(22 September, 2022 - 08:31 AM)dr.respect Wrote: Show More (12 September, 2022 - 05:03 PM)laxy Wrote: Show More-1, you don't really need to use PGP to being with
the reason most people use PGP is to look cool and shove the fact that they have a PGP key down people's throat. If you really need to plug your PGP key, just add it to your signature like @
Ping does
(I am not discouraging the use of PGP, I am just simply pointing out it's utterly useless to use PGP for normal communication or small things as there are faster ways of verifying a person's identity that are just as efficient)
I totally agree with you! Indeed, is a good opsec to use PGP, but in the same time, doesn´t add too much weight to the security of the Cracked account. Let´s be honest, no one makes serious deals over DM´s and in case the forum is breached, the serious stuff (like registration email and logs of your IP ) will be there.
I see also a downside, making public your PGP and not shared privately, you just add another footprint to your identity (if you used the same PGP on other forums or somewhere else for instance, you link that profile with this one).
In other words, I think you should work in silence, not shouting all your details so you may look fancy and cool!
I hear you 100%, and thank you for sharing
If things are done correctly, your IP nor email should be able to be traced back to you, this is more tedious when using clearnet but in bulletproof OPSEC land that should always be the case
AFAIK serious deals aren't done over DM usually, but this gives paranoid schizoids like myself the availability to possibly hide those other means of communication from the public eye, and only provide them to trusted individuals through onsite DM via encrypted message (unrealistic, but again bulletproof OPSEC land). For the deals, order fulfillment, and business inquiries that are done over DM we would have the chance to protect them and the best part is... You don't have to!
Fully agree most conversations aren't worth of PGP, but I feel the ones that do deserve an easy option to do so
When deals are done offsite standard procedure would be to confirm via DM onsite, that holds enough weight for most people, but I think it is only strengthened if that DM were to be encrypted
I think the added footprint is a double edged sword. It does add the ability to prove account ownership between sites, which was kinda one of the main reasons I wanted it
I didn't think of how that can be used by LE and you bring up a very valid point. It can be used against you only if there is flaw in OPSEC but that extremely specific outcome of an extremely rare situation is only the fault of the user and I don't think it holds enough weight to not add a feature that would increase security in every other situation
At the end of the day, adding it would be very non invasive and those who don't use it, don't
I have personally seen cracked mentioned in darknet forums, and many are weary of clearnet greyhat forums like cracked due to the lack of security it provides, I think adding new security features to comfort the paranoids like myself could potentially ease some worries of those people and would potentially help grow the community!
In the community we are in, darknet forums are some of our biggest competitors. Many see clearnet forums as nothing more than skids due to the lack of care about OPSEC. These places sell some of the same exact shit we do! And almost every single one of those deals are done via onsite DM, using PGP encryption. I feel offisite communication is only favored due to convenience but truth is
Telegram is not safe, Discord is not safe, not even Proton mail. I only have presence on these platforms because well that's where buyers are! We as a very large community should be changing the precedent of how business is conducted instead of succumbing to convenience. A lot of people here may not even know what OPSEC is!
If adding PGP and informing the community of it's benefit keeps even 1 user out of legal trouble, I see that as a victory.
But hey, I'm just another paranoid schizo. Thanks to anyone who actually read this.