News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Couple of questions about OpSec : OpSec | Torhoo darknet markets

1) I just read LE can track your IP using something they called "Network Investigative Technique (NIT)". How? Does this happen when you download or view media, temporarily enabling java?
Also, say you are watching some highly illegal stuff like a live murder, what actual proof do they have it was you who watched it if they get your IP? Does Tails or your hard disk leave marks? Couldn't someone just crack your WiFi and use your IP? or is the IP computer specific?

2) Why do some people say you should get a VPN with Tor and Tails doesnt have one? I read its good if its a VPN from a country with privacy laws like Iceland.

3) Is disk encryption just adding a password? Can't LE just crack it using basic methods?

4) How safe is to have a persistent drive on Tails? Does your activity leave marks there, or just when you download and save files/keys, etc. And also here, can't LE just crack your passphrase?

5) How safe are messaging/mail services like Mail2Tor, Torbox, Wickrme, Telegram. Can't LE just hack say Mail2Tor servers and get all our mails?

6) How do I know whether my MAC is spoofable? Do you spoof it just once or everytime you log on Tails?

7) What inherent programs on Tails are a must to use, and which ones can you add to it for better Opsec?

8) Why does Tor always start with security set to "Standard" instead of Safe or Safest? I forget to change it everytime.

Thanks and sorry for long post.
/u/[deleted]
2 points
5 years ago*
1) I just read LE can track your IP using something they called "Network Investigative Technique (NIT)". How? Does this happen when you download or view media, temporarily enabling java?

This is just a word. There are several techniques how someone could get caught. Using malicious javascript code is just one of them.

2) Why do some people say you should get a VPN with Tor and Tails doesnt have one? I read its good if its a VPN from a country with privacy laws like Iceland.

Using a VPN with Tor is not recommended.

3) Is disk encryption just adding a password? Can't LE just crack it using basic methods?

If they could it would be useless.

4) How safe is to have a persistent drive on Tails? Does your activity leave marks there, or just when you download and save files/keys, etc. And also here, can't LE just crack your passphrase?

If you save something in your persistent storage then it will stay there during reboots.

5) How safe are messaging/mail services like Mail2Tor, Torbox, Wickrme, Telegram. Can't LE just hack say Mail2Tor servers and get all our mails?

Hacking is not just hitting some button and voila its hacked. You need to find a way into it. No system is 100% safe but you cant just decide to hack something and its hacked.

6) How do I know whether my MAC is spoofable? Do you spoof it just once or everytime you log on Tails?

Its spoofable if you dont use a MAC address changer.

7) What inherent programs on Tails are a must to use, and which ones can you add to it for better Opsec?

Use the ones you need.

8) Why does Tor always start with security set to "Standard" instead of Safe or Safest? I forget to change it everytime.

Because Tor Browser is mainly made for using it in the clearnet and in the clearnet many websites require javascript. If the torproject would not activate javascript by default many noobs would not understand why their browser is not working the way they expect it.
/u/[deleted]
1 points
5 years ago
[removed]
/u/paranoidandroid 📢
1 points
5 years ago
Thanks.
I just read Tails has a MAC address spoofer built in which is enabled by default.
Unfortunately point 8). since Tails is "Amnesic" meaning it doesnt store anything you do in a session, next session everything starts from scratch, so Tor is set again on Standard security. Guess its just a practice of remembering to do it everytime.

Do you not use Tails for any specific reason? Are there better OS or programs available for anonymity?
/u/ll630
1 points
5 years ago*
1.
How LE bust people is by linking your ip address with your mac address. Every computer has a unique mac address. So thats how they know it was you.

This is not true. LE simply finds people by their IP address. They don't care what MAC address or internal IP address you had at the time, and they can't see them because they're never sent to the internet.

You can spoof your MAC address before accessing a coffee shop's WiFi so they don't know whether you've been there in the past. LE might see your (spoofed) MAC address if the coffee shop owner gives router logs to LE after they trace a crime to the coffee shop's IP address.

3. Full disk encryption scrambles your disk. The password is the instructions for how to unscramble it. So it's not just adding a password.

5. You don't need to trust them. Encrypt all messages so the service can't read anything.

6.
A easier way of doing it would be to use tor in a virtual machine program like VMware. You can change the MAC ADDRESS on the fly.
This does nothing because it doesn't change the MAC address of the network card. Do not do this.

Also, Windows doesn't allow you to change MAC address of WiFi cards.
/u/OmGlEOxO
1 points
5 years ago
I just read LE can track your IP using something they called "Network Investigative Technique (NIT)". How?

basically, when you connect to any site, your ISP logs all the IPs, timestamps, browsers, etc.
Does this happen when you download or view media, temporarily enabling java?

happens when you do everything, there are no exceptions
...what actual proof do they have it was you who watched it if they get your IP?

if you are not using VPN/Tor, you IP address, is tied to your name. you pay your ISP for the internet access, ISP assigns IP (dynamic/static) to your account, which has your name on it and address. since you have to connect to ISP router first to access the internet, they allways know what you are doing
Does Tails or your hard disk leave marks?

Tails doesnt, Tails OS runs in your RAM, although, if not switched off correctly, on some systems, it may leave data in RAM for a few seconds
WIndows/Macs do, such as connection logs, error logs, cookies, some custome scripts, all the pictured/videos (even if streamed if using SWAP file) ...etc
Couldn't someone just crack your WiFi and use your IP?

someone could hack your Router WiFi, thats the IP address your ISP sees
IP addresses are device specific, but because you are behind a router, ISP sees router ip address

// man, im too tired, ill finish the rest if you still looking for answers, also, read through my posts, some of the things you are asking are in there
// let me know if you want the rest of the questions answered
/u/paranoidandroid 📢
1 points
5 years ago
Thanks, I'll try do some research and also read your answers. From what I read in the answers its very easy for LE to know who you are and what you are doing regardless of Tor/Tails/Spoofing Mac address, so there's obviously some other techniques I need to be aware of, otherwise everyone would be getting busted.
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo