Ways Law Enforcement Busts Dark Web User

[NBAYoungCarder]

I get it with the smart phone not being idea, however I personally don't use any social media whatsoever, have Java disabled through out my phone http everything, and wipe data e erhtine I logout out of tor, also u don't use tor to browse any websites except the dnm

if this is your personal phone, absolutely not. /post/9eb7d61cecc593f1c1aa
a burner phone? still too many risks. /post/731b0187bd2919f64bf9
a phone in which you *physically* disconnected mobile access, camera, mic, rooted and installed stock Android, then secured with Orbot and never accessed any site or app that can link personally to you? maybe.
there's so much background communication going on between phone (firmware, native apps, installed apps) and the mobile towers that phone just isn't secure. Orbot, Signal, Wickr help, but i just wouldn't use a phone for anything more than brief, circumspect communication.
YouTube /watch?v=VFns39RXPrU

 

[VictorBands98]

tails should have this disabled default instaed of noobs not knowing to do this everytime booting up
(i used to be that guy)

 

[StormOneOnly]

Don't use USPS apps on your phone, dont check pack deliveries on your phone period. Once you've set up Informed Delivery, configure it to send text messages for packages. Mute the conversation and let it push all the updates to you via SMS. This will keep a longer history than the ID page or app. You have plausible deniability because you get updates on ALL your amazon shit. Let them PUSH the data to you, don't PULL it.

Don't use your phone to check on deliveries.
Don't use your phone for anything DNM related.
Don't hit the tracking info for the same pack.
They track your IP and # of hits and will use this against you. TRUST ME, I KNOW.

 

[NBAYoungCarder]

Don't use USPS apps on your phone, dont check pack deliveries on your phone period. Once you've set up Informed Delivery, configure it to send text messages for packages. Mute the conversation and let it push all the updates to you via SMS. This will keep a longer history than the ID page or app. You have plausible deniability because you get updates on ALL your amazon shit. Let them PUSH the data to you, don't PULL it.

Don't use your phone to check on deliveries.
Don't use your phone for anything DNM related.
Don't hit the tracking info for the same pack.
They track your IP and # of hits and will use this against you. TRUST ME, I KNOW.

Amazon ships with UPS, a private company that is allowed to check all your mail as far as they please. It's a completely different service to the USPS. Please inform yourself comrade

 

[VictorBands98]

Amazon ships with UPS, a private company that is allowed to check all your mail as far as they please. It's a completely different service to the USPS. Please inform yourself comrade

Not sure where you're from comrade, but Amazon ships 80% of my shit via USPS. I wish it were different, because aorund here UPS is the most unreliable shipper imaginable.

 

[StormOneOnly]

Not sure where you're from comrade, but Amazon ships 80% of my shit via USPS. I wish it were different, because aorund here UPS is the most unreliable shipper imaginable.

Ah. I live in a major city, so I was just speaking based on personal experience. Sorry for the rude tone.

 

[NBAYoungCarder]

I check informed delivery so much. How can you say that you aren't checking it for, you know, everything else?


Not all places ship via amazon's delivery system. Sometimes it goes into USPS, but I buy lots of stuff from ebay, etsy, other stores, etc etc. They can't tell one prio box from another. I usually have no idea what box is which even :\


no one cares about your tracking info just never ask for it from a vendor unless it's contesting

 

[VictorBands98]

My fucking god, I had NO idea. Ive been checking ID since the moment I ordered stuff. Not doing it thru my phone or laptop ever again moving forward. Thanks for this

 

[StormOneOnly]

To add on your highlights i would say :
1.Going undercover.This can be a highly effective tactic where the undercover agents penetrate the wider dark web organizations.In a way ,law enforcement have taken advantage of the protections offered by Tor to blend in with everyone's else-on the dark web,you never really know who is on the other end of a conversation .
.
2.Open Source Information .Even if criminal"s business exists primarily on the dark web ,they might have left digital bread crumbs -in forum posts or public documents that lead to investigators to the suspect"s identity .

3.Following The Money .Dark web market places typically use the pseudo- anonymous currency bitcoin,for all transactions the idea being that transactions can be carried out with no link to the buyer or sellers real identity .Homeland Security Investigations (HSI),part of the Department of Homeland Security however has set up dedicated task force for tracking down those who launder their proceeds with bitcoin and other cryptocurrencies.

 

[NBAYoungCarder]

So are Tor users still susceptible to the same Network Investigative Technique used in operation pacifier?

 

[VictorBands98]

So are Tor users still susceptible to the same Network Investigative Technique used in operation pacifier?

