11
« on: January 10, 2014, 12:32:15 am »
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Too many people here seem unable to grasp the basics, so here are some commandments for traveling the road. Deviate to your own demise and have a nice stay in prison if you want to ignore the advice of the knowledgeable folk around here.
Rule 1: STFU
Shut the fuck up. Is it sunny where you live? How nice. Oh you're in the southern hemisphere I guess as it is summer there now, or are you in a hot country? Oh it is summer - that is interesting, your English is very good so I would think you speak English natively am I right? Your package was intercepted - really what was it? Only 10 pills of MDMA, what vendor were you working with as I've ordered pills before?
If you get to that point and you can't help but talk, congratulations you probably now have the FBI feeding intel to the Australian authorities and there will only be a handful of packages seized recently with exactly 10 pills in it and hell if you have given away what vendor you use then they also have the country of origin. Most people guilty of something like that will also use their home address so now LE probably know who you are and if you are anyone worth chasing you will wind up in a cell sooner or later.
Rule 2: The blockchain is irreversible (so don't fuck up even once)
Ok, you're ordering only a few grams of coke - who gives a shit? But you then buy from Bitstamp and send right to your SR address. Congratulations, now pray SR doesn't keep many logs because if there is even a hint of your bitcoin address tied to the account you ordered to they will have some pretty incriminating evidence against you and they will never prosecute you on that if you do scale up later on. Know the authorities are cunning, they gather evidence over time and your mistake was letting them find you in the first place. Most people let slip the little things and when they become bigger in the game, that comes to bite them in the ass.
Rule 3: Common advice isn't good advice
Why the fuck are you using a public wi-fi connection to browse Tor? If you've paid attention to recent events, you'll know the NSA are harvesting vast quantities of information from public wi-fi and tracking movements even when you have your Wi-Fi disabled (software disabling or not connecting does not prevent them knowing you are in range). Ross was slammed onto a table and they took his laptop to bypass all encryption and have him red handed. If you are going to do anything illegal, do it in your own home where they can't suddenly drag you away and if you don't want Tor on your internet connection, 3G or setting up a private bridge is the way to go. That isn't perfect, but unless you are a very high value target they aren't going to check every single 3G connection in the area or extensive measures like that - it is more likely they will just check your internet history via your ISP for tor connection times and try to correlate your activity. Tor isn't illegal and if you keep your mouth shut then they will have a very hard time to show serious wrongdoing.
Rule 4: Burn your identity - often
Oh you have 2,000 posts and don't want to lose your reputation? Great, we'll end the conversation there because quite frankly I can't stand being in the same conversation as such a self-righteous bastard. This is an anonymous environment, nobody genuinely cares who you are or who you pretend you are and generally a lot of smart guys don't make many posts here as they understand this is all going to be short lived in the bigger picture, whereas prison is not a short time if you are involved with Silk Road. I made a post recently about the life of a PGP key and one addition I may add is if you're changing your PGP key, it may then be a good time to also burn your identity and don't ever cross contaminate - never go near it again not even on the same virtual machine since every visit will leave some kind of trace. If you have bitcoins, lose them or spend them - never ever transfer them and if it is a lot of money such as the proceeds from your activity, use several mixers, methods and spaces of time to create as much separation as you humanly can.
Rule 5: Don't trust mixing services
If you trust a single mixer, you will go to prison one day if you keep walking that line. If bitcoinfog is compromised they may have kept logs all along and that combined with SR logs is going to put most of you in prison. If you want to be safe, buy bitcoins with cash of course, then split the bitcoins up into several wallets and perhaps move them through blockchain.info a few times over several accounts, load your bitcoinfog account wallets through blockchain.info's shared send feature to compound your anonymity and after bitcoinfog, maybe even duck it through another mixer or even through SR itself before reaching your disposable purchase account. If you can't afford to take those precautions because of the fees, perhaps reconsider buying at all.
Rule 6: Don't keep envelopes, it isn't fucking memorabilia
When you get your product, if you are ignorant enough to keep stuff in your house all the time at least make sure the envelope is gone way before you start taking any drugs. Do not throw it in the garbage as law enforcement don't need any authority to go searching your bins, the least you can do is shred it to pieces and burn it to a crisp and then mix it in with other general waste such as food or bury it deep, heck even put it down the toilet if it won't clog it. There is evidence coming through LE are now turning to chemical marking of packages to ensure the packages they find at the scene are the ones they sent the suspect and this is irrefutable evidence in court they are the same package even if you rip off the address and return address, and this isn't some shit you can wash off with a few wipes.
