Bitcoin Forum
December 06, 2016, 12:33:09 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 4 5 »  All
  Print  
Author Topic: Silk Road  (Read 7369 times)
fivebells
Sr. Member
****
Offline Offline

Activity: 462


View Profile
September 25, 2011, 10:33:47 PM
 #21

Yes, it's pretty remarkable that the Silk Road doesn't do https, only http.  I wonder why that is.  The CIA/NSA must have tor exit nodes...  You could really have some fun by hijacking some high-profile accounts there...
1481027589
Hero Member
*
Offline Offline

Posts: 1481027589

View Profile Personal Message (Offline)

Ignore
1481027589
Reply with quote  #2

1481027589
Report to moderator
1481027589
Hero Member
*
Offline Offline

Posts: 1481027589

View Profile Personal Message (Offline)

Ignore
1481027589
Reply with quote  #2

1481027589
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481027589
Hero Member
*
Offline Offline

Posts: 1481027589

View Profile Personal Message (Offline)

Ignore
1481027589
Reply with quote  #2

1481027589
Report to moderator
P4man
Hero Member
*****
Offline Offline

Activity: 504



View Profile
September 25, 2011, 10:41:35 PM
 #22

HTTPS would be good I guess, but its not uncrackable and might give a false sense of security. People there use PGP encryption to encrypt all their communication (at least the non retarded ones do).

TiagoTiago
Hero Member
*****
Offline Offline

Activity: 616


Firstbits.com/1fg4i                :Ƀ


View Profile
September 25, 2011, 10:42:23 PM
 #23

They don't use https? Woah 0.0

(I dont always get new reply notifications, pls send a pm when you think it has happened)

Wanna gimme some BTC for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX Smiley

The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!

Do you like mmmBananas?!
fivebells
Sr. Member
****
Offline Offline

Activity: 462


View Profile
September 25, 2011, 10:42:43 PM
 #24

Ah, PGP authentication would help a lot.
P4man
Hero Member
*****
Offline Offline

Activity: 504



View Profile
September 25, 2011, 10:49:34 PM
 #25

Browse around on the site. Seems like all the sellers list their PGP private keys.
I suppose there are good reasons why they dont use HTTPS. Like, who is going to apply for the SSL certificate?
Im also not sure how secure SSL really is, Id rather trust PGP.

mb300sd
Legendary
*
Offline Offline

Activity: 1232

Drunk Posts


View Profile WWW
September 25, 2011, 10:50:38 PM
 #26

Traffic to SR never goes through an exit node.

When you go to a hidden service the "exit node" is the node hosting the service. So its an unencrypted http connection to (I assume) localhost

1D7FJWRzeKa4SLmTznd3JpeNU13L1ErEco
P4man
Hero Member
*****
Offline Offline

Activity: 504



View Profile
September 25, 2011, 10:51:36 PM
 #27

Traffic to SR never goes through an exit node.

When you go to a hidden service the "exit node" is the node hosting the service.

But the node before that, you could call exit node, no? And it could be an FBI computer.

mb300sd
Legendary
*
Offline Offline

Activity: 1232

Drunk Posts


View Profile WWW
September 25, 2011, 10:52:18 PM
 #28

Traffic to SR never goes through an exit node.

When you go to a hidden service the "exit node" is the node hosting the service.

But the node before that, you could call exit node, no? And it could be an FBI computer.

In the node before that, its still encrypted by Tor.

1D7FJWRzeKa4SLmTznd3JpeNU13L1ErEco
TiagoTiago
Hero Member
*****
Offline Offline

Activity: 616


Firstbits.com/1fg4i                :Ƀ


View Profile
September 25, 2011, 10:57:27 PM
 #29

Ah, yeah, i forgot it was a site inside TOR.

(I dont always get new reply notifications, pls send a pm when you think it has happened)

Wanna gimme some BTC for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX Smiley

The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!

