Do vendors use TAILS or do they use some other elaborate method to sell drugs online?

It seems like most, if not all, vendors get caught due to IRL opsec errors (finger prints, using same PO every day, tattoos, license plates, ect). I find it hard to believe that all these vendors know what they are doing 100% to stay secure. I'm assuming a lot of them are just using TAILS. Is this a safe assumption? I saw AK mention to people that were trying to be his reseller that they can use TAILS and they will be fine. Is this true?

I'm confused because I've read in other places that Tor is no longer safe and secure and that the NSA has "cracked the code" or whatever and can no de-anonymize people on the Tor network. If that is true and what AK said is true then it must be a real costly (time and money) for the NSA to do that and they only do that for high profile people?

So is TAILS safe to use for vending? If it's not safe for vending why would people trust it for purchasing? Assuming you get a CD your ISP will have Tor in the history which is just as bad as having Tor on your PC.

Sorry if this is the wrong place to ask this...


Comments


[8 Points] rilksoadvb5piz3r:

De-anonymizing Tor users is not trivial, even for the NSA. TAILS is certainly the best solution for most vendors, as it offers very decent privacy without the need to dive too deep into computer science territory. I have heard about custom setups though (often BSD based), but that seems to be worthwhile only for high-profile vendors and marketplace admins.

As you pointed out, most people get busted for RL stupidity, so TAILS is unlikely to be the weak link in most cases.


[4 Points] CognitiveDissident7:

How can tattoos be used to deanonymize people? Posting pictures with the tattoo visable?


[3 Points] sapiophile:

Beware of "elaborate" anything in this scene. People seem to have some silly impression that the more obscure and labor-intensive their setup is, the more secure and/or anonymous they are. This is almost never the case.

It is extremely hard to do any better than simply using up-to-date Tails and keeping the Security Slider in Tor Browser at "High." If you start to deviate from that, you're almost always either fucking up your anonymity, or making yourself more vulnerable to fingerprinting.

Systems with an Isolating Tor Proxy like Whonix or Qubes-Whonix can have some additional advantages, but again, there's not much reason to try and modify or "out-smart" those very, very well-designed systems, and doing so is almost always going to be counter-productive.

At the very top end, you might get into pirating wifi from long distances, perhaps even using a tool like ProxyGambit or just a high-powered Alfa card with a high-gain antenna.

Doing literally anything other than these fairly basic things is debatably effective at best.

Think you're helping things by using some sick custom-tweaked out Chromium browser with Tor? In reality, your "sick" custom setup is leaking your real IP address. Think it's a good idea to uncheck a bunch of stuff in about:config, or install "privacy-helping" Add-Ons into Tor Browser? All you're doing is making your browser completely trackable across every site you visit due to its unique fingerprint. Using a super-1337 VPN, or even worse, running your own single-user VPN on a VPS? Not sure why you'd want to do that...

Folks seems to be obsessed with this idea that "more is more" when it comes to their security and anonymity, and the simple truth is that it isn't. Especially with anonymity technologies, you really, really want to be doing what everyone else is doing - otherwise you stick out like a sore thumb.


[2 Points] disk1997:

Vendors use a 20$ a month VPN