Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - kmfkewm

Pages: 1 ... 47 48 [49] 50 51 ... 249
721
Security / Re: Money Laundering
« on: July 26, 2013, 05:29 am »
Doing it properly will indeed allow you to launder hundreds or millions, but the more money you try to launder like this the harder it is to actually do it without being noticed. If you have a small business that accepts cash payment you can easily pad your income with anonymous drug cash and nobody will be the wiser, but if you run a small business and make ten million dollars over night in cash people are probably not going to believe you :D. When it comes to big money you need to have front companies and fake identities in other countries and bank accounts and all kinds of shit that I don't really know much about. But if you are working with tens of thousands of dollars extra a year it is a lot less complicated to launder it while staying under the radar and looking legitimate.

722
Security / Re: Zero Fill External Drives
« on: July 26, 2013, 05:20 am »
Wiping flash memory (USB sticks) is unreliable at best. Your best bet is to throw them out (covertly), buy new ones and always keep them encrypted.

723
Security / Re: Money Laundering
« on: July 26, 2013, 05:10 am »
And for the big vendors needing to launder $100,000 + a year I think your best bet is to get involved in hosting festivals and events, especially internationally, and padding the amount of people who attend as well as perhaps running some stands and padding the amount of things people bought. Set it up in some foreign country that will not be likely to share any information with your home country and you are even better off.

724
Security / Money Laundering
« on: July 26, 2013, 05:08 am »
If you are a big vendor money laundering is important for you. Small vendors can often get away without money laundering, if you are only making a few thousand dollars a year from vending it is pretty easy to spend the money without drawing attention to yourself. However, if you are making tens of thousands of dollars a year from vending then it is important that you know how to launder your money. There are two steps to laundering money, the first is to disconnect the money from any criminal activity. This can be accomplished with Bitcoin mixes, preferably cashing out to a fake ID or with anonymous ATM cards for the ultimate separation (mixing bitcoins but then cashing out to your real ID may unlink you from a particular criminal transaction, but it is better if you are not identified as having a large amount of Bitcoin in the first place). Once you have cashed out and have cash that cannot be tied to a crimial transaction (and hopefully cannot even be associated with you at all yet), you need to be able to pay taxes on the money and account for why you have it. For many vendors a good technique is to open your own business, if you have technical skills I think that technical business are the best of all. Padding your books with drug money is a good way to clean it. Some people sell Christmas trees and pretend to have sold more than they really did, another technique I have heard of is selling fire works. If you work as a waiter you may be able to pad the amount of tips you have received, depending on how the place you work at manages tips. Pretty much any service job is your best bet, be it making websites or doing computer repair. Not only can you derive a legitimate income from such jobs, but you can also very easily pad the amount of income you have made. If you take Bitcoin or similar for the service you offer (which doesn't even look very suspicious if you offer technical services) then it makes it even easier.

Simply offering services like this legitimately and padding your income with drug money is a good way to clean tens of thousands of dollars a year I think. Another technique I have heard of is pretending to have some expensive item and offering it for sale on an auction site, and then being your own highest bidder. Of course you need to take care that the high bidder cannot actually be linked to you.

These techniques probably will not work for the biggest vendors who need to launder hundreds of thousands of dollars a year, but for the vendors who only need to launder tens of thousands of dollars a year I think that these techniques are sufficient. And vendors who are making only thousands of dollars a year can probably get by without actually accounting for how they got the money at all, provided they are not stupid about it. Spend the majority of your legitimate income on things like paying rent or other things that the government might be able to easily see that you did, and spend your drug money on things like groceries, preferably spend the bulk of your drug money on things that you can pay for in cash and use your legitimate money for paying for things that leave a paper trail. If you make sure to do that you can get away with having several thousand of unaccounted for dollars a year without anybody being able to tell.

725
Security / Re: giant magnet? how big?
« on: July 26, 2013, 01:23 am »
Why not just have a switch to wipe the encryption keys from the RAM. Most computer cases already come with such a switch.

