Cleaning up my OPSEC?

I've been using various darknet markets for a while now however I've occasionally been lazy with various aspects of my security and I'm now concerned about how to clean it up. I've done all of the following, some of which may be more of a problem than others:

Used facebook messages to discuss drugs, darknet markets and drug sales with friends.

Used Whatsapp messenger and text messages to discuss drugs, darknet markets and drug sales with friends.

Used Whatsapp messenger and Snapchat to send photographs of drugs to friends.

Bought BTC via Bank Transfer on Bitbargain and transferred it to a DNM wallet without tumbling (Not directly, it's always been transferred to a different wallet first).

Used online PGP encryption services to encrypt my address as opposed to a local client.

Made multiple purchases from the same DNM accounts.

Made multiple purchases from the same DNM accounts without changing wallet address.

Browsed darknet and drug related subreddits through a regular web browser as opposed to TOR.

Browsed DNMs and made purchases with an outdated version of TOR.

Hopefully some of you friendly people can give me some tips on how I can clean up my security from here, obviously I'll be ceasing all of the above activities immediately so any advice would be greatly appreciated. What I don't need is a bunch of smug assholes telling me I'm retarded when I already know I've been less than careful despite knowing the risks.

Although I've got no reason to believe I'm on any sort of radar so far as the quantities of product I've been ordering have been fairly low, I'm hoping to cover my ass for any future purchases.

Cheers guys!


Comments


[8 Points] ProperFive:

"You're practically already in jail"


[2 Points] cannabisity:

Kinda screwed yourself on the FB one but unless youre a big mover and just making small sales to friends there isn't much risk of getting caught unless a package get a intercepted and they start poking around.


[2 Points] galaxyandspace:

Here is the thing: you own 0% of any of the data listed above. Therefore, you can destroy 0% of the data listed above.

Any of the data held by the markets (excluding SR2 and Pandora) will be claimed to be permanently wiped. It's not entirely unreasonable to assume they may properly delete it all, as it incriminates them as well.

As far as clearnet sites and services, they keep that data for forever, as far as the public is concerned.

How to proceed: TAILS and drops are your new best friend. Create and tend to a few. I am warning that it is hard work, but worth it if you like your security...


[1 Points] samwhiskey:

Burn your house down. Move to Peru.


[1 Points] None:

Similar boat but ive never owned snapchat account and been off of CIAbook for a couple years now....going forward though i recommend the jolly roger opsec security guide its on the side bar...stay safe/high


[1 Points] cflatminor:

You're looking to erase any recorded pics/messages related to drug purchases - have you considered deleting your accounts?

Sure, tech companies will cooperate with LE when they get subpoenaed / search warrant, but they don't really get any brownie points for doing that. Their main concern is not getting sued by a user who finds out that they stored his information after he requested to delete his account, because of the bad publicity that comes these days with that sort of privacy-related lawsuit.

I'm not sure if deleting just your own accounts is enough, as your friends' accounts might still hold logs of the chat in their database, but since this can very well be considered "your data" there's a good chance it will be purged completely 1-2 months after you ask for deletion. At the very least it should bring you some peace of mind.

Don't forget to remove any photos of drugs from old phones/laptops/backup and never upload incriminating JPGs without first cleaning up their EXIF metadata.