This article inspired me to write this. Basically, they sold from 12-13, but weren't arrested til last year. Also the fact LE potentially looked at EVERY PM ON AB AND IS GOING THROUGH THEM AS WE SPEAK.
Now, Im not trying to scare you, but you should be scared if you had any vulnerabilities here. I just want you all to take a good look back and think about any slip ups. This is all built on the assumption that all seized marketplaces are being analyzed on a daily basis. (I forget if Evo or Sheep were seized or just exit scammed.)
The DEA is still filing through all messages and transactions on SR1 as we all know. Im just going to list a few things to be worried about. Please feel free to comment with corrections, Im sure I am off on a number of things.
Unencrypted tracking. This combined with mail covers can easily provide a database of potentially ALL sent packs, and if it was scanned at a PO there could be video footage of the sender.
Cashout methods. The countercrime blockchain analysis technology is far more advanced than in 2012 when everyone thought a simple tumble is all thats needed. Even if you properly washed coins then used an exchange with your real identity, they would see that you have done a lot of business with Bitcoin, if you're already a suspect.
Id assume a handful of vendors had already had their prints and DNA in the system from a prior conviction. I doubt this matters if you dont vend anymore, if they were investigating you and found fingerprints youd probably have known by now, but then again, they could have saved every pack.
EXIF data. GPS locations are on 229(?) Agora vendors photos. I assume even more were on SR. Correlating this with tracking, prints, BTC bank history sounds like good reason to start an investigation.
More correlating things, self kiosks, bank statements paying for supplies/online order history
Correlating checking old tracking to IP addresses.
The fact 16 gov agencies now have access to all of NSAs data, legally, with no parallel construction necessary.
Biometrics, facial recognition, and all that stuff generally blown out of proportion by meth heads.
Everything you type under your vendor name, on any forum or sub. Your bio, past messages, and everything you post on reddit can and will be analyzed to find patterns in your grammar and word choice. Nothing holds a candle to drug illegality when it comes to making the government money people, each vendor arrested will most likely have at least 6 figures. That's enough to give them the budget they need to make all of this happen.
Now what to do with all this information? You cant time travel. Well for starters, know the consequences. All first offender federal trafficking charges have a 5-10 year minimum (depending on the drug). Also, there is a 5 year statute of limitations. This doesn't mean you can just camp out in Russia though, you have to be in good standing living in USA.
I get the impression SR gave a lot of people a feeling of invincibility. Some thought PGP and Tor were all you needed, BTC was fully anonymous, and I dont need to explain what we all learned over the last few years. So are all vendors ticking time bombs? Potentially. Do I know what you can do to protect yourself? Absolutely not, but I encourage everyone reading this to chime in with ideas. Honestly, I think the only way to be positive would be to walk into Mexico and fly to a non-extraditing country.
Here's a part 2 for new/future vendors:
If you cant encrypt tracking, use privnote sms4tor or temp.pm
Never have your name associated with any bitcoin or exchange. Every vendor has their own secret cashout method, get creative. (hint: you can use fullz without fucking someones credit)
Use gloves, switch up packaging, residential return addresses, make packs look as good as amazon orders, never cut corners. Assume EVERY pack is going to LE.
Scrub exif
If you need to buy supplies online dont use your personal info
Never check tracking unless its absolutely necessary.
If you need to communicate on your phone use encrypted messaging apps.
Wigs and thick glasses may be a little over the top but they wont hurt.
Dont have the same vendor name you did on past markets if you had a lot of sales, especially Schedule I vendors. Tons of good feedback is now a double edged sword.
If you need to ask the community a question make a throwaway, it could show a vulnerability. Vendors asking questions looks unprofessional anyways.
Dont talk about business over reddit PMs. That can be subpoenaed.