726
Security / Re: How fast is the growth of anonymous darklands?
« on: July 26, 2013, 12:40 am »
I think that recently the growth has been exponential thanks to all the markets. When I first started using Tor there were not even any drug forum hidden services at all, although some people on clearnet drug forums used Tor to connect to them. The first forums started using Tor several years ago, and since then it has just been a big transition to Tor, and now most of the drug forums use Tor and it is rare to find any that don't. So from the time I started using Tor to today an entire very large community of people started using Tor, essentially everybody in the online drug scene. I think the same thing is mostly true of the CP scene as well although they were on Tor before we were. But I think that they had a transitional period similar to the drug scene where they moved from VPN's to Tor to Tor hidden services. Even more recently we have started to see some carder forums on Tor, unsurprisingly they were the last to join the party. The number of people using Tor for legal things is undoubtedly increasing as well, not only is Tor being used more in repressive countries and countries that censor access to the internet, but even in countries like the USA people are more and more using Tor because of things like the NSA spying on everybody. So I think that the darknets are growing pretty rapidly at this point, hell just in the past two years Silk Road alone is probably responsible for at least 100,000 new people downloading and using Tor at least once.

727
Security / Re: Fake ID for Moneygram Transfer?
« on: July 26, 2013, 12:28 am »
I definitely would use a fake ID for moneygram transfers. I have a friend who bought ketamine online from India, he paid with Western Union and was a pretty big customer. Over a few months or so he ended up sending tens of thousands of dollars to India using his real ID at Western Union, and then he got raided by the IRS and charged with money laundering. Nothing about drugs was ever brought up as far as I am aware, the entire case against him focused on the fact that he had sent tens of thousands of dollars that he never had paid taxes on and had no legitimate reason for having. They never even found ketamine actually because he had orders drop shipped to his customers and never touched any drugs himself.

On the other hand you really need to be careful with fake ID, as this whole Celtic shit has shown us. Fake ID can be extremely, extremely helpful for vendors but it can also amount to turning yourself in if your fake ID vendor happens to be the secret service. Way back in the day using fake ID for Western Union and Money Gram was a pretty standard way of paying for and accepting payment for drugs online, and also was standard for people to have mailboxes registered with fake ID.

728
Security / Re: giant magnet? how big?
« on: July 26, 2013, 12:05 am »
https://en.wikipedia.org/wiki/Gutmann_method

Quote
The delete function in most operating systems simply marks the space occupied by the file as reusable (removes the pointer to the file) without immediately removing any of its contents. At this point the file can be fairly easily recovered by numerous recovery applications. However, once the space is overwritten with other data, there is no known way to use software to recover it. It cannot be done with software alone since the storage device only returns its current contents via its normal interface. Gutmann claims that intelligence agencies have sophisticated tools, including magnetic force microscopes, which together with image analysis, can detect the previous values of bits on the affected area of the media (for example hard disk).

The National Bureau of Economic Research criticized Gutmann's claim that intelligence agencies are likely to be able to read overwritten data, citing a lack of evidence for such claims.[3] Companies specializing in recovery of damaged media (e.g., media damaged by fire, water or otherwise) cannot recover completely overwritten files. No private data recovery company currently claims that it can reconstruct completely overwritten data. Nevertheless, some published government security procedures consider a disk overwritten once to still be sensitive.[4]

Gutmann himself has responded to some of these criticisms and also criticized how his algorithm has been abused in an epilogue to his original paper, in which he states [1]:

    In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.

It is also worth mentioning that Secure Erase has been tested on mechanical hard drives before, and the researchers testing it were incapable of recovering anything off any of the tested drives.

https://en.wikipedia.org/wiki/Data_remanence#Feasibility_of_recovering_overwritten_data

Quote
Peter Gutmann investigated data recovery from nominally overwritten media in the mid-1990s. He suggested magnetic force microscopy may be able to recover such data, and developed specific patterns, for specific drive technologies, designed to counter such.[2] These patterns have come to be known as the Gutmann method.

