submitted by DSP-Lab to u/DSP-Lab [link] [comments]
Before half of 2020, the word "data breach" appears extremely active. All over the world are plagued by data breaches, but also cause major losses.
In today's Internet era, any behavior you have on the Internet is likely to be recorded, and then through big data summary and statistical analysis, you can basically say: everything you know, the network knows. In a centralized system, the system platform operator can get all your data in the background. Based on the drive of business interests, they will use this data to commercialize applications: sell data and sell services.
The world is interconnected. This is the status quo and an irreversible development trend. In this interconnection, there are no boundaries in the future. In this near future where there are no borders and everything is connected, imagine that your alarm clock, electricity meter, mobile phone, mobile detector, and other things that are needed every day are interconnected, so that others can understand your situation. What a terrible thing it is, like being in a completely privacy-free environment, such a future, you，Suffocation? Should we have privacy?
In December 1948, the United Nations promulgated the Basic Law, "Universal Declaration of Human Rights," Article 12 of which stated personal privacy as follows:
No one's private life, family, residence and correspondence must be arbitrarily interfered, and his honor and reputation must not be attacked. Everyone has the right to legal protection against such interference or attacks.
In the electronic age, privacy is essential for an open society. Privacy is different from secret. Privacy is something that someone does not want to make public. The secret is something he doesn’t want anyone to know. Privacy is a power. It gives someone the right to decide what to disclose and what not to disclose.
In a distributed Internet environment, the privacy of individuals from a macro perspective mainly covers four aspects: node privacy, content privacy, link privacy, and tunnel privacy. Let's expand one by one and look at the specific content of the four dimensions of privacy.
1) Node privacy
Node privacy refers to the fact that in an open distributed environment, both parties interacting with each other do not know each other's sensitive information, such as IP address and MAC address, so as to achieve the purpose of not exposing each other. At the same time, it is impossible for other nodes to perceive the location of the sender and the receiver through network sniffing.
The following uses the Bitcoin network topology as an example to illustrate the importance of node encryption.
As of now, there are about 8,000 nodes in the entire Bitcoin network. Based on current technology, the cost of building a parallel sniffing network is very low. Some researchers have done statistics. When the topology sniffing network starts, after about 10 blocks height, it can basically infer the connection topology of the entire network. Coupled with the fixed time interval of gossip message propagation, it is basically possible to infer the general distribution position of the construction nodes of a transaction information, thereby destroying the privacy of the nodes.
2) Privacy of communication content
The privacy of communication content means that the communication content is only visible to both parties of the interaction. No one can intercept the data from the network, or without the authorization of both parties, no one can see the plain text of the communication.
3) Link privacy
Link privacy refers to the connection established by both parties in communication, which is encrypted; No one has the ability to use the link for data transmission without the relevant key. As shown in the figure below, a-> b, b-> c, c-> d, etc.
4) Tunnel privacy
In some cases, the communication between the nodes will be completed by one or more relay nodes. In this way, based on the transceiver node and the relay node, a communication tunnel is formed; tunnel privacy means that only the sending node has the right to send data from the sending node to the receiving node via the relay node. Under the premise of authorization, there is no way to complete the transmission of data. As shown above, a-> d, e-> h logical communication tunnel.
For the four privacy dimensions mentioned above, there is a general solution that can effectively protect the security. Although the communication efficiency needs to be improved, functionally speaking, it can already take into account the four dimensions. And in the following, for this general security idea, gives the possible dimensions for further optimization.
1. Description of General Encryption Network Solution
Firstly, each relay routing node in the encrypted network creates a routing descriptor, which contains some contact information, mainly IP addresses, ports, public keys, and other broadband capabilities. After the creation is complete, send this information to the directory server of the whole network (usually also become the Bootstrap node). Based on this information, the directory server generates a unique descriptor for the routing node for the entire network, which is stored on the directory server along with the descriptor information. In the following, we will describe in detail how the privacy of the encrypted network is protected from three aspects: networking topology, message structure and link transmission construction.
1) Network topology
As shown in the following figure, in an encrypted network, we recommend that clients, relay agents, relay routing nodes, directory servers, and possibly bridge nodes together form the entire network topology. When the client builds a communication link, the steps are as follows:
A. The client initiates a node request to the directory server;
B. The directory server generally recommends three nodes to the client from the directory table based on the weight selection algorithm. Logically, they are called entrance node, intermediate node and exit node.
C. After receiving effective feedback from the directory server, the client builds a complete tunnel link step by step according to the Response message.
2) Link establishment
Based on the above description, we know that a client can obtain three nodes of a link through the directory server: entrance node, intermediate node, and exit node.
