It seems like most, if not all, vendors get caught due to IRL opsec errors (finger prints, using same PO every day, tattoos, license plates, ect). I find it hard to believe that all these vendors know what they are doing 100% to stay secure. I'm assuming a lot of them are just using TAILS. Is this a safe assumption? I saw AK mention to people that were trying to be his reseller that they can use TAILS and they will be fine. Is this true?
I'm confused because I've read in other places that Tor is no longer safe and secure and that the NSA has "cracked the code" or whatever and can no de-anonymize people on the Tor network. If that is true and what AK said is true then it must be a real costly (time and money) for the NSA to do that and they only do that for high profile people?
So is TAILS safe to use for vending? If it's not safe for vending why would people trust it for purchasing? Assuming you get a CD your ISP will have Tor in the history which is just as bad as having Tor on your PC.
Sorry if this is the wrong place to ask this...
De-anonymizing Tor users is not trivial, even for the NSA. TAILS is certainly the best solution for most vendors, as it offers very decent privacy without the need to dive too deep into computer science territory. I have heard about custom setups though (often BSD based), but that seems to be worthwhile only for high-profile vendors and marketplace admins.
As you pointed out, most people get busted for RL stupidity, so TAILS is unlikely to be the weak link in most cases.