I have a more basic question: most DNM's encourage sending delivery information to the seller using PGP encryption, that way if this site is seized there is no easy way to harvest transaction information. But I see no support for that on this site (primarily, no place for members to publish their public PGP key).
So how DOES one expect to give delivery information to a member if the (warranted) assumption that any data held private by the web site is compromised in the future?
So how DOES one expect to give delivery information to a member if the (warranted) assumption that any data held private by the web site is compromised in the future?
- By needhealing
You could use an encrypted pastebin site like 0bin with a 1-day expiry date. It's not as anonymous/secure as PGP, but it would do the trick.
- By Baskater5
This is the comment I was looking for. I just opened my first order here on BB and the seller asked me to send the drop data in plaintext? Thats crazy dangerous! As an active user of the DN I have never seen a market not encouraging PGP for sensitive data. But I have seen multiple markets be busted/seized and the only significant data which LE had were the drop addresses of the lazy people who didnt use PGP! I really hope the admins will implement PGP in future. I feel very unsafe to send the drop in plaintext, which I wont do. I was told by the seller that the mods need to see the address which could be understandable in case of a dispute. But encrypting a message with more than one recipient key is possible.
- By OpusTheGreat
Putting my tinfoil hat on (which I rarely, rarely do), the lack of support for end-to-end encryption for sensitive information combined with the encouragement to use baked-into-the-site mechanisms like encrypted conversations (cough... "trust us, it's secure and gets deleted from the database..." cough) almost rises to the level of the site being a honeypot.
What say ye to that admins?
Are the admins savvy enough to know for sure that the conversation is actually removed? Deleting a few rows from a database often just marks the rows as "deleted" without actually removing them from the underlying file due to performance considerations. So for all we know, these "deleted" conversations are actually still in the underlying database. And even if they where fully scrubbed from the database, doesn't mean they aren't recoverable via forensics at the file system level.
Bottom line, this level of security is hard, so having end-users manage their own end-to-end encryption that doesn't involve including the site in the chain-of-trust is well worth the inconvenience. Having a convenient way to include a PGP public key in users and vendors profiles is trivial by comparison.
What say ye to that admins?
Are the admins savvy enough to know for sure that the conversation is actually removed? Deleting a few rows from a database often just marks the rows as "deleted" without actually removing them from the underlying file due to performance considerations. So for all we know, these "deleted" conversations are actually still in the underlying database. And even if they where fully scrubbed from the database, doesn't mean they aren't recoverable via forensics at the file system level.
Bottom line, this level of security is hard, so having end-users manage their own end-to-end encryption that doesn't involve including the site in the chain-of-trust is well worth the inconvenience. Having a convenient way to include a PGP public key in users and vendors profiles is trivial by comparison.