A. The client uses the DH handshake protocol (Diffie-Hellman) to shake hands with the ingress node to generate a shared session key. Based on the shared key, the client sends a CREATE message to the entrance node;
B. After receiving the CREATE message, the entrance node will establish a link with the intermediate node based on the address of the intermediate node in the message and complete the key exchange;
C. Based on the segmented encrypted link and DH handshake protocol completed above, the client completes key negotiation with the intermediate node;
D. Similarly, based on the two-level encrypted tunnel established above, the client sends a CREATE message to the intermediate node to complete the establishment of the encrypted link between the intermediate node and the exit node;
E. Finally, the client completes the key negotiation between the client and the egress node based on the above three-level segmented encrypted link, and then completes the establishment of the entire onion tunnel link;
3) Message structure and transmission
Before the message is sent from the client, it will use the shared key negotiated with the exit node, intermediate node, and entrance node to encrypt from the inside out. The innermost message is encrypted using the shared key of the exit node, then the intermediate node, and finally the entrance node.
A. After the above message is sent from the client, the entrance node will judge the validity of the message based on the shared key negotiated and remove the outer encryption, and then send it to the intermediate node;
B. After receiving the message from the entrance node, the intermediate node will judge the validity of this message based on the shared key negotiated with the client and remove the encryption of this layer, and then send it to the exit node;
C. The exit node uses the shared key negotiated with the client and repeats the above steps. Eventually send the client's message to the real destination address.
2. Optimization for the above program
In the description of the above scheme, we can easily see that there are two obvious flaws, that is, the startup node is too centralized, which can easily lead to a single point of failure or suffer from a network hijacking attack. At the same time, because the data exchange is based on link exchange, when the network congestion is severe, it is easy to cause network service delay. Due to the single structure of the message, it also restricts the data in the link transmission process to a certain extent, and optimizes the transmission performance. Below we will give specific optimization ideas based on the above two points:
1) No central server
The aforementioned encrypted network node knows the existence of all relay and entry / exit nodes by connecting to the directory server. The optimized project node will know the existence of other nodes through the local network database (tentatively called NetDB). NetDB learns the existence of more nodes when connecting other nodes through the DHT algorithm. It is a distributed network database. It mainly provides router contact information and target contact information. Each piece of data is signed by the appropriate party and verified by anyone who uses or stores it.
2) Optimization of data exchange mode
The first point to note is that in the optimized encrypted network, there are two different links for the communication link of the two parties, that is, the entrance link and the exit link are different;
In the optimized encrypted network, the connection is broken up into data packets by the message mechanism (Message), after being cross-transmitted through different TCP or UDP tunnels, the receiver reassembles into a data stream, that is, the optimized encrypted network is based on Packet switching, packet switching can drive some implicit load balancing and help avoid congestion and service interruption.
Undoubtedly, open data sharing is the source of power for the development of data-related industries, but the existing data storage methods and network protocols have many shortcomings. Solving such problems has become a very important step on the road to the next generation of the Internet world. DSP Labs has always kept thinking and exploring the next generation Internet infrastructure. I believe that in the near future, DSP Labs can bring a new choice to the Internet world.
submitted by pchain_org to Pchain_Org_Official [link] [comments]
1. TPS Origin of BlockchainTPS (Transaction Per Second) is not a new word, it is usually used in database to refer to the number of database transactions performed per second. It can be calculated by dividing the number of transactions processed per unit time by the length of time. There are already many ways to improve TPS in traditional database, and the transaction types include insert, delete, query and update. However, in the world of blockchain, all of transactions saved in blocks are hard to be tampered. Thus, what we can do for blockchain transactions only refers to insert and query.
In some ways, blockchain is a new type of distributed database system. The impossible triangle problem about decentralization (number of nodes), efficiency (TPS) and security in distributed systems, is the core issue in the design of blockchain system. Therefore, it makes no sense to simply talk about the TPS of the blockchain without considering decentralization and security. Some projects claim that they have solved the impossible triangle problem, it is just market propaganda in some ways. You don't have to take it seriously. A theorem is called a theorem because it couldn’t be broken so easily.
In traditional database, transactions are stored in various tables, and the number of rows in a table is usually unlimited. As long as there are better approaches to access data such as index and memory data writing, TPS could be well promoted. In the blockchain system, transactions are packaged in block and one block is chained after another. Also, the validity of transactions depends on the consensus of most nodes in system. Thus the TPS of the blockchain is limited by the block size (the number of transactions that can be packed in one block) and the time of block generation. The time of block generation is the sum of the time required for generating a new block and the time required for the nodes to reach consensus.
Since the Bitcoin blockchain was born in 2009, it has been widely criticized that TPS is not high enough. In particular, the POW consensus mechanism is too slow. It takes 10 minutes to generate a block (in fact, a block in 10 minutes is not a limitation of the POW mechanism itself, but an ingenious design for generating a new bitcoin). However, due to the small number of users at that time, the requirements for large-scale TPS were not so urgent. In 2013, Ethereum proposed a blockchain-based smart contract, which opened up a new imagination for the large-scale industry application of the blockchain. Ethereum 1.0 is still based on the improved POW algorithm which generate a block in 15 seconds. TPS seems like high enough for a long time. Even some people hold the view that TPS is not important for blockchain.
