# DarkFail's Blog --- ## Pages --- ## Posts - [Creating a secure, non-Qubes operating system configuration for the dark web using Kicksecure.](https://darkfail.io/blog/creating-a-secure-non-qubes-operating-system-configuration-for-the-dark-web-using-kicksecure/): I explained the process of installing Whonix on QEMU and KVM for Debian, so you can securely access the dark... - [Common Dark Web Scams and How to Avoid Them](https://darkfail.io/blog/common-dark-web-scams-and-how-to-avoid-them/): Learn about common dark web scams, how to identify them, and practical tips for safeguarding your data and finances while navigating this risky online environment. - [.onion services](https://darkfail.io/blog/onion-services/): File HostFiles of Any Kind134 MB Capacity Maximumhttp://uploaddd5rychb5mzvpycwr4c6pomy6ptr3gqbluivnig2jokirmf6qd. onion NotieSelf-destructing encrypted messaging service. http://notie6suse7nzfrlndouyjw3xmdf2sl2a6njcykd3qongp5f2bytz4yd. onion - [Security through Obscurity and Obfuscation](https://darkfail.io/blog/security-through-obscurity-and-obfuscation/): Recently, after reading that ‘AT&T is now trying to block DNS encryption’ and taking into consideration the long-forgotten concept of... - [Choosing the Right TOR Exit Node: A Guide to Anonymity](https://darkfail.io/blog/choosing-the-right-tor-exit-node-a-guide-to-anonymity/): Choosing the right TOR exit node is crucial for maintaining anonymity online. This guide will explore the different factors to... - [Dedicated Device for OpSec: Tablet vs Laptop?](https://darkfail.io/blog/dedicated-device-for-opsec-tablet-vs-laptop/): Choosing the right device for your OpSec needs is crucial for maintaining your privacy and anonymity. This guide will compare... - [My Approach to Destroying Shipping Labels](https://darkfail.io/blog/my-approach-to-destroying-shipping-labels/): I understand the concern about leftover packaging and shipping labels, especially when dealing with illegal activities. While I agree with... - [Current EU Shipping Times: A Summary](https://darkfail.io/blog/current-eu-shipping-times-a-summary/): Based on the information gathered from the darknet forum threads, here’s a summary of current EU shipping times: General Trends:... - [How police took down many of the top markets](https://darkfail.io/blog/how-police-took-down-many-of-the-top-markets/): This is a list of all major DNM which have been comprimised by LE, a short summary of them, and... --- # # Detailed Content ## Pages --- ## Posts - Categories: Uncategorized I explained the process of installing Whonix on QEMU and KVM for Debian, so you can securely access the dark web in a containerized and leak-free manner. But what about the host operating system? This question was raised as the top comment, and I promised I'd make a part two, so here we go. You will want a Debian system, that's already installed and potentially blank to avoid any later issues. A user with "sudo" is ideal, LUKS full disk encryption is mandatory. The DE I would reccomend is XFCE, for many reasons - such as being lightweight, configurable to the bone, simple to use, and familiar, since both Qubes and Whonix use it by default. Let's get ahead of the boring parts with the commands below. Make sure you run "sudo su" to drop a "root" shell before running the commands. The commands assume "user" is your username, as it should be. apt update && apt upgrade && apt install --no-install-recommends sudo adduser && echo "user ALL=(ALL:ALL) NOPASSWD:ALL" | EDITOR=tee visudo -f /etc/sudoers. d/nopassword >/dev/null && /usr/sbin/addgroup --system console && /usr/sbin/adduser user console && apt install console-data console-common kbd keyboard-configuration && apt install extrepo && extrepo enable kicksecure && apt install --no-install-recommends kicksecure-xfce-host && repository-dist --enable --repository stable && mv /etc/apt/sources. list ~/ && touch /etc/apt/sources. list Great! Now you have morphed a Debian box, into a Kicksecure box. I'd like to provide some general security recommendations you will need to do on your new system, in order to... --- - Categories: Uncategorized Did you know? Scammers on the dark web made over $2. 5 million in 2022 from just three forums. The dark web is a hidden part of the internet accessed through browsers like TOR, where anonymity attracts both privacy-conscious users and cybercriminals. Here’s what you need to know to stay safe: Top Scams to Watch For: Exit Scams: Marketplaces shut down suddenly, taking user funds. Fake Vendors: Impersonators steal money with fake profiles and reviews. Phishing Links: Malicious URLs steal credentials or install malware. Escrow Fraud: Fake services take funds without completing transactions. How to Protect Yourself: Use encrypted messaging apps like Signal. Check vendor history for red flags like perfect ratings on new accounts. Stick to trusted escrow services within verified marketplaces. Double-check URLs to avoid phishing. Quick Tips for Security: Use a VPN with TOR for anonymity. Enable two-factor authentication. Monitor for data breaches and update passwords regularly. The dark web can be risky, with 57% of its content tied to illegal activities. Whether you’re exploring it for