DarkNetMarket Bible 2019

    1. Tor Router Amendment1 from Cognitive Metropolis
    Plug it in, change the Wi-Fi name and password, restart and connect.
    This Wi-Fi hotspot sends all your data over Tor network.

    2. Libreboot x200 Laptop from Ministry of Freedom
    Has a Libre BIOS, and disabled a the Intel management engine and AMD SPS CPU backdoors.

    3. Use Trisquel OS or Tails OS, or Qubes/Whonix OS
    Trisquel add GUFW firewall, settings incoming deny, outgoing allowed.
    Tails is good because it doesnt store history.
    Qubes/Whonix has sandboxing so thats good.

    4. Tor Browser OBFS4 Secturity slider to Safest
    Launch Tor, go to bridges.torproject.org and get like 10 OBFS4 bridges.

    Then geolocate the IP until you find a bridge located in a non-14 eyes, non-Nato country. I like bridges in places like Lithuania, Latvia, Austria (all non nato/non 14 eyes).
    Click the shield in Tor Browser, and set security to Safest, highest security.

    Click the URL bar, type about:config

    Set the values as:

    java
    javascript.enabled = false

    webgl
    webgl.disabled = true

    5. Exclude the 14 eyes countries in the torrc file, within the Tor Browser folder
    Open Tor Browser folder > Browser > Tor Browser > Data > Tor open torrc in text editor.

    Add this line below everything:

    ExcludeNodes {us},{uk},{gb},{de},{au},{il},{jp},{sg},{nl},{nz},{ca},{fr},{es},{se},{ch},{ir},{lu},{be},{it},{mx},{dk},{no},{hk},{kr},{kp},{tw},{th},{ua},{tr},{??},{pt},{ie},{ru},{ro}

    Save the file, and restart Tor.

    Your Tor Browser should now be using an offshore, non 14 eyes OBFS4 bridge, such as a bridge to Austria.

    Your security shield is set to Safest, webgl and javascript are disabled via about:config, and your nodes are avoiding 14 eyes and most nato countries.

    6. Always use PGP to encrypt your address and safesguards so only the vendor can open it.

    • If on Windows - GPG4USB.
    • If on Mac - GPGTools.
    • If on Linux - GPA.
    • If on Tails - the Clipboard App.

    Only save the market username:password in an encrypted text file or create small VeraCrypt container with text file inside.

    Just the username:password. So that if someone finds, they dont know which website its for.