Security Intermediate

Ultimate OpSec Guide for Darknet Users

Comprehensive operational security guide covering all aspects of staying anonymous and safe on the darknet.

20 min read Updated January 15, 2025

Introduction to Operational Security (OpSec)

Operational Security (OpSec) is the foundation of staying safe on the darknet. This comprehensive guide covers everything you need to know to protect your identity, data, and freedom while navigating darknet marketplaces.

1. Understanding the Threat Landscape

Before implementing OpSec measures, you must understand the threats you face:

Law Enforcement

  • Local, national, and international agencies
  • Sophisticated surveillance and tracking capabilities
  • Blockchain analysis and transaction monitoring
  • Controlled deliveries and undercover operations

Malicious Actors

  • Scammers targeting inexperienced users
  • Hackers attempting to steal funds or information
  • Phishing sites mimicking legitimate marketplaces
  • Doxing attempts and personal information harvesting

Technical Vulnerabilities

  • Browser exploits and zero-day vulnerabilities
  • Malware and keyloggers
  • Traffic correlation attacks
  • Metadata leakage

2. Device Security

Dedicated Device

Use a dedicated computer or device exclusively for darknet activities:

  • Separate device: Never use your primary computer for darknet activities
  • Clean installation: Start with a fresh operating system installation
  • No personal data: Keep the device free of any identifying information
  • Minimal software: Install only essential applications

Operating System Recommendations

Tails OS (Recommended)

  • Amnesic live system leaves no traces
  • Routes all connections through Tor
  • Includes essential security tools
  • Forces amnesia on shutdown

Whonix (Advanced Users)

  • Dual-VM architecture for isolation
  • Impossible to leak non-Tor traffic
  • Excellent for long-term operations
  • Requires technical knowledge

Hardened Linux (Alternative)

  • Debian or Arch with security hardening
  • Full disk encryption mandatory
  • Tor configuration required
  • Regular security updates essential

Physical Security

  • Full disk encryption: Use LUKS, VeraCrypt, or FileVault
  • Strong passwords: Minimum 20 characters with complexity
  • Secure storage: Lock devices when not in use
  • Emergency procedures: Have a plan to quickly destroy evidence if needed

3. Network Security

Tor Browser

Tor Browser is essential for darknet access:

  • Use official Tor Browser from torproject.org
  • Never modify security settings below "Safest"
  • Disable JavaScript for maximum security
  • Never resize the browser window (fingerprinting risk)
  • Update regularly to latest version

VPN Considerations

You over VPN over Tor (Advanced)

  • Your device → VPN → Tor → Internet
  • Hides Tor usage from ISP
  • Requires trust in VPN provider
  • Can add latency

Choosing a VPN

  • No-logs policy (verified)
  • Cryptocurrency payment accepted
  • Located in privacy-friendly jurisdiction
  • WireGuard or OpenVPN protocol
  • Kill switch functionality

Network Isolation

  • Never use home WiFi for darknet activities
  • Use public WiFi from safe locations
  • Avoid surveillance cameras in WiFi locations
  • Change locations regularly
  • Never use the same network for clearnet and darknet

4. Identity Management

Compartmentalization

Separate your identities completely:

  • Multiple personas: Use different identities for different purposes
  • No crossover: Never connect different identities
  • Separate credentials: Unique passwords and PGP keys for each identity
  • Different writing styles: Vary your language and communication patterns

Personal Information

  • Never share real name, location, or identifying details
  • Avoid discussing personal circumstances or timeline
  • Do not post photos or images that could be traced
  • Be cautious about timezone information
  • Watch for metadata in files you share

Communication Security

  • PGP encryption: Encrypt all sensitive communications
  • Separate keys: Use different PGP keys for different identities
  • Secure passphrases: Strong, unique passphrases for each key
  • No clearnet communication: Never discuss darknet activities outside Tor

5. Cryptocurrency Security

Wallet Management

  • Use Monero for maximum privacy
  • If using Bitcoin, implement coinjoin mixing
  • Never reuse addresses
  • Separate wallets for different identities
  • Cold storage for long-term holdings

Transaction Privacy

  • Use Monero GUI or CLI wallet
  • For Bitcoin: Wasabi Wallet or Samourai Wallet
  • Never link exchange accounts to darknet addresses
  • Use cryptocurrency tumbling/mixing services
  • Wait adequate time between mixing and use

