News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

would your rather : OpSec | Torhoo darknet markets

for inital clean Opsec:

1) Buy a used computer off a random in cash, then reformat accordingly?

2) Purchase brand new in cash in far away city with disguise?

Also, is ripping out the NIC and replacing with aftermarket better than using macchanger cli cmds to obsfucate identity?

thanks
/u/conducive0244
2 points
4 weeks ago
if your limit your interaction with the internet thru vms only, I don't see how the hardware matters.
whonix + qubes os

you are perfectly entitled to walk into a store and buy a computer, and those hardware should never come into contact with the internet, they will run the hypervisor that emulates virtual hardware, and thus those virtual hardware, you access the internet
/u/datarape
1 points
4 weeks ago

by /u/client_29876 🍼
for inital clean Opsec:

Buy a used computer off a random in cash, then reformat accordingly?

Purchase brand new in cash in far away city with disguise?

Also, is ripping out the NIC and replacing with aftermarket better than using macchanger cli cmds to obsfucate identity?


Answer: Option 2 is better — but it’s still not foolproof OPSEC.

Why Option 1 is bad OPSEC

  • Item 1: You don’t really know what’s on that used machine. Firmware implants, bootkits, or hardware backdoors can survive formatting.
  • Item 2: LE can track serial numbers or use pawnshop surveillance to link you.
  • Item 3: If the seller is compromised, your purchase may be a lead.


Why Option 2 still has risks

  • Item 1: Buying new means serial numbers are fresh and tied to store/time — cameras or witnesses can ID you.
  • Item 2: Modern devices often phone home via Intel ME, AMD PSP, or UEFI telemetry even before the OS boots.
  • Item 3: Disguise helps, but repeating patterns or slip-ups kill OPSEC.
  • Item 4: Burning the machine after limited use or rotating devices helps reduce risk.


NIC and MAC address stuff

  • Item 1: macchanger only spoofs software level MACs. Hardware IDs and RF fingerprints remain.
  • Item 2: Some NICs leak real MACs before spoofing activates.
  • Item 3: Feds can do RF fingerprinting linking sessions on same adapter.
  • Item 4: Swapping in a new external USB NIC (like Alfa) and using once per op is safer.


Bottom line

OPSEC isn’t just gear it’s patterns.
  • Item 1: Same hardware/adapter = pattern.
  • Item 2: Same routes/locations = pattern.
  • Item 3: Same times = pattern.


The goal is no overlap between real identity and operational footprint. Hardware, network, software, behavior — all must be compartmentalized and burnable.

Stay sharp.
The feds watch everything you can’t see.
/u/JohnWarosa
1 points
4 weeks ago
I've been doing option 1......... What should do now?
/u/datarape
1 points
4 weeks ago
First, don't panic. But you need to treat that machine as burned.

Step 1: Assume it’s compromised

Even if you formatted it, you have no idea if there’s firmware-level malware, BIOS implants, or a hardware beacon. It might’ve been compromised before you even touched it.

→ Stop using it for anything sensitive right now.
No more darknet logins, no crypto, no personal or OPSEC-related activity.

Step 2: Retire it safely

  • []Wipe it with DBAN (Darik’s Boot and Nuke) or equivalent.
  • []Physically destroy the drive — drill, smash, or fire.
  • []Remove and keep useful hardware (RAM, etc.) only if needed for non-OPSEC use.
  • []Otherwise: burn it or sell it for parts.


Step 3: Start clean — and do it right this time

Use Option 2 next time, but smarter:
  • []New laptop bought in person with cash no phone, no car, no cards on you.
  • []Far from home 2+ hour radius minimum.
  • []Disguise or misdirection gear (hat, mask, glasses, gloves).
  • []Buy where cameras are low or obscured.
  • [*]Set up system without connecting to Wi-Fi use ethernet + torified network only.


Step 4: Burn your digital patterns

If you reused usernames, PGP keys, or crypto wallets on the old system — assume they’re burned too. Rotate:
  • []New PGP key
  • []New wallet with coinjoin/churned/XMR path
  • [*]New browser fingerprint & OS install (Kicksecure, Whonix, etc.)


OPSEC is proactive, not reactive.

You only get one chance to do this right. The feds won’t tell you you messed up — they’ll wait.

Cut ties with the old, and compartmentalize every layer from here forward.
/u/JohnWarosa
1 points
3 weeks ago
Done. Burned the fricking laptop. And about misdirection clothing, is it wise to crossdress or is it doing too much? I like to be more safe than sorry.
/u/D3F4L7 🍼
1 points
3 weeks ago
two words: persistent rootkit
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo