Ways Law Enforcement Busts Dark Web User

NBAYoungCarder

Established Contributor
Regular Member
Joined
Jun 14, 2022
Threads
20
Post Replies
201
Status
away
Last seen
I get it with the smart phone not being idea, however I personally don't use any social media whatsoever, have Java disabled through out my phone http everything, and wipe data e erhtine I logout out of tor, also u don't use tor to browse any websites except the dnm
if this is your personal phone, absolutely not. /post/9eb7d61cecc593f1c1aa
a burner phone? still too many risks. /post/731b0187bd2919f64bf9
a phone in which you *physically* disconnected mobile access, camera, mic, rooted and installed stock Android, then secured with Orbot and never accessed any site or app that can link personally to you? maybe.
there's so much background communication going on between phone (firmware, native apps, installed apps) and the mobile towers that phone just isn't secure. Orbot, Signal, Wickr help, but i just wouldn't use a phone for anything more than brief, circumspect communication.
YouTube /watch?v=VFns39RXPrU
 

VictorBands98

Established Contributor
Regular Member
Joined
Apr 11, 2022
Threads
20
Post Replies
158
Status
away
Last seen
tails should have this disabled default instaed of noobs not knowing to do this everytime booting up
(i used to be that guy)
 

StormOneOnly

Established Contributor
Regular Member
Joined
Jun 5, 2022
Threads
13
Post Replies
163
Status
away
Last seen
Don't use USPS apps on your phone, dont check pack deliveries on your phone period. Once you've set up Informed Delivery, configure it to send text messages for packages. Mute the conversation and let it push all the updates to you via SMS. This will keep a longer history than the ID page or app. You have plausible deniability because you get updates on ALL your amazon shit. Let them PUSH the data to you, don't PULL it.

Don't use your phone to check on deliveries.
Don't use your phone for anything DNM related.
Don't hit the tracking info for the same pack.
They track your IP and # of hits and will use this against you. TRUST ME, I KNOW.
 

NBAYoungCarder

Established Contributor
Regular Member
Joined
Jun 14, 2022
Threads
20
Post Replies
201
Status
away
Last seen
Don't use USPS apps on your phone, dont check pack deliveries on your phone period. Once you've set up Informed Delivery, configure it to send text messages for packages. Mute the conversation and let it push all the updates to you via SMS. This will keep a longer history than the ID page or app. You have plausible deniability because you get updates on ALL your amazon shit. Let them PUSH the data to you, don't PULL it.

Don't use your phone to check on deliveries.
Don't use your phone for anything DNM related.
Don't hit the tracking info for the same pack.
They track your IP and # of hits and will use this against you. TRUST ME, I KNOW.
Amazon ships with UPS, a private company that is allowed to check all your mail as far as they please. It's a completely different service to the USPS. Please inform yourself comrade
 

VictorBands98

Established Contributor
Regular Member
Joined
Apr 11, 2022
Threads
20
Post Replies
158
Status
away
Last seen
Amazon ships with UPS, a private company that is allowed to check all your mail as far as they please. It's a completely different service to the USPS. Please inform yourself comrade
Not sure where you're from comrade, but Amazon ships 80% of my shit via USPS. I wish it were different, because aorund here UPS is the most unreliable shipper imaginable.
 

StormOneOnly

Established Contributor
Regular Member
Joined
Jun 5, 2022
Threads
13
Post Replies
163
Status
away
Last seen
Not sure where you're from comrade, but Amazon ships 80% of my shit via USPS. I wish it were different, because aorund here UPS is the most unreliable shipper imaginable.
Ah. I live in a major city, so I was just speaking based on personal experience. Sorry for the rude tone.
 

NBAYoungCarder

Established Contributor
Regular Member
Joined
Jun 14, 2022
Threads
20
Post Replies
201
Status
away
Last seen
I check informed delivery so much. How can you say that you aren't checking it for, you know, everything else?


Not all places ship via amazon's delivery system. Sometimes it goes into USPS, but I buy lots of stuff from ebay, etsy, other stores, etc etc. They can't tell one prio box from another. I usually have no idea what box is which even :\


no one cares about your tracking info just never ask for it from a vendor unless it's contesting
 

VictorBands98

Established Contributor
Regular Member
Joined
Apr 11, 2022
Threads
20
Post Replies
158
Status
away
Last seen
My fucking god, I had NO idea. Ive been checking ID since the moment I ordered stuff. Not doing it thru my phone or laptop ever again moving forward. Thanks for this
 

StormOneOnly

Established Contributor
Regular Member
Joined
Jun 5, 2022
Threads
13
Post Replies
163
Status
away
Last seen
To add on your highlights i would say :
1.Going undercover.This can be a highly effective tactic where the undercover agents penetrate the wider dark web organizations.In a way ,law enforcement have taken advantage of the protections offered by Tor to blend in with everyone's else-on the dark web,you never really know who is on the other end of a conversation .
.
2.Open Source Information .Even if criminal"s business exists primarily on the dark web ,they might have left digital bread crumbs -in forum posts or public documents that lead to investigators to the suspect"s identity .

3.Following The Money .Dark web market places typically use the pseudo- anonymous currency bitcoin,for all transactions the idea being that transactions can be carried out with no link to the buyer or sellers real identity .Homeland Security Investigations (HSI),part of the Department of Homeland Security however has set up dedicated task force for tracking down those who launder their proceeds with bitcoin and other cryptocurrencies.
 

NBAYoungCarder

Established Contributor
Regular Member
Joined
Jun 14, 2022
Threads
20
Post Replies
201
Status
away
Last seen
So are Tor users still susceptible to the same Network Investigative Technique used in operation pacifier?
 