Acquisition Best Practices

  • Buy cryptocurrency with cash if possible
  • Use privacy-focused exchanges (KYC-free if available)
  • Never send directly from exchange to marketplace
  • Multiple intermediate wallets for Bitcoin
  • Document transaction paths for yourself (encrypted)

6. Marketplace Operations

Market Selection

  • Research marketplace reputation thoroughly
  • Check uptime and stability history
  • Verify marketplace PGP keys from multiple sources
  • Look for multisig escrow support
  • Monitor for exit scam warning signs

Account Security

  • Strong passwords: Unique for each marketplace
  • 2FA enabled: Use PGP-based 2FA when possible
  • Password manager: Use KeePass or BitWarden for secure storage
  • Security questions: Use fake answers, stored encrypted
  • Mnemonic phrases: Store securely, never in cleartext

Transaction Security

  • Minimize wallet balances on marketplaces
  • Withdraw excess funds immediately
  • Use escrow for all transactions
  • Finalize early only for trusted vendors
  • Keep transaction records encrypted locally

7. Shipping and Receiving

Address Security

  • Never ship to your real name or primary residence
  • Use vacant addresses or mail drops carefully
  • PO boxes provide limited protection
  • Burn addresses after limited use
  • Vary shipping addresses between orders

Package Handling

  • Always encrypt shipping addresses with vendor PGP
  • Request no signature confirmation when possible
  • Don't sign for unexpected packages
  • Allow packages to sit unopened briefly
  • Deny knowledge if questioned about packages

Controlled Delivery Awareness

  • Unusual delivery times or methods (red flag)
  • Multiple delivery attempts (red flag)
  • Package requiring signature unexpectedly (red flag)
  • Package looks re-taped or tampered with (red flag)
  • Do not accept suspicious packages

8. Maintaining OpSec

Daily Practices

  • Clear browser data regularly (or use Tails)
  • Check for software updates frequently
  • Monitor for security advisories
  • Review account activity for anomalies
  • Verify PGP keys before use

Information Gathering

  • Stay informed about marketplace news
  • Follow security researchers and advisories
  • Participate in trusted forums (carefully)
  • Learn from others' security failures
  • Keep up with law enforcement tactics

Common Mistakes to Avoid

  1. Mixing identities: Never connect different personas
  2. Reusing passwords: Each account needs unique credentials
  3. Trusting too quickly: Verify everything, trust no one initially
  4. Sharing too much: Every detail shared is a potential vulnerability
  5. Getting comfortable: Complacency leads to mistakes
  6. Using personal devices: Device separation is crucial
  7. Saving sensitive data unencrypted: Always encrypt
  8. Ignoring warning signs: Trust your instincts

9. Emergency Procedures

If Compromised

If you suspect your security has been compromised:

  1. Cease all activity immediately
  2. Do not log into any accounts
  3. Wipe all devices securely
  4. Destroy all physical evidence
  5. Change all credentials from clean device
  6. Abandon compromised identities
  7. Wait before resuming activity

Data Destruction

  • Use DBAN or shred for drive wiping
  • Physical destruction for extreme cases
  • Multiple overwrite passes
  • Destroy backup media too
  • Encrypted drives still need wiping

10. Long-Term Security

Sustainability

  • Develop consistent security habits
  • Regular security audits of your practices
  • Keep detailed (encrypted) notes of procedures
  • Plan for long-term identity rotation
  • Budget for security tools and services

Continuous Improvement

  • Learn from security incidents in the community
  • Stay updated on new tools and techniques
  • Practice emergency procedures
  • Regularly review and update security measures
  • Adapt to changing threat landscape

Conclusion

OpSec is not a one-time setup but an ongoing practice requiring constant vigilance and adaptation. The measures outlined in this guide provide a strong foundation, but you must customize them to your specific situation and threat model.

Remember: You are only as secure as your weakest link. Every security measure matters, and a single mistake can compromise everything.

⚠️ Important: This guide is for educational purposes. Users are responsible for understanding and complying with their local laws. Perfect security is impossible; these measures significantly reduce but do not eliminate risk.

Continue Learning

Explore more security and privacy guides to enhance your darknet knowledge.

Browse All Guides Back to Home