2. Isn’t TPS the core issue in blockchain?All of this has changed with the industry application of blockchain technology. The proposal of Ethereum smart contract and the rise of consortium blockchains in 2015 opened the door for the industry application of blockchain. People attempt to apply blockchain to various industries, finance, supply chain, energy, medical, education, and e-commerce, etc. However, all of these industry applications have requirements for TPS, e.g., various financial services, booking train tickets online and e-commerce. Alibaba would announce a new system peak transaction number on Double 11 shopping carnival (Online promotion day of November 11th each year). It is TPS of their system. When we shopping online, no one can bear the phone without response for a while. The development of consortium blockchains and the application of the industry in 2016 have made many blockchain development teams realize the importance of TPS.
In addition to the TPS, the system response time (RT, Response Time) is also an important indicator that directly affects the user experience in blockchain applications. The TPS affects the system RT. When system is not overload, all transactions in the unit time of block generation can be packaged in one block and the system response time is equal to the time of block generation. However, when the system is overload, that is, all transactions in the unit time cannot be packaged in the same block, the system response time will increase exponentially with the number of new blocks that need to be generated.
The system confirmation time is another related indicator. In simple terms, it is the time to wait for the transaction to be confirmed. Taking online payment as an example, the system response time is the time required to initiate a deduction and the system confirmation time is the time required to complete deduction and the transaction confirmation. In the POW system, the transaction needs to wait for 6 blocks to get final confirmation. In order to enhance the user experience, some trading systems allow the confirmation of transactions in two blocks during small transactions, which is a tradeoff between the user experience and the finality of the transaction.
Although TPS has attracted the attention of practitioners in the application of the consortium blockchain, the impact is relatively limited, and has not caused a wide range of concerns. In 2017, ICO, a popular project, rose, usually attracted the attention of thousands of users around the world. In the same year, Status started a crowd sales, it raised a three-day jam in Ethereum. People can't stand the experience that the transaction is too late to confirm. The blockchain TPS bottleneck has once again become a hot spot in the industry.
In 2018, several public-chain projects were also launched. One of the important purposes was to enhance TPS and make large-scale blockchain applications possible. Blink of an eye, it’s the second half of 2018 now, EOS was born from the beginning of the nominal million-level TPS to the actual landing of 3000+TPS. TPS uselessness has once again risen. One of the arguments is that EOS's TPS is almost idle in normal time, and 10 is enough for usual use. When people can't find the application scenario, TPS is a pseudo-demand. Is it really the truth? In fact, on the contrary, blockchain application innovations are endless. Without a strong TPS support, any large-scale global application can only be a dream. The bottleneck of TPS limits the pace of innovation in blockchain applications. Just as we always need a higher performance computer, the pace of human social information and asset digitization can never be stopped.
3. Are we talking about the same TPS?Corresponding to the opinion of the TPS is useless, the statement of millions of TPS is endless. Fans of various projects often compare the TPS of this project with another project. Are we really talking about TPS as the same TPS?
First of all, once we mention TPS, we can not ignore the blockchain network structure and the nodes’ software and hardware configuration. TPS can only be compared under the same network and node hardware environment. There are some blockchian network factors we should consider:
How many nodes in the system? Dozens, hundreds, thousands or tens of thousands?In a word，the high TPS in a limited WAN is often hard to achieve in a global WAN. Because network delay often makes TPS greatly decreased or even nodes unable to reach consensus and stabilize blocks.
Second, where is the transaction set from for the test? Is it a manually generated data set or a real transaction set? What is the details of the transaction set? Such as the number of Tx(transactions), the complexity of Tx(asset transfer, smart contract calling, cross-chain, cross-sharding ), and the duration of time (a few minutes, hours, days, months or years?),etc.
Finally, what’s the statistical methods of TPS? In the same network with hardware, software and test environment, different statistical methods of TPS will lead to different test results. There are some different computational methods of TPS as below:
1) Normal window N: As the test progresses, continuously increases the window length N. Divide the number of all transactions processed by the current system by the current window length.If we set the same time window, we can continuously obtain a variety of different TPS, and we can further calculate the average TPS and peak TPS.
Take the above figure as an example. Suppose a point represents 100 transactions Tx.
1.Normal window（window length = 8）TPS value is
The average TPS is (62.5+56.25+66.67+75)/4 = 65.105, peak TPS is 75
The average TPS is (62.5+50+87.5+100)/4 = 75, peak TPS is 100
The average TPS is
(62.5+62.5+62.5+62.5+75+75+75+62.5+50+37.5+37.5+37.5+37.5+50+62.5+75+87.5+100+100+100+100+100+100+100+100)/25 = 72.5, peak TPS is 100
Obviously, different window types result in different average TPS and peak TPS
We can infer that different window length would get slightly different results.
4. Approach to improve TPSAt present, it is a common urgent affair to improve TPS for every public chain system. Everyone is actively developing various algorithms to improve the system's TPS. Common methods are divided into the following categories:
- Increase the block size. This is the easiest and most effective way. By increasing the block size, more Tx could be packed in the same block. Under the premise that the time of block generation is given, more Tx are packaged, which means higher TPS. For example, the BCH is a block size expansion of the BTC. However, increasing blocks size will increase the communication cost between nodes in each consensus process. Thus block size can’t be expanded indefinitely.
