Silk Road forums
Discussion => Security => Topic started by: daorklis on October 24, 2011, 02:58 am
-
Hi guys,
I was trying to fill out an order I made with Pharmville and learned from reading his SR profile that they can't read PGP messages right now (after upgrading to Lion OSX). I have the same problem so I had to revert to using PGP on my bootcamp partition. I have been trying to use TorPM as he has suggested but the problem I'm having is that TorPM keeps giving me this message:
You have been logged out, or your session has expired. Please log in again. If problem persists, try enabling cookies (torbutton sanitizes them on toggle)
All of my settings are fucking correct. I can log into any website except for that site. Am I the only one? Can someone do me a favor and let me know if they can do it or not?
That being said, I'm a little bit aggro right now. It's been over a week since I placed this order and I'm willing to bet that Pharmville is all out of stock by now cause of all the bullshit that's been happening with SR and whatnot. I certainly do not want to send my address in plain text on SR. (Has anyone else ever done that? Is it even safe?)
The last fucking thing I want to do is just refund the order cause the value of bitcoin has dropped 25% since I placed that order and I wouldn't even be able to cover another similar order if I had to. Likewise, I have a very good feeling that Pharmville is going to say "Sorry bub. I'm all out so how about you just fuck off" given the same facts...
This is my first SR transaction and it's already leaving a bitter taste in my mouth. I guess this is the price we pay for anonymity. It's definitely not exactly as convenient as it all seems to be. One also needs a lot of fucking patience and patience is definitely not one of my virtues.
Anyway, let me know if you guys are having the same problem. Thanks.
-
Oh yeah, this is the address for TorPM:
http://4eiruntyxxbgfv7o.onion/pm/login.html
Also, if anyone can suggest another way that I can communicate with Pharmville safely? I will run it by him.
-
It's just recently that I see more vendors have pgp. I've sent in plaintext before...all this shit is encrypted and destroyed...sending in pgp is just an xtra precautionary step we take, when we can...I'd just send him a plaintext msg without too much detail, asking what's up.
When I see they have a public key, I encrypt and send my public key...when they don't, and I want it bad enough, I just send it open, knowing SR has protection in place, and if I don't trust SR, I'm in a world of shit anyway....
No worries. I also went to the torpm site, but it said I had a bad password, the fuckers, but its been a while since I've used the site. Everything seemed to be working so I'll check it out...best wishes, I know this shit can be aggravating...
-
I know the TorPM site has been down sporadically for the past few days.
I can tell you that Pharmville would never treat a customer as you have suggested. I agree with phubaiblues. Send them a message in plain text on the main site, keep discussion to a minimum, reference your order # and above all, be polite. There have been extreme circumstances lately and I know for a fact that even if you jump the gun and make a negative post about them instead of being patient (I know it can be difficult) and waiting for a response to an un-encrypted message, they will treat you with the utmost respect and service. I get nothing but great service from Pharmville and sometimes it takes them a while to get back to you because of the sheer # of orders the receive each day but they will, in fact, respond to you.
And I very highly doubt you would get any response even close to "we don't have your order, F off." Probably something more like "sorry for the extreme circumstances recently. Your order has already / will most definitely ship today."
Only making statements based on my experiences with them. But then again, what do I know?
oxyhoot
-
Yeah TorPM is definitely having problems - I can't log in either. Also, I'll second oxyhoot's commendation on Pharmville. They really do go out of their way to make customers happy.
I have sent my addy to sellers in clear-text, though I know many people who would never do such a thing. According to Silk Road himself, text sent to SR with the onion routing means that the data is encrypted along the TOR relay route as well as on the SR servers (see: http://dkn255hz262ypmii.onion/index.php?topic=536.msg3550#msg3550). PGP is just an extra layer of security.
Other people here have also confirmed this. I am wondering, though, about the info on Wikipedia claiming that traffic is unencrypted between the exit TOR node and the final destination. http://en.wikipedia.org/wiki/Onion_routing#Weaknesses
Exit node sniffing: An exit node (the last node in a chain) has complete access to the content being transmitted from the sender to the recipient; Dan Egerstad, a Swedish researcher, used such an attack to collect the passwords of over 100 email accounts related to foreign embassies.[2] However, this weakness can be overcome by employing end-to-end encryption (that is, encryption between the sender and the recipient), such as SSL.
Is there something different about SR - some added level of security, or am I missing part of the picture? I'm pretty sure I am. Anyway, if you really wanted, you could send different chunks of your addy in different messages. Would make it near impossible for someone with snooping abilities to piece it all together, though it would also make it a bit harder for Pharmville ;)
-
About exit nodes - since Silk Road is a hidden service, exit nodes are not used.
-
I was just speaking out of bitterness last night as I tend to expect the worst while hoping for the best.
Anyway, Pharmville got back to me and has been most accommodating, ensuring that he will fulfill my order. Thanks for the input, fellas. I appreciate it.
-
...Is there something different about SR - some added level of security, or am I missing part of the picture?...
dkn255hz262ypmii.onion/index.php?topic=2682.msg37444#msg37444
-
PGPTools is fucked in lion but try using in the terminal:
gpg - d [file]
It's never failed on me.
Sun
-
Bah! The item I ordered is out of stock, as I suspected. The question remains if it will ever be in stock again...
-
I was just speaking out of bitterness last night as I tend to expect the worst while hoping for the best.
Anyway, Pharmville got back to me and has been most accommodating, ensuring that he will fulfill my order. Thanks for the input, fellas. I appreciate it.
I know, I've been there, my own life sucked, I was kicking some hard-to-kick drugs, and got all suspicious and vocal about a couple of vendors on here, and lived to regret it, as they are good guys, and deal with the same shit we all deal with, both offline and on. Most of the sellers who have been around a bit, do the best they can to be accommodating, and sometimes just asking them politely 'what's up' does the trick, or posting the question in a friendly way on forums--as you did--also works.
This is still a brand new way of doing this stuff, and we don't have a template on how to go about it yet, so we're the pioneers, and sometimes pay the price for it.