR has poor security, this site had SQL injections in the past for god's sake, I will bet anything the server is as hardened as wet tissue paper. If you're not paranoid, you should be. :-)
Those operations are all old. I suspect trolling. But if this thread gets deleted then your probably right.
-
Is it generally confirmed that admin is indeed deleting these threads? I remember a few that mysteriously vanished right when the discussions were getting good, but could it have been the OP deleting the post? The original posts in the one thread I'm thinking of had a pretty paranoid undertone and I wouldn't be surprised if the OP's further paranoia led them to delete their thread in an attempt to remove all traces of their participation here. The longer I've been around here, the more faith I have in DPR and admin generally. I think that this place is foremost a political statement for them, and raking in bitcoin is a secondary consideration. Consequently I don't think they want to snuff out security talk just for a few more coins. Of course I could be dead wrong about that and do hedge my bets accordingly, but I don't think they're out to create a false sense of security by getting gestapo on our discussion. They have more to gain from learning about whatever LE tactics are potentially being employed to bust people than most anyone else, and shutting down discussions isn't going to help them much in that regard.
Like I said though, I could be totally wrong. But I feel like I've seen enough goodwill on the part of DPR/admin to at least make a stand for them.
-
They have more to gain from learning about whatever LE tactics are potentially being employed to bust people than most anyone else, and shutting down discussions isn't going to help them much in that regard.
well that just makes sense.. ;)
-
Perhaps the admins are deleting threads where supposed SR buyers were starting to incriminate themselves. As someone else suggested, it's also possible that the OPs of the threads requested deletion for that same reason.
Even SR has poor security, this site had SQL injections in the past for god's sake, I will bet anything the server is as hardened as wet tissue paper. If you're not paranoid, you should be. :-)
Well FWIW, SMF 2.0.1 still has XSS and injection vulnerabilities. Unless the admins manually patched this version, it's probably still exploitable.
-
Well FWIW, SMF 2.0.1 still has XSS and injection vulnerabilities. Unless the admins manually patched this version, it's probably still exploitable.
I've tried to pwn the server via application layer attacks before and the SMF exploits you're talking about have been fixed. I'm going to try to locate the server next, better that I do it and tell the admins how to fix their problems than the FBI. (If I do succeed that would be really bad btw, traffic analysis isn't exactly my area of expertise. :-P)
-
i think it would be awesome if there were an entire forum dedicated to attacking the forum/server ect, or least a thread. offense is the best defense right?
-
Well FWIW, SMF 2.0.1 still has XSS and injection vulnerabilities. Unless the admins manually patched this version, it's probably still exploitable.
I've tried to pwn the server via application layer attacks before and the SMF exploits you're talking about have been fixed. I'm going to try to locate the server next, better that I do it and tell the admins how to fix their problems than the FBI. (If I do succeed that would be really bad btw, traffic analysis isn't exactly my area of expertise. :-P)
It's good to know that they at least patched the known vulnerabilities. You can never be safe from 0 day exploits, but 99% of the time that's not how the feds sneak into places like this. When it comes to SR, that may very well be their only way of accessing the contents of these servers. Otherwise, they'd wait for an existing admin to slip up and expose themselves and quickly convince him to become a mole. Viola! Now the <insert TLA here> effectively has whatever rights that admin had. If DPR limits admin rights, then he probably took care of those threats already.
You never know though. Anyone who thinks a billion dollar adversary can't hire someone to sneak onto an online community is fucking retarded. There are plenty of TEAMS of young FBI/Secret Service/DEA agents and even local cops that would be able to con their way onto any hidden forum or whatever, given enough time and resources. The key is to make it not worth their time, and to know when to quit.
-
I agree with you one hundred percent that human intelligence is the strongest possible and most likely attack against a cryptoanarchic network like this. Teams aren't even required anymore, the feds have persona management software that lets one person control many nyms, and briefs them on the mannerisms of a nym once they switch to it. I think it's important that people understand the concepts of hybrid netwar networks since that would SR from traditional attacks against decentralized trafficking organizations. I'm digressing though.
It's equally important imho that the server is secure, mitming it would be a very cheap way to own plenty of customers (and that of course that gathers intelligence against vendors too). I think we would agree with each other if I said that lots of work needs to be done to harden SR against a variety of possible attacks, this is an awesome site but there's lots of room for improvement.
-
kinda like that one thread about the bigtime hacker/carder in SF that got taken down by a guy he put in charge of his website. who turned out to bee a fed. definately a very real possibility. they gotta justify their jobs somehow...whatever it takes...
definately alot of trust placed in the online game. but also many wayz to get arround it. if i were a vendor fx i would most likely only offer very small amounts of whatever it iz i might offer. i'd stick with that plan for well over a year. alphabet soup aint gonna pursue a seller who is more like a buyer for that long...kinda like they wont waste manpower staking out a PO box for weeks over small amounts...(sux they got tracking beacons..), but they still wont do it if there's bigger fish to fry. and then very slowly weed out the leftover soup over time. just retail a bit. before ever offering anything in larger amounts. that is of course, only if you can or would even like to. this has worked well for a few big vendors i know. and those same vendors put me thru hell, lol...grrr.. ;) just my opinion...