- Increase the frequency of block generation. When the number of packed Tx in a single block is given, increasing the frequency of block generation can obviously improve the TPS. For example, a block is generated from 10 minutes increased to 15 seconds. However, increasing the frequency of block generation too much often sacrifices the stability of the system, especially in the case of large WAN delays.
- Use higher performance computers (nodes) such as dedicated mining machines. Replace time-consuming software calculations with hardware and accelerate hardware to achieve faster processing speeds, such as various bitcoin mining machines.
- Side chain, under chain and status channel. The side chain is a concept relative to the main chain. The main chain is often referred to the blockchain system that needs to be further improved performance and it is also difficult to change in the short term, such as Bitcoin and Ethereum. The basic idea of side chain and under-chain is to create a relatively high-speed or relatively low-security side chain, and put the small amount but high-frequency transactions on the side chain for quick confirmation, and then return to main chain when it is really necessary to settle. The status channel is the invention of Lightning Network, which is an independent channel established between the two accounts to achieve fast transaction. Besides, the transitivity of the channel makes blockchain become a network with various channels, so as to achieve rapid inter-transfer between any two accounts.
-Sharding. Sharding is a typical "divide and conquer" computational approach. The basic idea is to dynamically separate nodes in a blockchain network into several different fragments. All Tx received in the unit time are allocated to different groups. The sharding technique can be specifically classified as token level sharding and smart contract level sharding. Most sharding techniques can only be achieved at the token level. For the sharding of smart contracts, there are no particularly good solutions due to the more complicated state sharding problems. Some projects have proposed state sharding solutions in restricted environments.
- Native multi-chain. Native multi-chain is a typical parallelization method. Different from the traditional bitcoin and Ethereum single-chain structure, the structure of the multi-chain system usually contains one main chain and several sub-chains, and multiple chains can generate blocks at the same time, which makes the block calculation parallelized and greatly improves the TPS. Although the idea of the native multi-chain is easy to understand, in the real development process, we need to dedicate to solve the interoperability of the main chain and the sub-chain. Otherwise, the main chain can easily become the bottleneck of the multi-chain system and thus affecting the scalability of the multi-chain system.
- New consensus algorithm. Convert from POW to POS. Typical POS algorithms include algorithms of the DPOS and BFT. For example, EOS is based on the DPOS algorithm. The new generation of blockchain 3.0 systems often use BFT algorithm and its successors, such as Algorand, Definity, COSMOS/Tendermint, PCHAIN, etc. The traditional PBFT algorithm has the problem of high communication complexity, usually N2, which is often only applicable to the consortium blockchains scenario. At present, each new BFT algorithm often achieves the purpose of reducing communication cost by introducing dynamic or random. Although there is no need to wait for six blocks to achieve finality like the traditional POW algorithm because PBFT has the characteristics of real-time consensus within a single block, there is still a problem with PBFT that internal nodes need four-time consensus. COSMOS/Tendermint innovatively reduced the internal 4 consensus of the PBFT algorithm to 2 consensuses. PCHAIN's PDBFT further reduced the internal 4 consensus to 1 consensus, which greatly reduced the communication cost between nodes.
5. ProspectThe development of blockchain technology will continue to increase along with the blockchain refactoring the entire process of human society. With the emergence of a faster and more stable blockchain 3.0 system, we will usher in a new blueprint for the blockchain value of the Internet and the global village.
