So I've been wondering if I haven't run across a big opsec fail for vendors and it goes like this.
Do vendors print labels from their home? Behind a vpn and tor but you'd still have to enable javascript to access stampnik or getusps right?
Does downloading and printing a label with JS enabled somehow not jepordize a vendors anonymity?
Do vendors just go to public wifi to accomplish this on a burner laptop?
I mean technically you could do any of those options but I can't fathom how printing a label from your base of operations isn't a huge opsec issue.
Will someone in the community please educate me?
A lot of them actually type and print your address labels on an air gapped computer and printer that's rigged with thermite and ready to turn the rig into smoke and slap at the drop of a hat, remotely if needed.