Vendor OPSEC - TAILS on a tablet tethered to burner 4G phone

Hey everyone. I've been a vendor for a while, but my traffic is starting to ramp up a little, so I need to up my OPSEC.

Currently just using TAILS on a burner laptop, using wifi that is not my own - I do live at that address - but I have no documentation linking me to the physical or IP address that I'm using. I'm a little nervous about having TOR traffic on the same network that I do my regular internetting on, so I want to get my TOR traffic off of this address. I've played around with bridges, but I know that's not a 100% solution either.

I don't like the idea of going and sitting in a cafe using public wifi, especially with a laptop. I've toyed with the idea of getting a high gain wifi antenna - but still that's only practical for use with a laptop. And I couldn't even get the device to work on TAILS.

So here's my idea. I live in a densely populated city with lots of parks, and great public transport. Why not just use a burner phone that is in no way connected with me. Leave my own phone at home and disappear into the parks, or sit in the back of a bus for half an hour at a time, using a TAILS tablet (yes you can put TAILS on a tablet), tethered to a burner? Maybe rotate through a few burners to obfuscate a bit further...

Is this reasonable? If not, how would they catch me with this setup?


Comments


[16 Points] tailsjoin:

Just get a powerful wifi antenna for your laptop and steal your neighbors wifi. Stop trying to overthink simple things. You driving around on a bus taking orders all day is highly retarded.


[8 Points] ARingoAteMyBabies:

You have a few solutions that would likely be more elegant than tethering.

First solution, would certainly be a Yagi. You don't need it to be recognized in Tails though.

Get something like a WR703N (TP-Link) with OpenWRT or DD-WRT. You can even get them pre-modded with memory and external antenna upgrades.

Or, get any available home router that has external antennas.

Use Kali to crack a few wireless signals in your neighbourhood. You should be able to see a lot with the Yagi. (Get an Alfa USB adapter if you don't already have one, and remove the 5/9 dBi antenna, and attach the Yagi (~36 dBi).

Use Reaver for WPS enabled WPA(2) signals, and use aircrack-ng for WEP signals.

Once they are cracked, set up a Client Bridge with your OpenWRT/DD-WRT router, with the Yagi attached.

If you are going to use the tablet, set it up a virtual interface (or second wifi interface) as a repeater. If you are just using the laptop, plug it in directly to the router. (The WR703N is very tiny, and can be powered off USB. So you can attach it directly to laptop with USB + Cat5e, and have the pocket router be mobile with the laptop)

For additional security, you can set up an OpenVPN client with a PIA account, on the router itself. This way ALL traffic from the laptop will be hidden from ISP and sent from VPN before jumping on the Tor network.

For even MORE security, get an anonymous 4G LTE dongle and SIM card. Plug that directly into the OpenWRT/DD-WRT router.

Another option, and a bit more complicated, would be using a pfSense machine as a firewall and OpenVPN client. You could then use BOTH 4G LTE + Multiple Yagis, and set up Multi-WAN LOAD BALANCING, and well as network isolation between your Tor Traffic and your clearnet traffic. For instance, you could send all Tor Traffic over 4G LTE and all clearnet traffic over neighbor's WiFi.

Or you could have certain subnets directed to different locations through PIA VPN. So clearnet goes to NY, and tor traffic goes to Sweden before getting on Tor.


[7 Points] None:

personally wouldn't recommend doing anything darknet related on anything even remotely connected through a phone. spend the $70-100 on a nice, portable usb yagi antenna and pick up someone else's wifi would be my suggestion.


[3 Points] hacksec:

Burner phones can be handled properly, but it is not worth the effort necessary to use it for Internet tethering.

I think using TOR from your home network, at least some of the time (when not conducting market work) is a good idea. It's chaff.

Create an account on Pornhub. Connect to it periodically with TOR.

Forget to tunnel through TOR and log into PornHub from your clearnet home IP address a couple of times. Silly rabbit, you broke OPSEC. Obviously you are using TOR to hide your dirty porn habit.


[1 Points] None:

If you dont want to use your own wifi, then go to a coffee shop, or or a hotel. or even a drug ridden motel off the side of the highway. act like a guest, call from your cell phone if the wifi needs a password. most of the time the people who work in the dirty ass hotels dont give a fuck. sitting on back of a bus would draw attention.


[1 Points] iamdnm:

how would they catch me with this setup?

by following your drop off points, make a couple orders from you, then wait - most likely you will repeat the rotation cycle of drop-offs, if any

bang - they got you, but they will let you vend more, because now they want hard evidence - so your case is done. they start playing you, maybe convince you to re-up big for a bulk order, once your coins is into cash bang they get you and your money


[1 Points] throwaway547383:

Grest thread, thanks guys its been very helpful.

One question with the yagi antenna - if I were LE, I'd just drive around looking for abnormally high peaks at the right frequencies - yes I know it's a crowded part of the spectrum, but couldn't a van + yagi + spectrum analyzer locate anyone actively using this method? Or am I worrying too much?


[1 Points] 2005C:

Get a faraday pouch for whatever, the phone, tablet, i think they even make them big enough for laptops. Your travel/storage will be untraceable.


[1 Points] b4tb4t:

Leave my own phone at home and disappear into the parks, or sit in the back of a bus for half an hour at a time, using a TAILS tablet (yes you can put TAILS on a tablet), tethered to a burner?

How would you tether to the burner if it is at home and you are not?