From what I read of it, it was a bug in an outdated version of Firefox. Tor users are supposed to keep their browsers up to date. After the Tor Project fixed the bug, the FBI managed to de-anonymize those users running outdated versions of the Tor Browser Bundle. Really 135 seems low to me. I'm glad pedo's went to jail but at the same time, it is kind of a fucked up way to get them arrested.

The same thing could be used on people just trying to safely buy drugs, for instance. Precedent is everything. The users arrested should have been arrested but allowing the FBI's use of the NIT by the courts in the future, in my view, was a mistake. Part of me wants to say "kudos to the FBI", but also "this has serious implications for internet privacy in the future".

 

[StormOneOnly]

From what I read of it, it was a bug in an outdated version of Firefox. Tor users are supposed to keep their browsers up to date. After the Tor Project fixed the bug, the FBI managed to de-anonymize those users running outdated versions of the Tor Browser Bundle. Really 135 seems low to me. I'm glad pedo's went to jail but at the same time, it is kind of a fucked up way to get them arrested.

The same thing could be used on people just trying to safely buy drugs, for instance. Precedent is everything. The users arrested should have been arrested but allowing the FBI's use of the NIT by the courts in the future, in my view, was a mistake. Part of me wants to say "kudos to the FBI", but also "this has serious implications for internet privacy in the future".

Didn't they have to gain access to the server in order to implement the nit ...? Had playpen servers never been siezed the users would have been still anonymous... ? Its good to think of the market as run by le anyhow to make sure your covered but we generally hope markets are run by not the police... this is why I'm suspicious of new markets and have more faith in dreams track record... fud is fud until someone's in the news

 

[NBAYoungCarder]

No mention of correlation attacks? That's one of the biggest ways TOR users get busted

 

[VictorBands98]

No mention of correlation attacks? That's one of the biggest ways TOR users get busted

Tor doesn't claim to protect against a global passive adversary.
As a practical matter, I'd either do your business on public wifi or snarfed wifi accessed via an antenna.


(Ex: maybe a neighbor has a weak WPA2 key, or you can set up an antenna to get access to a nearby business that most couldn't reach from your place).
Browse JS off, use a secure OS, and even if they punch through and get an IP, all they get is some library, coffee shop etc.


Change up your location often and you should be gold, they can't sit on some spot for months and even if they do they probably don't know what you look like.

 

[StormOneOnly]

Tor doesn't claim to protect against a global passive adversary.
As a practical matter, I'd either do your business on public wifi or snarfed wifi accessed via an antenna.


(Ex: maybe a neighbor has a weak WPA2 key, or you can set up an antenna to get access to a nearby business that most couldn't reach from your place).
Browse JS off, use a secure OS, and even if they punch through and get an IP, all they get is some library, coffee shop etc.


Change up your location often and you should be gold, they can't sit on some spot for months and even if they do they probably don't know what you look like.

Correlation attacks are extremely extremely low.

You need to be watching traffic going into the network (guard) and out (exit) or the guard and webserver.

As .onion sites don't use exit nodes, the malicious party has to get lucky for 2 of the 6 relays, and even then with the amount of traffic going through them, it's hard to pin point a user.

This is why they hack the user rather than intercepting traffic.

 

[NBAYoungCarder]

Ah right, didn't think about the relays

 

[VictorBands98]

Ah right, didn't think about the relays

Depending on the country, isps (the bigger ones) are supposed to implement methods of targeting customers connecting to TOR, if you use your home\work Internet access, connect to tor and immediately do something that raises alerts (fake bomb email or something worse) it greatly narrows down the list of possible suspects. If a tor site shows the timestamps of messages or logins, it creates some additional vector of correlation.

 

[StormOneOnly]

Depending on the country, isps (the bigger ones) are supposed to implement methods of targeting customers connecting to TOR, if you use your home\work Internet access, connect to tor and immediately do something that raises alerts (fake bomb email or something worse) it greatly narrows down the list of possible suspects. If a tor site shows the timestamps of messages or logins, it creates some additional vector of correlation.

This is why you use a VPN.

 

[NBAYoungCarder]

This is why you use a VPN.

Extremely low for now. We are rapidly approaching the era of the global adversary, the era of total surveillance. In the next few decades cryptographic tools will have to become far more complex and innovative if privacy is to survive. Tor as it exists today could not survive a global adversary or decryption via a quantum computer.

 

[VictorBands98]

Quantum computers exist today. You really think LE doesn't have access to them?