Threats and countermeasures in buying real world things through the mail

[njw]

Hi there,

I've been following bitcoin for a while, and finally decided it was about time to get started with it. I do have a question about anonymity and threat models though, which I'm struggling to figure out myself.

Let's say I want to buy a banned book using bitcoins. I'm new to bitcoin, so I do the following:

1) Buy bitcoins using wire transfer from an exchange.
2) Transfer bitcoins from exchange to my wallet.
3) Buy the book from somewhere online place.
4) Get the book shipped to my house.

The threats that I see here all revolve around the seller getting busted. In this case, the attackers have:
- My postal address (from shipping it, presuming the seller kept logs)
- The address my bitcoins came from.

Am I correct in thinking that the attacker can also see the history of the transactions that passed through my wallet (as they now have the wallet address)? If so, presumably they could see that the bitcoins originated from an exchange, and subpoena the exchange.

The subpoena an exchange issue could be dealt with largely by depositing in cash, rather than wire transfer. That way the exchange need have little knowledge of my identity.

The postal address issue seems pretty intractable, to me. A PO Box would provide another layer of indirection, but is also a subpoena (or less in many countries) away from revealing my identity.

Anything I haven't thought of, or have thought of wrongly, or better ways of doing things?

Thanks

[Bitcoin Oz]

Hi there,

I've been following bitcoin for a while, and finally decided it was about time to get started with it. I do have a question about anonymity and threat models though, which I'm struggling to figure out myself.

Let's say I want to buy a banned book using bitcoins. I'm new to bitcoin, so I do the following:

1) Buy bitcoins using wire transfer from an exchange.
2) Transfer bitcoins from exchange to my wallet.
3) Buy the book from somewhere online place.
4) Get the book shipped to my house.

The threats that I see here all revolve around the seller getting busted. In this case, the attackers have:
- My postal address (from shipping it, presuming the seller kept logs)
- The address my bitcoins came from.

Am I correct in thinking that the attacker can also see the history of the transactions that passed through my wallet (as they now have the wallet address)? If so, presumably they could see that the bitcoins originated from an exchange, and subpoena the exchange.

The subpoena an exchange issue could be dealt with largely by depositing in cash, rather than wire transfer. That way the exchange need have little knowledge of my identity.

The postal address issue seems pretty intractable, to me. A PO Box would provide another layer of indirection, but is also a subpoena (or less in many countries) away from revealing my identity.

Anything I haven't thought of, or have thought of wrongly, or better ways of doing things?

Thanks

http://en.wikipedia.org/wiki/Dead_drop

[Strider Hiryu]

Hi there,

I've been following bitcoin for a while, and finally decided it was about time to get started with it. I do have a question about anonymity and threat models though, which I'm struggling to figure out myself.

Let's say I want to buy a banned book using bitcoins. I'm new to bitcoin, so I do the following:

1) Buy bitcoins using wire transfer from an exchange.
2) Transfer bitcoins from exchange to my wallet.
3) Buy the book from somewhere online place.
4) Get the book shipped to my house.

The threats that I see here all revolve around the seller getting busted. In this case, the attackers have:
- My postal address (from shipping it, presuming the seller kept logs)
- The address my bitcoins came from.

Am I correct in thinking that the attacker can also see the history of the transactions that passed through my wallet (as they now have the wallet address)? If so, presumably they could see that the bitcoins originated from an exchange, and subpoena the exchange.

The subpoena an exchange issue could be dealt with largely by depositing in cash, rather than wire transfer. That way the exchange need have little knowledge of my identity.

The postal address issue seems pretty intractable, to me. A PO Box would provide another layer of indirection, but is also a subpoena (or less in many countries) away from revealing my identity.

Anything I haven't thought of, or have thought of wrongly, or better ways of doing things?

Thanks

The wallet tracking issue is solved by mixing your bitcoin with some large collection of bitcoin (or many of these to lessen the potential problem of records being kept), then withdrawing it to a new wallet.

I guess you could have things sent to a vacant house with an accessible mailbox.

[SaintFlow]

One can always send things to a friend and tell them you cannot order it to your place because it is a gift for your wife or girlfriend and you do not want her to find out beforehand. My friends do not open my post.

[njw]

Thanks for the replies folks! Responding to things in no particular order:

I guess you could have things sent to a vacant house with an accessible mailbox.

I'd vaguely considered that. Depending on area, such buildings aren't always easy to find, though.

Dead drop

Fun article, thanks. Rather too hardcore spy-ish for me, but still, good to know more about.

One can always send things to a friend and tell them you cannot order it to your place because it is a gift for your wife or girlfriend and you do not want her to find out beforehand. My friends do not open my post.

