News Feed
- DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.
- Retro Market has gone offline. Circumstances of the closure unknown.
- SuperMarket has closed following an exit scam by one of the admins.
- The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.
- Silk Road
- darknet markets list
- Popular P2P exchange LocalMonero has announced it is closing.
Every single part of your connection path whether the where and the when you connect to things like Tor should be guided towards a particular goal. The goal is pre determined by your threat model.
Some lets say Western users who only browse Dread and don't engage in any activity can probably get away without changing anything. You then ask yourself what about the country they are in? Is it restrictive to Tor usage (some more than others)? Is the ISP you are using restrictive? Does your ISP have extended log policies for detected Tor or VPN usage? Entirely other set of questions a vendor would ask as his risk of getting caught is much larger. Same for service admins, DNM admins, hackers. Should you rely only on Tor? Should you be connecting from the same place always? You get my point.
To consider we should whether you can afford to hide Tor usage or you want to circumvent the network filters. My post comparing both can give you more insight on it /post/5f1ba84246ac7d2f386f/
The subject is actually rather complex but as all of my posts I'll give you my opinion based on my knowledge and experience.
Understanding the relations between different countries can be paramount to what is acceptable risk to you and your threat model. If you're a user in the USA would it be a smart move to connect to a Russian OBFS4 bridge (non-14 eyes country)? No. Take it in reverse if you're a Russian citizen would it be smart to connect to a USA OBFS4 bridge (14 eyes country)? No. In example now insert you're a journalist in Russia or USA. Now both of these scenarios of connection can make sense. It will draw red flags but it would be a much a bit harder connection to trace. Everything is relative.
Same principle applies to VPN and the Russia-Ukraine conflict illustrated it very well. Network disruptions were a fact and connections from Ukraine to Russia or vice versa wouldn't be very prolonged. Making an assessment of where and how you should connect is important for opsec if you want or need more control over your connection path due to threat model or other reasons like being Chinese user escaping GFW.
With all of the surface descriptions of disclaimers laid out. If your adversary is global LE then them leveraging their global view of connection paths and underwater cables isn't uncommon tactic at all. They can't view your traffic directly and what is inside but with a view global enough they can correlate with probability where you access and depending on other factors who you talk to.
Most die hard Tor fans will tell you Tor is super safe and such scenario isn't possible or LE can't use the information in court making credible deductions (most likely not). But what they can do is start connecting the dots investigating the parts they see are touching and create alternative ways bypassing the actual method of data collection/detection. Once physical surveillance is in play not getting caught in with it would require a great deal of knowledge, creativity and quite a bit of luck too. In the scenario the problem from LE perspective would be collecting actual proof for the courts while not burning in public their many capabilities.
Would you say in the given imaginary scenario it might be smarter not to connect to USA bridge? Self explains. Don't forget Tor works under TCP and there's a lot of information in every packet giving them and their netflow like tools a home court advantage if you choose such bridge.
Contrary to what /u/aero said using non-14 eyes countries won't hurt your anonymity or make your more identifiable (subject to threat model & connecting country). As my script goes it calls request for bridges to MOAT from censored countries. Most of these countries don't play super well with Western countries most of whom are 14 eyes. Means the bridges usually can be more than other countries like USA or Germany or Netherlands who are predominant on the Tor bridges web page. Now you have the issue mentioned is it smart to connect to country you are in military conflict with? But what if you are journalist? You get my point the cycle continues and the answer is relative to your individual circumstances.
I would really be interesting about the opinion or evaluation from /u/DaVenom regarding this important. I hope it is in order that I tag you directly.
My view on this is to blend in as much as possible, your behavior and Tor traffic shall not stick out in any aspect, so your Tor circuits can't be filtered out by mass surveillance. This might sound easy, but it's actually very difficult.
The absolutely most critical part of your Tor connection is the Internet breakout, e.g. where you go from a network you are in control of to a network where someone else are in control.
If you are able to have anonymous Internet breakouts randomly over multiple continents, the possibilities for LE to trace you are slim. This is what Tor provided at the very beginning. What LE been doing since then is to breakdown Tor (relay by relay, network-by-network) and gain the control of Tor or at least parts of it.
This post is about balancing and choosing a network setup based on:
So, when considering how to connect the above aspects needs to be though through. And always think in layers, if Tor circuit breaks what is then protecting your privacy and anonymity. Further on, think about side attacks, e.g. unrelated to darknet, your network setup might not be legal, or be suspicious as is.
Now, based on a such analysis one should configure a network setup.