|What is your views on 2.0? Will you be waiting to set up shop on there? Also, do you have confidence in the administration to run a safe market?||We are staying far from it. |
|As of now they have yet to deliver on some of the fundamental framework they (claimed) to be setting up.|
|They also rely heavily on the fact ehy were SR Admins - they are not Silk Road admins. They are the forum moderators, which have very little if nothing to do with the actual Silk Road backend.|
|They post a picture of the FBI SR bust is just a sign that they are immature and trying to "poke" LEO.|
|They have failed to address the fact that their staff should be highly scrutinized with the recent flips, but they do not seemed concerned.|
|Lastly they claim to be professional yet are trying to roll out a un-developed platform - the admin is actively changing the code as he releases new features as some do not work as intended.|
|This is SR2.0 - why no testing? Why so eager to roll it out undeveloped? Why stagger features claiming it to be to control traffic yet they are resorting to changing fundamental site coding.|
|We are staying far away from the major markets for the time being.|
|Also I don't know how you can say the developers are being unprofessional when your landing page directs users to connect to your site via onion.to tor proxy.||Our .com landing page has our direct .onion and .i2p as well as a .to proxy that is highly advised against.|
|I believe there was always a silent developer besides DPR on the old silk road team, while what I say is conjecture I think it's not fair to say "they are not Silk Road admins."||Apologies, we did mix up the two. The points remains that the admins were not admins of the site but rather moderators.|
|Well put.||Single developer that is slightly misguided. He wants to release 24/7 video streaming over .i2p and .onion and does not seem to know how to remain bandwidth efficient. This includes "situations that are not conspiracy theories" which seem to us like they may be broadcasting conspiracy theories as well. Aside from that they do seem promising although they do need a redesign on their site and subreddit.|
|How about /silkroadreloaded.|
|Please show where sr 2.0 said it was going to be 'a decentralized open source platform that ran on .onion and .2ip. They claimed they would release their source code open source.'||We mixed up 2.0 and reloaded to some extent, apologies. Original statement corrected.|
|If it's highly advised against then why do you supply it?||We don't supply it, it's a proxy extension. It will work with any .onion site.|
|We offer the link because simply visiting our site is not illegal, the backend does not log any data, and orders have the option of being placed through PGP encrypted email separate of the site.|
|Last question, what market in your opinion holds the most promise? Bad wolf?||Bad Wolf.|
|Link to bad wolf?||They are still developing their site(s) but they have a subreddit at /badwolfhosting|
|Did you had any legal issues envolving those transactions or were some members of your staff busted by the police? Are you affraid that someday that might be an issue?||We had no legal issues from the bust as we were on vacation (we cashed out our BTC bank to buy more grow equipment, increasing our yield) and received news of the SR bust 3 months into our vacation. Needless to say we were relieved.|
|None of our staff have ever had any legal issues related to this operation.|
|We are concerned about possible future issues involving staff, however the group we have is reliant on each other and has equal involvement. There are very few situations where one member of our staff would have to rely on releasing confidential information as we have moved completely away from domestic transport (non-blackmarket) sales.|
|How do you see the future of the drugs business, do you think this will become the go to method for selling and buying drugs?||The future is quite promising as long as people that use these services start practicing personal security. This is absolutely the best, safest, and the future go to way for drugs.|
|While you do trade off convenience for anonymity and less risk, you also usually end up with a better product as well.|
|Why is everything so damned expensive?||Our products or blackmarket items in general?|
|How do you vet your new staff? Ever turned down someone on a gut instinct?||We have two types of staff - the ones that physically know each other are as close as family (quite literally), and we have very no personal staff that we question beyond the normal capacity (we are blackmarket vendors, we all get overly paranoid sometimes).|
|As far as remote staff, we simply maintain anonymity and make sure that no information is given that could ID us. These are mostly just IT outsourcing for data entry or small scripts.|
|We have turned down several members that have either accepted a job or those that simple message us asking if we need staff. Most of these have been blatant LEO.|
|LEO.||Law Enforcement Officers|
|If you don't mind me asking, how much profit did you acquire?|
|Simply investing $5,600 in BTC when they were around $10 and selling at around $190 made us $110,000 - and this was entirely legal (although the actual amount received was much lower, to the amount of around 70%).|
|As of 6 months ago we had 1,270BTC total transaction over both sites. This equates to, at the current market rate of $320 per BTC, an amount of $406,400. However, we traded when they were multiple rates so the actual amount is closer to $200,000 in the last year.|
|DO you save your money to invest in your operation or do you save and spend on luxurious items?||We save for business ventures, although paying 4 staff makes it considerably less per person.|
|Why? How can you feel so safe when you promote yourself like this? (actual question, not rhetorical)||We do not expose ourselves in any way, and assume that in any possibility exists of data leaks then we assume that data compromised.|
|We use TOR and I2P over VPN. For some applications we use TOR over I2P over VPN.|
|We always use PGP encryption, and have native live encryption for all of our terminals.|
|Lastly cops are not our concern, intelligence agencies are. Despite the view on Law Enforcement we (in our own view) support our local law enforcement in our area (not suggesting all police departments are as fine and to the books as ours), so we don't have the "We Hate Cops" attitude - they are simply doing their job and are the lower level of enforcement.|