legitimate reasons or otherwise, staying cautious is critical. Learn how to spot scams, secure your data, and protect your finances. Exploring the BIGGEST SCAMS in the Dark Web Top Dark Web Scams to Watch For Here’s a breakdown of some of the most common scams on the dark web and how they operate. Fake Markets and Shops Dark web marketplaces are notorious for exit scams. These scams happen when platforms gain users' trust and then abruptly shut down, taking all... --- - Categories: Uncategorized File HostFiles of Any Kind134 MB Capacity Maximumhttp://uploaddd5rychb5mzvpycwr4c6pomy6ptr3gqbluivnig2jokirmf6qd. onionNotieSelf-destructing encrypted messaging service. http://notie6suse7nzfrlndouyjw3xmdf2sl2a6njcykd3qongp5f2bytz4yd. onion --- - Categories: Uncategorized Recently, after reading that 'AT&T is now trying to block DNS encryption' and taking into consideration the long-forgotten concept of 'network neutrality,' contemplating the gross abuse of power Apple has over their consumers via their devices (DNS) and putting the end-user on Apple's own Private Relay, knowing that the NSA and AT&T work hand-in-hand:That the NSA has access to virtually all internet traffic, ad infinitum:https://en. wikipedia. org/wiki/MUSCULAR#Operational_detailshttps://en. wikipedia. org/wiki/PRISM#The_programHow, your ISP can still see everything "normal" clients visit, trivially, without needing to look at DNS -- the client sends the hostname it wants to reach in the clear when setting up a TLS connection. Sadly, the encrypted "ClientHello" TLS extension still isn't widely supported. https://www. ietf. org/archive/id/draft-ietf-tls-esni-17. htmlAnd that an ISP can DPI HTTPS and DNS over HTTPS to determine the FQDN based on the SNI header which is needed for front-end routing. That DPI is used by NGFWs to do real-time blocking. That Palo Altos and Sophos thrive with DPI by blocking categories via DPI in real-time. How a Sophos just needs to sit between your client and another network to look at patterns, headers and payloads. How even DNS over HTTPS is not "practically unblockable". How the country has become obsessed with the pretense, current VPN trend. I've found a pretty solid means of messing with them. https://github. com/madereddy/noisySimple random DNS, HTTP/S internet traffic noise generator in a Docker container. https://github. com/fireneat/NoisySimple traffic generator written in Python which may make traffic inspection more difficult. https://github. com/1tayH/noisySimple random DNS,... --- - Categories: Uncategorized Choosing the right TOR exit node is crucial for maintaining anonymity online. This guide will explore the different factors to consider when selecting an exit node, including the number of hops, adversary countries, and VPN usage. Understanding TOR Exit Nodes TOR, or The Onion Router, is a privacy tool that encrypts your internet traffic and routes it through a series of volunteer-operated servers called relays. These relays are grouped into circuits, and the final relay in a circuit is called the exit node. The exit node is responsible for sending your traffic to its final destination. Factors to Consider When Choosing an Exit Node Number of Hops: The number of hops in a TOR circuit affects your anonymity. A higher number of hops makes it more difficult to trace your traffic back to its source. However, it also slows down your connection speed. Most users are advised to stick with the default number of hops, which is three. Adversary Countries: It is generally not recommended to choose an exit node in a country that is considered an adversary to your own. This is because the government of that country may be more likely to monitor and track your traffic. VPN Usage: Using a VPN with TOR can add an extra layer of security, but it is important to choose a reputable VPN provider that does not log your activity. Some users believe that using a VPN in a friendly country before connecting to TOR can provide additional anonymity, but this... --- - Categories: Uncategorized Choosing the right device for your OpSec needs is crucial for maintaining your privacy and anonymity. This guide will compare tablets and laptops as potential dedicated devices for running Tails or Whonix, exploring the pros and cons of each option. Tablets: Pros and Cons Pros: Portability: Tablets are generally more portable than laptops, making them easier to carry and use on the go. Battery life: Tablets typically have longer battery life than laptops, allowing for extended use without needing to be plugged in. Lower cost: Tablets can be less expensive than laptops, especially older models. Cons: Limited functionality: Tablets are not as powerful as laptops and may not be able to run all the software you need. Smaller screen: The smaller screen size of a tablet can make it difficult to work with complex applications. Limited hardware customization: Tablets typically have less hardware customization options than laptops, making it harder to upgrade or modify them. Laptops: Pros and Cons Pros: More powerful: Laptops are generally more powerful than tablets, allowing you to run more demanding software and applications. Larger screen: The larger screen size of a laptop makes