Daniel Feenberg, an economist at the private National Bureau of Economic Research, claims that the chances of overwritten data being recovered from a modern hard drive amount to "urban legend".[3] He also points to the "18½ minute gap" Rose Mary Woods created on a tape of Richard Nixon discussing the Watergate break-in. Erased information in the gap has not been recovered, and Feenberg claims doing so would be an easy task compared to recovery of a modern high density digital signal.

As of November 2007, the United States Department of Defense considers overwriting acceptable for clearing magnetic media within the same security area/zone, but not as a sanitization method. Only degaussing or physical destruction is acceptable for the latter.[4]

On the other hand, according to the 2006 NIST Special Publication 800-88 (p. 7): "Studies have shown that most of today’s media can be effectively cleared by one overwrite" and "for ATA disk drives manufactured after 2001 (over 15 GB) the terms clearing and purging have converged."[1] An analysis by Wright et al. of recovery techniques, including magnetic force microscopy, also concludes that a single wipe is all that is required for modern drives. They point out that the long time required for multiple wipes "has created a situation where many organisations ignore the issue all together – resulting in data leaks and loss. "[5]

729
Security / Re: giant magnet? how big?
« on: July 25, 2013, 11:50 pm »
Quote
While I usually agree with almost all the information you put forth on these forums, I have to slightly disagree with you on this one, respectfully of course. Not because you're wrong, but because Secure Erase isn't properly implemented by all device manufacturers.

You could use Secure Erase and then a full drive wipe program that doesn't rely on Secure Erase. That will be pretty fail safe. The general theme is that the best method is not physically destroying the drive in any of these outlandish ways, but rather simply wiping the drive. The drive should be encrypted as well to aide in this, because if the drive is encrypted only the key actually needs to be wiped in the majority of cases. In the case of solid state drives using FDE is even more important. I have read about some solid state drives that automatically and seamlessly encrypt everything put onto the drive, in some cases they don't even require you to set a password. I can only imagine that this is to aide in secure erase, so that they only need to protect a small area of the drive where the encryption key is held, and then they can wipe the encryption key during the secure erase procedure to essentially wipe the drive. This method of secure erase on SSD would have the benefit of not needing to spend write cycles going over the entire drive as well, but it would be a bit different from regular secure erase where data is actually destroyed rather than made (usually) impossible to access.

Anyway I still say that the technique used should be FDE and then if you ever need to start fresh you can do a wipe with Secure Erase and if you are worried Secure Erase was not implemented properly for your device you can do another pass with something that simply fills the platter with 0's. Data deletion from persistent storage is not something that is going to be possible in an emergency situation anyway, it is laughable to think you will have time to put in a CD and start an erase program while the police are kicking your door in, at best you will have time to cut power to your system to clear your volatile memory of encryption keys.

Quote
Due to personal safety concerns I can't really lay out my qualifications in speaking on this matter, so I fully understand if you don't believe or trust the info given (and rightfully so as I'd rather you stay safe too than trust some randomly posted info on the darknet).

I know Secure Erase was found to be improperly implemented on some percentage of tested solid state drives, but I have not heard of any research claiming one way or the other as far as hard drives go. If you are worried that Secure Erase is not properly implemented on your device you could first wipe with Secure Erase and then do another wipe where you simply fill the platter with 0's using software that doesn't rely on Secure Erase. If your drive is fully encrypted you are even better off since you in most cases (pretty much all cases where the attacker doesn't already have your encryption key) you will only need to securely wipe the encryption key to render all other information on the drive impossible to recover.

Quote
Secure erase theoretically sanitizes all data from a flash device. In reality it doesn't always work. Not every flash device manufacturer implements the Secure Erase commands completely in line with the established standard. In the case of thumb drives especially, there may not even be a controller embedded that has the capability to perform the command at all. The same goes for card readed devices you would insert an sd card into. And to make matters worse, some drives lack the ability to even detect their own failure to erase the data, leaving it in place.

