Insights For Success

Strategy, Innovation, Leadership and Security

Tochka DarkNet Marketplace

GeneralEdward Kiledjian

It's been a while since I posted a Darknet website. I would like to introduce you to the Tochka Marketplace ( http://pointgg3pgee4gic.onion/ )

Tochka was launched in 2015 by Russian speaking devs. It offers the ability to conduct transaction without the buyers and sellers having to talk. Dead-drop transactions are available for more sensitive transactions. They also offer a "Buy It Now" option called "Instant Trade".

This is a smaller marketplace and is less known that it's more popular (aka news-worthy) counterparts. It has poorer design and a questionable choice of colors.

Enter the marketplace

If you click on the vendor tab, you can choose your seller of choice.

You can buy anything from Marijuana to Marijuana oil, Research chemicals , with prescription medications, credit cards and everything in between.

Shipping Expertise

What you will find most interesting is how they have developed expertise to ship items carefully wrapped in an attempt to bypass customs inspection. Hopefully writing about it here may create interest by some police departments and shut down some of these more questionable and dangerous sellers.

Ridge minimalist wallet review

GeneralEdward Kiledjian

This is not an ad or sponsored post. This is an honest review.

I have been a fan of minimalist wallets for many years, and my wallet of choice has been the HuMn Aluminium wallet.

Ridge Wallet Specs

  • Holds 1-12 cards without stretching out

  • Blocks RFID (wireless theft)

  • Replaceable elastic

  • Backed by our lifetime warranty

  • 6061-T6 aluminum | anodized black

  • Weight: 2 oz | 86 x 54 x 6 mm

Ridge Wallet Use

You add a card by sliding it from the top groove

To access a card, you press the ridged opening and pull the required card out from the top

To Insert a Card: Gently slide the card into the top groove.

To access a card in the middle, you push out all the cards from the ridge, separate the metal plates and then find your card.

This strategy is similar to the HuMn wallet and most other plate based wallets. This may seem a little off for someone coming from a traditional leather style wallet but you will get use to it quickly. You will start moving your most used cards to the top or bottom of the stack.

Design

The stated purpose of the Ridge was to design a sleek minimalist wallet that would be durable and easy to use. I believe they successfully achieved this stated goal. The height and width of the Ridge Wallet is designed to be very slightly larger than (North American) style credit cards.

First thing first, the wallet is a thing of beauty. Much better looking than the HuMn Wallet.

The aluminium wallet will feel slightly heavier than a “normal” wallet. After 3 weeks of use, the wallet feels normal and not heavy at all. For those that are looking for a lighter option, the poly-carbonate or carbon fiver models are lighter. Unless you want Carbon Fiber for the look and prestige, the aluminium version is likely the best cost/benefit deal.

The wallet comes with either a money clip or elastic band. I chose the clip version which makes it slightly thicker and less useful. I recommend you acquire the elastic band version.

For those that carry their (normal) wallets in their back pocket, you will notice that your cards are slightly bend. The Ridge Wallet’s aluminium “walls” are strong enough to keep the cards straight even if you sit on them.

The company claims that their wallet provides RFID protection. I used an RFID scanner to test this feature and can confirm that it does offer RFID protection (most leather wallets do not offer such protections).

Some companies provide non-standard sized cards (loyalty and membership). Those non-standard cards do not work well with the Ridge. In my case, I do not have any of those.

Behavioral change

For those coming from a normal leather wallet, moving to any minimalist wallet will force you to reconsider what cards you carry with you on a daily basis. In my case, I scanned all my loyalty cards into Google Pay (and Apple Pay) and leave those at home. Additionally I stopped carrying cards I barely use.

Conclusion

Coming from the HuMn Wallet, I wasn’t sure how I would feel about the Ridge Wallet. The truth is that I liked it much more than I expected and it has now become my main daily-use wallet.

They have made a great product that balances form, function and cost.

It is strong, light and dependable. For those looking for a great EDC wallet, this is currently the best choice available (I have tested over a dozen such wallets).

