How bad is my OpSec? It doesnt get much worse. : DreadMoments | Torhoo darknet markets

in https://torhoo.cc/go.php?u=TDJRdmNISnBkbUZqZVE9PQ==#
Sadly i must have windows 11 as my Main OS , but disabled all data sending consents in settings ( ikr that's not enough )

i have Virtualbox with fedora + vpn with killswitch --> using vm+vpn to connect to my RDP

i only use RDP to do mainly light blackhat stuff like cracking maybe some fraud etc..

so my Threat-level -> Crime


i have a feeling this is kinda stupid having vm on windows but sadly due to my work i must have windows
is there's anything that i can do to minimize windows spyware activities ?

and does this work or not safe since i have alot of docs connected to my real identity on windows
18 comments

this is bad opsec. the first thing i would say is dualboot, encrypt your drive with veracrypt. you're realistically safe from a raid anyway but you do not want your microsoft account with real identity shit being linked to your cybercrime lmao
take a step back and look at how bad your opsec here is.

Dualboot Debian, run whonix in a KVM under debian for anything networking, encrypt your debian drive, use PGP, use a strong password manager. Use lockdown mode on mullvad, and follow https://torhoo.cc/go.php?u=TDJRdmIzQnpaV009#. nihilist's opsec bible is a personal favorite

i use lockdown and keepass , i can't do dualboot since i always use both machines at same time , working on both windows and my side hustle blackhat business

even more so bad opsec. if you genuinely care about improving your opsec, https://torhoo.cc/go.php?u=TDJRdmIzQnpaV009#. as it stands, you're doing very little to protect your anonymity and privacy

what would be my weakpoints at this setup ? i think my only weakpoint is windows spying but idk if windows can spy on vm or not

windows can spy on your vm and a whole lot more. if it runs under windows, there'll be OS telemtry. you don't mention any use of tor when connecting to your VPS, and you mention it being a RDP so I'm assuming it's a Windows VPS. at your threat level, not using tor is probably fine for connecting to your VPS. You have too much reliance on Windows, and you don't mention encrypting communications with PGP which means no deniability

nobody uses pgp in the circle i'm working in , not my choice

*
Then why did you waste our time with this post?

-> I use Windows, rate my opsec, refuse to accept the constructive feedback provided.

Then use Windows accept the risks and have a fund for a lawyer and bail when necessary.

I can buy a decent running PC with 16GB RAM that'll run Linux and multiple VM"s for $100.
Your choice.

I did run this thru a filter for reasons.

A acquaintance of yours expresses, "I wish to accomplish X, though I am unsure of the method."

You, being proficient in the task at hand, offer, "I am more than happy to assist you."

Acquaintance: "Splendid! I am grateful."

You: "Very well, to achieve X, you must first undertake tasks A, B, and C in sequence. That is the proven method to accomplish X."

Acquaintance: "I must admit, I am not particularly fond of that approach."

You: "I understand your sentiment, however, that is the established method to achieve X."

Acquaintance: "I am inclined to attempt tasks L, B, and K to achieve X."

You: "I appreciate your initiative, but I must inform you that those tasks will not yield the desired result. To accomplish X, you must follow tasks A, B, and C."

Acquaintance: "I see. However, I am set on doing X my way."

Then stop wasting my time! So annoying.

https://torhoo.cc/go.php?u=TDNVdlFtVmxiSHBsWW5WaQ==# https://torhoo.cc/go.php?u=TDJRdlJISmxZV1JOYjIxbGJuUno=#

If your "crime" is buying dope for personal use then check out Dark net market buyers bible at https://torhoo.cc/go.php?u=TDJRdlJFNU5ZbWxpYkdVPQ==#

have multiple services for KYC + selling cracked accs + other blackhat stuff , not crazy but still illegal shit

oh then that's obviously different, I would recommend to buy if you have the money a second computer or use an old laptop for blackhat stuff, use tails os with disk encryption and use public wifi from at least two or more suburbs away also still read the DNM bible for general opsec

that's the plan i just moved to a new city i don't have time to even buy furniture , but my plan is to make a good setup room and have multiple laptops with external screens and buying mouses and keyboards etc

This plan is good but try to make sure there is no linkage to YOU, if you're renting pay with cash, if the person you're renting from asks for ID show a fake ID.

You should just buy the Dread dildo now, since your priorities and OpSec need serious fucking work.And you are unwilling to listen to reason.

Is your windows drive encrypted at least?

I'm sure he thinks a Windows password is all he needs lol

As I mentioned and I'm sure you know, a USB drive can erase a SAM in under five minutes unencrypted.

dual boot then , don't use windows , u are using windows 11 worst than windows 10 ,
my recommendation install linux and use windows inside vm