Here's a pic of my HCl in the package it came in. I covered the top to keep from showing the supplier. I'm guessing the stuff written on the bag is why customs let it go. Also there are some pics of it on the scale and in capsules lol.

Sad to see it compromised, all because people didn't respect the rules of fight club. Anything that blatantly exposed will be a target for attention.

It always has worked that way, and it always will work that way. Even back during US Prohibition it was the speakeasies which were too loose which got busted. A quarter of the adult nation drank illegally, but it was those who made it too easy who brought the heat.

There are hundreds of millions of people out there completely ignorant about the trading which has gone on for many, many years. These people mostly want to remain ignorant. They want to watch their reality television and believe that their kids aren't getting into drugs, not at school, and definitely not from the home computer.

As soon as that asshat reporter ran his mouth I knew the site was terminally compromised. Once the public found out their programming caused them to be outraged, and once the public was outraged the politicians and state security apparatus could no longer ignore it. How can they justify extorting trillions of dollars from the people every year if they aren't keeping up appearances of public service?

Sad, really, because email LSD sources are scarce, its beyond my ability to prepare, and it doesn't store well at all.

there are other lesser known onion hookup forums out there.
you have to dig and dig to find them like anything worthwhile.

it wasn't the reporters fault.  in fact he actually interviewed the owner of SR for the article.  The owner of SR is really poorly equipped to be running a site like that, he's in way over his head. it really wouldn't be all that hard for a government (or determined hacker) to expose the server location.

it wasn't the reporters fault.  in fact he actually interviewed the owner of SR for the article.  The owner of SR is really poorly equipped to be running a site like that, he's in way over his head. it really wouldn't be all that hard for a government (or determined hacker) to expose the server location.

http://en.wikipedia.org/wiki/Tor_(anonymity_network)#Weaknesses
http://en.wikipedia.org/wiki/.onion

There are some anonymity issues you should keep in mind too: https://www.torproject.org/docs/tor-hidden-service.html.en

As mentioned above, be careful of letting your web server reveal identifying information about you, your computer, or your location. For example, readers can probably determine whether it's thttpd or Apache, and learn something about your operating system.

If your computer isn't online all the time, your hidden service won't be either. This leaks information to an observant adversary.

Quote from: akcom on June 26, 2011, 10:31:49 AM

it wasn't the reporters fault.  in fact he actually interviewed the owner of SR for the article.  The owner of SR is really poorly equipped to be running a site like that, he's in way over his head. it really wouldn't be all that hard for a government (or determined hacker) to expose the server location.

I have to disagree. The reporter had to know he was taking something subject to fight club rules and turning it into a spectacle of mass market journalism for people mostly to gawk. I'd be shocked if even a hundredth of one percent of the readers were even set up to access the SR website, let alone even consider ordering from it. He had to know he was bringing scrutiny on Bitcoin and Tor and flooding SR

Remember when journalists first started letting people know that cold medicine could be used to synth MA? Look what happened there.

From a tech perspective, SR was set up well and didn't need much more. The hidden service kept him safe and the site's software did what it needed. If I were him I never would have registered the .org because that leaves trails outside of Tor. I just don't see any way to set up anything that hot to deal with the publicity, no matter how technically competent.

It really isn't that hard to buy VPS hosting without leaving a trail and configure it to host a hidden service.

If SR didn't want the publicity, he wouldn't have agreed to have been interviewed.  I've already reported 2 vulnerabilities to the admin.  If a malicious hacker had found them, he could have rooted the server and figured out the real IP address.  If a government sponsored entity found that same vulnerability, then SR would have been fucked.  I reported 2 of them, I'm sure there are more.

If SR didn't want the publicity, he wouldn't have agreed to have been interviewed.  I've already reported 2 vulnerabilities to the admin.  If a malicious hacker had found them, he could have rooted the server and figured out the real IP address.  If a government sponsored entity found that same vulnerability, then SR would have been fucked.  I reported 2 of them, I'm sure there are more.

Good job on getting those shut down. Now that they're fixed, was the problem in the OS, the web stack, or the web scripts? Full root shouldn't happen if the webserver is dropping privileges, absent something really old and bad in the underlying OS.

As far as publicity goes, that was already set in motion when that reporter began composing his email to the SR admin. The journalist made the decision to publicize it. It isn't as if the admin could have said no and the reporter would have respected the site's privacy. That is one thing almost all journalists lack - respect for privacy of those who don't want to be a headline. Once that request was in the best the admin could hope to do was a bit of damage control in getting his side of the story heard and emphasizing SR's role in taking business out of the often dangerous and gang-connected meatspace drug markets.

It isn't as if SR was well hidden like some of the email services which have been up for years. The whole thing was well known over at the Bitcoin forums, and some other places, but even there it was out of the eyes of the general public. Our atypical counterculture world thrives best when it is out of sight and out of mind to the general public and the moralizing politicians who control them. If they suspect it goes on but they lack the specifics, then they can ignore it and return to getting drunk and watching reality television. As soon as they learn specifics, though, all of their conditioning kicks in and they have to demand action, best seen by all the ignorant reactions by the politicians and cops who initially responded as though they were going to march in to a Bitcoin, Tor, or SR office and demand it be shut down.

"Nobody is making a career case off of stopping a geek from going to the music festival with a quarter of shrooms and a few rolls" - " if it weren't for the paranoia sweeping over everybody""

Its been reported across the press so even joe public could have read it . There used to be loads of sites selling mushrooms as "Scent bags" after they were made illegal in some countrys . When that got into the press it was mostly stoped . The same thing is happening with "bath salts" and "plant fertiliser" .  A lot of naive people have thought that others were paranoid but soon changed their minds when they got touble . People who order a few grams obviously have little to fear but i dont think we are talking about them . I think we are talking about big buyers and sellers .

EDIT -
I would put sites like silk road on the list of big sellers and i think the pigs would to .
Even if the FBI , CIA and other pigs cant find the site they already have the info on the guy running it .
If the NSA can find sites like that if they look why wouldnt the CIA , FBI and other pigs have the same software / means to find them and why wouldnt the NSA help them if they didnt ?
Maybe a not so good example is the domaine name siezure / closeure of over a hundred web sites acused of tradeing films over the last year or so by the "department of homeland defense" who have fuck all to do with torrents shows how departments that realy have nothing to do with certain crimes help eachother . .

I saw tor was brought up by someone on zok lately and they were flamed by some goon from what i thought was valid point.

interesting to hear your exploits akcom...
I know tor (i run an unadvertised 5mbps bridge server on tor for people who need to use it... in one hour it has thruput of 3mbps so it is near full capacity, i have seen it increase from average 1mbps - hourly tick - from last year... tor grown greatly in this last year) I administrate with tor-arm and run on ubuntu. It has not been hacked... I dont think ubuntu is terribly insecure and I am using keys not passwords for shell. I do not know a big amount about security but always learning.

I am aware tor client (vidalia,privoxy) strips out HTTP headers like HTTP_X_everything but I can imagine simple workaround to get real IP address something like escaping some sql early then inserting base64_encode($_SERVER['HTTP_HOST']); and would get through tor OK.

I would like to see a more general purpose or multipurpose version of silkroad that does not have first tier categories with titles like 'drugs' 'weaponary' and 'explosives'

It would be nice to see exit enclave here, vesp. It is not hard to set up at all... just apt-get, configure, reconf iptables then adjust your hidden service conf file, et voila!

Did someone take my name on that site?

I have never and will never be a part of silkroad or related trading sites - so if you see any "Vesp"s or other people who claim to be me.... it isn't me.