Silk Road forums

Discussion => Security => Topic started by: jsmithy123 on November 07, 2012, 09:54 am

Title: timestamps in the forums and tor
Post by: jsmithy123 on November 07, 2012, 09:54 am
Just say someone is able to monitor your connection, and just say that although they can't do much than pickup the presence of absence of TOR traffic, just say that they can pin a burst of TOR packets with openly available post timestamp (to the minute) information displayed on this forum.

It seems to me that they can then tie with high probability a particular ISP customer with a vendor, or other self-incriminating posts. If they kept a tor traffic history accurately timestamped and that person was a frequent poster, they could tie up the identities. Give me the traffic signature over a month,  I could write a screen scraper to identify who this person is on the boards, if they post frequently.

Do the posts in this message board software need exact timestamps displayed? perhaps the forum admin can eliminate them or make them fuzzy? It would be an easy fix but would throw a roadblock up to such monitoring.
Title: Re: timestamps in the forums and tor
Post by: thelorax on November 07, 2012, 08:09 pm
yeah but they would do all this? and then find some 16 year old buying a gram of mdma?

i mean i think they are more focused on controlled deliveries ...

just my opinoin.. they can NOT prosecute you for doing somethign on TOR it just cant happen

what are they gunna say in court? oh he was in brazil and ordered drugs to new york...

there is not proof u ordered it..
Title: Re: timestamps in the forums and tor
Post by: jsmithy123 on November 08, 2012, 12:28 am
I'm thinking more about vendors. If you are a vendor you post pretty often.

If the cops suspect you may be a vendor, but don't know which vendor, it would be relatively easy in many countries to get a tap on their internet connection. By doing that they could easily work out which vendor you were just by matching timestamps.

They do much more complex stuff to catch some russian guy who runs a botnet. If they want to scare off business, by showing that just because you use TOR you still aren't anonymous then this would be a weakness.