News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Hardware OpSec : OpSec | Torhoo darknet markets

In this day of age it is easy to get information about how to protect your internet connections and what the "best" OS is for OpSec. But it is hard (at least for me) to find valid information that talks about hardware level opsec and I want to finally escape the spyware cesspool that is Intel and AMD (if that is even possible), since we all know that Intel and AMD have spyware literally build into them.
I already heard of "openboot" but that is only the BIOS, there still is the question about CPU and other things. So my main question is what opsec friendly alternatives are there when it comes to hardware components?
/u/alwaysfire
3 points
1 month ago
Just use Heads firmware flashed on a Lenovo T480. It neuters the Intel ME (Management Engine), and disables any unneeded microcode from intel that has unknown purposes. Modify it to remove bluetooth, fingerprint, and replace the Wi-Fi card with an open source wi-fi card. Thats about as good as it gets since on newer laptops/desktops, you cannot disable ME. Also, if you want all free firmware, you could look into Libreboot firmware, which also disables intel ME, but is a bit less security oriented then Heads.
/u/Lyubovina
1 points
1 month ago
I agree with this
/u/403Enjoyer 📢
1 points
1 month ago
So there aren't any good / use able alternatives to Intel / AMD? I should rather just buy a normal laptop, remove all the vulnerable components to the best of my ability and the ME engines of the CPU i got.
/u/alwaysfire
1 points
1 month ago
Correct. You can't boot Tails or Qubes on an arm machine, and I don't believe Heads or Libreboot work on ARM machines. The advice I gave you is the best you are going to get. T480, Heads/Libreboot, Qubes/whonix, Tails. Good luck.
/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴
2 points
1 month ago
Coreboot is the open source firmware for BIOS and UEFI, there are a number of derivatives based on coreboot. Look for compliant computers to get the right hardware. Do not buy any GPU model or models with fancy "security" features like biometrical devices, they are contra productive.

Buy a computer anonymously and strip it from WiFi/Bluetooth chip, loudspeakers, microphone and web camera and upgrade the firmware.

Also buy external Ethernet connector (and USB WiFi-adapter if you need that).

Then install your Darknet o/s (Tails, Qubes/Whonix, KickSecure/Whonix, see /d/OpSec/wiki?id=ea7f4385). This is a fairly safe computer now.

Other options are ARM based computers.
/u/403Enjoyer 📢
0 points
1 month ago*
So what about the hardware itself, so CPU, RAM, ... Are there even hardware providers that offer opsec friendly items or not really? Or should I just use tools that remove the spyware parts from the hardware components?
/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴
1 points
1 month ago
Regarding CPU I already mentioned the ARM processor, there is also the Chinese, Zhaoxin CPU's with other industries providing full production line of only Chinese made components including RAM.

Another option is to relay on older hardware where modern "security features" are not included.

As I already mentioned, the key here is to make sure the secured computer can't interact with anything external. Therefore all wireless technologies must be avoided. When having the hardware isolated you minimize the risk that any hardware backdoor or built in spyware become exposed or are remotely activated.
/u/Argo
2 points
1 month ago
Not only hardware backdoors but BIOS infections, memory attacks. There's so much an attacker can take advantage it just becomes easier on highly used and commercialized system/hardware. Coreboot is a pretty good open source BIOS. To add to /u/DaVenom point, for max protection use something that can filter your network traffic through Ethernet then use switches to connect your PC to your router or modem

Don't overlay your network a bunch of times to cover your identity, your going to have reduced latency and eventually, defeat the purpose.
/u/chickenBREASTS
1 points
1 month ago
not much info on hardware level opsec because most people who start going this rabbithole leave internet for good to live in the woods

hardware schematics are never available and if they are verifying a cpu matches the schematics requires at least university level lab and cpu would be destroyed in the process

forget management engine because backdoors can be and are implemented on more fundamental level
new cpus = new spyware
old cpus = old spyware and security problems

there are good solutions like hardcore physical isolation but its definitely not for the average person
/u/starvingpigeon ⠀:3⠀
1 points
1 month ago
best hardware opsec you can reasonably get is going to be a laptop corebooted with me cleaner. then you can remove any wifi cards, microphones, or anything else you want to get rid of. if you are willing to spend the money, nitrokey is a good option but their laptops are extremely overpriced and not really worth it if you are willing to put in a little effort.
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo