Silk Road forums

Discussion => Newbie discussion => Topic started by: seatturtle on March 21, 2013, 06:32 am

Title: n00b security concerns !!
Post by: seatturtle on March 21, 2013, 06:32 am
I've been on SR for a little over a month and I have some security concerns. First I'll describe my process. I'm hyper paranoid for the very small amount of business I do here. Plz forgive for the noobness/overkill

Before I downloaded tor at all, I learned about hiding IP using SOCKS5 proxies, Hidemyass web proxy and vpn clients to do research (i use cyberghost or OpenVPN to connect to bitcoin platforms, for those who don't know, NEVER EVER connect to any exchange platform or bank using tor. They are already flagging accounts on MTGOX that connect using tor and are requesting pictures of state IDs for people to access their money. I would consider NOT using mtgox at ALL) Then I spent an extensive amount of time researching browser add-ons for mozilla that increase security, Those add ons, from what i can remember, are 1.hidemyass webproxy 2.NoScript ( set on forbid scripts, I use it thoroughly for any page I visit. If i do ever enable java, i of course am using a fresh browser with no other browsers running and no bad stuff happening) 3.Adblock plus  4.HTTPS Everywhere  5.Startpage Search Bar 6.BetterPrivacy (removes LSO's or 'supercookies') a GoogleAnalytics Block and Greasemonkey scripts for stopping ads. with all this shit google won't even let me access their page (not that i ever want to), its reaally funny how much they want to track the shit out of you. Then I encrypted my system partition with TrueCrypt, with 3 pass WIPE mode and AES algorithm. Once encrypted, I then encrypted a USB drive with a hidden volume, (main volume contains porn, and several cracked programs) to which i downloaded tor browser bundle and stayed up to date with the most current releases. I never ever have Utorrent running or any other browser open while using tor. I don't download through tor and I don't access the clearnet in tor.

I have a beautiful system of very cheaply and VERY anonymously buying bitcoins. My name is never once attached to them. Once I obtain them, I send them to my blockchain wallet. I then send them through the shared-send function to my encrypted bitcoin wallet (encrypted USB, 99.8% of the time offline) All of this using VPN and/or a good SOCKS5 proxy, and i STAY changing my bitcoin addresses)

i OF COURSE use pgp encryption with any order. I also use pgp to encrypt sensitive info like passwords and all of the bitcoin platform account info, random email logins and store those files in a hidden volume. I always dismount all volumes and shut down my computer so its completely locked down.

ANY TIPS ON HOW TO ENHANCE PRIVACY MORE ARE VERY APPRECIATED

i also want to start using tails. I dl'd it and verified the pgp signature. I installed tails to a fresh usb ( i used some usb installer, not the tails usb installer because i didnt have a blank dvd to burn the iso to) I then changed the boot order to 1.USB 2.Harddrive but it wont work. Is the installer the problem? any help would be awesome
Title: Re: n00b security concerns !!
Post by: thephotoshopguy on March 21, 2013, 07:23 am
As long as you use a drop addresss were there are no drugs or anyone using drugs it is as safe as it gets.

At worse anyone can lose their package, but if police come knocking for one thing they nose all over because that is what they do. Its foolish to get items sent to your home addy although UK to UK its not so much a worry and if you choose good vendors then you will always have sage packaging because you would be amazed how many postal packages and letter do fall open. If the vendor does niot take steps to stop pills and other things falling out its bad news.

As for buying bitcoins, I don't buy a lot so am not that worried about being anon, still use a buddies bank account for paying in to buy coin.

I woulkd get an anon credit card if I was spending more or selling.
Title: Re: n00b security concerns !!
Post by: ChemBot on March 21, 2013, 11:09 am
I woulkd get an anon credit card if I was spending more or selling.
+1 These are very handy - only buy with cash naturally ideally from a store with no CTV.

Sounds like you are taking a lot of precautions ordering, don't forget though that when the order is delivered/accepted/picked up is normally when people get busted,
Make sure your offline practices are just as secure as your online ones. Think like a sniper! for large orders burn the drop after one MAX two orders :)
Title: Re: n00b security concerns !!
Post by: rayelwood on March 21, 2013, 11:18 am
I have no idea about PGP, I read about it but I jujst don't understand the nerd terminology used
Title: Re: n00b security concerns !!
Post by: brainfreeze on March 21, 2013, 11:33 am
Holy shit bro your not ordering a HIT MAN, dont know what country your in but calm down a little been so para will prob get you caught. the law are to busy to be looking at you with whats going on in the world, and the other dude is right getting your stuff in the post is more likely to get you caught not ordering


Title: Re: n00b security concerns !!
Post by: seatturtle on March 21, 2013, 12:18 pm
well the stuff I have got is easy to cover. Just some weed, acid and molly that were very well packaged. plus i use names of some people that used to live at my house that still get regular mail lol. but what kind of places do you recommend doing a drop? like an address where you know people are gone when the mail comes? yeah im paranoid but im in the states and you've got to be :/
Title: Re: n00b security concerns !!
Post by: brainfreeze on March 21, 2013, 12:27 pm
 :) thats what i do use other peoples names who use to live at my address, and i dont open the letters for a few days just in case some feds come back day or so after, maybe ur right to be para in the states
Title: Re: n00b security concerns !!
Post by: maple on March 21, 2013, 02:38 pm
Your BTC precautions seem a bit too paranoid. Buying BTC is perfectly legal, and once it is in the blockchain there is no way it can be used against you. The part you should really be looking at if you are paranoid and/or will be receiving large orders is a drop. Imho, the drop is the most difficult part of any illegal activity involving packages, as it usually involves trusting someone. Best thing for a drop would be a person you trust and making sure they know exactly how to handle cops. If they have just as much to lose (or more) as you, it will also make them less likely to screw you over.

