How can we check our DNM business, safely, on the go? Don't trust an app & cant pull out TAILS at any given moment.

Sometimes I need to check my Sigaint frequently, respond to people in marketplaces, and check misc. things throughout the day that an admin would. Problem is that I save that part of my life for after my REAL life.

I am looking for something that helps me access a proven safe and secure tool/method of being able to check my mail while being anonymous (think vendor level & not buyer level security). I also want to be able to log into markets, etc.

I do not trust the Onion apps for iPhone or Android.

BUT - if I have burner android phones with no trace to me, and install an onion app, use it to log into my places and log out maybe 3x per day, changing out the burner every week - wouldn't that do the trick? I know it'll still get your location through the IMEI/SIM, but that is pinging cell towers and not hat accurate when you aren't using wifi and your location services are turned off... right?

Also, I would love for someone to walk me through the whole 'forward your mail' thing with Sigaint Pro. I would think it would be easy for LE to see that it's being forwarded.. am i missing something?

Also, the chat thing has me very confused. Jabber, pidgin, linking that with your mail, with your Marketplace, etc. I would still have to be within Tor/TAILS to do this one right?

TL;DR: I want to run a tight DNM ship that I don't have to put completely on hold until my normal life allows it to be ran through my secure machine and network. How do I do this without being a hermit without a "real" job, seclusion from others to sit at a computer, etc?

Please try and simple it up for me. I know PGP/TAILS/Markets/BTC, etc. very well. I don't know the rest, because I haven't used it. I wouldn't understand any specific pidgin/jabber/app talk that isn't aimed at a newbie! -

Thanks all!


Comments


[9 Points] None:

Buy a tablet that can run Tails and Tor, stick it in your backpack and nobody would be the wiser.


[5 Points] wombat2combat:

Sometimes I need to check my Sigaint frequently, respond to people in marketplaces, and check misc. things throughout the day that an admin would.

vendors need to accept that if you want to maintain a proper secure setup you have to face some usability issues. tails already is making things so much easier and you do not even have to pay for it. so stop trying to bring your phones into your vendor setup and only use a laptop with a tails usb.

if you need to access the markets while you are not at your usual location just take your laptop and usb with you and find a private corner where you also have a wifi connection.


[4 Points] None:

/u/stealthcare, I suggest upgrading to Sigaint PRO and anonymously purchasing an offshore VPS with bitcoins via TOR. Now remotely login to your VPS through an SSH within your terminal in TAILS. Install an email client such as Thunderbird on your offshore VPS and configure it to connect to your Sigaint email solely through TOR through a plugin for Thunderbird called TorBirdy. Finally, you can use a bash script on your VPS to relay a non-descriptive notification to your cell phone every time you get a DNM email, or marketplace order if your market supports bitmessage notifications which Sigaint PRO offers. There are tons of notifications APIs for smartphones these days that you can check out. (Pushover, IFTTT, etc)

The only way an adversary could identify you, would be if they compromised Sigaint, then found the address of your offshore VPS. Then they'd have to subpoena the VPS hosting company for your info, which is just the TOR addresses you used to sign up and access your VPS with. So that's a dead end for them. If they're STILL trying to get you after that (let's say you're a ulbricht kinda big fish) they'd have to hire a specialist to analyze the data on the VPS and by chance, find the script that notifies your phone and work from there..

As you can see, unless your adversary wants to spend a good amount of money and time busting you, this plan is nearly airtight! And also this idea only works as a "pager" so to speak, but it's easy to implement a way to access and send messages with this basic method too.


[3 Points] Yellowtinjerusalem:

What about a Nexus 5X with Copperhead OS installed? It's a hardened version of Android designed to mitigate a LOT of threats, and completely removes any traces of Google tracking inherently present in Android. Even has a MAC randomizer. Also the phone would have full disk encryption so if it's shut off you need a password to even unencrypt the disk, plus the normal protection of fingerprint reader. Turn off location services, throw on airplane mode but run off WiFi. You can install fdroid to get the Onion and secured Firefox app.


[1 Points] blackironathens:

Secure android phone running VNC, so you can just remote desktop into your TAILS computer from anywhere? VNC is encrypted so there's no giveaways and the only way to link the phone to the computer would be to compromise the TAILS installation.

Edit: apparently VNC is not the most secure because it doesn't encrypt the stream, but apparently you can tunnel it through SSH to prove the encryption you need.


[1 Points] StealthCare:

Right.. imagine Mike at work, rocking his personal stealthy-looking laptop w a big antenna coming out of the side, hunched all close to the screen that's literally showing nothing but pictures of schedule I narcotics, when he has TPS reports to push out. "Yeaaahhhh... if you could stop DNMing at Steve's cubicle when he's on vacation that'ddddd be grreaaaaattttt.."


[0 Points] AutoModerator:

Life all comes down to a few moments. This is one of them.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.