a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by ecib
ecib  ·  4122 days ago  ·  link  ·    ·  parent  ·  post: Silk Road shut down, servers seized

To the surprise of absolutely nobody.

I have to wonder about the human resources needed to secure a community like this. After a while, it must get just too large, and where an above-ground org can hire from a massive technical labor pool, a community like this would (for obvious reasons) only have access to a much smaller pool of labor. Possibly relying on volunteers or employees that are picked more for their ability to navigate and work securely than for their skillset. The end result could be failures to choose/implement best practices/technologies/solutions/code at any of a million critical points that can give an adversary a way in.

Like, I wonder if it's even theoretically possible to secure a network that illegal and that big in light of what we now about our security organs? I don't see how. I could see individuals staying private maybe, but not entire communities of them. A chain is only as strong as its weakest link.





thundara  ·  4122 days ago  ·  link  ·  

When says you have to secure a single node? In silk road's wake, there are dummy sites popping up all over. But at the end of the day, it's just a communication problem, putting sellers with buyers over a secure channel.

You don't need one millionaire and one website to do that. Just a distributed and secure communication network in which it's not worth the effort to track down each and every person involved.

ecib  ·  4122 days ago  ·  link  ·  

    a distributed and secure communication network in which it's not worth the effort to track down each and every person involved.

If there is one takeaway for me from the latest round of revelations, it's just how much effort they are willing to expend.

You're right about it being a communications problem. The possible solution of the child-sites popping up all needing to link buyers and sellers securely just sounds to me like you'd have the same issues with competency as one node, multiplied a few times. Encryption isn't easy for most users, and any sort of managed interface or network to make it easier is a huge point of failure potentially.

Maybe encryption knowledge at a base level just isn't where it needs (for the population in general) to be for a distributed marketplace like that to work anytime soon.

thundara  ·  4117 days ago  ·  link  ·  
ecib  ·  4115 days ago  ·  link  ·  

That you did :)