Yes I have read the research indicating that not all solid state drives have a properly implemented Secure Erase function. I had assumed the OP was talking about a hard drive but that is a bad assumption on my part since there are very important differences between wiping a hard drive and a solid state drive. In the case of a hard drive I would feel much more comfortable with Secure Erase, and very confident with Secure Erase followed by filling the platter with 0's with some other software. In the case of solid state drives things become more difficult. Many solid state drives have properly implemented Secure Erase and if you happen to have such a SSD using Secure Erase is sufficient. On the other hand, several solid state drives have been shown to have incorrectly implemented Secure Erase functions, and in such a case not only will Secure Erase not be sufficient, but filling the drive with 0's after the Secure Erase will still probably not be sufficient. So if you have a Solid State drive I think that you really need to do your research to make sure that the drive can actually be wiped with any level of confidence. One thing I have noticed is that several of the current generation (brand new) motherboards have connectors for SSD Secure Erase, I wonder if those are more reliable than the built in Secure Erase functions on the drives. I also have noticed that several new SSD's appear to be automatically encrypted but without a password, I can only imagine that this encryption is entirely with the goal of being able to Secure Erase by wiping a small protected area of the SSD where the encryption key is held.

Quote
If the OP is trying to destroy the data on a mechanical hard drive then secure erase does nothing for him at all. Most people assume a mechanical drive can be sanitized by formatting it, then overwriting it entirely with new data. Sadly this isn't entirely true. While consumer level data recovery software can't overcome this, there are techniques for using a scanning magnetic microscope to recover residual data even after a 10 pass "DoD" data wipe. The same sort of device can also be used to get data off the tiny pieces of internal disk platters after you smash the disk to dust, but requires a lot more effort to assemble the gathered data into something interpretable, and something requiring this technology and effort to be used wouldn't come into play unless you did something to piss off the NSA or CIA and were considered a threat to national security.

I completely disagree with this. Secure Erase was originally designed to securely erase data from mechanical hard drive platters. I believe it does two passes, one with the magnetic head on track center and one with it slightly off center to wipe magnetic edge residue. This is generally considered to be overkill. Definitely a platter that is smashed can be read with spin stand microscopy, and only a very trivial amount of information is actually destroyed with every fracture of the drive. There has been a great deal of debate about if forensics can pull data that has been overwritten or not, in the past it was widely thought that they could pull data even after it had been overwritten, but in modern times most people think that they cannot. Even in the forensics community there is much debate over this, but I am forced to agree with the people who argue against the possibility of recovering overwritten data simply because nobody seems to be able to respond to their argument of "show me a single example of where overwritten data was actually pulled off of a completely wiped hard drive, ever". In the past there was a theoretical paper by Gutmann that theorized that a magnetic microscope could recover overwritten data unless it was overwritten many dozens of times, but I think this is largely seen as impossible with modern drives which have much greater density. In any case Secure Erase does two passes and there are various software programs for doing 35 or more passes.

730
Security / Re: giant magnet? how big?
« on: July 25, 2013, 09:35 am »
Breaking the platter into pieces is the worst way to try to destroy data, forensic data recovery specialists can pull data even from extremely fragmented drives. Breaking the platter into pieces hardly destroys any data at all unless you like grind it into dust or something. I suggest avoiding all of the standard paranoid and senseless techniques of destroying data (which frequently are ineffective in actuality), and sticking with something simple and effective, like Secure Erase.

731
Hiding a partition only helps slightly anyway. If LE gets their hands on your hard drive, it's pretty obvious if you have disk space that's unaccounted for in the partition table. At this point even full disk encryption is only a stop gap measure with the advent of GPU accelerated decryption tools.

It doesn't look like there is unaccounted for space in the partition table. All the GPU's in the world are not going to brute force AES-256 with a 256 bit password.

