[ overboard / sfw / alt / cytube] [ leftypol / b / WRK / hobby / tech / edu / ga / ent / music / 777 / posad / i / a / R9K / dead ] [ meta ]

/tech/ - Technology

"Technology reveals the active relation of man to nature"
Name
Email
Subject
Comment
Captcha
Tor Only

Flag
File
Embed
Password (For file deletion.)

Matrix   IRC Chat   Mumble   Telegram   Discord


File: 1608526423381-0.jpg ( 185.98 KB , 1280x720 , dnm.jpg )

File: 1608526423381-1.pdf ( 926.7 KB , dnmbible.pdf )

 No.6187

Darknet markets are as close as it gets to a free market, where you can order drugs and have it delivered to you by mail. The purpose of this thread is to discuss opsec, ask for help and discuss markets in general. This thread should be fully legal as long as you don't solicit or facilitate illegal transactions, meaning:

&ltDon't beg to buy from someone
&ltDon't attempt to sell to anyone here
&ltDon't link to dealer Instagram/Reddit/Snapchat accounts. These accounts are run by either scammers or feds.
&ltDon't directly link to any market. These links could be fake scam/fed markets, designed to phish your login details and steal your cryptocurrency. Only use https://dark.fail/

The following is my personal recommendation for good opsec while conducting business, however, you must [b]read the darknet market bible[/b] (.pdf attached) after you are done with this post. If you don't read theory, it's likely you will be caught and convicted.

>Will I be 100% safe?

In theory, no. The darknet market bible, together with this thread, is meant to minimize the risk of getting caught as much as possible. If you follow the exact procedure outlined in the bible, you should be okay, especially as a small-time buyer.

Tails
Tails is an Linux-based operating system that runs entirely on your RAM and is wiped when PC is powered off. If the cops intercept your item, conduct a controlled delivery and seize your machine, they will not be able to find evidence linking you to the package and you can deny involvement via a lawyer.
You will want to install the Tails operating system to a USB flash drive with at least 8GB of storage. Personally, I'd go for USB 3.0, with at least 16GB storage for persistent volume purposes, or even 128GB or more if you want to store the Monero local node on it. You also need a PC with at least 1GB RAM to run Tails. The bible contains a guide for installing Tails in [b]2.A.2 Installing Tails[/b]. You can download it here:
https://tails.boum.org/install/index.en.html

>Why shouldn't I use Windows?

These types of OS are usually installed on a hard drive where all your data is stored when it is powered off. It would be stupid to store your darknet-related files here (including wallets and wallet passwords), because if the police sieze your machine, they will find everything.

>I have previously conducted deals over Windows. How do I get rid of the evidence?

You should uninstall and delete everything related to darknet markets, including Tor, PGP-related programs and files. The data will still be physically present on your drive, however. If your programs and files were stored on a hard disk drive (HDD), then you can use overwrite software, such as DBAN, that wipes the entire drive, or other software that overwrites only the space marked as deleted. Tails can also wipe the available disk space of any drive.
If your programs and files were stored on a solid-state drive (SSD), you should not use overwrite software as they could damage or even destroy your drive. Securely erasing an SSD is a bit more complicated, you can read more about it here:
https://security.stackexchange.com/questions/223110/how-to-securely-erase-the-free-space-on-an-ssd-in-windows-10

>How do I run Tails?

You can insert the flash drive, restart your PC and enter the BIOS where you can change the OS boot order. Move your USB to the top of the list and exit the BIOS.

