Silk Road forums
Discussion => Security => Topic started by: nimbus on April 27, 2012, 10:12 pm
-
I've noticed several vendors using USPS stamps printed either using stamp software or at Post Office vending machines. These stamps contain a large barcode along with other numeric information. I can't find much information about the content of these barcodes but I must assume there is something in there that could be used to identify either the time/location of the stamp purchase at a vending machine, a stamp software account number, an order ID, etc. All of these could be combined with CCTV data, the USPS database, or software vendor database to determine the identity of the stamp purchaser.
Please be careful and use only normal stamps. Also, if anyone can find any information about these stamps or barcodes, please share it.
-
Yes I think sellers purchase DCN's and stamps at those automated machines in postal offices, I dont think it would be too hard to find CCTV footage if LE ordered a package with one of those stickers, however they would need to put alot of time/effort into caching you, the only solution would be to switch up PO locations or wear a hat or something.
Ideally sellers would use stamps with no DCN, but then they can get scammed.
-
You could always wear a hat with big sunglasses or just have another person go in and buy stamps using a prepaid gift card. The best place to do it at is a small PO with the APC machine on the side away from the counter.
-
i struggle here. i know using the apc is risky even using a pre paid card, but the idea of the package blending in better is nice.
A bunch of stamps on a priority box just seems off to me.
I have always said, even the shittiest of my ebay packing probably done while smoking pot have never had a problem when they had pre paid postage and blended in. i guess it is the risk you decide to take.
teach your kids to use the apc.
-
I know a well known p1ponline vendor that used to generate VCC's and use anonymous prepaid cards to print barcodes off the internet and never had a problem. Switches up proxy's and credit cards
-
I know a well known p1ponline vendor that used to generate VCC's and use anonymous prepaid cards to print barcodes off the internet and never had a problem. Switches up proxy's and credit cards
Brilliant. Consider this idea stolen. :)
-
i know there was a vendor on a carder site (dont know the name anymore) that sold usps printed stamps.
-
how would you use a prepaid without an address to "bill" it to?
-
how would you use a prepaid without an address to "bill" it to?
This is only a problem for online purchases which ask for a billing address but if you are just going to be swiping the card and charging it then it's okay.
-
THen what is a VCC
-
THen what is a VCC
A virtual credit card, they are simply used as an alternative credit card number to one you already have so you can shop safer online in case your information was to ever been compromised.
-
I know many vendors use the flate rate priority packaging with the prepaid labels. I wonder if they purchase many prepaid labels at the same location with the same prepaid card then are the barcodes/identifying numbers grouped together in the USPS system? And if a package were to get seized would it be easy for them to wait for the unused labels to enter the system and then seize the subsequent packages as well? I am not a USPS employee so I have no clue. Just something to think about
-
That is exactly why PV started keeping dcn info private.to prevent popo from getting sequential dcns and seizing shit.
-
That is the smart thing to do. I would prefer to receive things with just regular stamps on it. But given the amount of reverse scammers out there none of the vendors are really willing to send anything without a DCN. Its a shame
-
I know a well known p1ponline vendor that used to generate VCC's and use anonymous prepaid cards to print barcodes off the internet and never had a problem. Switches up proxy's and credit cards
Granted it may be a stretch, but most color printers secretly add encoded serial numbers and timestamps to each page printed... just a warning to the truly paranoid.
Printer steganography is a type of steganography produced by color printers, including Brother, Canon, Dell, Epson, HP, IBM, Konica Minolta, Kyocera, Lanier, Lexmark, Ricoh, Toshiba and Xerox brand color laser printers, where tiny yellow dots are added to each page. The dots are barely visible and contain encoded printer serial numbers, as well as date and time stamps.
https://en.wikipedia.org/wiki/Printer_steganography
-
So much paranoia. not one thought to the fact the USPS is a private company. Not one thought to the USPS public books saying they are near broke.
Another Words If your package is not suspicious youve got nothing to worry about.
So many superstitions. "The government knows everything in your mailbox" "The USPS is the government" "The USPs gives a damn about joe schmoes oz of pot, or nancys bag of molly." As long as the molly isnt leaking out of the package and it doesnt smell like a medicine cabinet (putting UsPS employees at risk) Then their is no concern.
OMG Tor a package? Does anyone have proof of packet sniffing at USPS. When Im receiving an order my entire house wreaks of Marijuana Ive got bongs, pipes, roaches all over my living room, Ive got my silkroad account open to the orders page. My Lawyer told me the best way to get busted for drugs is to get busted using them. I skipped 3-7 years in jail for a short stint in drug counseling and some probation, all because I could prove that i was a user.
-
If the package isn't suspicious there really isn't anything to worry about. As long as it was shipped properly there will not be any problems. This thread is mostly talking about whether or not they can trace the origin of a package or where its labels were purchased in the event of a mishap such as seizure of products or arrests of receivers.
-
i have been researching those bar coded stamps. They are encoded with IBI, information based indicia. it was developed by the po specifically for stamp technology. The info encoded in the pdf14 bar code is encrypted. The po is very cagey about what info is included on the stamp. I am currently trying to get a definitive answer on this. The stamps may or may not include sorting info, date/time of purchase, sending and receiving zip codes. Everything i have found so far skips around stating exactly what is on the stamp. I can realistically se a time whenthe digital pic snapped at the machine is encoded into the stamp as well.
-
i have been researching those bar coded stamps. They are encoded with IBI, information based indicia. it was developed by the po specifically for stamp technology. The info encoded in the pdf14 bar code is encrypted. The po is very cagey about what info is included on the stamp. I am currently trying to get a definitive answer on this. The stamps may or may not include sorting info, date/time of purchase, sending and receiving zip codes. Everything i have found so far skips around stating exactly what is on the stamp. I can realistically se a time whenthe digital pic snapped at the machine is encoded into the stamp as well.
