Silk Road forums

Discussion => Security => Topic started by: onesickpuppy on July 12, 2013, 03:47 am

Title: Attention Vendors. Do not fall for this old trick
Post by: onesickpuppy on July 12, 2013, 03:47 am
If you're a vendor and are already aware of this, then please ignore.

1. DEA targets a specific vendor
2. Makes a large purchase
3. Receives package. DCN of package is noted.
4. Claims that they never received package
5. This will force targeted vendor to check DCN
6. Targeted vendor falls for social engineering trick: we all know we should never use Tor to check DCN, because it's bad for buyer(!), therefore vendor checks at worst from home, IP identification thru coordination with Postal authorities made. At best vendor is smart enough to use free wifi area. Be careful and watch out for cameras. Free wi-fi areas are also heavily monitored

This obviously applies only to vendors who sell bulk, which is a stupid thing to do on SR. Be careful either warn user that you will have to check thru Tor, or give them the DCN to check. Or use some sort of non-Tor based proxy.
Title: Re: Attention Vendors. Do not fall for this old trick
Post by: TreadLight on July 14, 2013, 08:32 am
I am a strong advocate in having a VPN with a unique IP address standing by. There are plenty of good VPN services out there that allow you to access them through Tor and accept Bitcoin as payment.

Once you have that set up, if you ever need to check a site anonymously without your IP address raising any flags, simply go Tor ->Dedicated VPN -> Site.

And because you registered for the VPN service through Tor with Bitcoin, even if LE force the VPN service to hand over its logs (the good ones don't keep logs), it will just lead them into the jumble that is Tor.

I would only use the VPN service for sites that don't allow Tor, though. Otherwise you risk building a pattern of behavior around that dedicated IP address.

Title: Re: Attention Vendors. Do not fall for this old trick
Post by: Yousaf on July 14, 2013, 07:42 pm
Only a retard would fall for this.  No reputable vendor I know would use his regular internet to check a package tracking #, tracking #'s are checked either through a VPN or through TOR on another site like track-trace.com
Title: Re: Attention Vendors. Do not fall for this old trick
Post by: piratesofpenzance on July 14, 2013, 09:36 pm
Yeah to be honest I would hope vendors do not fall on this kind of trap but with busts from the likes of Casey Jones we can assume not every vendor is being as hardcore with security as they should be. As always keep an eye out for the reputable vendors and do business with the clear headed ones...