732
Security / Re: Tor and state surveillance
« on: July 25, 2013, 12:22 am »
The Good News is that the NSA doesn't give a shit about us. If they did then we wouldn't be here. I know I am supposed to be uber paranoid about the NSA and ultra pissed off that they are illegally spying on me, but I am quite convinced that they are seriously only interested in stopping terrorist attacks and espionage. If they really wanted to act as a criminal intelligence agency and go after sites like SR, we wouldn't have a site like SR running for two years embarrassing the US police. I see that there are clear separations between the different levels of federal agency, and they are actually not particularly cliquish with each other between the different levels. I expect the NSA to lead to my arrest about as much as I expect an FBI agent to give me a traffic ticket. Perhaps this is just wishful thinking on my part, but I honestly doubt it.

The NSA harvests vasts quantities of data on all of us - including but not limited to congressman, judges, supreme court justices, presidential candidates ... they can know of a senator's penchant for young boys, or the depraved addictions of a supreme court justice. We know these agencies work closely with major multinationals and have the power and capacity to affect democratic institutions in ways that are largely hidden.

The agenda isn't only, or evenly primarily, about stopping terrorists.

Sure I think they are also interested in political blackmail, but I don't think they are interested in stopping the majority of criminals. I mean of the crimes that the NSA is interested in, I think terrorism and espionage top the list. I do think they are also interested in having control over the political system, and that certain targets may be blackmailed with information, but I don't think the NSA is going to gather communications of drug dealers and pipe them to the DEA in the name of fighting drug crime.

733
I agree with your points, but I think there are other things to consider.  Like Inigo said, just because the government still wants to control your drug use, doesn't mean we haven't won the drug war.  With Silk Road, you can now get virtually any drug you want delivered directly to you, with little chance of them even knowing about it.  In a very real sense, we've won the war on drugs.  I'm not saying it's time for a victory lap, but I can at least see the light at the end of the tunnel.

On top of that, times are changing as well.  Something like 19 states in the US have decriminalized marijuana.  I could very easily see the feds giving up the war on pot at least.  Also, if the economy sinks into a depression, people will get less concerned with the private activities of others and focus more on their own survival.  If the drug war became bad policy with the middle class because of its wasteful spending, it could very well be dropped in order to win votes.

tl:dr
never say never

I agree that Silk Road has done a great thing for helping drug users obtain the drugs they desire while maintaining their freedom, but I would compare it to antiviral drugs in the war on HIV. Silk Road is not a cure for the war on drugs but rather it is an antiviral drug cocktail that allows many users to maintain their freedom indefinitely. Some will still fall victim to the war on drugs eventually, but SR has done a great job in helping countless people maintain their freedom. A true victory in the war on drugs would be more similar to a cure for HIV.

Perhaps they will give up the war on pot but if they do so it will be kicking and screaming. The federal government is still busting people for pot offenses even in states where they are not breaking the law, just the other day I read about somebody sentenced to over twenty years in federal prison for running a medical marijuana store. I think it is important to keep in mind that a lot of the people in the middle class actually make their money from the war on drugs, be they police officers, prison guards to drug abuse specialists. A good chunk of people in the middle class have their entire living depending on prohibition, especially people who go to school for sociology and social work.

Quote
The government will never win the war on drugs because people will always desire the freedom to change their sobriety. It's as futile as trying to win a war on homosexuality.

The thing is that the government isn't really interested in winning the war on drugs. They are interested in the money and power they gain by fighting the war on drugs. The government doesn't want to eliminate drug use, they want to perpetually be able to profit from and gain power from drug use. If you think about the government as actually wanting to eliminate drug use then you are right, they will never win. But if you think of the government as merely wanting to gain power and funding, then it looks a lot more like they have won. We have millions of people in prisons and on parole, and they have nice fat pay checks and nearly unlimited power.

Quote
Sure they are locking up people by the millions but considering that drugs are cheaper, more pure and easier to get than ever before in history I'd say we are definitely on the winning side.