Thanks for looking into this. I also found it very difficult to find information about this. It's easy to find tons of information about the simpler barcodes used for POSTNET, Planet, Intelligent Mail, etc, but almost nothing about IBI. It would be great if we had an inside source with access to some internal documentation.
-
i have been researching those bar coded stamps. They are encoded with IBI, information based indicia. it was developed by the po specifically for stamp technology. The info encoded in the pdf14 bar code is encrypted. The po is very cagey about what info is included on the stamp. I am currently trying to get a definitive answer on this. The stamps may or may not include sorting info, date/time of purchase, sending and receiving zip codes. Everything i have found so far skips around stating exactly what is on the stamp. I can realistically se a time whenthe digital pic snapped at the machine is encoded into the stamp as well.
Thanks for looking into this. I also found it very difficult to find information about this. It's easy to find tons of information about the simpler barcodes used for POSTNET, Planet, Intelligent Mail, etc, but almost nothing about IBI. It would be great if we had an inside source with access to some internal documentation.
yeah, it would. I have been poking around the deepweb hoping to come across something. It is an ongoing project, but I will update when I have more info. The fact that the data is encrypted sucks. You can read the codes with a pdf417 reader (pdf14 is incorrect, was hitting the bong last night hehe) but you get back encrypted data.
-
i have been researching those bar coded stamps. They are encoded with IBI, information based indicia. it was developed by the po specifically for stamp technology. The info encoded in the pdf14 bar code is encrypted. The po is very cagey about what info is included on the stamp. I am currently trying to get a definitive answer on this. The stamps may or may not include sorting info, date/time of purchase, sending and receiving zip codes. Everything i have found so far skips around stating exactly what is on the stamp. I can realistically se a time whenthe digital pic snapped at the machine is encoded into the stamp as well.
Thanks for looking into this. I also found it very difficult to find information about this. It's easy to find tons of information about the simpler barcodes used for POSTNET, Planet, Intelligent Mail, etc, but almost nothing about IBI. It would be great if we had an inside source with access to some internal documentation.
yeah, it would. I have been poking around the deepweb hoping to come across something. It is an ongoing project, but I will update when I have more info. The fact that the data is encrypted sucks. You can read the codes with a pdf417 reader (pdf14 is incorrect, was hitting the bong last night hehe) but you get back encrypted data.
The pdf417 examples I see look like the wide ones used on pre-printed Priority Mail labels, but the ones on the stamps I've seen are "Data Matrix" according to this example: http://easesoft.net/skin/barcodeexample.gif I'm sure it's all still encrypted though, I need to play with some reader software...
-
I know a well known p1ponline vendor that used to generate VCC's and use anonymous prepaid cards to print barcodes off the internet and never had a problem. Switches up proxy's and credit cards
Granted it may be a stretch, but most color printers secretly add encoded serial numbers and timestamps to each page printed... just a warning to the truly paranoid.
Printer steganography is a type of steganography produced by color printers, including Brother, Canon, Dell, Epson, HP, IBM, Konica Minolta, Kyocera, Lanier, Lexmark, Ricoh, Toshiba and Xerox brand color laser printers, where tiny yellow dots are added to each page. The dots are barely visible and contain encoded printer serial numbers, as well as date and time stamps.
https://en.wikipedia.org/wiki/Printer_steganography
Printers have a giant grid of ink that they use to print, and the printing itself is just coordinates. Theoretically, someone could prove a label was printed by a specific printer by matching the ink blots on the label to the used ink/toner coordinates in your printer.
-
There's a fucking CAMERA "built into" these machines! Like an ATM.
If you truly "must", have a "friend" buy your labels at least, wear a "disguise" if need be at a 24 hour PO lobby (if available), with anon/pre-paid CC of course.
But cash is truly king.
Just rotate between local post offices and buy stamps with CASH...and...NO worries! :)
Small town PO's with no cameras are the best way to get these labels if you "really" need them. But plain old stamps work just dandy. Just ONE single $5.15 Priority Mail stamp (and 75 cent stamps worth for DCN, if need be)...for example...dur... ;)
Regular stamps suffice just fine.
Though we REALLY do like the "pro-look" of those "printed" labels...indeed! ;)
[and we intend to post the best anon/online method of purchasing/printing them]
[EDIT] When we actually have a phreakin moment to do so, lol... :)
Peace
TFC
-
There's a fucking CAMERA "built into" these machines! Like an ATM.
defeating the cameras is pretty easy.
-
Oh, for sure! Just making suggestions for the "average" buyer/vendor who might not know these things.
That's all. ;)
Peace
TFC
-
You can just cover the camera with something while making the purchase with an anon debit card. Problem solved.
-
You can just cover the camera with something while making the purchase with an anon debit card. Problem solved.
In a njtshell, yes. They are finicky, and if the item you use is too close to the camera the machine will give you an error message saying ti can't complete the transaction. Once you get the technique down, though, it works great. I do this ijn the busiest part of the day when there are too many people to keep track of. I don't want to give away too much about my location, but out local apc station has no cameras in the 24 hour lobby, so I did a lot of experimenting nights and weekends to get the technique down. It works, but ymmv
-
I actually saw one of these APC machines a few weeks ago that had the plastic/glass that covers the camera completely scratched up. It looked like someone attacked the camera on the machine with a knife. I doubt they could get anything more than a blurred and distorted image from the camera on that one lol
-
Indeed you can quickly "cover" the camera or "scratch it up" (lol to whoever did that!) :)
But...just make sure there are no other physical camera's, in the corner, or wherever watching you walk-in.
Again, small town PO's are the least likely to have camera's in general.
Peace
TFC