New Market.. EXXTACY

Located at: http://j3gwwsnswrg7dtf4.onion

Exxtacy is a successful group of webmasters, business folks and security specialists who have got together to provide the community with a secure solution to all of the drama. Our desire is to provide a secure, sexy, anonymous market, capable of providing you with all of your needs.

Anonymity requires an extreme amount of trust on your part. Our intent and function is to earn that trust.

Exxtacy provides three main services:

Products Market Banking Escrow Services

Features include:

Hardened Password Policies Session Limiting Private Messaging Ecrypted Database (Email, profile, communications) Offline (cold) Accounting Vendor Vacation Mode Hardware Token Two Factor Authorization Advanced Vendor & Product Commenting/Rating Systems Automatic Safe PNG optimization (wipes all metadata from your PNGs) Forums Vendor Vetting Buyer Protection

We have and always will have a very low fee schedule.

Banking - Deposits(3%) Withdrawals (Free) Product Sales - Vendor Cost (3%) Escrow Services - Services not associated with purchasing in Exxtacy (3%) Vendor Registration - B 0.1

Exxtacy encourages GPG comunication, though we protect your communications in many ways. First we offer an internal solution. You may Private Message any member. You should still use GPG to encrypt your message BUT even if you do not, the system will check for a secured message. Any unencrypted message will self destruct after a short time, to ensure that it does not remain in the system long (24 hours), while encrypted messaged can remain up to a week.

All unneeded documentation such as old bank transactions, completed purchase orders and communications, expire and self delete periodically. For one this keeps the system small and fast but also in the event of physical confiscation of the system, there is very little data in the database itself.

Your actual email is very important for you. In the event of system destruction or confiscation, we will need to get in contact with you so to refund any account balance which you have. Your email however IS NOT important to others and really is not their business. Therefore your email is encrypted in the database and for noone to view except for an Admin.

To use Exxtacy, you are required to have two factor security. Using an OTP password generator either on your smart phone or computer and your personal password. you can successfully log into your account. You also have only 24 hours to register a valid GPG key or your account will be blocked, forcing you to either contact us directly or use another email address.

There is much much more to Exxtacy which you can learn by looking into our forums and keeping in touch.

Good Luck


Comments


[12 Points] the_avid:

you're running a DNM using Drupal on a Windows server, and you are loading fonts from a clearnet site (google, of all places)

are you intentionally fucking with me to make me believe you are actually doing that or are you really that stupid?

edit or is this a honeypot? please tell me its a joke or honeypot.

edit no. fucking. way. this really is a windows IIS 5.0 server, running Drupal 7.0 with a bunch of modules installed, loading resources from clearnet urls, being launched as a 'DNM'. i've seen it all now.

edit and just to make it clear for anyone to whom it isn't obvious, sanitarium_market and EXXTASY have the same admin, that is him here in the comments talking to himself using different accounts.


[7 Points] None:

[deleted]


[3 Points] None:

[deleted]


[2 Points] soapyone:

Lose the stupid password requirements. They do not make your site more secure. "Password must not match last 100 passwords." - lol what


[2 Points] pinkprincess1:

Is this a joke?


[2 Points] 13tom13:

noones giving you their email, jog on!


[1 Points] weirdfishh:

cunts


[1 Points] None:

[deleted]


[1 Points] darknetsolutions:

Password Requirements

Password must contain at least 2 lowercase characters.
Password must contain at least 2 digits.
Password must not contain the username.
Password must contain at least 2 uppercase characters.
Password must not match last 100 passwords.
Password may only be changed in 2 hours from the last change.
Password must be at least 12 characters in length.
Password must contain at least 2 letters.
Password must have a minimum of 2 digits in order to place any digits at the start or end of the password.

You have no clue what you are doing.


[1 Points] Sanitarium-Market:

We logged in to this guy and did not see these magic security issues that you guys mention. We were not forced to use a Real email address. System did not care what email we used at all. We did see that they "recommend" that we use a valid address but that was only for the bank features, not the buying features.

So they have a password policy.... whats the big deal. We also noticed that the forced us to use 12 characters or less. Don't see an issue with that.

We do not see where they are loading anything from external sources???? Google?? Where do you see that??

So what if they are running Drupal or anything else. Is there some darknet requirement to run an unproven platform hired over a freelancer website, designed by some guy in India or something? If they have it locked down, who cares what they are running.

Mr Avid might be a smart guy, but we do not see what he has revealed that is sooooo legendary or even damaging, nor do we find and of the problems that you guys are talking about.

I say you DOX him if i is soo bad. Why threat when you can actually do it. If you guys actually have a real security issue, you should state exactly what it is and then demonstrate some further intelligence by providing proof.

You guys are tearing up this market and you haven't even said anything proven yet.

Are you sure it is not a honeypot? Are you sure they are running Winblows? If so then how. id you do some magic hacking and look at the HTTP headers like any other smart guy? Are you sure that you can even trust what you saw?

Our recommendation (take it or leave it) is perhaps to help build your community. It is obvious that the past markets are not lasting too long. When these guys open a new market, dox, hack em or what ever you claim to do and then move on.


[1 Points] Sanitarium-Market:

omg a generator tag.... really. we will all die now!! LE will get this guy for sure by tracking his generator tag. Good work by the guy that caught that one. We almost walked into a governement trap!!


[-1 Points] DarkNetYoda:

Regardless of your comments, the security requirements for Exxtacy will remain high. The Password requirements are not their for those whom know what they are doing. They are their for those whom do not. Since previous markets which have been hacked reveal that users are still using weak passwords which are dictionary crackable with brute force, regardless of historical consequences, this market will enforce password quality and policies. We apologize for any inconvenience. You will also be required to change your password every 30 days. These are the minimum security requirements for corporations, which are accepted practices, they can certainly serve you well too.