I feel like this is a hack that is rarely talked about. And it’s the most reliable method I’ve found for getting an email account that I can use for signing up to other websites.
Imagine you want to create a completely anonymous account on some website. Most websites require an email account to sign up. if you’re lucky you can use one of those a temporary email services, but many websites block those nowadays. They only accept trusted email providers like Gmail, Protonmail, etc. And trying to make an anonymous account on those providers is difficult. Even Protonmail, surprisingly. If you try to sign up for Protonmail using a VPN or Tor, they will ask for a phone number or a second email account. So now you have to get a phone number anonymously (very difficult), or get another email account anonymously, back to square one.
Darknet markets solve this problem. Pay a bit of Monero, and you get an account. Completely anonymous. Now I won’t pretend it’s easy. Even just signing up for a darknet market often requires learning how to PGP encrypt/decrypt messages. But it only takes an 30 min or so to figure it out and sign up, and it opens up a new world of tools to use for privacy. There are many other types of accounts that you can buy aside from Protonmail, and many other products in general that you can buy.
I don’t get why Protonmail doesn’t just accept anonymous crypto as an option during signup, but until they do this is honestly the most reliable option I’ve found. I really wish more websites just accepted crypto for account creation. It’s understandable that in order to prevent spam accounts, account creation has to cost something, and crypto allows it to cost something without costing your privacy.
Anyways, here’s a quick guide to get started. I’ll avoid direct links since I don’t know if those are allowed.
- install Tor Browser Bundle, and use it for the following steps
- search for websites like Daunt, Dread forums, and Tor Taxi. Darknet markets change all the time so use those websites to figure out which ones are currently active. Cross-check links across multiple websites to make sure they are trustworthy, since often scam websites will try to pose as legitimate ones
- look for markets that let you search for the product you’re interested in before signing up, to save you time
- some markets require you to load funds into the market and then pay using those funds. Avoid loading more than you need, since some markets have “rugpulled” before (aka taken everybody’s funds and disappeared. This is the risk of an anonymous market).
Edit: also if for some reason a seller doesn’t accept Monero, you can use a crypto swap. Basically you send the swap service some Monero, tell them what crypto to convert it to (like Bitcoin or Ethereum), and where to send it to. Many can be used anonymously, without signup
I still dont think you’re comparing apples to apples here.
A physical payment for the thing you linked (I dont use posteo but they seem to use the same cash+nonce system everyone else does) consists of a sealed addressed envelope with the bills and a number used once (nonce) at the recipient in order to associate receipt with account. The nonce is not saved or recorded.
So a surveilling party could possibly perform in depth inspection of every letter going to the service they’re trying to surveil, record all the payments and nonces, cross reference the mailing location of the individual letters (idk of any post service that bins them according to location of origin but I’ll go with your description!) with public camera footage and make a positive id for all the people who mailed the letters and they still don’t have the ability to associate payment/person/letter/nonce with a particular account because the nonce isn’t retained.
They’d just know you sent a letter containing money and a code to a service.
Again, what I described is a type of investigation that is extremely expensive and requires exacting precision at every step in order to not make an error that would make the evidence inadmissible.
They’d have to have infiltrated the recipient at the time and place of associating account with nonce and if that’s the case it doesn’t matter if you’re using the monero jetpack/ninja climb or the physical letter walk across the gymnastics mat t-posing method because the other end of the mat is jail.
But let’s look at it from the other direction, they’re not trying to remove privacy and anonymity in general, they’re specifically trying to get you:
You are observed through your open window from the cleaning service van across the street. When you leave to mail your letter, which contains unique microscopic markings and fiber identifiers cross referenced to the s/n of envelope boxes you were recorded on cctv purchasing at the drug store last week, the van radios a follow car around the corner that appears to be a bunch of hoodlums who slow to a crawl and yell out their car window, berating and denigrating you. You don’t respond, though their yelling distracts you from the pebble in your shoe and the traffic cameras get a good id on you through gait recognition.
The follow car bumps into a fire hydrant and you round the corner and enter the restaurant, where the server seems to be looking at you and texting constantly. Your grilled cheese has melted chocolate in it with the unique mushroomy taste of senna. You catch the host and bartender running your change back to the office and hear the sound of a scanner and notice the shifting white light coming from behind the open door.
You put part of your change in the envelope with the nonce you wrote using your non dominant hand and lick it to seal the flap, activating dozens of moisture sensitive polymer capsules to absorb and preserve the trace genetic material left behind for later analysis. Outside the restaurant, you drop the letter in the mailbox and head home. The restaurants host radios when you round the corner and a flower seller with dark sunglasses, an earpiece and a conservative suit on under their apron rolls their cart down to the mailbox, unlocks it and picks out your letter.
They know that you sent a letter with money and a code to some address. If they allow it to continue on its way then they can’t associate it with a particular account because the code isn’t retained after use.
That was a colorful and fun read, can’t say I can match that. But I think if you are against the feds the assumption has to be that they infiltrated the other party. This is the whole reason why canaries exist. Because many jurisdictions allow the feds to force companies to do things and keep silent about it (gag order). For example, Protonmail was once forced to log IPs to track down the owner lf an email account.
By the same token, if Posteo is able to associate a nonce to an account, then they’re also able to tell the feds. Even if you are in a different jurisdiction from Posteo, feds can work across state lines through international agreements (which I think was also the case in the Protonmail case).
Gotta excercise the ol creative muscles somehow. Thanks for putting up with it!
I think what you just said is our breakdown. Neither cryptocurrency, cryptography (in its d-h or one time code permutation) or any other technology removes the requirement that you trust the other party both to perform their side of the process and to not betray you.
It’s important to not go down that route because if you can’t ever trust then you can’t believe you can ever have privacy or anonymity except when you completely retreat from all communication or interaction both electronically and physically.
Remember that the problem cryptocurrency solves is the credit card clearing problem, not the problem of trusting your counterpart.
Also your proton example might be the one where some ding dong used their out of the box (no adp) icloud email as the recovery for proton and the cops got the icloud through a logged in device and recovered the proton account using it as opposed to forced ip logging but I might be mistaken.