Zero Trust Principle.

[Fixxx]

Some Principles of Safe Interaction with Platforms and Forums.​

There was a marketplace In Europe called Hansa. At one time it was the largest in terms of the number of dealers, users and transactions. German law enforcement first identified the servers of this platform. Then they installed two admins involved in setting up these servers. They then took control of the servers and changed the project's code. Encryption was removed. From that moment on, all photos, addresses and text information were sent unencrypted directly to law enforcement. What did this give them? Firstly, the metadata of the photos contained coordinates. Secondly, mailing addresses including planned shipments were intercepted. This helped identify dealers and their clients. Thirdly, BTC addresses of dealers and site admins were intercepted, leading to their capture through subsequent blockchain analysis.

From this, the following security rules follow:

1. Always use the "Zero Trust Infrastructure Principle (ZTIP)". Based on this principle everything you transmit to a platform, forum or marketplace may end up and most likely will end up with federal law enforcement officers in the future.

• Manually remove metadata from photos. Metadata contains coordinates, creation date and time.
• All crypto addresses and wallets exposed on forums, marketplaces and even in private messages are inherently DIRTY.
• Never leave your data whether it be your full name or home address on platforms and forums. This applies not only to matters related to substances but also to orders for harmless SIM cards at home, pharmacy medicines, routers and background check services. Think about how this data can be linked to you.
• If you upload photos to photo hosting sites, the principle of working with hosting sites is the same - Zero Trust Infrastructure Principle (ZTIP). Upload photos without EXIF, at least through a VPN, preferably through an anonymous OS. Don't leave personal data in private messages! Use secure decentralized communication channels for transmitting personal data, such as Jabber with encryption for exchanging such data. Don't leave any other sensitive data in private messages on forums!

2. Don't disclose unnecessary information about yourself on forums, even in private sections. Even in private messages with a moderator or the admin. Remember that everything you write on the web will likely remain there or on federal intelligence servers forever and this information will be read by the very person you would least like to see as a reader.

3. Choose a communication style different from what you use in everyday writing. Try to limit the use of social networks. Innovation with identity recognition based on writing style is still not good enough and makes many mistakes. But progress doesn't stand still.

4. Don't leave bank account and card data anywhere! For the same reasons as above. Left a card on a shadow resource.

In general ZTIP (Zero Trust Infrastructure Principle) is a fundamental security principle in our business. All of these rules and recommendations follow from it. The statistics of marketplace closures and subsequent arrests only confirm its validity. So...

Use it wisely and stay safe!