Hi there.
I was putting this together as a response to someones status - turns out I write too much and it couldn't go there.
I'd appreciate any views on this as this is how I feel we can be safe as buyers.
Ok, so here are some things you can and should do.
1. Get familiar with TOR.
Install the TOR Browser, NEVER browse anywhere from other browsers. All Darknet related stuff muct be done from the TOR browser.
Do not connect to services that know you (Gmail, reddit, Facebook etc) via TOR, especially at the same time as browsing dark net material.
Always use a new private window for every new site - don't make use of tabs, you do not want some accidental cross tab leaks to happen.
2. Get familiar with PGP.
Install a PGP/GPG keyviewer, create a private/public key for yourself and NEVER send anything to someone if it contains personally identifiable info.
When you create your key - you do NOT need to have an email address in the key, do not put real names in the key. If you are using multiple markets, good idea to create a key per market, name them accordingly "HairyPoppins-BreakingBad" as an example. This way not only can vendors be sure which key to use, but disabling a key for a market that gets busted is very simple.
3. Plausible deniability is always something to keep on top of.
Just because you received a package in the post, doesn't mean you ordered it.
You should use your real name ofr addressing, otherwise postal services may decide you don't reside there and your package ends up waylaid/lost/inspected. Rather put your initial and surname (remember you are encrypting this) and then when you receive it, wait a few days before opening it. That way if someone does come to knock your door down, the item has not been opened and you can claim ignorance.
4. NEVER be in a hurry. Vendors do not ship to a tight schedule. They try to ship via different post offices, at different times, different days from your order. All of that is so that they can make it tricky for Law Enforcement to pin them to a particular transaction. If you need something fast, find a local street vendor, otherwise be patient, order early and relax.
5. Use XMR (Monero) to buy stuff, do not use Bitcoin.
XMR is untraceable, Bitcoin is traceable. Do not use BTC.
Run a local node for XMR, that way no transactions are ever exposed to the outside world.
Buy BTC using your FIAT (USD/GBP/AUD whatever) and send those BTC to a private BTC wallet on your machine. The use the services of anonymous traders like changenow.io to trade your BTC for XMR. DO THE TRADE INSIDE TOR BROWSER!
That way your XMR is 100% unlinkable to you. Good for you, good for the vendor, good for the market.
6. Be prepared.
Nothing will ever 100% guarantee that LE won't come knocking. So keep your stash secret, keep it safe. Find a hiding spot that won't be easily uncovered in a light search and put your goods there. If you are needing more than a light stash space, you are needing much more advice than this little write up.
7. If you are so inclined, consider getting a micro computer like a raspberry pi or something and running a Linux Privacy OS on it. Something like Tails which deletes all data every time it is restarted so leaves no incriminating evidence behind. Or something like Kodachi that allows you to filter all TCP sessions and encrypt all files/folders etc. You can run your XMR wallet on these platforms.
Anyway, that is a small selection of top priority things.
As with most things privacy related, if you don't TRY, you are definitely exposed.
I was putting this together as a response to someones status - turns out I write too much and it couldn't go there.
I'd appreciate any views on this as this is how I feel we can be safe as buyers.
Ok, so here are some things you can and should do.
1. Get familiar with TOR.
Install the TOR Browser, NEVER browse anywhere from other browsers. All Darknet related stuff muct be done from the TOR browser.
Do not connect to services that know you (Gmail, reddit, Facebook etc) via TOR, especially at the same time as browsing dark net material.
Always use a new private window for every new site - don't make use of tabs, you do not want some accidental cross tab leaks to happen.
2. Get familiar with PGP.
Install a PGP/GPG keyviewer, create a private/public key for yourself and NEVER send anything to someone if it contains personally identifiable info.
When you create your key - you do NOT need to have an email address in the key, do not put real names in the key. If you are using multiple markets, good idea to create a key per market, name them accordingly "HairyPoppins-BreakingBad" as an example. This way not only can vendors be sure which key to use, but disabling a key for a market that gets busted is very simple.
3. Plausible deniability is always something to keep on top of.
Just because you received a package in the post, doesn't mean you ordered it.
You should use your real name ofr addressing, otherwise postal services may decide you don't reside there and your package ends up waylaid/lost/inspected. Rather put your initial and surname (remember you are encrypting this) and then when you receive it, wait a few days before opening it. That way if someone does come to knock your door down, the item has not been opened and you can claim ignorance.
4. NEVER be in a hurry. Vendors do not ship to a tight schedule. They try to ship via different post offices, at different times, different days from your order. All of that is so that they can make it tricky for Law Enforcement to pin them to a particular transaction. If you need something fast, find a local street vendor, otherwise be patient, order early and relax.
5. Use XMR (Monero) to buy stuff, do not use Bitcoin.
XMR is untraceable, Bitcoin is traceable. Do not use BTC.
Run a local node for XMR, that way no transactions are ever exposed to the outside world.
Buy BTC using your FIAT (USD/GBP/AUD whatever) and send those BTC to a private BTC wallet on your machine. The use the services of anonymous traders like changenow.io to trade your BTC for XMR. DO THE TRADE INSIDE TOR BROWSER!
That way your XMR is 100% unlinkable to you. Good for you, good for the vendor, good for the market.
6. Be prepared.
Nothing will ever 100% guarantee that LE won't come knocking. So keep your stash secret, keep it safe. Find a hiding spot that won't be easily uncovered in a light search and put your goods there. If you are needing more than a light stash space, you are needing much more advice than this little write up.
7. If you are so inclined, consider getting a micro computer like a raspberry pi or something and running a Linux Privacy OS on it. Something like Tails which deletes all data every time it is restarted so leaves no incriminating evidence behind. Or something like Kodachi that allows you to filter all TCP sessions and encrypt all files/folders etc. You can run your XMR wallet on these platforms.
Anyway, that is a small selection of top priority things.
As with most things privacy related, if you don't TRY, you are definitely exposed.