|When you say "TOR Over I2P over VPN" do you mean that you combine them or do you just prefer to use TOR and I2P on different situations. And thanks for doing this AMA.||In extreme situations we connect to a VPN, then connect to I2p, then configure TOR to run through I2P.|
|By making this thread and reddit account i assume you could still not be traced?||Of course not.|
|How do you justify using VPN after the NSA PowerPoint came out and revealed a few dozen of the top VPNs were already compromised, back in 2007 or so. Do you just ignore the threat of intelligence agencies and hope they wouldn't risk exposing "parallel investigations" to bust you?||We are not effected as we only use private VPN's.|
|Do you feel like what your business does is ethical? Do you thinnk law enforcers trying to catch you are in the wrong?||We do feel it is ethical. We don't supply anything other than cannabis, a drug that has been proven time and time again to not be the horrible substance as portrayed by 1930's culture. We take to a more modern culture in the belief (and supporting scientific evidence) that while cannabis does has negative side effects, it's positive side effect outnumber the bad effects significantly.|
|THC and CBN can not only shrink but help prevent some cancer growth.|
|CBD is a natural pain reliever. Just CBD does not get one "high".|
|The Law Enforcement are absolutely in the right. We do not expect even a LEO that may side with us to have that effect his job. We are doing something blatantly illegal in US jurisdiction ad we expect nothing less than them doing their job as required.|
|While we are not open about this business, we do support our local Police Department in events as they have a generally "by the books" reputation compared to some more corrupt areas.|
|What do you mean you "support our local Police Department in events?" Monetarily? If so, why? How does this benefit you?||Our local PD still has police events/charities/fundraisers.|
|Great food and upstanding charitable members of the community are not suspected of international trafficking.|
|By "Great food" do you mean Los Pollos Hermanos?||We believe that's reserved for DEA charities.|
|How do you export your 'goods' safely across the world without them being intercepted? private shipping companies? or do you only supply nationally and use private mailing companies such as fedex?||United States Postal Service & meticulously careful packaging.|
|USPS requires a warrant to search, and with the recent bankruptcy of USPS they are even lower staffed than ever.|
|With a mix of around $10 spent on packaging alone (not postage) we make sure no orders are detectable.|
|I am wanting to order from one of these types of sites, but I am worried about the receiving end, and the risks. What can you say to alleviate those concerns?||First, always research your vendor. All the security in the world doesn't matter if the end recipient is untrusted.|
|That being said, always use PGP. Never send messages without encryption.|
|If you are concerned with your home address being shipped to then we've never had issues with PO boxes, just make sure a signature is not required.|
|Never order to a fake name, vacant address, or large distributed mailing centers such as dorm rooms.|
|Why is it a bad idea to order to a fake name? After all, there's plausible deniability either way.||USPS keeps a constantly updated address database. If the name doesn't match the address you run the risk of a package being flagged.|
|Why do you ship bud? Is it for the money? Ethics or some other personal reason?||Money for sure. Locally we can sell cannabis for around $10 a gram, however we would much rather keep a streamlines anonymous exportation plan rather than deal on the "streets".|
|I'm guessing you're from a state that has legal medicinal bud at the very least, so why not go legit and sell to dispensaries and/or other legal persons? Sure, the money may not be as great, but you lose a lot of risk of LE busting you. On a side note, what kind of money do you make legally vs illegally? $1000 per pound more when you sell online? I'm curious.||We make around 25% to 40% more selling online. We feel that the risk is worth the benefits.|
|If drugs were legalized, would you see that as ultimately a good thing or a bad thing for your business?||Good. Cannabis sales don't seem to be hurt as much as harder drug trades.|
|How does shipping work? (Of course I don't expect you to reveal your secrets, maybe an example of how it could look like hypothetically)||Multiple layers of mylar and vacuum seal, opaque layers, and false items.|
|Was any of your packages ever discovered before reaching it's destination?||In our individual days we had a few intercepted, but this was before we were even selling online. We have since improved very much.|
|At that point, doesn't the government try to arrest you?||No, they don't have any information. No fingerprints, biological material, legit but false return address, anonymous tracking.|
|What's BMR?||Black Market Reloaded.|
|Can you talk about how common it is for your customers to encrypt their address when they message you? What proportion of your customers would PGP encrypt ordering instructions, and what percentage would send you their address in cleartext?||About 10% of customers encrypt their address. That's why we implemented automatic encryption on our order form.|
|Would it be likely that anyone who had a plaintext shipping address in a dealer's inbox when the cops imaged the SR server had their address compromised?||Absolutely. You'd be surprised how many based on our personal experience, there are a large amount of buyers that are probably quite nervous at the time.|
|How did you get into all of this (deep web?)?||One of our members was a technically oriented individual that was looking into Bitcoins as a means to invest in our grow operation. We were a couple hours away from going to CVS to drop off money for BTC when we stumbled across the alternate BTC uses - including Silk Road.|
|From there we bought an account next day, and started probing everything we could about the site trying to prove it was a scam or LEO.|
|When we couldn't, we started vending. The first week was one of the only times we came too prepared - we expected 4 pounds and got around a quarter pound ordered our first week, grams and 8ths.|
|The second week we met 2 pounds and had enough to establish our "lifetime goal".|