Rule 7: If you don't need a phone, don't have it near you
The leaks by Edward Snowden have shown phones can be used (particularly iPhone's) to watch suspects by turning on the camera and microphone and therefore depending on where you put it they could hear the sound of your typing, maybe see your screen, catch you mumbling words as you are thinking what to reply to a message or even intercept the wireless RF signals if you use Wi-fi or worse, a wireless keyboard and act as a keylogger which is definitely not outside the realms of possibility.
Rule 8: No matter what "gurus" claim, you cannot defend yourself from the NSA
Some LE agencies have ways to plant their packages onto your hard drives, BIOS and other low level systems of your computer so nothing you do with software will protect you. If you use a laptop, remove the hard drive from it before using TAILS and if you need a PGP key, never let it go near an internet enabled device. Data transfer must be one way so do not use the same USB stick to transfer anything from an internet-enabled device to an offline one. There is no need to expose your offline system to attacks from the online one. USB sticks these days for only a few hundred MB are cents and you could even use CD's which are only a few dollars for 100 of them so don't be cheap. One thing to add to that point is once you have transferred the data, dispose of it. Burn the CD to pieces (make sure it is melted, use a gas stove such as the camping cookers is a good idea) or melt the flash memory of the usb stick and then flush the pieces down the toilet once you've broken it down.
Rule 9: Don't use batteries
If you do use a laptop, remove the battery and keep the charger in. If LE break down your door then just pull the plug and the power is completely gone. If you've used a write-only device such as a CD/DVD-R then no data will be on that bit of media and almost everything in the RAM will be gone. So far the only real threats of recovering information from the RAM has been performed under lab conditions which in the field where they will probably take a while longer, have more exposure and not have everything immediately to hand. It is unlikely they will gain much from the residual data if they could recover it (let alone enough to bring to court as evidence).
Rule 10: Man the fuck up
Assuming you are caught, don't be an utter cunt. Keep your mouth shut, let a lawyer do the talking but refuse plea bargains. If you've managed to get yourself in this position, you have let your security slip and it is your own fault, don't bring anyone else down with you (yes Ross, can you hear me?). Say nothing, let them try to put you through a trial and you have a chance you can walk free and if you do get found guilty then it will give you enough time to learn from your mistakes hopefully and not repeat them. Unless you are big game you won't be in jail for the rest of your life so it isn't the end of the world. You chose to walk this tightrope yourself, and you used that rope to hang yourself like a ripe fruit ready for law enforcement to pick. Don't blabber like a little girl and perhaps one day you might be grateful when somebody doesn't drag you down either.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJSzz5+AAoJEKa1ThTkGTzrIssP/ig1hPLJSn+wo9GBD61wD4FN
sKcqcEwoin+05/2aEj/d3Kvkv7EF8oicYHb4lAKoswChCnK0DBw2kq8LRhFufAnP
vYqY8Ll6PZCPEyk267cVQW92XYgh13633Hcta3sJJrbEFVQKmM7urcBK1tDr8t1r
j2uxVv+R0MEOnXNYiaM6QspNV7lLNP56r6yh5GZDkyk6nEQjDWKxxCuqKAUKqy71
iOlrvwaIKgTw1o6PeeOY32nj/dft49N6yNpXJ8K9uasTYFDb+QHbukxPZj0N4vrs
2rwh+MYgwJ49sKBMNU1J1J4OksmPPeoKGETry1/CgP5DSxgOQl1KSpXzJhXHY5ux
e4GpMX7x+53229ygdvSzgTk0PDW8VuNgtthdcCWoZFJWACS//zzlxtFaWSksyWTW
Jnt9eqD/eQIuaRs4UkBdbPfOZVwdY4hqBnruUoZpksXLCEpmAS+I+37E749DIGUW
v4g0Ytrpg/4Kx45RYu44ay9+mqJAzheBSsXUqCBN8DnFV94DrlpeU6OoPNVaw1cC
vMbDZEm5pKj8ovaXoAZXL9DdQo1eM9nfTWk5Y/tLrQ9tPV81SnQUls73iAfrUoV0
i/XQmX4mFDgrmHfE8wuSe2Wg3jbZ1fr/cqlp6ieGrqyvBNLlbVV1hXBFKMuBG1lR
k9wxwgx7tsyiKow6h7lD
=hy/0
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Too many people here seem unable to grasp the basics, so here are some commandments for traveling the road. Deviate to your own demise and have a nice stay in prison if you want to ignore the advice of the knowledgeable folk around here.