Really, all that extra online stuff is excessive. If you want to be paranoid though, I do believe Bitfloor is TOR friendly. Same thing for your system, if you have everything on a USB/are using a live USB you do not need to encrypt your system partition, and using TOR is not illegal either. I do not even store anything except my address in a .txt file for easy copy/paste.

I am in the US as well, and with all the stuff that has been going on, I can understand where you are coming from with your paranoia. But keep in mind, having a shitload of these precautions is much more suspicious than just having TOR on your computer, especially if most of the stuff you are taking precautions for is legal. They could easily extrapolate all your security to something devious and use it convince a tech-illiterate jury that you are a terrorist or something, whereas if it is just an install of TOR, they do not have as much sensationalist power.

Just my 2 cents, to each his own.
Title: Re: n00b security concerns !!
Post by: twodix on March 21, 2013, 03:41 pm
as for BTC just depositt  str8 2 your SR wallet addie using a trusted BTC vendor, that jus means walkin into a bank with an order number slappin down the cash and  whammo its str8 in your account. you don't even hafta take off your false beard and sunglasses. Maybe a burkha?Borrow someone's kid and spray tan. The banks dont give a fuck about tryna catch ya- eva seen scarface when they start carryiong in sacks of cash to the bank- they lllllooooovvvvveeeee that shit n.q.a.. Tails is a major headfuck. PGP is tricky but dont waste your time with the written accompanying mannual, it's just a confusing mess which im sure the guy who wrote impressed himself with his use of english when writing, but as far as actually making much sense, its like using help menu in windows, a total farkin waste of a few hours readin imho. Theres a gr8 vid on pootube that xplaynes it all v simply in 10 minutes.
The othjer option for computer security is buy one of those lil mini android pcs offa  ebay that you can install orbot to and keep it hidden in a plastic box buried in the backyard when you aint SRing.
Title: Re: n00b security concerns !!
Post by: ftimlogukiaiogt on March 21, 2013, 07:04 pm
I don't know. It may just be me but that seems a little excessive and I'm in the states. Of course, if I'm wrong, please let me know!
Title: Re: n00b security concerns !!
Post by: seatturtle on March 22, 2013, 01:22 pm
i feel yaz. However there are certain slip ups everyone should be aware of to keep their name from getting red flagged. I don't believe all of this is as chill as others are approaching. LE knows about bitinstant > mtgox > SR and they are starting to flag suspicious accounts. or the LSO supercookies are a real security threat and brand new development, and they stay in your computer and log info about you daily if they aren't removed. people should definitely look into the BetterPrivacy add on for mozilla if this is a concern. If you are unencrypted or not using proxiees, then everytime you log on to tor your ISP knows about it and that could flag you.(i read somewhere Comcast is NOT DOWN with tor) As i learned security it became more then just about covering my trails on tor, it became about preventing all of these third party data collecting sites from running scripts on me and viewing my traffic. It's a matter of civil privacy  AS BLACKBEARD PIRATE ROBERTS says "Don't get comfortable!"
Title: Re: n00b security concerns !!
Post by: ftimlogukiaiogt on March 22, 2013, 02:56 pm
If you're willing, I am sure a lot of people who just started (including myself) could really benefit from all the computer security you taught yourself. A quick how-to guide posted here on the forums or even on sites such as /r/silkroad (if you know what that subreddit is;  be sure to use a throwaway?) really helps; I can say that from personal experience.

Cheers and stay safe!

Title: Re: n00b security concerns !!
Post by: seatturtle on March 23, 2013, 12:14 am
I plan to start an open thread on security tips when i'm allowed to post in the security section, aimed at the overly paranoid crowd and will hope to get some seasoned tor vets to weigh in. My main tip would be to encrypt a volume, hidden volume, usb or system partition using TrueCrypt (instructions on how to use are on their website. its a good little project to sit down to, and will increase your security ten fold if you install correctly, and that means paying attention to all the steps and the advice from truecrypt.org. Install the latest tor to your encrypted volume ( i recommend encrypting a usb. I have all my nefarious deepweb tools on an encypted usb that i boot tor from.This will encrypt your traffic (which tor does not do) to any possible MitM attacks or traffic analysis. using truecrypt i can dismount the usb and throw it out my window or something if the cops like kicked down my door and there wouldnt be a trace of any of that frowned upon software on my computer.
I could go ON about locking down your regular browser. Mozilla's the best browser for regular browsing because it is designed to be super customizable for security There are tons of free, open source, amazing add-ons and tools that programmers generously share with us, and if we care to use them correctly it can really prevent so many javascript backdoors, LSO cookies data collecting, ad site traffic analysis, etc. my top recommendations are HTTPS everywhere and NoScript, which you are probably familiar with from the tor browser. https encrypts alot of your traffic, and noscript (the s icon next to the toolbar in tor) blocks third party scripts if you arent familiar with noscript and are using tor, stop everything and click the s, then 'forbid scripts globally' if you dont do this using tor can be very dangerous!! the BetterPrivacy add on removes the new 'Super cookies' LSO files (new and evil form of cookies, watch out) Adblock plus is great, you can watch youtube videos that show you how to create custom filters in adblock. Id also download a VPN client to hide your IP for when you access your BTC platforms ( i need to do that anyway, because of my method of getting BTC) I cant have my IP address nconnected to a platform.
Best advice is to read articles about browser security, the tor website for their list of security browser add ons plsu their tips on using tor safely. watch youtube videos that walk you through securing yourself. on both sides on the coin, there is always some development happening that can either fuck you or save you. You've got to stay up to date with security tools to *ensure* your safety.
BE SAFE <3 to my tor family.