-
I am not sure I support the claim SR is purposefully deleting threads that reference the dangers of buyers using the site.
The only few threads about such topics I have seen in a number of months are still on the forum. For example, and in the future for people to check:
http://dkn255hz262ypmii.onion/index.php?topic=12333.0
http://dkn255hz262ypmii.onion/index.php?topic=12532.0
I maintain the opinion transactions through SR are still safer than street deals
-
i honestly don't think it's an opinion. it'z truly a fact. buying or selling and using (at least) GPG on a tor-based hidden server iz MUCH safer than "the street"..there are statisticly many more busts "out there"...i think being a tor-based hidden server was the only flaw of previous forumz over the years. anyone remember the rcml? the bible? good times, but we got lucky. secrecy waz good, but a tor-based forum/marcketplace a much better masterplan...! ;)
-
Those of you saying that threads are deleted to "hide the evidence" that may cause the Silk Road to lose money are dumbasses.
But anyway, I was arrested in December because I had drugs (from the Silk Road) on my possession, but it wasn't directly related to the Silk Road I guess...
-
Those of you saying that threads are deleted to "hide the evidence" that may cause the Silk Road to lose money are dumbasses.
it may be just a paranoid theory of mine but there have been multiple threads by multiple authors deleted in the past and my concerns do have some sense behind them. I do agree with everybody saying that sr is much safer than f2f though, that much is obvious at least. :-)
-
Those of you saying that threads are deleted to "hide the evidence" that may cause the Silk Road to lose money are dumbasses.
But anyway, I was arrested in December because I had drugs (from the Silk Road) on my possession, but it wasn't directly related to the Silk Road I guess...
Maybe maybe not. Why did they delete previous threads like this?
-
Well, lets ask the mods to shed some light on this.
-
how the hell can you say getting 250 valiums shipped from india, especially when you live in a small college town, is safer than going and buying it from somebody in real life? i'd much rather buy any of this shit in person than getting it sent through the mail, at least you have options on the street, there is no options that YOU can take when ordering something, the package either gets there, doesn't get there, or you get your ass busted on a hefty charge and probably go to prison if your a convicted felon like me trying to hit a lick on fairly large quantity of something for well below street price. i'm thinking it's gonna be better to get shit sent to a bigger city that's close to me, but i'm already not getting ANYTHING shipped to my house. i have a friend who is letting me get something sent to his house in another city that he lives in and we are changing the first name, and our plan is to deny deny deny if anything happens.
-
For those of you who don't understand what i mean by small town is, you have 3 levels of security to clear in my opinion. the first being customs. I believe that customs either accepts or denies a package from entering the united states. i think its rather easy for a package to clear customs. Now they can from what i understand send you a letter too telling you not to try to import the shit. Next is the FBI/DEA the feds. They can get your package if customs denies it, knows what it is, and hands it over to them, or there at customs trying to find illegal drug packages or whatever. They too can send a letter, or come sting your ass. Which personally i'd rather take a federal charge, because federal prison is better than state prison. Once you get through customs, and haven't been intercepted by the feds, then your almost in the clear, i believe each level of security is harder and harder to get through. Customs are my friends, customs are cool, to me. i like them. they don't give a shit, they either let the package in or don't. The feds are bitches, but they don't have time to fuck with everybody, so your just a really unluckyk motherfucker if they try to fuck with you, and you also increase your chances with repeat shipments and large quantities. And finally you have the local, bored cops. Bored ass weak ass cops, and their bosses who think their hard legs, especially in the college town i'm in, it makes their dick so hard to send people to cages for getting a buzz, by the way vote for ron paul, i want my liberties back so bad, but point in being, THIS motherfuckers see a package coming to a college kid from india.. come on its 2012. they wanna open that package so fucking bad. Now in New york City you don't have that problem do you.
-
ps, i deal with pills, because i don't think k9s can detect them. sending weed through the mail or cocaine scares the shit out of me.
-
Search harder... some folks here have received love letters and some knocks.
Arrested? I don't think they'd come back if they were... at least I haven't heard of anyone "coming back" after an arrest.
A lot of people have been arrested. There was a thread about this about 2 months back, but it was removed. It was called "SR arrests and paranoia" or something similar. Anyways, it got removed shortly after.
-
Well FWIW, SMF 2.0.1 still has XSS and injection vulnerabilities. Unless the admins manually patched this version, it's probably still exploitable.
I've tried to pwn the server via application layer attacks before and the SMF exploits you're talking about have been fixed. I'm going to try to locate the server next, better that I do it and tell the admins how to fix their problems than the FBI. (If I do succeed that would be really bad btw, traffic analysis isn't exactly my area of expertise. :-P)
Please keep us informed of your findings
ggg
-
Please keep us informed of your findings
ggg
Well I wouldn't hold my breath if I was you. :-P Even if an attacker were to get a grip of evil guard nodes it'd probably take over a year to find the server, and they'd have really no chance if its physical location was being changed with regularity.