[u][b]Rule 1: STFU[/b][/u]
[b]Shut the fuck up.[/b] Is it sunny where you live? How nice. Oh you're in the southern hemisphere I guess as it is summer there now, or are you in a hot country? Oh it is summer - that is interesting, your English is very good so I would think you speak English natively am I right? Your package was intercepted - really what was it? Only 10 pills of MDMA, what vendor were you working with as I've ordered pills before?
If you get to that point and you can't help but talk, congratulations you probably now have the FBI feeding intel to the Australian authorities and there will only be a handful of packages seized recently with exactly 10 pills in it and hell if you have given away what vendor you use then they also have the country of origin. Most people guilty of something like that will also use their home address so now LE probably know who you are and if you are anyone worth chasing you will wind up in a cell sooner or later.
[u][b]Rule 2: The blockchain is irreversible (so don't fuck up even once)[/b][/u]
Ok, you're ordering only a few grams of coke - who gives a shit? But you then buy from Bitstamp and send right to your SR address. Congratulations, now pray SR doesn't keep many logs because if there is even a hint of your bitcoin address tied to the account you ordered to they will have some pretty incriminating evidence against you and they will never prosecute you on that if you do scale up later on. Know the authorities are cunning, they gather evidence over time and your mistake was letting them find you in the first place. Most people let slip the little things and when they become bigger in the game, that comes to bite them in the ass.
[u][b]Rule 3: Common advice isn't good advice[/b][/u]
Why the fuck are you using a public wi-fi connection to browse Tor? If you've paid attention to recent events, you'll know the NSA are harvesting vast quantities of information from public wi-fi and tracking movements even when you have your Wi-Fi disabled (software disabling or not connecting does not prevent them knowing you are in range). Ross was slammed onto a table and they took his laptop to bypass all encryption and have him red handed. If you are going to do anything illegal, do it in your own home where they can't suddenly drag you away and if you don't want Tor on your internet connection, 3G or setting up a private bridge is the way to go. That isn't perfect, but unless you are a very high value target they aren't going to check every single 3G connection in the area or extensive measures like that - it is more likely they will just check your internet history via your ISP for tor connection times and try to correlate your activity. Tor isn't illegal and if you keep your mouth shut then they will have a very hard time to show serious wrongdoing.
[u][b]Rule 4: Burn your identity - often[/b][/u]
Oh you have 2,000 posts and don't want to lose your reputation? Great, we'll end the conversation there because quite frankly I can't stand being in the same conversation as such a self-righteous bastard. This is an anonymous environment, nobody genuinely cares who you are or who you pretend you are and generally a lot of smart guys don't make many posts here as they understand this is all going to be short lived in the bigger picture, whereas prison is not a short time if you are involved with Silk Road. I made a post recently about the life of a PGP key and one addition I may add is if you're changing your PGP key, it may then be a good time to also burn your identity and don't ever cross contaminate - never go near it again not even on the same virtual machine since every visit will leave some kind of trace. If you have bitcoins, lose them or spend them - never ever transfer them and if it is a lot of money such as the proceeds from your activity, use several mixers, methods and spaces of time to create as much separation as you humanly can.
[u][b]Rule 5: Don't trust mixing services[/b][/u]
If you trust a single mixer, you will go to prison one day if you keep walking that line. If bitcoinfog is compromised they may have kept logs all along and that combined with SR logs is going to put most of you in prison. If you want to be safe, buy bitcoins with cash of course, then split the bitcoins up into several wallets and perhaps move them through blockchain.info a few times over several accounts, load your bitcoinfog account wallets through blockchain.info's shared send feature to compound your anonymity and after bitcoinfog, maybe even duck it through another mixer or even through SR itself before reaching your disposable purchase account. If you can't afford to take those precautions because of the fees, perhaps reconsider buying at all.
[u][b]Rule 6: Don't keep envelopes, it isn't fucking memorabilia[/b][/u]
When you get your product, if you are ignorant enough to keep stuff in your house all the time at least make sure the envelope is gone way before you start taking any drugs. Do not throw it in the garbage as law enforcement don't need any authority to go searching your bins, the least you can do is shred it to pieces and burn it to a crisp and then mix it in with other general waste such as food or bury it deep, heck even put it down the toilet if it won't clog it. There is evidence coming through LE are now turning to chemical marking of packages to ensure the packages they find at the scene are the ones they sent the suspect and this is irrefutable evidence in court they are the same package even if you rip off the address and return address, and this isn't some shit you can wash off with a few wipes.
