Effective OPSEC Technique

I have been a long term DNM user, since the SR days. I wanted to share my OPSEC techniques with those who are interested. These techniques focus on Tor usage, password security, bitcoin security and physical security. This advice is aimed at buyers but can also be applied to vendors.

Physical Security

This is the first area you should think of before even touching Tor. Which device am I going to use Tor on?

My Advice: Buy a class 10 micro SD card (8GB is more than enough) with an adapter and install Tails. For even better security tape a piece of string long enough for you to use the keyboard to the adapter with a slipknot at the end, attach this to your wrist and if your door comes off the hinges or your laptop gets yoinked (a la Ross) your operating system and all Tor usage data will stay attached to your wrist and encrypted. If possible use a wired connection on a private network. You should never leave your computer unattended while using Tor.

Reasoning: Tails on a micro SD card is the smallest gateway to the Tor network possible and offers the most flexibility. You can keep all of your Tor usage to the micro SD and switch between your laptop and your desktop without to many risks. I advise using a private PC with a wired connection if possible and never use public wifi. The reasoning for the wrist band is obvious, if SHTF you can just recoil in fear and your whole Tails installation should come with you. If you know in advance you are getting a visit a micro SD can easily be swallowed or bummed.

Do not discuss Tor with anyone. If you are asked where you get your drugs say some guy you know from out of town, if you're asked if you've heard of Tor or the Silk Road say "yeah that was all over the news a few years ago, whatever happened with that?". Generally don't show interest, just operate as usual and you can enjoy the best drugs in the world for eternity.

Password Security

This is where things get slightly complicated but please bear with me, I have been honing this technique for several years now and I belief it to be the most resistant to hacking. I have devised a method whereby you only need to remember a sequence of 9 digits for effective password security. (Remember that all of the things I present below are hypothetical, I'm not dumb enough to give out my PII)

Step 1. Choose 6 or 7 individual passwords. Make them memorable but make them individual and then obscure them by replacing letters for numbers (e = 3, a = 4, 7 = t). Here are my 6 examples passwords.

First Car (Subaru) = Su84ru Mother's Name (Doris) = D0r15 Father's Name(Cuthbert) = Cu7h83r7 Place I was Born (Baghdad) = 84ghd4d First Child's Name (Winston) = W1n570n Favourite Drug (Cannabis) = M4r1ju4n4 *I do not advise using identifiable information, this is all for example.

Step 2. Assign your sequences. "What the fuck do you mean by sequences?!" I hear you say. Remember I mention you need to remember 9 digits for password security, here is how. Take the first digit of each password from step 1 and now create 3 passwords in a manner like this:

Encryption Password (first login to Tails/OS) Sequence = SDC - Password = Sub84ru#D0r15#Cu7h83r7!

KeePass/Password Database Password Sequence = C8W - Password = Cu7h83r7#84ghd4d#W1n570n!

PGP Encryption Password Sequence - DMS - Password = D0r15#M4r1ju4n4#Su84ru!

SDC C8W DMS

Tails comes preinstalled with KeePass, USE IT. The less passwords you know the better, generate the strongest passwords the DNMs will allow you to use and make sure that you include the correct URL in your database entry so you know you are always going to the right market.

Bitcoin Security

Bitcoin security is very important and obscuring your path is a valuable skill. If you plan on making a big DNM purchase then the most secure method is to purchase the BTC over a period of time or spread it over a few different exchange accounts by recruiting trusted friends to sign up and purchase BTC with your money. I try to keep BTC purchases from my bank below $500 each month.

Once you have purchased the BTC you have 2 options.

  1. Most secure but biggest fees. Transfer your BTC to your chosen DNM through a trusted bitcoin tumbler. These services swap your BTC for other BTC essentially destroying the trail possible from the blockchain. Expect to pay 2.5% fees to the tumbler.

  2. Least secure but smallest fees. Transfer your BTC to the wallet preinstalled on Tails and then to the DNM. This is less secure than tumbling but unless you are purchasing thousands of $ per month you shouldn't raise suspicion. I advise against transferring BTC directly from exchanges to your DNM accounts. This simplifies LEs job massively, don't make it easy for them!

If you plan on saving BTC there really is no more secure way than using a paper wallet. You can purchase tamper-proof seals and print very nice templates. With a strong password applied it doesn't really matter if someone gets the wallet. Always print off a duplicate for backup purposes and keep this away from the original; put it in a time capsule and bury it, ask your nan/parents to file it or put it in a bank lock-box.

When creating and printing paper wallets always ensure your PC is disconnected from the internet in every way to ensure keyloggers cannot record your desired password.

Tor Usage

Keep it private and to a minimum. Always ensure you are in a safe place before connecting and always operate alone. Always use trusted vendors and always order domestic. If you use Tor for DNM activity then do not use it for other browsing (even nefarious). Purchase a VPN with BTC and do your other activities through that.

*I do not condone any "nefarious" activities.

Conclusion

If you follow all of the above instructions and generally don't appear suspicious keeping your criminal activity to a minimum then I can guarantee you'll be as safe as I feel. I've been operating like this since 2011, I've been scammed multiple times with market and vendor exit scams but I do not believe I've ever made an operational security mistake.

