News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

All VPS providers require javascript to purchase? Defeats the purpose? : OpSec | Torhoo darknet markets

I am running Tails, and am trying to find a suitable VPS provider to buy a VPS using XMR. However, all providers that seem to take XMR need me to put javascript on at some stage of the purchase process. (I'm assuming they also require it to use the control panel.) This includes niceVPS, sporestack, bitlaunch.io etc.

Doesn't this fully defeat the purpose of a anonymous VPS, by making it not anon at all? Presumably LE could trace any activity done by my VPS back to the machine, because i used java at purchase?

What am I missing, how can i make an anon purchase with java on?
/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴
2 points
2 weeks ago
Have a look at:
/d/OpSec/wiki/?id=2dd37868
/u/abuhajjar 🍼
1 points
2 weeks ago
Would you know why Kyun has been crossed off? It says "banned by the Monero community" but I do not understand. I wonder who is this "Monero community" and what is their issue with Kyun.
/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴
1 points
2 weeks ago
If you find a provider like BAD A.. VPN it means that the /d/Monero moderators have marked the provider as scammer or similar.
/u/abuhajjar 🍼
2 points
2 weeks ago
I will have to investigate that then. Thank you. Either I am getting actively fucked by a scammer as we speak or somebody at the Monero sub needs to be fact checked.
/u/Beelzebub ƤŘƗŇĆ€ Ø₣ ŁƗ€Ş
1 points
2 weeks ago*
I should add a link to that in the FAQ.
/u/ShortFrame 📢
1 points
2 weeks ago
Thanks /u/DaVenom
I have seen that page, but my question still stands. If the recomended vps services still require java at sign up, how do I avoid having my my tails machine linked to the purchase? Am I to assume that because they are privacy focused vps companies, that they are unlikely to be using the javascript running on their site to capture my identity?

I thought the risk of being exposed by Javascript went beyond just the site you were visiting, perhaps that is wrong?
/u/BastaBackdoor
1 points
2 weeks ago
try privex
/u/ShortFrame 📢
2 points
2 weeks ago*
Thanks /u/BastaBackdoor
Looks like privex also requires javascript to be on to proceed through signup. Do you think this is a non issue? Perhaps I am over estimating the threat?

Edit - looks like they do have a non JS order form, ty!
/u/BastaBackdoor
1 points
1 week ago
love u
/u/abuhajjar 🍼
1 points
2 weeks ago
If memory serves, Cockbox works without JS.

What am I missing

Their threat model is not LE. They have no reason to circumvent the use of JS other then to please a minority of users who are up to no good.
(And this is assuming that they are not honeypots to begin with)

how can i make an anon purchase with java on?

I recommend hardware compartmentalization and network isolation. Tails is good for noobs but not so much advanced threat models. Ideally the device that knows what activities you are doing should not be the same device that knows what is happening between your real IP and your exit node.
/u/ShortFrame 📢
1 points
2 weeks ago
Thanks /u/abuhajjar

Can i confirm, does you mean I should buy it on a one machine, (presumabaly not on my network and still running tails) and then use a different machine to connect to the vps with ssh tunnel?

Or does it mean to not use tails and swap to some other OS that allows hardware & network compartmentalization?
/u/abuhajjar 🍼
1 points
2 weeks ago
It all depends on how far you want to take it. If you don't need or want to conceal your Tor use from your ISP then you could (at least in theory) use Tails on PC #1, letting it connect to Tor as it normally does, and then piggyback PC #2 to it by configuring its Tor Browser to use the Tor instance from PC #1. (I say 'in theory' because I do not know what type of firewall is in Tails which may or may not get in the way)

The settings in Tor Browser (about:config) to use a different Tor instance than its own are:

extensions.torlauncher.start_tor = FALSE
extensions.torlauncher.prompt_at_startup = FALSE
extensions.torlauncher.control_host = set this to the IP of the Tails PC
extensions.torlauncher.control_port = set this to whatever Tails uses for a control port which may or may not be 951
network.proxy.socks = once again set this to the IP of your Tails PC
network.proxy.socks_port = set this to whatever Tails uses for its torsocks port
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo