For everyone's safety...

[Carlos_E]

For everyone's safety. Search your old threads. I have gone through and found several posts with personal email addresses. I'm deleting them as I find them. It's against board rules anyway.

Also, go through the member picture section and if you have a face shot in there posted with your cycle I'd remove it.

[goodcents]

Yeah I never understood a face shot with the cycle right next to it. I guess we were just to lask

[305GUY]

also i recommend using securenym if your going to purchase anything illegal. Its not free but very safe. i think its a wrap with hushmail and cyber.

[lightwaytbaby]

also i recommend using securenym if your going to purchase anything illegal. Its not free but very safe. i think its a wrap with hushmail and cyber.

nothing is safe, the feds have all those emails, all they need is a warrent, and they have to turn them in, whatever is not deleted...

[305GUY]

nothing is safe, the feds have all those emails, all they need is a warrent, and they have to turn them in, whatever is not deleted...

WRONG!
http://www.securenym.net/privacy.htm

[RuhlFreak55]

well before i do that where did this idea that hushmail is compromised come from?

[sonnygll]

Anything using encryption and connections made with SSL (Secure Socket Layer) are safe.

I do this sort of thing for a living by the way.

[Titleist]

Not to step on anyone's toes, but no secure e-mail is safe. One of the sources busted used securenym. I think it may be safer than others, but definitely not completely secure.

BTW, good call Carlos.

[Carlos_E]

Not to step on anyone's toes, but no secure e-mail is safe. One of the sources busted used securenym. I think it may be safer than others, but definitely not completely secure.

BTW, good call Carlos.

There is a lot people can do. I'm just stating the obvious. Do not post your personal email addresses. I see hotmail, gmail and yahoo accounts posted.

[DSM4Life]

Yeah I never understood a face shot with the cycle right next to it. I guess we were just to lask

Carlos didnt say thing about phone numbers. How about it cupcake ?

[RuhlFreak55]

Anything using encryption and connections made with SSL (Secure Socket Layer) are safe.

I do this sort of thing for a living by the way.

we need to have this out.....are you right or is titliest.....

[akrosmegas]

they got some computers with the decrypted mail on them

[RuhlFreak55]

so where did the notion that hushmail was cooperating come from? it definately wasn't in any release i saw...

[thegodfather]

nevermind...

[bpm1]

i just deleted every pic i put on here, no more pics that could distinguish me from someone else, ever again. been thinkin bout that for a while now anyway, ive got tats that give me away if you know me, GL bros, im curious to see if we will see any repercussions here with people we know due to all this

[305GUY]

Not to step on anyone's toes, but no secure e-mail is safe. One of the sources busted used securenym.

True!

I think it may be safer than others, but definitely not completely secure.

thats my point. If everyone used securenym and if what they state in their privacy policy is in fact 100% correct. There is no way for them to get a warrant like lightwaytbaby mentioned, and turn anything in to the feds because according to them theres nothing they can turn in to them if they even wanted to.

heres what the website says:
__________________________________________________ ________
"Our privacy policy is VERY simple. We log nothing, other than simple server stats which allow us to know how much traffic we have. There are no user logs, access logs, and no message backups. When a user subscribes to our service, he is given a computer generated key which allows him to log in at any time and create his account. The subscriber is responsible for payment of charges if the key sent to him has been used.

It is our stated policy to provide NO information about any user. The reality is that we cannot, as we have no information to provide to any party, including those who may have a court order or other legal instrument.

In the unlikely event that our U.S. based gateway servers are seized, and the user is using PGP as we recommend, any messages on the servers would still be unreadable. We are NOT a trusted third party. We NEVER have a copy of anyone's private key. All messages residing on the server are fully encrypted with YOUR key, not ours and all connections to SecureNym are SSL.

We do NOT operate a free service. We do NOT harvest mail addresses from users. We do NOT sell mailing lists. We do NOT sell or allow any banner advertising. We do NOT tolerate spam in any form.

We DO provide a secure, anonymous mail service. "

[goodcents]

Carlos didnt say thing about phone numbers. How about it cupcake ?