Link: Ridge wallet

Tab complete on Linux

GeneralEdward Kiledjian

NOTE: Sorry if this is a more technical article and not for general consumption.

Tab complete is the magic wand of any Linux magician and I am surprised every time I see users ignoring it.

Shorthand for system commands

Let’s say I want to type ifconfig, if I enter ifc and then press the TAB button, Linux will autocomplete the rest of the command for me

This trick can work for any app or command. If I want to start firefox, I just have to enter fire (since there is no Linux command that starts with fire) the system will autocomplete to Firefox.

Find command syntax

It can be useful to complete system commands by tapping TAB twice. As an example, if I write SUDO APT- and press tab twice it will list all the possible commands starting with APT.

Autocomplete file name

Let’s say you have a long file name like thisIsALongFileNameThatwouldBeDifficultToType565464654.txt and obviously want to save time, you just have to enter rnough text to make the file unique identifiable (e.g. thisI) and then pressing tab will autocomplete the rest for you. In this casem if I want to display the contents of the text file, I could enter

cat this [then press tab]

the system will autocomplete it for me.

Popular TOR site list

GeneralEdward Kiledjian

Previous related articles:

The request I receive most often is from readers asking for links to “interesting” TOR (onion) sites. So here are a couple to keep you going.

TOR Search Engines

Candle is a basic search engine. It contains a small but interesting subset of TOR sites.

Grams is a dark market search engine for labour, digital & physical goods that can be purchased with various currencies including Bitcoin. It searches the most popular darknet markets including Hansa, AlphaBay, Agora, Nucleus Market, Majestic Garden, Oxygen, Outlaw Market, Oasis, Tochka and Arsenal.

Haystack is another TOR (darknet) search engine and claims to have indexed 1.5 billion pages (which makes it one of the most comprehensive TOR search engines). In my experience, this site is a hit type of thing. Every couple of searches fail for me.

Security sites

GnuPG (open source version of PGP) allows users to cryptographically sign and encrypt email communications.


OnionShare is a free and opensource tool that allows users to securely and anonymous share large files over the TOR network.

Anonymous Pasting sites

There may be times when you want to post (public or private) a snippet of text with the world. The common feature shared by most of these TOR based services is that pastes delete automatically after a certain amount of time. These are TOR alternatives to pastebin.com

DeepPaste is a very simple and basic pasting service.

RiseUp pasted are automatically deleted within a week. Additionally you can share files up to 50MB.

Pasta is an open source paste service that supports standard pastes, editable pastes, self-burning pastes and URL shortener.

Email

Confidant Mail is a free and open srouce non-SMTP encrypted email system that leverages GNU Privacy Guard (PGP).

Daniel email service is a free anonymous email and XMPP service (limit of 25MB storage space). Encryption is not built into the service.

Elude is an email service with encrypted storage with a TOR only web client. Their accounts are completely anonymous, they allow you to purge your data completely if required and provide encryption.

I wrote a review about ProtonMail here and their well designed email service is also accessible via the TOR network. This is a very good option because unlike the other email services here, ProtonMail is a real company offering a professional service.

Social sites

Cyph Messenger is an open source video chat and file transfer app that uses a modified Signal messenger protocol enhanced with Quantum Resistant encryption (their claim).

Dread is a TOR Reddit clone that is used primarily as a drug market discussion and reviews forum.

Here is the Facebook TOR site.

Common hotel safety and security questions

GeneralEdward Kiledjian

When an operational security expert thinks about hotel risks, we typically group them in these buckets:

  1. physical security
  2. safety
  3. technological risk

Travel security means you need to think about potential risks you may be exposed to and how you could mitigate them.

What about room security?

First, think you should do when you walk into any hotel room is walk around and identify all potential ingress points. Make sure that they are locked (windows, sliding doors, doors to adjoining rooms, etc).

The front door is your primary risk and anytime you are in the room, you should always use all of the protection mechanisms made available to you (lock, hasp and deadbolt).

When travelling, I always carry a light and cheap Addalock to provide an additional level of safety.