it easier to work with complex applications and documents. More hardware customization: Laptops typically have more hardware customization options than tablets, making it easier to upgrade or modify them. Cons: Less portable: Laptops are generally less portable than tablets, making them more difficult to carry and use on the go. Shorter battery life: Laptops typically have shorter battery life than tablets, requiring... --- - Categories: Uncategorized I understand the concern about leftover packaging and shipping labels, especially when dealing with illegal activities. While I agree with the DNM bible's advice to avoid putting identifiable materials in your regular trash, I also believe there's a balance between security and practicality. Here's my personal approach to handling shipping labels: 1. Removing Identifying Information: I carefully remove any labels or tags with my name, address, or other identifying information using a razor blade or sharp knife. I wear gloves during this process to avoid leaving fingerprints. I dispose of the removed labels by burning them completely or dissolving them in a strong chemical solution. 2. Shredding the Remaining Packaging: I shred the remaining packaging material into small pieces using a cross-cut shredder. This makes it difficult, if not impossible, to reconstruct the original label or packaging. Alternatively, I tear the packaging into small pieces by hand, ensuring the pieces are unrecognizable. 3. Disposing of the Shredded Material: I mix the shredded material with other trash, such as food scraps or coffee grounds, to further disguise it. I dispose of the mixed trash in multiple trash cans located at different locations, preferably outside my immediate neighborhood. Additional Considerations: If I'm particularly concerned about a specific shipment, I may take additional steps, such as burning the shredded material or flushing it down the toilet. I avoid using my regular trash can for any materials related to illegal activities. I handle all materials with care to avoid leaving fingerprints or DNA evidence.... --- - Categories: Uncategorized Based on the information gathered from the darknet forum threads, here's a summary of current EU shipping times: General Trends: Slower than usual: Shipping times across EU seem to be slower than usual, likely due to summer and the Olympics. Average wait: Most packages seem to be arriving within 7-20 days, with some outliers taking longer. Vendor discretion: Some vendors might mark packages as shipped before they actually send them, which can affect estimated delivery times. Regional variations: Shipping times can vary significantly depending on the origin and destination countries. Specific Examples: EU-EU: Germany/Poland to Southern EU: 12-18 days France to Sweden: 6 days DE-FR: 6-8 days (usually), 10 days recently Eastern EU: 14 days UK to EU: 9 days to 3 weeks (since June) UK to Spain: 14 days PL to DE: 20 days China to EU: 7-15 days Additional Factors: Postal services: Efficiency of postal services in different regions can impact delivery times. Customs: Packages shipped internationally might experience delays due to customs checks. Vendor reliability: Choose vendors with a good reputation for timely shipping. Recommendations: Be patient: Allow for additional time for your package to arrive, especially during peak seasons. Track your package: Use tracking information provided by the vendor to monitor its progress. Communicate with the vendor: If your package is significantly delayed, contact the vendor for an explanation. Consider alternative shipping methods: Some vendors offer express shipping options for faster delivery. Disclaimer: This information is based on user reports and may not be representative of... --- - Categories: Uncategorized This is a list of all major DNM which have been comprimised by LE, a short summary of them, and how they were caught. This does not cover DNMs which have been hacked. This is a long post, I've tried to make it as detailed as possible for those who want to know the details of market takedowns. I try to provide more details on the less well known markets. This is also not meant to hate/support on any specific markets. Just laying out the facts so people can see what went wrong and mistakes they can avoid. List of markets listed here Farmer's Market Silk Road Silk Road 2. 0, Cloud 9, and Hydra (Operation Onymous) AlphaBay 1 Hansa Market Farmer's Market (AKA Adamflowers)(2006-2010 Clearnet 2010-2012 Onion Site)- In 2006 a drug market by the name of Adamflowers appeared on the clearweb. This website would run as a small drug market (selling "LSD, ecstasy, fentanyl, mescaline, ketamine, DMT, and high-end marijuana" and more), flying under LE radar, until 2010. In 2010 Adamflowers changed its name to Farmer's Market and switched over to the Dark Web, using TOR. This was a new idea for online drug markets and caused Farmer's Market to rapidly grow in popularity. As is the case, with this newfound popularity, LE began to take a stronger notice in it. Thus in 2010 an investigation (aptly named "Operation Adam Bomb") began, led by the US Drug Enforcement Agency (DEA). While this takedown did take nearly two years,... --- ---