|Over the last 2 years we have seem over 1000 BTC in sales, markets rise and fall, over 2000 unique customers an over 3000 unique shipments, 1,293 PGP keys (although most are not longer valid for contact as they use tormail), and almost enough cannabis to fill up a deuce and a half.|
|What do vendors do when a package gets lost? Has this ever happened to you?||Refund. The return address isn't our address so no worries on us being busted.|
|We hd a few packages get lost before we were online vendors.|
|I guess by implication this means you write a return address on the package, presumably to avoid raising suspicions?? if so - what sort of address??||Every package should have a return address, not putting a return address is a very obvious flag.|
|Whose address do you use? Are you using a real person's address, someone not connected with your website? If so, don't you feel guilty that you might get them into trouble?||Always use a legitimate return address, never a fake one.|
|But is it yours (or someone connected with your business), or someone else's?||The return address is a valid address that checks out with USPS by comparison of the name and address. False return addresses can flag a package.|
|Okay, you're clearly using someone else's address, since you won't give me a straight answer. I don't agree with you doing that; if you did that to me and a package were opened, I would lose my professional licence.||You are asking a blackmarket vendor about specific address details and where they ship their items from, no reputable vendor would give you a detailed answer.|
|That being said, the return addressee is not liable as every single vendor uses a return address that is not theirs.|
|Do you expect us to use our personal business address?|
|I used to use a vendor in Holland until shipments failed to show. Are your customers protected against this and if so how? That experience put me off buying from nets- although I'm thinking about having another go. Do you ship to Europe?||We do ship to Europe, we offer tracking and if the tracking indicates a package does not arrive we send an automatic refund after 12 days or at request. We previously offered reshipments on BMR and SR, however we found that often it is simply a logistics problem that cannot be fixed by a reship.|
|Whats your grow set up like and are you planning any breeding projects so you could sell your own specific strains?||Eb And Flow with drip ring setup, (16) 10 gallon grow containers per 55 gallon reservoir. All natural nutrients used, chilled and decontaminated water (we have water table issues in our area), redundant water pumps and overflow prevention.|
|Each system (pumps, electricity, sensors) are redundant in at least 2 counts, meaning if one pump or sensor fails there is always a second to take over.|
|In the event of a power outage we have a manually started 10,000W generator for extended power failures.|
|We have 2 separate buildings for sativa and indica, with one having a large amount of floorspace and low overhead, and the other having massive overhead for tall plants. Feminized seeds means we don't have to worry as much about isolation.|
|We primarily run a sea of green with 40 - 60 plants at any given time (overall, not harvesting) and around 10-30 plants in their own cycles.|
|Thats an awesome sounding setup man, you quite obviously know very much what you are doing, do you plan to ever go 'legit' so to say?||We are Caregivers in our state, we just don't let our patients or the State onto our "extra" plants. All products are either grown by us or another state approved medical facility.|
|EDIT: Caregivers are not registered in any way. Caregivers are not state registered dispensaries/growers, they are not doctors - they are normal people who grow cannabis in a legal state.|
|We are legitimate Caregivers in our state.||Yes, to the already obvious cannabis friendly state. Beyond that caregivers are not registered - growers and dispensaries are but caregivers are not and can be nearly anyone, they just have to grow cannabis.|
|Doesn't that narrow down your location some?||We are not a business, state registered dispensary, or state registered grower.|
|Do they not question how you made X amount of money per year with no real/legal job listed?||We claim all money made and pay the appropriate taxes, although we do have cash reserves that we do not claim.|
|Do your parents know? :)||Of course not.|
|Do you keep your customers data? (shipping address, bitcoin address, etc, ) If so why and how do you keep it safe?||Temporarily yes. Our order form stores orders until we delete them or if no action is taken in 14 days. All stored data is encrypted via PGP, and upon package arrival all information is destroyed.|
|We do keep customers emails for future reference with repeat customers.|
|Would you ever do it again?||We never stopped, we just made our own vendor store.|
|How do you see yourselves as different from other established clearnet cannabis websites such as budmail.biz?||We ship both to the USA and internationally (budmail.biz does not ship to US, Sweden, or Norway) and use an encrypted form of hosting.|
|Why dont you see BMR as one of the top upcoming prospects..? backopy already proved loyalty by refunding all BTC when the site was taken down, due to a potential security flaw.||Don't get us wrong, the vendors can be A+ on BMR however the fact that backopy A) Used a VPS to reduce amount of work B) Chose a unreliable VPS and C) never address the amateur coding issue.|
|Since we got the root we have since distanced ourselves as we saw that it was relatively insecure coding from what the index page indicated.|
|What are some of the legal problems your customers face? Have you had any reports on these?||We've never had any reports of customers that have legal issues regarding our services.|
|How do you ship out 10lbs a week without alerting authorities? I understand if you can't go in depth here but any attempt at an answer would be appreciated :)||We have never shipped 10 pounds at once - everything is quarter pounds to pounds. We simply make sure we can drop it off anonymously (dropbox or blue bin).|
|How long does that free shipping take domestically?||Generally 3 days, however it can take up to 5 days.|
|What are your views on the sheep marketplace?||Out of the major markets (SR, BMR, SMP) it's the best looking and, from what we can tell, has the best coding. That being said it is still a unstable site and many, many people widely regard it to be a honeypot.|