If I'm going to sleep and believe that the risk level may be higher than normal, I will stack the glass cups (water and coffee) in front of the door so any attempted opening will cause them to fall and wake me up.

Are peepholes in hotel rooms really an issue?

The short answer is yes. There are inexpensive adapters that reverse the magnification of a peephole and allow a threat actor to watch you inside your room. I have even seen some with smartphone adapters so you can even record video.

Tip: If the peephole doesn't have a cover built-in, roll up some toilet paper and shove it in the peephole.

Is a hotel safer than an AirBNB?

This is a question I receive regularly and the answer isn't simple.

Most AirBNBs are located in non-descript residential buildings and therefore could allow you to blend in with the locals. Remember that you have to trust the Airbnb host. 

A hotel, on the other hand, is flashy and everyone knows where it is (forget about blending in) but these establishments typically have stronger better-designed security,

Hotels typically set up shop in safer neighbourhoods whereas an Airbnb can be anywhere.

You need to do some research and determine what your risk profile is and then determine which solution best meets your requirements. 

What should I look for before booking a hotel room?

In an emergency situation, you are ultimately responsible for your own safety. An ounce of prevention is worth a pound of cure. Do your research before booking a hotel and the room. I generally want a non-biased third party to provide the below answers. If that is not possible then I try to stick to major Western chains that usually will be fairly honest with their answers.

  • Choose a hotel where the room locks are electronics. This makes it harder for previous guests or “bad guys” to have access to your room. Ask for 2 copies of the room key and keep both on you. If you misplace or lose one, immediately notify the hotel and have replacements made.
  • Make sure the room is equipped with a deadbolt lock and a peephole
  • Most of us do not pay attention to the hotel’s fire suppression system but trust me this one is important. Make sure your room is equipped with a smoke detector and that each room (and the hallways) have visible sprinkler systems. In many countries, the fire response teams are not as fast, well equipped or trained as in North America.
  • Make sure that the hotel environment is secure with proper fencing and that the guest areas are well lit (parking, hallways, ice rooms, etc).
  • Generally, I prefer hotels where the elevator leaving the parking area only goes to the lobby (and not directly to the rooms).
  • I try to make sure that any hotel I choose has adequate security personnel. I like to see uniformed security personnel that seem to be well trained and adequately equipped (in this case adequate depends on the area.) They should be willing to escort you to your room or vehicle if requested.
  • I recommend you contact the foreign affairs ministry of your country (DFAIT in Canada, US Embassy for the USA, etc). Ask them about the area the hotel is located in and determine how safe it is.

How do I ensure my stuff hasn't been tampered with?

If you have read my other articles, I talk about hotels being a prime target for intelligence gathering. Where possible, take all of your "stuff" (passports, money, electronics, etc) with you. Sometimes that isn't possible or desirable, so what do you do.

Make sure everything is turned off (not in hibernation or sleep mode).

Use discreet alignment of your "stuff" to detect if anyone has tampered with it. Discreet alignment means that everything has been placed in specific ways so you will detect the slightest movement. As an example, maybe you place a water bottle 1 thumb away from the USB port of your laptop. When you come back, you will immediately know if someone tampered with that port (if the alignment is off).

You can also use cardinal bearings (alone or with discreet alignment). Cardinal bearings are basically compass headings. So you place the protective item (coffee cup in front of the sensitive USB port) and make sure the handle of the coffee cup has a perfect bearing of north. You can also use pens or anything else that is easy to move.

Once you have set up your environment, take pictures of it with your smartphone camera.

If you are being tracked, make sure everything looks natural. You do not want anyone to suspect that you are laying traps.

Using the do not disturb sign

In security, we want as much advanced notification as possible that something is wrong. The trick here is to place the do not disturb sign on your door but to do it in a way that is unique but natural. As an example, instead of letting the sign just hang freely from the handle, you place the edge into the door frame so it is on a slight angle. To most people, it will seem like you left in a hurry and the sign justs got stuck in the door. If you come back and the sign is no longer on an angle stuck in the door frame (aka it is hanging freely), that means someone was in your room and that you should approach with caution.