Persistent volume
This is the best place to store your darknet-related files, such as PGP private keys, wallet passwords, market private links, and passwords, etc. This is a LUKS-encrypted partition of your Tails USB, so if the cops manage to seize your USB, they won't get much out of it.
The persistent volume is encrypted with a password, so make sure to [b]use a long password that cops can't guess[/b]. Personally, I use one that's 32+ characters, with numbers, symbols, and without any real words. Do not store the persistent volume password digitally, especially on any old hard drive or the cloud, so write it down in a diary or something so you remember it. You should also back up your persistence volume regularly to not lose your files. The bible explains how to create it in [b]2.A.4 Setting up persistence volume[/b]

JavaScript
You must disable JavaScript in Tor every time you boot up Tails. It's a useful scripting language that allows for truly interactive websites, however, it's a major security risk, as it allows websites to run arbitrary code in your browser. Attackers can gather data that could lead to fingerprinting your system.
You can disable JavaScript by setting the security mode to [b]Safest[/b]. This can be done by clicking on the shield icon in the toolbar, or going to Settings > Privacy & Security > Safest. You can also type in [b]about:config[/b] in your address bar and set [b]javascript.enabled[/b] to False.

>What's the risk?

For a more practical example: in 2013, the FBI took over a tor hosting service named Freedom Hosting and inserted a malicious script in the pages of the onion sites hosted on that service. That malicious JavaScript used an exploit to run a payload that called home to a fed-controlled machine that sent the real IP address of the computer that had visited the site as well as a unique identifier for the computer. If a site complains that you have it disabled or asks you to enable it, you should leave immediately. The bible explains the risk of using JavaScript in [b]1.2 Using Reddit with Tor[/b]

Cryptocurrency
Tails comes with Electrum by default, which is a Bitcoin (BTC) wallet. Most markets accept Bitcoin, but for ultimate privacy, you should [b]conduct transactions with Monero[/b] (XMR), as Bitcoin is not private. The benefit of Monero is that you can run your own local node by downloading the entire blockchain (70+ GB) instead of using a remote node. If a remote node is compromised, they can match transactions to your IP address, defeating the purpose of Monero to begin with.

>How is Bitcoin not private?

Bitcoin transactions are traceable and can easily be linked to your ID, so you should tumble your Bitcoin if you don't want to get caught. However, this is not a fool-proof method and can be illegal. The most secure way to spend your Bitcoin anonymously is to first [b]convert your Bitcoin to Monero[/b] through a non-KYC exchange like ShapeShift, MorphToken or Godex, over Tor without using JavaScript. This is known as cross-cryptocurrency tumbling. You can now pay with Monero, or you could convert your Monero back to Bitcoin through another non-KYC exchange like XMR.to, so that the resulting Bitcoin will be completely untraceable to your original Bitcoins since they were purchased with Monero, over Tor without KYC or JavaScript. The bible explains the pros and cons of this method in more detail in [b]3.2 Tumbling[/b]

>What type of Electrum wallet should I use?

Set up a normal wallet. [b]Do not use two-factor authentication[/b]. It requires you to install apps on your smartphone which defeats the purpose of opsec. The bible explains the pros and cons of this method in more detail in [b]3.3 Setting up your wallet[/b]

>Should I use my existing wallets to conduct deals?

If you've ever stored the passwords and mnemonic generation seeds for your wallets on an unencrypted drive, then no. If the police seize your machine and gain access to your wallet, they may be able to prove you sent money to a darknet market. The exception to this is if you are using Monero, as it anonymizes the receiver and sender. Make sure the passwords and mnemonic generation seeds for your wallets are stored in your persistent volume, or written down.
>>

 No.6188

Pretty Good Privacy
PGP is encryption software that is mostly used to encrypt, decrypt, and verify messages. To give your address to a darknet market vendor so he can ship the item, you must encrypt it first. Otherwise, the market can store your address in plaintext, and [b]if the servers are seized by the cops, you can be arrested[/b].
In a nutshell, every person has a public key and a private key. You must import the vendor's public key, encrypt your message with it, then send it to the vendor. If done correctly, the vendor will be able to decrypt it with his private key. The bible explains how to set up your keys in [b]4.1 Creating a key pair[/b]

>Should I use an auto-encrypt feature found on a market?

If the darknet market servers are seized and cops gain access to the encryption keys, they'll have a lot of buyer's personal info. Learn to encrypt yourself, don't be low-hanging fruit.