|We've sold on there before (previous to SR bust, not under same alias), it's not all too bad but we feel that it's simply trying to compete with BMR (and then SR) with it's features.|
|I understand the honeypot concept but surely if vendors move BTC daily out of the site then all they've lost is the vendor fee. Why do you believe its called a honeypot? Most answers seem to be because its called sheep.||Honeypot means Law Enforcement Sting.|
|Yes i understand that, but if vendors and customers are safe then they have nothing to worry about. Im wondering why sheep is regarded as a honeypot. The only answer i have seen is because of the name 'sheep'. Why do you believe its a honeypot?||Out of curiosity could you link us the discussions where these assumptions were based off of the site name?|
|Heres a few on reddit - Link to www.reddit.com.||It seems most are simply speculation, and most arguments are literally because the sites name is sheep.|
|The reason for my questions are that I am considering heavy investment in becoming a vendor myself, so I am weighing up my options as to which is the most suitable marketplace. Thanks for your answers so far.||The downside to sheep is that it is a foreign hosted site (India) and support can be a bit touchy, but otherwise if you use PGP for orders you shouldn't run any risk.|
|Interesting how did you find its hosted from india?||Linguistics from Support.|
|Is it possible to insert packets of malware into Tor, as it is being downloaded?||It would be quite hard if the end user validates the download. Download spoofing would be a more likely malicious method.|
|Bad wolf.||We heavily expected a Dr. Who reference.|
|Just because you intercept a package doesn't mean you know where it came from.||A single intercept also does not warrant a warrant.|
|Yes, that was a ridiculously stupid thing to say. There is more than enough information in this thread to narrow down the identity.||Caregivers are not registered - growers and dispensaries are but caregivers are not and can be nearly anyone, they just have to grow cannabis.|
|The OP here may as well call the DEA hotline and leave his name.||We are not a business, state registered dispensary, or state registered grower.|
|What makes you think this is a single person, or at that that Modern Culture would not know about handwriting forensics prior to doing an AMA?|
|It takes much more than a paragraph, current analytical techniques use several thousands of words to build a rudimentary analysis.|
|My suggestion: say nothing, do nothing, don't infer anything, etc.|
|How do you not get caught in the Deep Web if the Govt. own a portion of Tor. Source - Times Mag.||Because the Govt. does not own a portion of TOR and TOR has yet to be shown as insecure.|
|The tor project gets government funding. In and of itself that should tell you something.||That should tell you that TOR was developed by the US Navy and nothing more. Government funding =/= owning portions of TOR. Most likely a private company owns the majority of TOR exit nodes. I2P is recently reguarded a safer because of the misconception that any of the pasts busts have been at fault of TOR, which is false. All vasts were social busts, where admins made mistakes in withholding their identity. I2P has just as many theoretical flaws as TOR does (actually quite a few more) but neither TOR nor I2P have ever shown to be insecure. I2P is no safer than TOR if you don't practice personal security. Both are secure and (currently) unbreakable as of this time.|
|I believe the future of darknet markets is in .I2p. It is much more secure than tor. This isn't my opinion. I am too uneducated to have one. This comes from those much more well versed in programming and net sec issues.|
|Cops.||Not a concern to us.|
|Would it be like He logs into Tor then from there logs into I2P OR would it be like Him saying that he would use I2P before he would use Tor. I'm so confused sorry.||Log into your VPN, then log onto OTR or I2P. In exteme situations you can tell I2P or TOR to use a certain port to forward it though it's counterpart (TOR through I2p or I2P through Tor)|
|I'm too stup-itt use TOR. Can I get some pot anyway?||We have a .com site that explains everything and provides links on how to download and use TOR and I2P.|
Novogratz remains bullish on bitcoin and claimed that “[it’s] almost essential for every investor to have at least 1% to 2% of their portfolio [in crypto]” in an interview with CNN money. Dan Morehead @dan_pantera Active CEO of Pantera Capital which currently holds over 50 bitcoin and blockchain related projects in their investment portfolio. where r t is the logarithmic daily return on bitcoin currency index for time t, P t is the closing price at time t, and P t−1 is the corresponding price in the period at time t − 1.. Preliminary test for the bitcoin prices and its return. Several statistical preliminary tests were conducted to examine the behaviour of bitcoin currency price index before investigating its volatility structure. We add social signals related to information search, word of mouth volume, emotional valence, and opinion polarization as expressed in tweets related to Bitcoin for more than 3 years. Yet if these are some of Bitcoin’s limitations, they are not the most fundamental. The true flaw of this and any other virtual currency is that it cannot deliver its users from the hazards and conflicts of the real human world. The emergence of Bitcoin confirms that money need not be created by government. Bitcoin’s value goes up and down based on demand. In other words, more people buying bitcoin makes the value go up, and the opposite is also true. Bitcoin was only worth a few dollars when it went public in 2009. As of 2020, one bitcoin is worth about $10,000.
[index]          
Learn English English Vocab Vocabulary Words English Vocabulary Words Related to Coronavirus English Vocab Related to Corona Virus wifistudy is a par... Bitcoin HUMONGOUS Weekly Signal (Critical Update + Click-bait) February 2020 Price Prediction & News - Duration: 45:32. Krown's Crypto Cave 11,828 views These are 5 Popular Logic Riddles which will test your brain. Write in the comments how many and which ones of the riddles and puzzles you were able to solve... Richard Branson provides advice for aspiring entrepreneurs. New videos DAILY: https://bigth.ink Join Big Think Edge for exclusive video lessons from top thin... Instructions on how to understand what you read in English. We call this Reading Comprehension.