That has the disadvantage of potentially getting your friends in trouble. Not ideal.

The wallet tracking issue is solved by mixing your bitcoin with some large collection of bitcoin (or many of these to lessen the potential problem of records being kept), then withdrawing it to a new wallet.

Ah, thanks for that. I hadn't quite grokked that before, but it makes sense.

[njw]

Browsing around the bitcoin world more broadly I found some good relevant advice on the Silk Road website - http://silkroadvb5piz3r.onion/index.php/silkroad/buyers_guide

Use a different address, such as a friend's house or P.O. box, that is unrelated to the one where your item will be kept. Once the item arrives, transport it discreetly to its final destination. Avoid abandoned buildings or any place where it would be suspicious to have mail delivered.

Do not sign for your package. If you are expecting a package from us, do not answer the door for the postman, let him leave it there and then transport it as described above.

Do not use your real name. This tactic doesn't work in some places because deliveries won't be made to names not registered with the address. If you think this is a problem, send yourself a test letter with the fake name and see if it arrives.

If you follow these guidelines, your chances of being detected are minimal. In the event that you are detected, deny requesting the package. Anyone can send anyone else anything in the mail.

[DeathAndTaxes]

njw the mods are serious about the "Linking to illegal sites is forbidden. If you bypass this censorship, you will be banned" warning.  It is one of the very few things which will get you banned.  Even scamming (normally) won't get you banned.   That entire domain and similar sites are off limits.

An expensive but comprehensive solution would be to operate a remailer service (possibly funded by bitcoins) from a country which still protects privacy.  The postal mail equivalent of a VPN proxy.

[DannyHamilton]

The postal address issue seems pretty intractable, to me. A PO Box would provide another layer of indirection, but is also a subpoena (or less in many countries) away from revealing my identity. . .

This came up in a recent discussion I was involved in.  By the end of the discussion, we decided that for the right price (or the right persuasion technique) you might be able to convince a complete stranger to acquire a P.O. Box and turn the key over to you.  Then, in case of the small chance that authorities might stake out the box and wait for you to collect the contents, you might be able to convince (pay) a new stranger to run in, collect the contents, and bring them out to you while you wait at a safe distance where you can keep an eye on the exit.

[finkleshnorts]

Since the "book" has to eventually arrive in your hands, there is no way to completely eliminate risk.

The best way I can imagine is to set the name on the package to be the name of the previous resident. When the package arrives, walk straight from the mailbox to your outside trashcan and throw it away. Wait a few days and then take it back out at night. Plausible deniability all the way around, I believe.

I hope I will never need to do something like this.

[stevegee58]

What's an illegal web site?  I didn't know they existed.

[StrictlyBusiness]

If you are in the USA USPS needs a warrant to open mail........ Just thought I would share my two cents!

[DannyHamilton]

If you are in the USA USPS needs a warrant to open mail........ Just thought I would share my two cents!

Yep, but if the seller has just been arrested in the U.S. and has records indicating where his recent shipments were sent, then getting that warrant won't be very difficult, will it?

[njw]

njw the mods are serious about the "Linking to illegal sites is forbidden. If you bypass this censorship, you will be banned" warning.  It is one of the very few things which will get you banned.  Even scamming (normally) won't get you banned.   That entire domain and similar sites are off limits

My apologies. I'm new here, and hadn't read the rules closely enough. I did include the relevant section from that site in my posting so that visiting the site wasn't required, but didn't consider that linking would be frowned upon. Won't happen again.

An expensive but comprehensive solution would be to operate a remailer service (possibly funded by bitcoins) from a country which still protects privacy.  The postal mail equivalent of a VPN proxy.

I had to reread that about 3 times before realising that you weren't making a confusing reference to remailer software... I spent too much time playing with anonymity stuff! Anyway, interesting idea.

If you are in the USA USPS needs a warrant to open mail

That's interesting (and great), I didn't know that. I imagine they must be in the minority, though.

[StrictlyBusiness]

If you are in the USA USPS needs a warrant to open mail........ Just thought I would share my two cents!

Yep, but if the seller has just been arrested in the U.S. and has records indicating where his recent shipments were sent, then getting that warrant won't be very difficult, will it?

They can't get a warrant just because you have active shipments now depending on what you were arrested for I'm pretty sure that they could open your mail if say this is a case dedicated to mail fraud or something of the sort, but I'm pretty sure that if you just get arrested that they cannot open your mail I believe it's like against the law or something. I maybe wrong if I am please somebody  fix my wrongs. And if its that hard to get it into the US why wouldn't you just e copy and print it off that way?