Why Can't This Be a Partial Solution to a Bulletproof Market? : CafeDread | Torhoo darknet markets
This is getting fucking unreal. While I don't condone using DD for anyone you don't trust, I'm tagging my favorite vendors and DD'ing from now on. Less fees, less inherent risk, less chance they don't get their money. What happened to switching to .i2p where everyone acts as a decentralized server? Has anyone migrated there yet, market wise?
Or how is it not as relatively easy enough (not necessarily saying easy, it'd take a team of good coders I'm sure, my technical capabilities are somewhat limited but I know enough) to:
Set up your hidden service via torrc configuration and use v3 onion addresses
Run behind a well-secured Linux distro to reduce surface attacks.
Host your site without exposing IP-based services, scrub EXIF and metadata and avoid domain leaks through external scripts or non-onion links.
Have hidden service load balancing by running multiple Tor nodes/server fronts behind your onion address to mitigate DDoS
Use tools like mod_evasive (for Apache), or Huge or Jekyll or other web server modules to limit repeated requests and protect unauthorized access and plug-in free, lightweight sites.
NEVER USE CLOUD-BASED OR CLEARNET SERVICES IN JURISDICTIONS HOSTILE TO THE CAUSE (future goal, I know)
Isolate physical hardware, servers/routers/bridges, everything. Host the server in a location or on a device that’s physically secure and separate from everyday systems. And use BorgBackup to sync copies across various platforms.
Encrypting everything, full disk encryption, encrypted backups, and secure keys stored offline reduce risk if a system is breached.
Avoid cloud hosts or third-party software that could introduce compromise vectors.
Disable logging on your server or use privacy-based logging, preferably none at all on servers.
Keep your system patched and use minimal plugins or server modules—less is often more secure.
Figure out how to use stenography embedded PGP signatures?
Trigger a shut-down and reroute mirrors to an alternate country in case there's a breach so users/vendors have access to get funds out? (not sure how this would be accomplished honestly but there's a way I'm sure)
Maybe run on blockchain-based services? (not sure how this would work but if you can build worlds based on anonymous blockchains why can't you host websites?)
Or forcing people to use MFA to stop vulnerabilities against SQL's, etc.
Micromanagement the server sections so that if one part of the snake is snagged, it kind of cuts the rest off and escapes away.
It'll be expensive, but fuck the money, let's keep the flow and freedom going. Keep a team of rapid response blue-teamers on standby.