Do you like mmmBananas?!
paraipan
Legendary
*
Offline Offline

Activity: 924


Firstbits: 1pirata


View Profile WWW
September 25, 2011, 11:04:46 PM
 #30

heads up, TOR small vid http://www.technologyreview.com/video/?vid=315

BTCitcoin: An Idea Worth Saving - Q&A with bitcoins on rugatu.com - Check my rep
fivebells
Sr. Member
****
Offline Offline

Activity: 462


View Profile
September 25, 2011, 11:15:51 PM
 #31

Traffic to SR never goes through an exit node.

When you go to a hidden service the "exit node" is the node hosting the service. So its an unencrypted http connection to (I assume) localhost
  Oh.  Thanks for the explanation.
racerguy
Sr. Member
****
Offline Offline

Activity: 271


View Profile
September 26, 2011, 10:17:02 AM
 #32

I'm running tor atm.  Would setting tor up as a non exit relay help the network (I don't want to be able to know what stuff i'm hosting).
Interfacial
Newbie
*
Offline Offline

Activity: 5



View Profile
September 26, 2011, 11:28:40 AM
 #33

The nifty thing about Silk Road is that it can only be accessed through the Tor network.  While it doesn't make tracking your IP/Location impossible, it sure makes it a hell of a lot lot harder (and more expensive) than most authorities are willing to deal with to bust someone over.

And in combination with something like peerguardian or savepeer? Trying to get some info bout them, but don't know if they're working.
Interfacial
Newbie
*
Offline Offline

Activity: 5



View Profile
September 26, 2011, 11:34:26 AM
 #34

So as far as computer applications go, just using Silk Road is reasonably safe?  Any hacking issues that someone needs to worry about just from installing the software?

I think the digital aspect of silk road is pretty safe (for now) but its more the postadress i'm concerned about. Allready tried or not?
Interfacial
Newbie
*
Offline Offline

Activity: 5



View Profile
September 26, 2011, 11:44:38 AM
 #35


Tnks for the link!
fivebells
Sr. Member
****
Offline Offline

Activity: 462


View Profile
September 26, 2011, 11:59:36 AM
 #36

Not very informative.  Wikipedia has an explanation which is much more relevant to this discussion.

http://en.wikipedia.org/wiki/Tor_(anonymity_network)#Hidden_services
nefanon
Member
**
Offline Offline

Activity: 112



View Profile
September 26, 2011, 03:02:42 PM
 #37

ITT: FBI agents  Cheesy Cheesy
Albert Schweitzer
Newbie
*
Offline Offline

Activity: 13


View Profile
September 26, 2011, 05:36:33 PM
 #38

Imo are silk road similar sites and of course every other illegal transactions atm the most important BTC circulations for stabilizing the currency...

my2cents
gwern
Jr. Member
*
Offline Offline

Activity: 47


View Profile WWW
September 26, 2011, 07:28:50 PM
 #39

Thoughts:

- as a hidden service, SSL is redundant. SR's .onion address *is* the signature of the public key you're using to set up the connection to SR. That's the nice thing about hidden services.
- It's probably legal in a lot of jurisdictions to merely access the site. It's not displaying child porn, after all. And SR is selling legitimate stuff last I looked; in http://www.gwern.net/Silk%20Road#preparations you can see screenshots of 2 of the non-drug sections - military helmets and miscellaneous services
- racerguy: setting up as a middleman node would help the network and would also make your browsing faster, as I understand it. (IIRC, when you run as a middleman or exit node, Tor cuts an entire hop out of all your browsing because all the strangers' traffic going *into* your node now serves to camouflage your own particular traffic.)

P4man
Hero Member
*****
Offline Offline

Activity: 504



View Profile
September 26, 2011, 07:57:17 PM
 #40

Thoughts:

- as a hidden service, SSL is redundant. SR's .onion address *is* the signature of the public key you're using to set up the connection to SR. That's the nice thing about hidden services.

Thats cool! And that explains the lack of ssl.
So basically the traffic is all encrypted, and moreover, without the key, you have no way of knowing where the server is? Do I understand that correctly, that every peer forwards the traffic, but can not know if its forwarding to another peer or the actual server?

However it works, its pretty clever.

Pages: « 1 [2] 3 4 5 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!