Accessing markets
Markets suffer regular DDoS attacks, so they go up and down all the time. Luckily, there is a trusted list of all available markets on dark.fail. This is a bi-directional trust between the site and the markets that provide key information to it. Those markets believe it is legitimate enough to bother sending addresses and keys, which dark.fail publishes. If it starts publishing bad addresses/keys, stops posting timely verifications, or the DNS information has unplanned changes, then the sites and users assume it is compromised and stop trusting it:
http://dark.fail/

If you find any market .onion link outside of this site, [b]there is a chance it is a fake market which will phish your credentials and steal your cryptocurrency[/b]. This includes .onion links ITT, don't follow them. Some markets may offer you private links, which should not be shared with anyone.

>The bible recommends dnstats.net and deepdotweb.com

DeepDotWeb is a clearnet site that was sized and DNStats is likely to be compromised since the bible was written:
https://darknetlive.com/post/dnstats-from-research-to-phishing/

>What vendors should I go with?

Look for vendors with good reviews that go back a long time. Stay away from vendors with similar reviews posted in a short time span. If you're a beginner, it's a good idea to order domestically first. Personally, I prefer those that offer tracked shipping, and 100% reship if . It's also a good idea to keep ordering with the same vendor and build up a good relationship with a them over time, as then they would be more likely to accept custom orders you may want to request, or maybe even ship an extra little something. The bible goes into detail about vendors in [b]7.4 Choosing a vendor[/b]

>Should I use two-factor authentication?

Unlike Electrum, where using 2FA is dangerous, you should use it in darknet markets. The bible explains why this is the case in [b]7.1 Important tips for using markets[/b]

>Should I buy with escrow?

Escrow is a system in which the market will hold your funds until you mark the item as recieved. If you order an item without escrow, the vendor might as well scam you and take your money, and the market admins usually side with the vendor if you have no history with the vendor.

Don't forget to leave a good review and feedback for the vendor after you're done. There is so much more opsec information contained in the bible that is absent from this thread. Nobody is truly safe from being caught, but by following it to the T you can minimize the risk to the point where cops would rather go after someone who doesn't know what they are doing.
>>

 No.6189

Some other places where you can post questions and get answers on this topic:

http://www.reddit.com/r/darknet
Dread (link on dark.fail)
>>

 No.6190

File: 1608526423841.pdf ( 1.27 MB , DN BIBLE 2 .pdf )

>>6187
Good thread OP. Here's a newer version of the bible. disregard the old one.
>>

 No.6198

Based thread
>>

 No.6200

>>6198
What’s based about buying drugs?
>>

 No.6201

you gotta have a serious addiction to be willing to go through all this trouble
>>

 No.6203

>>6190
This is great.
I just spent a while on this website:
https://dancesafe.org/

And also this website:
https://drugsand.me/

Harm reduction is ridiculously important.
>>6201
Drugs are nice. I personally prefer to buy them from local drug dealers, but buying online is a more safe way to get clean shit. Plus in many places, it is the only way to get DMT unless you want to make it yourself (which I have).
>>

 No.6210

>>6201
i think its overkill for most people, if you just order small quantities for yourself police is highly unlikely to visit you
>>

 No.6215

>>6200
Depends on the drug, unless you're a spooked moralist.
>>

 No.6217

>>6215
How can you call yourself a socialist when you support online drug markets? Socialists should be for the elimination of drugs from society.
>>

 No.6218

>>6217
I mean we're for the abolishing of all markets but we still engage in capitalism, unless you're comfortable posting what amounts to "you're a socialist but you still buy things". I get LSD from nobodies anyway.

>Socialists should be for the elimination of drugs from society.