[u][b]Rule 7: If you don't need a phone, don't have it near you[/b][/u]
The leaks by Edward Snowden have shown phones can be used (particularly iPhone's) to watch suspects by turning on the camera and microphone and therefore depending on where you put it they could hear the sound of your typing, maybe see your screen, catch you mumbling words as you are thinking what to reply to a message or even intercept the wireless RF signals if you use Wi-fi or worse, a wireless keyboard and act as a keylogger which is definitely not outside the realms of possibility.
[u][b]Rule 8: No matter what "gurus" claim, you cannot defend yourself from the NSA[/b][/u]
Some LE agencies have ways to plant their packages onto your hard drives, BIOS and other low level systems of your computer so nothing you do with software will protect you. If you use a laptop, remove the hard drive from it before using TAILS and if you need a PGP key, never let it go near an internet enabled device. Data transfer must be one way so do not use the same USB stick to transfer anything from an internet-enabled device to an offline one. There is no need to expose your offline system to attacks from the online one. USB sticks these days for only a few hundred MB are cents and you could even use CD's which are only a few dollars for 100 of them so don't be cheap. One thing to add to that point is once you have transferred the data, dispose of it. Burn the CD to pieces (make sure it is melted, use a gas stove such as the camping cookers is a good idea) or melt the flash memory of the usb stick and then flush the pieces down the toilet once you've broken it down.
[u][b]Rule 9: Don't use batteries[/b][/u]
If you do use a laptop, remove the battery and keep the charger in. If LE break down your door then just pull the plug and the power is completely gone. If you've used a write-only device such as a CD/DVD-R then no data will be on that bit of media and almost everything in the RAM will be gone. So far the only real threats of recovering information from the RAM has been performed under lab conditions which in the field where they will probably take a while longer, have more exposure and not have everything immediately to hand. It is unlikely they will gain much from the residual data if they could recover it (let alone enough to bring to court as evidence).
[u][b]Rule 10: Man the fuck up[/b][/u]
Assuming you are caught, don't be an utter cunt. Keep your mouth shut, let a lawyer do the talking but refuse plea bargains. If you've managed to get yourself in this position, you have let your security slip and it is your own fault, don't bring anyone else down with you (yes Ross, can you hear me?). Say nothing, let them try to put you through a trial and you have a chance you can walk free and if you do get found guilty then it will give you enough time to learn from your mistakes hopefully and not repeat them. Unless you are big game you won't be in jail for the rest of your life so it isn't the end of the world. You chose to walk this tightrope yourself, and you used that rope to hang yourself like a ripe fruit ready for law enforcement to pick. Don't blabber like a little girl and perhaps one day you might be grateful when somebody doesn't drag you down either.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJSzz5+AAoJEKa1ThTkGTzrIssP/ig1hPLJSn+wo9GBD61wD4FN
sKcqcEwoin+05/2aEj/d3Kvkv7EF8oicYHb4lAKoswChCnK0DBw2kq8LRhFufAnP
vYqY8Ll6PZCPEyk267cVQW92XYgh13633Hcta3sJJrbEFVQKmM7urcBK1tDr8t1r
j2uxVv+R0MEOnXNYiaM6QspNV7lLNP56r6yh5GZDkyk6nEQjDWKxxCuqKAUKqy71
iOlrvwaIKgTw1o6PeeOY32nj/dft49N6yNpXJ8K9uasTYFDb+QHbukxPZj0N4vrs
2rwh+MYgwJ49sKBMNU1J1J4OksmPPeoKGETry1/CgP5DSxgOQl1KSpXzJhXHY5ux
e4GpMX7x+53229ygdvSzgTk0PDW8VuNgtthdcCWoZFJWACS//zzlxtFaWSksyWTW
Jnt9eqD/eQIuaRs4UkBdbPfOZVwdY4hqBnruUoZpksXLCEpmAS+I+37E749DIGUW
v4g0Ytrpg/4Kx45RYu44ay9+mqJAzheBSsXUqCBN8DnFV94DrlpeU6OoPNVaw1cC
vMbDZEm5pKj8ovaXoAZXL9DdQo1eM9nfTWk5Y/tLrQ9tPV81SnQUls73iAfrUoV0
i/XQmX4mFDgrmHfE8wuSe2Wg3jbZ1fr/cqlp6ieGrqyvBNLlbVV1hXBFKMuBG1lR
k9wxwgx7tsyiKow6h7lD
=hy/0
-----END PGP SIGNATURE-----
Show Posts