Thinking of you

[goodcents]

That should put to rest any thought of me being gay

[goose]

they got some computers with the decrypted mail on them

So it it possible for them to break into hushmail?

[tempbrit]

Just a thought, several of the boards that I belong to are going private and imposing all kinds of rules that require longer membership times and higher post counts prior to certain questions being asked.

Does that not make sense in light of what is going on?

Also, it seems that there has been absolutely no discussion about ARR and if they are safe or not. I just think things should get locked down until things clear.

[305GUY]

Also, it seems that there has been absolutely no discussion about ARR and if they are safe or not. I just think things should get locked down until things clear.

Because apparently brian was right all along. No sources or even source/lab names are allowed on this board so no need to lock anything down.

[305GUY]

this board is for info purposes ONLY!

[Carlos_E]

No sources or even source/lab names are allowed on this board so no need to lock anything down.

We have said this for the longest and people bitched about it. Now they know why!

[305GUY]

We have said this for the longest and people bitched about it. Now they know why!

yeah yeah i admit i was one of the people bitching, but i dont mind eating my words.

props to Brian for keeping the BIGGEST AAS board on the net the SAFEST!

[Amorphic]

props to Brian for keeping the BIGGEST AAS board on the net the SAFEST!

i agree

[sonnygll]

we need to have this out.....are you right or is titliest.....

I am right. But both sides have to be encrypted. Or you can create an SSL tunnel to the person you want to communicate with using a Putty SSH session. You set it to forward a port to localhost. So say you set the tunnel for port 25. Then set the e-mail on both sides to listen and send on 127.0.0.1:25, then it will go through the SSL tunnel where nobody can intercept it. Then any ordering is done through https, which is just http through an SSL tunnel.

Or the source can just have the billing company send a billing confirmation through regular e-mail with no information about what you purchased or from whom. Then all you need is the standard https web page to order from.

If I was going to sell drugs over the internet. I would keep it private, have only clients I know, and set a up a server for them to use. I would just put a openBSD box on a DMZ, with only 1 oddball port listening for SSH. Then provide the clients with a strong user name and password. Then They would have a directory only they or root had rights too. There we could write notes to each other. That would be easy and secure. With high number port on a tight BSD box that isn't pingable and has no standard user accounts, it's a sure thing.

[number twelve]

yeah i erased my pics the other day, even tho i have never stuck myself with anything

[Amorphic]

yeah i erased my pics the other day, even tho i have never stuck myself with anything

yeah! another natural brother!

[ecto9]

Thank you Carlos, I changed my e-mail, deleted all pix, and I guess I should go thru all my threads/post also. I also went thru all inbox and sent messages, deleting questionable ones. I haven't stuck myself either yet but I just want to be safe. I put all plans this winter on hold till I feel it'll be O>K>.

[B.E.N.]

For everyone's safety. Search your old threads. I have gone through and found several posts with personal email addresses. I'm deleting them as I find them. It's against board rules anyway.

Also, go through the member picture section and if you have a face shot in there posted with your cycle I'd remove it.

Just curious...why are 'GUESTS' even allowed to view this website? Why not just go totally private unless you are a member? Sure there is a good reason...just curious.

[Swifto]

Using a proxy IP may be a wise idea too.

But....Thats for the VERY paranoid!

[RuhlFreak55]

I am right. But both sides have to be encrypted. Or you can create an SSL tunnel to the person you want to communicate with using a Putty SSH session. You set it to forward a port to localhost. So say you set the tunnel for port 25. Then set the e-mail on both sides to listen and send on 127.0.0.1:25, then it will go through the SSL tunnel where nobody can intercept it. Then any ordering is done through https, which is just http through an SSL tunnel.

Or the source can just have the billing company send a billing confirmation through regular e-mail with no information about what you purchased or from whom. Then all you need is the standard https web page to order from.