You're a conservacuck in denial and no amount of leftist rhetoric is going to change that.
>>

 No.6219

>>6218
>nooooo you have to support my addiction!!!1!1!
Drugs contribute absolutely nothing to society.
>>

 No.6221

>>6201
>trouble
Honestly dude its called hard work and opsec, set it all up once and you never have to do 80% of all this again. Gone are the days of finding connections, running around some dirty city trying to catch your dealer, etc. now I can get really high quality cali weed and professionally packaged chocolate bars without it being fake shit
>>

 No.6222

>>6219
then go back to leftypol where you can complain about it? why are you here?
>>

 No.6223

>>6219
Great rebuttal. You could at least put some effort into your posts if we're going to go offtopic instead of acting like a bible thumper.
We're also talking about one of the least addictive drugs here lol, even less than weed.
>>

 No.6225

>>6223
all drugs are addictive and therefore bad
>>

 No.6227

>>6225
Based retard
>>

 No.6228

am i going to get v& for trying to buy research chems in california
>>

 No.6245

>>6223
ok, you are still supporting a black market filled with criminals that are likely into worse shit and selling worse drugs.
>>

 No.6247

>>6245
I already told you that leftist rhetoric won't change the fact you're a spooked conservacuck. What you posted is all conjecture and assuming it was true, are you someone who does lifestylist shit like only buying from "small business owners" (who also suck)? Porky in general uses their funds for fucked up shit.

>>6225
lol
>>

 No.6377

I'm tired of getting my weed from a sketchy dealer and i don't have the resources to grow it myself. Is ordering weed from a dnmarket okay though? I live in europe but i guess that doesn't really matter.
>>

 No.6379

>>6377
Yeah just use Monero and if you want to avoid detection in transit only buy from within the customs area (ie EU). A long time ago I used to buy from all over the world but I see more posts about seizures on international borders nowadays.
>>

 No.6407

Looks like there is a big DDOS going on, pretty much all markets are down
>>

 No.6458

>>6407
Andddddd, everyone wants me to believe the fed had nothing to do with it, when, coincidentally, this happened:

https://amp.thenationalnews.com/world/europe/police-take-down-the-world-s-biggest-darknet-market-1.1144923

Now the network is fine.
>>

 No.6459

>>6219
They keep people from being snobby pretentious twats like you, lol.
>>

 No.6463

>>6459
I just don’t understand why socialists would support a market as free as a drug market, you are buying from people who sell meth and shit which can ruin people’s lives.
>>

 No.6464

>>6463
>I just don't understand why grown adults should be able to do things that effect literally no one but themselves.

Have you read any Marx? Drugs don't ruin peoples lives. The material conditions of capitalism that A: Drive people to addiction and B: entrap people in a cycle of alienating labor. That is what fucks people up not the drugs.
>>

 No.6465

>>6464
Drugs can certainly help
>>

 No.6732

which darknet market doesn't have the javascript and also uses monero only
>>

 No.6785

>>6732

whitehouse
>>

 No.6794

This thread was originally posted before the split. However, I've just noticed that the jannies on bunkerchan have deleted the DNM thread there. Not sure when the deletion happened, and I know that it wasn't pruned because there are even older threads that are still up. what the fuck is their problem?
>>

 No.6795

>literal book of security procedures
>at the end of it you give some rando your irl address to post you illegal goods
i know it must work out in practice, but i can't imagine not being too paranoid to go through with something like this.
>>

 No.6799

>>6795
Sure, but no one except for that rando is going to see your address.

I rather give my address to some random then my local dealer, that dude is a creep.
>>

 No.7858

>>6245
Based
Made by illegalist gang
>>

 No.7859

>>6795
>>6799
>he doesn't send it to an abandoned house
NGMI
>>

 No.7860

>>7859
Not joking, can you please do a similar step-by-step guide for this?
I know some people actually do this but when I tried to figure out how to do it practically it became really hard, also didn't find any guides for it. Like how do you even know a place is abandoned rather than just temporarily empty? Won't abandoned houses also lack a mailbox / public address for mailmen?
Ty.
>>

 No.7863

>>7860
NGL I was just shitposting and I've never bought any illegal shit but you can try and sign the place up for spam mail maybe to test if the address works - I don't have a guide or anything on-hand and it was just something that popped to mind randomly as a solution

Unique IPs: 10

[Return][Catalog][Top][Home][Post a Reply]
Delete Post [ ]
[ overboard / sfw / alt / cytube] [ leftypol / b / WRK / hobby / tech / edu / ga / ent / music / 777 / posad / i / a / R9K / dead ] [ meta ]
ReturnCatalogTopBottomHome