Torhoo onion mirror : torhoocc3yugradvhrppml2fin4xob7kgg7uf42s4xk7p6r5vzy62ead.onion

What does everyone think about having an 'OpSec Validator' in the DNM bible? : DNMBible | Torhoo darknet markets

To minimize repetitive posts on https://torhoo.cc/go.php?u=TDJRdlQzQnpaV009# such as "is my OpSec good" I think a feature such as an 'OPSEC validator' would be good to prevent such questions being asked over and over again. A section where it allows users to do a quiz to see if their OPSEC is good. How it works is that it will ask users large variety of questions such what OS they use, what VPN they (if any) they use and etc. It'll allow users to select an answer and each answer would give the user points which is then added up to work out how good their OPSEC is. There would a chart/meter to allow users to visualize where they're precisely at, indicating how good the persons' OPSEC is though the points and phrases such as 'very good' or 'needs improving' would be outputted.

/u/dendddrfity

2 points

2 years ago

I think this is a great idea.

/u/Aphrodite 📢

2 points

2 years ago

Thanks for the interest! We're currently working on it :)
According to ShakyBeats it'll come in the next update!

/u/AnonGuySession

1 points

1 year ago

What's happened so far with it?

/u/Aphrodite 📢

1 points

1 year ago

I don't even know. Shakybeats hasn't updated the DNMBible in months.
Perhaps the idea is coming on the next DNMBible update (if there's going to be any).

/u/dashcamnoob

2 points

2 years ago*

It would be pretty limiting, but I think it's a good start. LE watches Dread.. and people asking "Is my OpSec good" can be the, PERFECT crumbs to piece together who someone is...! Me thinks having something locally would cut down on glowies watching Dread.

/u/Aphrodite 📢

1 points

2 years ago

Certainly! Although I didn't have that specific reason in mind, it makes sense :)

/u/HeadJanitor

1 points

2 years ago

I constantly hawk /d/OpSec and delete any topics that are not related to /d/OpSec and are more fit for /d/carding and /d/hacking or /d/Tails and /d/Qubes.

We don't have such a system but I routinely clean the place up to keep it a single purpose entity.

Sometimes I allow a post that isn't fit for /d/OpSec to remain long enough for the poster to post it to the more appropriate subdread.

/u/noechans211

1 points

1 year ago

This is an awesome idea. Make it happen, Cap'n.

/u/LydiaRQ

0 points

2 years ago

How is the project coming along? About done? This idea is a winner. The only detail is that it is quite a labor of love in that it is what so many could use but without financial incentive it would be a huge undertaking.

/u/Aphrodite 📢

1 points

2 years ago*

Thank you! And I am not quite sure, maybe /u/Shakybeats could answer when it'll be released! Although money is a great incentive, what incentives me the most with this project is the hopes of it benefiting the community; finance is only a small factor for me. As I can''t speak for Shakybeats I could assume their intention's the same or otherwise there would've been a donation page on their site. You can still support the DNMBible through donating to Dread!

/u/LydiaRQ

1 points

2 years ago

Hi friend! So nice to hear of the status from your POV. We totally support stuff just like that. In fact, I will share some big news that happens to coincide--today we have let some know of our version of the DNM Bible, a new website dedicated to OpSec but for complete newbs. Not all the lessons are finished but I'll pass you the link so you can have a laugh. Just make sure you watch the front page video AI interview: https://torhoo.cc/go.php?u=YUhSMGNITTZMeTlsWjJGdVozTjBaWEl1YjNKbg==#

/u/Aphrodite 📢

2 points

2 years ago

Interesting! Though I seriously recommend removing the JavaScript. I cannot seem to access the site with the safest security level on TOR (comes to a white page) which comes around as irony hahaha! Not to worry though, I believe your idea is nice butttt it just needs a little bit of improving and this can be from removing the JavaScript, good luck with your site though! ^^

/u/LydiaRQ

1 points

2 years ago*

Uff. I forgot to mention, it is a completely clearnet site. ALL clearnet sites use js these days and it's an old belief that it is somehow dangerous. If you knew about onion sites and wanted to access it over Tor well, you wouln't need the classes!

"which comes around as irony"
I know right? Totally get ya. Ha!

/u/Aphrodite 📢

1 points

2 years ago*

Not all clearnet sites have to have JavaScript, a site can go without! Although yes it's an old belief, it's still a belief a lot of people go along with, including myself! To put myself in the perspective of a paranoid user, I could make the assumption that this site has connection to the LE and that the use of JavaScript has malicious intends; to collect newbie's IP addresses and put them on a watch-list. Which isn't entirely a harsh claim to make if you look at the history of what NSA has done before (XKeyscore)! Although you may not have this intention, it's always good to understand that other people have different perspectives about certain things. Plus, having no JavaScript can be a really good way to gain publicity! It really shows off to people that you can convert JavaScript into something more acceptable.

/u/LydiaRQ

0 points

2 years ago

Good discussion A. You've really hit on a couple key points, one, about the use of js and two, about I guess you could say, honeypots.

Concerning js I really challenge you to find a clearnet site that doesn't use it, especially if you want videos which is impossible by today's standards (Try YouTube with js off). Since the site is for newbs who are not on the DN it is a totally clearnet site and doesn't need to be DN accessible, nor would any points be gained with the intended audience. What would make sense is to have a sister onion DN site for further OpSec training and divide the material that way. Have a legal OpSec front and a less than socially acceptable second site. So the final verdict is that for clearnet sites js is in. NoScript will let you know there are no issues with the site and there is not even any Google tracking etc.

Next issue. If you really think about it, if you were an NSA/FBI/CIA agent wouldn't a clearnet site hinting at buying drugs online be ideal food for XKeyscore? An onion site wouldn't do you any good, and although js isn't the issue the idiots searching without IP redirection would step right into the trap. It's the classic problem with LE vs bad guys. Can you really accept candy from a stranger? Ha. I really don't have much of a good response after having thought quite a bit about it. I suppose the best way to go about it is to watch the videos and realize holy shit, there is no way any LE body on earth could or would approve that! Of course if you are on a VPN or Tor you are safe but it's not made for you.

/u/Aphrodite 📢

1 points

2 years ago

Honeypots, that's the word! I completely forgot about that and my mind was wondering about bees hahaha! Also, why use YouTube when you can use a front-end version of YouTube like invidious? The exact same concept but to watch videos from there you don't need JavaScript. Plus this can be a learning curve to those who want to learn on how to be anonymous, it also amplifies how big tech companies go so far that we are now resorting to using front-end versions of YouTube. That would certainly be an ideal food for XKeyscore. Unfortunately the 3-letter-agencies continue to grow stronger and I love your comparison hahaha

/u/LydiaRQ

1 points

2 years ago

Yea right, how to handle the issue. Our way is to make a clean separation between clearnet and darknet. js is not an issue on clearnet, so it is used along with a CDN video provider who will certainly know who watches those videos, so the clearnet videos are made to not be incriminating.

Your mentality is thinking about darknet, so yes, Invidious and js-less would be the way to go on a second, separate site. Like containers and VMs, the idea is not to make a one site fits all but rather split it along the two "nets".