If I was going to sell drugs over the internet. I would keep it private, have only clients I know, and set a up a server for them to use. I would just put a openBSD box on a DMZ, with only 1 oddball port listening for SSH. Then provide the clients with a strong user name and password. Then They would have a directory only they or root had rights too. There we could write notes to each other. That would be easy and secure. With high number port on a tight BSD box that isn't pingable and has no standard user accounts, it's a sure thing.

so what the feds are citing as using hushmail information is that they either created emails and emailed the sources and got info that way or/and they were able to get onto the labs hushmail accounts upon arrest either because the people gave them the passwords when arrested or the passes were in clear view? that's what i would think....not that a company that prides itself on safe email would be compromised

[Psychotron]

Meh, I got personel web addresses posted but I am here for the lounge and diet sections, not an aas user myself.

[lightwaytbaby]

*****...lol jk!!!

[big L 17]

thanks for the heads up guys

[sonnygll]

so what the feds are citing as using hushmail information is that they either created emails and emailed the sources and got info that way or/and they were able to get onto the labs hushmail accounts upon arrest either because the people gave them the passwords when arrested or the passes were in clear view? that's what i would think....not that a company that prides itself on safe email would be compromised

It is because only one end was secure. They had an encrypted account, but that doesn't help if someone sends a plain text e-mail with incriminating evidence over the internet. Then all you need is a packet sniffer to intercept the e-mail. That's why it has to be encrypted or sent through a tunnel.

Another way to get more info, is if you get the e-mail address out of the packets. Then you can easily hack the account if they have a week password like most people do. You use a program that tries various passwords on the account in a brute force attack. So you have to have a very strong password. IE, "testosterone " is a bad password, but "T3$t057Er0n3" is good.

So if I set up a BSD server, lock it down, have pings dropped and only have port 12687 open listening for ssh. Have a dynamic IP and use a hostname that changes regularly from dyndns. Then set ssh to only allow certain users. And give people oddball names like @$$B0y!2. Nobody will know a username to try. Then I make passwords like D!@n460L! or something. And limit attempts to 3 before dropping the connection and logging the IP. Then you got no more worries.

[39+1]

It is because only one end was secure. They had an encrypted account, but that doesn't help if someone sends a plain text e-mail with incriminating evidence over the internet. Then all you need is a packet sniffer to intercept the e-mail. That's why it has to be encrypted or sent through a tunnel.

Another way to get more info, is if you get the e-mail address out of the packets. Then you can easily hack the account if they have a week password like most people do. You use a program that tries various passwords on the account in a brute force attack. So you have to have a very strong password. IE, "testosterone " is a bad password, but "T3$t057Er0n3" is good.

So if I set up a BSD server, lock it down, have pings dropped and only have port 12687 open listening for ssh. Have a dynamic IP and use a hostname that changes regularly from dyndns. Then set ssh to only allow certain users. And give people oddball names like @$$B0y!2. Nobody will know a username to try. Then I make passwords like D!@n460L! or something. And limit attempts to 3 before dropping the connection and logging the IP. Then you got no more worries.

Hello
im I supposed to take my emial address down from my my profile?
O forget it this hole computer thing is not secure no matter what.

[RuhlFreak55]

It is because only one end was secure. They had an encrypted account, but that doesn't help if someone sends a plain text e-mail with incriminating evidence over the internet. Then all you need is a packet sniffer to intercept the e-mail. That's why it has to be encrypted or sent through a tunnel.

Another way to get more info, is if you get the e-mail address out of the packets. Then you can easily hack the account if they have a week password like most people do. You use a program that tries various passwords on the account in a brute force attack. So you have to have a very strong password. IE, "testosterone " is a bad password, but "T3$t057Er0n3" is good.

So if I set up a BSD server, lock it down, have pings dropped and only have port 12687 open listening for ssh. Have a dynamic IP and use a hostname that changes regularly from dyndns. Then set ssh to only allow certain users. And give people oddball names like @$$B0y!2. Nobody will know a username to try. Then I make passwords like D!@n460L! or something. And limit attempts to 3 before dropping the connection and logging the IP. Then you got no more worries.

rofl.....no one would ever get mine it's like 100 characters

[Kennedy]

rofl.....no one would ever get mine it's like 100 characters

Yea mine is like 3 full sentances its great

[sonnygll]

That's the way to do it. If you have a password like that, nobody is cracking it. It would take til the end of time.