VictorBands98

Established Contributor
Regular Member
Joined
Apr 11, 2022
Threads
20
Post Replies
158
Status
away
Last seen
So are Tor users still susceptible to the same Network Investigative Technique used in operation pacifier?
From what I read of it, it was a bug in an outdated version of Firefox. Tor users are supposed to keep their browsers up to date. After the Tor Project fixed the bug, the FBI managed to de-anonymize those users running outdated versions of the Tor Browser Bundle. Really 135 seems low to me. I'm glad pedo's went to jail but at the same time, it is kind of a fucked up way to get them arrested.

The same thing could be used on people just trying to safely buy drugs, for instance. Precedent is everything. The users arrested should have been arrested but allowing the FBI's use of the NIT by the courts in the future, in my view, was a mistake. Part of me wants to say "kudos to the FBI", but also "this has serious implications for internet privacy in the future".
 

StormOneOnly

Established Contributor
Regular Member
Joined
Jun 5, 2022
Threads
13
Post Replies
163
Status
away
Last seen
From what I read of it, it was a bug in an outdated version of Firefox. Tor users are supposed to keep their browsers up to date. After the Tor Project fixed the bug, the FBI managed to de-anonymize those users running outdated versions of the Tor Browser Bundle. Really 135 seems low to me. I'm glad pedo's went to jail but at the same time, it is kind of a fucked up way to get them arrested.

The same thing could be used on people just trying to safely buy drugs, for instance. Precedent is everything. The users arrested should have been arrested but allowing the FBI's use of the NIT by the courts in the future, in my view, was a mistake. Part of me wants to say "kudos to the FBI", but also "this has serious implications for internet privacy in the future".
Didn't they have to gain access to the server in order to implement the nit ...? Had playpen servers never been siezed the users would have been still anonymous... ? Its good to think of the market as run by le anyhow to make sure your covered but we generally hope markets are run by not the police... this is why I'm suspicious of new markets and have more faith in dreams track record... fud is fud until someone's in the news
 

NBAYoungCarder

Established Contributor
Regular Member
Joined
Jun 14, 2022
Threads
20
Post Replies
201
Status
away
Last seen
No mention of correlation attacks? That's one of the biggest ways TOR users get busted
 

VictorBands98

Established Contributor
Regular Member
Joined
Apr 11, 2022
Threads
20
Post Replies
158
Status
away
Last seen
No mention of correlation attacks? That's one of the biggest ways TOR users get busted
Tor doesn't claim to protect against a global passive adversary.
As a practical matter, I'd either do your business on public wifi or snarfed wifi accessed via an antenna.


(Ex: maybe a neighbor has a weak WPA2 key, or you can set up an antenna to get access to a nearby business that most couldn't reach from your place).
Browse JS off, use a secure OS, and even if they punch through and get an IP, all they get is some library, coffee shop etc.


Change up your location often and you should be gold, they can't sit on some spot for months and even if they do they probably don't know what you look like.
 

StormOneOnly

Established Contributor
Regular Member
Joined
Jun 5, 2022
Threads
13
Post Replies
163
Status
away
Last seen
Tor doesn't claim to protect against a global passive adversary.
As a practical matter, I'd either do your business on public wifi or snarfed wifi accessed via an antenna.


(Ex: maybe a neighbor has a weak WPA2 key, or you can set up an antenna to get access to a nearby business that most couldn't reach from your place).
Browse JS off, use a secure OS, and even if they punch through and get an IP, all they get is some library, coffee shop etc.


Change up your location often and you should be gold, they can't sit on some spot for months and even if they do they probably don't know what you look like.
Correlation attacks are extremely extremely low.

You need to be watching traffic going into the network (guard) and out (exit) or the guard and webserver.

As .onion sites don't use exit nodes, the malicious party has to get lucky for 2 of the 6 relays, and even then with the amount of traffic going through them, it's hard to pin point a user.

This is why they hack the user rather than intercepting traffic.
 

NBAYoungCarder

Established Contributor
Regular Member
Joined
Jun 14, 2022
Threads
20
Post Replies
201
Status
away
Last seen
Ah right, didn't think about the relays
 

VictorBands98

Established Contributor
Regular Member
Joined
Apr 11, 2022
Threads
20
Post Replies
158
Status
away
Last seen
Ah right, didn't think about the relays
Depending on the country, isps (the bigger ones) are supposed to implement methods of targeting customers connecting to TOR, if you use your home\work Internet access, connect to tor and immediately do something that raises alerts (fake bomb email or something worse) it greatly narrows down the list of possible suspects. If a tor site shows the timestamps of messages or logins, it creates some additional vector of correlation.
 

StormOneOnly

Established Contributor
Regular Member
Joined
Jun 5, 2022
Threads
13
Post Replies
163
Status
away
Last seen
Depending on the country, isps (the bigger ones) are supposed to implement methods of targeting customers connecting to TOR, if you use your home\work Internet access, connect to tor and immediately do something that raises alerts (fake bomb email or something worse) it greatly narrows down the list of possible suspects. If a tor site shows the timestamps of messages or logins, it creates some additional vector of correlation.
This is why you use a VPN.
 

NBAYoungCarder

Established Contributor
Regular Member
Joined
Jun 14, 2022
Threads
20
Post Replies
201
Status
away
Last seen
This is why you use a VPN.
Extremely low for now. We are rapidly approaching the era of the global adversary, the era of total surveillance. In the next few decades cryptographic tools will have to become far more complex and innovative if privacy is to survive. Tor as it exists today could not survive a global adversary or decryption via a quantum computer.
 

VictorBands98

Established Contributor
Regular Member
Joined
Apr 11, 2022
Threads
20
Post Replies
158
Status
away
Last seen
Quantum computers exist today. You really think LE doesn't have access to them?
 

Users who are viewing this thread

Top