Am I being too paranoid or is this a legitimate concern?

Say Bob buys a netflix account on a DNM. Suppose this DNM is later compromised and LE now has access to Bob's messages which include his netflix account info. Couldn't the login locations of the netflix account give away Bob's identity?


Comments


[3 Points] None:

[deleted]


[2 Points] dontThroawayDrugs:

It is a legitimate concern, and for me personally I don't think it's worth the risk to get into, especially since I'm already buying drugs off the internet. I try to follow the rule that if I'm going to break the law, only break one law at a time and it greatly reduces your chances of being caught.

Anyway, if you do decide to utilize one of these services you most definitely should only be using those accounts over a vpn which will hide your ip. There are good ones out there for for $40/year that don't keep logs and if you torrent or use the darkweb it's a good idea to be using one anyway.


[1 Points] None:

Yes they easily could, if you had other purchase of drugs I'd clean house.


[1 Points] None:

Yes you are correct, but keep in mind this only applies if you don't use PGP and send everything over in plaintext. So to combat this, just learn some PGP dawg.


[1 Points] Samnite4Life:

Yup, if you are buying accounts (netflix, pandora, anything that you need to log into outside of Tor), use a second throwaway account to purchase it.

Otherwise, if LE wanted to find you, they could subpoena netflix/pandora, and get your home IP address (correlated with your ISPs records of who is assigned which IP address).

Sure, it's a stretch, and they probably won't bother with a 'small fish,' but it's free to create a new account and send over a few satoshis.


[1 Points] StealthInc:

This is a valid concern and there are a few ways you can help protect yourself:


[1 Points] stocky8:

Yes, but they most likely wouldn't care as much as the unencrypted sales of drugs and more illegal items.


[1 Points] toobadnotme:

Yes. Luckily, usually when somebody notices someone has been using their account they just change the password instead of calling the cops. I recommend writing down the account info on paper and then deleting the messages off the DNM as soon as you can, just in case. I paid for an account from DrawkwarD and was disappointed that he didn't use PGP to message me the usernames/passwords when he had my public key, so maybe also ask the vendor to encrypt whatever he is going to send you.


[1 Points] None:

Yea they could, but they have no reason to act on it other then if they want to make a statement about DNM's by arresting everybody that has ever touched one.


[1 Points] DOZENS_OF_BUTTS:

And this, kids, is why you never communicate with vendors who don't make PGP a strict requirement in messages. Honestly, you should probably switch to a market that doesn't allow users to send unencrypted messages. It's the best way of doing things, really.