Most of all be safe, the darknet markets are a gift from the Gods. We have all been given the freedom and ability to explore our minds and experience new chemicals safely with assurances about purity, don't be the twat that fucks it up for everyone!


Comments


[12 Points] EvolutionaryReject:

"recruiting trusted friends to sign up and purchase BTC with your money."

BAD idea- even the most trusted friends can/ will flip to protect their own freedom.


[8 Points] None:

[deleted]


[7 Points] Vendor_BBMC:

Why would you say you bought the drugs of somebody in real life>

Say you got them from alphabay in the post. You will be asked to help arrest a real life drug-dealer, but the cops know that you don't meet a darknet vendor.


[2 Points] Kazaa99:

Why run you OS on a SD card and hide it 24/7 if your just buying some stuff for own usage? Use a virtual PC f.ex and use an encrypted virtual drive. Then you can run it from the harddrive, a SD card or USB stick, which you could just fill with porn movies, and call your virtual hdd some_porn_name_1080p and end it with .avi (File will appear broken when double clicked, but who would consider checking it for being a virtual disk image when windows only reads the .avi for determining file type as a video).

Or set up a remote desktop on a VPS, which you connect to and do all your TOR connections and browsing on. Make sure drive is encrypted of course, so the hosting company cant just log on and monitor what is going on. You could then run all your DNM stuff on your computer through remote desktop, with everything lying somewhere safe in cyberspace, paid with bitcoin and you given an address in the South Pole or just somewhere you are not living close to. Connecting through a proxy would probably be a good idea, or why not just TOR also if you can stand the slower connection. Try finding any incriminating data then..

No swallowing SD cards or burning your computer in panic. You just need to log on to your remote desktop at the IP you have been assigned (or several IP's are also possible to buy), and then make sure to close it whenever your done. (the connection, not necessary the programs or system. They can just run fine on their own without you being logged on).

NB.: This is not a set up I use myself, as I don't really buy that much on the DNMs, but would be my best choice to keep my home computer clean at a low cost with easy to find guides on google.


[2 Points] BlackGoatSemen:

Nice shit man! You should repost in /r/DarknetMarketsNoobs if you haven't already.


[2 Points] nahko_vendor:

Nice article.

I would add that you can get a little more creative with the special characters in passwords. e=3 is common. So is 5=s or $=s.

Also, using special character patterns inbetween words works well, too.

I won't tell you what I do, but get creative.


[2 Points] sapiophile:

There's some good and some bad, here.

For one thing, your password advice is terrible. Those "super-secure" passwords you're generating are medium-security at best by modern standards. People would be much, much better just using KeePassX as intended and generating completely random passphrases, and only memorizing a single passphrase (or a couple) that are 40+ characters, and they don't even need to have "1337 number substitutions" (which do basically nothing for cracking resistance, these days). Just make it very long, and make sure it's not a phrase that has ever existed before (in print, online, in a song, etc.). Ideally not a structured phrase of any kind. Throw a couple of symbols/capitalizations/numbers in there wherever and maybe misspell a couple of words and then you're really cookin'.

For another, there are two ommissions in your post that will literally do more for anyone's OPSEC than everything else you mention combined (except using Tails in the first place, of course) - keep your software up-to-date and set Tor Browser's Security Slider at "High." That's it. Those two things will prevent ten times as many arrests as basically everything else you've written, here.

But I appreciate the effort, and hey, if it gets more people to boot Tails at all, then good on ya.

One final note: Class 10 MicroSDs are not actually that fast by today's standards. "Beyond" Class 10 they've moved into the UHS grades (UHS 1, UHS 2, etc.).

edit: If you're looking for an actually secure password scheme similar to OP's, I'd suggest looking into DiceWare.


[1 Points] lordredvampire:

I never got scammed.. at least that's something :p.


[1 Points] idontbuydrugs:

Correct me if I'm wrong, but isn't using TAILS on your home network still going to show up as a Tor connection to your ISP?

Also, why do you suggest using a VPN for your other browsing if you use Tor for DNMs? Using either one would suggest that you're trying to hide something, I would think having your browsing encrypted is better than having to trust a third party to not save your browsing history. If you're really concerned about linking your DNM browsing and other browsing then just get a new Tor identity. Isn't it better to have a valid legal reason to be using Tor so you have an excuse if they find Tor usage in your records?

Speaking of which, what are some good legal reasons for using Tor?


[1 Points] y_s_l_:

The issue with all of these OPSEC posts is that even if you have bulletproof online OPSEC, the vast majority of people fall because of IRL fuck-ups.


[0 Points] therealpizzaguy:

Very nice/useful info OP.


[0 Points] None:

SD cards click and lock so uh attaching a string to it would do nothing. Making stupid shit up lol


[-1 Points] CynicalElephant:

Damn dude, that physical security idea is awesome. This is some good shit.


[-2 Points] s7iu:

All good information, but it would be easier and more cost-effective to just take the battery out of your laptop and pull the power cord out if SHTF. Also, why do you need TEN micro SD cards??