It depends on how you measure victory. I don't think the government really wants to stop people from using drugs, they want to suck money from the masses and have power over everybody. In that sense, people being locked up by the millions is a sign of defeat, but drugs being cheaper and easier to get than they ever have been is not really a sign of victory.

Quote
Consider the real good that could come from all of the money time and effort spent on this crap. 

For real! I am against taxation and social services in general, but it still pisses me off to think of how much money is spent on the war on drugs that could instead be spent on real beneficial things. Think of how much better off the entire world would be if all of the money spent fighting drugs was instead spent on ending poverty or improving our communities. It is absolutely disgusting, we live in a modern dark ages. If you look around there is a chart that shows technological progress over time, and there is a big two thousand year period where technology not only did not progress but actually regressed. That is the same effect the war on drugs is having, instead of money being spent on things that actually make a difference and improve our quality of life it is instead being wasted fighting drugs, and not only are we suffering from a lack of progress but we are regressing as the war on drugs is leading to all kinds of social issues and problems. It is seriously nothing short of a modern day tragedy, and hopefully in a thousand years a more sane society will look back at these times and consider them as a second dark ages. I think Tupac put it best "Instead of a war on poverty they have a war on drugs so the police can bother me".

Quote
The war on drugs will end itself when civilization and morality as we know it fail.

I think the war on drugs will end when the most powerful people supporting it find that they are being assassinated entirely because of their position on the war on drugs. Two lost lives and a bullet can be more politically valuable than fifty years and a majority.

Another point I didn't mention in my original post is that the government has a strangle hold on the scientific research into recreational drugs as well. Not only do they fund "scientists" that say bad things about drugs, they make it next to impossible for objective researchers to even research drugs in the first place. And good luck getting a government grant to do a study on how harmless drugs actually are, not only will you never get a government grant again in your life but you will have a hell of a time even obtaining material to research in the first place. So the "scientists" who study how bad drugs are have no trouble getting funding and research material, but the objective scientists are turned into social outcasts and denied funding and prevented from obtaining research materials in the first place. Then the propaganda scientists publish bullshit and the government propagates it as truth, and nobody is even capable of doing real peer review. So in summary:

1. The government maintains power by keeping drugs illegal

2. The government and corporate interests make huge amounts of money from drugs being illegal

3. The government forces us to fund drug propaganda , even if we are against the war on drugs

4. The government controls many of the most valuable channels through which information can be distributed, namely the public school system

5. The media has it in its best interests to demonize drugs

6. The religious leaders have it in their best interests to demonize drugs

7. The government can interpret our rights away at a whim, and they do this all the time, and we have almost no ability to stop this from happening

8. Nobody who doesn't use drugs has it in their best interests to legalize drugs, they are a level above us in the social hierarchy and why would they give that up?

9. Drug users are commonly prevented from voting or otherwise influencing politics

10. Drug users are commonly used as cheap labor

11. Legitimate research into drugs is prevented and scientists who attempt to do legitimate drug research are blacklisted by the government, whereas scientists doing drug research for the government propaganda arm are funded and have their work distributed by the government

734
All drugs have lost consciousness? I can't wrap my head around that, what do you mean?

I mean that drugs are no longer able to think and that they are all braindead. Since drugs are all braindead they cannot fight the war on drugs anymore, so the DEA has won and now they can all go home and find real jobs.

735
Security / Re: Big MDMA presser busted on silk road
« on: July 24, 2013, 12:46 pm »
I have a friend who knows the person busted, he said they were busted via unrelated investigation and then police linked them to SR because they seized and analyzed computers then found unencrypted documents with SR info on them.

But then it means, that the vendor published some personal informations to the buyer?

I don't know exact details. One of my good friends got MDMA pressed by these guys and he knows the details of the case better than I do. He says the investigation did not start from SR but through unrelated means. The police only found they were involved with SR after seizing their computers. I don't know if the documents they found included customer shipping addresses or only usernames and the URL or what, but they definitely found unencrypted documents which is how they knew they were involved with SR.

Pages: 1 ... 47 48 [49] 50 51 ... 249