3. [OPSEC/Computer] Setup. Paying for info.

[OPSEC/Computer] Setup. Paying for info.

...Continued:

3.How secure would be this connection setup Socks5 ->VPN -> Socks5 -> obsf tor bridges -> Tor. Extra: a)What would you change? b)What extra security you could offer? MAIN GOAL: ISP (NO INFO ABOUT VPN) -> VPN (NO INFO ABOUT ISP)

That's extremely silly. Your ISP will have no problem seeing the VPN traffic over SOCKS5, as SOCKS5 provides absolutely zero obfuscation. Sure, your ISP won't be able to see which VPN you're connecting to, but they'll easily see a regular VPN handshake occurring, and to a global or semi-global passive adversary (like a government cyberspy agency), the link between you and the VPN would be clear as day.

You really, really need to spell out an actual threat model, here. You sound like you have no idea what you need, what you want, or why you would be adding all of this stuff that doesn't actually add any functional security (except against extremely specific, and extremely rare adversaries).

Making some (very reasonable and likely) assumptions about your threat model and goals, I would drop the SOCKS5 layers, and possibly even drop the VPN (but then, I have pretty strong feelings about VPNs that are not widely shared on this sub - they really don't add very much functional security in matters like this, except - again - in extremely specific models which you are not likely to be a part of). A VPN is trivial to perform traffic correlation and timing attacks on, is susceptible to legal subpoenas (including secret "lawful" orders to BEGIN keeping logs in secret), and draws additional scrutiny, as well as providing yet another potential intercept point for larger timing and correlation attacks against your Tor traffic in general. In other words, they're almost always useless for what people here might seek them out for.

Use Tails, use public wifi that's a decent distance from your home/work/hangouts if you must, and enjoy your high security. If you really want to go above and beyond, you might anonymously rent a VPS (or for maximum paranoia, a dedicated server) and run a high-participating-traffic I2P node on it as well as a simple Tor instance, and then set up an I2P tunnel that you can connect to from home/work/wherever and use that like you would use your VPN. This will be slow - we're now talking literally 20 or 26 hops round trip for any traffic you send and receive over this connection (3 hops outbound I2P, 3 hops inbound I2P, I2P destination, 3 hops Tor, Tor destination (clearnet)/3 more hops Tor (.onion), and then back through the whole way again on return).

4.Is there any software to find out leaks/holes in setup?

Yes and no. You can use Wireshark to detect unencrypted leaked data, but that's about the best you can do, and finding the actual leaks is a lot of grueling analytical work.

No because your biggest leaks are going to come from YOU, and that's almost always the case. Maybe you log in to your regular email address while using a separate pseudonym, maybe you mention the weather where you are someday, maybe you send a request to a .onion to your clearnet DNS... the possibilities are endless. The best defense against leaks you can have is a very clear understanding of the technologies and techniques that you are using, period.

Suggestions for improvement: use a physical transparent torification gateway machine, like with Whonix. This is really 9/10ths of the fight if you're seeking extreme security. Use two new-to-you computers (the gateway can be something very weak, like an Odroid or a Lime2 - fuck Raspberry Pis), hard drives optional, and set one up with two network cards to act as a gateway to the other. This gateway maintains a connection to Tor, and the other machine connects only to the gateway, which forwards ALL traffic from the other machine to Tor, no exceptions. This protects against most de-anonymization malware and exploits, which are actually a credible threat. You will still want both machines to be very secure, and using separate VMs on the workstation machine is still advisable. Keep your software (including that of your VMs) up to date. You can also use a high-power directional wifi antenna on your gateway machine to find a wifi signal to use that may be a mile or more away, but it'll take some scanning. You might also want to read up on how to crack "secured" wifi networks, since truly open ones are pretty rare these days.

Any questions, hit me up. Although I could help you get all this set up for money, and in some respects would love to, I just don't have the time right now. But if you want to toss me a tip to answer some more detailed questions, I'm into it.

Love, sapiophile (GPG pubkey on the SKS KeyServer network, at https://keybase.io/sapiophile & https://ssl.reddit.com/r/publickeyexchange/comments/2cmfob/sapiophiles_public_key/ )

/r/DarkNetMarkets Thread Parent
Previous
Next

Recently removed from /r/DarkNetMarkets

Do any of you feel like a "Walter White" ? or is it just me. RIP Agora - Customers dont worry; we're shipping all orders, escrow orders included. "Odyssey Market" using a public/paid pre-made script (Evolution clone script), not secure at all.. Publicly leaked as well. Is it necessary to use VPN in conjunction with Qubes and Whonix? tracking says delivered. po box totally empty 2 days later? The Agora-Aero Theory. Any thoughts? VPN set up up on router and running in tails Kacikz Three Including a Teenager Have Been Arrested Over Darknet Trade How is LE doing this all of a sudden How is LE doing this all of a sudden No PGP auto-encryption as market listing criteria? Open Road Market and Place Market Exploits Friend took too much meth, need urgent advice right now. [vendor review] TheStealthSuite 3g Ketamine review

More Random Comments

Bored, entitled SJW college students at Berkley decide preventing other students from getting to class is a good idea. What's The Political Situation Like in The Force Awakens? Why does the Human body reject transplanted organs /tissue and proceed to destroy them but it doesn't kill parasites like worms ? If you could take any film and make it's plot a historically accurate event that actually occured, what would you pick? Bored, entitled SJW college students at Berkley decide preventing other students from getting to class is a good idea. A medical marijuana advocate has lost custody of her 11-year-old son at least temporarily and could face possible charges following comments the boy made during a drug education program at his Kansas school Help! Serious boundary issues with Chinese mother in law. Bored, entitled SJW college students at Berkley decide preventing other students from getting to class is a good idea. [Correction] I have written some notes about a french author, can you please help me correct it? 'There are pretty much Zero Repercussions for being a rapist' What's the most creative way of driving someone crazy discreetly? [Serious] Overview for MandarTrivedi Which animal is the biggest asshole? Revoked: Brokenhearted Baha'is: LGBT's Rejected by Their Church Baltimore Man Freddie Gray Dies After Spine Severed in Police Encounter: Lawyer