It's actually surprisingly hard to get OPSEC right, because most of the time you either don't think what you're doing warrants a huge amount of resources spent prosecuting you, or you don't realise how big it is until it's too late.
One of the biggest links from the Silkroad owner's identity outside of tor was the fact that he promoted his own site in the early days, using an alias he had used to ask questions on stackoverflow. He probably didn't realise how important good OPSEC was until much later in the game.
I recently had the chance to help the FBI in an effort to catch a child abuser in collaboration with an NGO. It was very interesting to see how "techies" can piece together a scary level of detail about someone's identity using everyday things like the clothes they wear (if they bought them online) or how their house is decorated. Details of how were withheld from us, but the suspect got caught.
This is also why you should never select a unique nickname. If you are 'DerEliteHacker83723' then it is very easy to find all your stuff with a simple search, but if your nick is 'gwbush' then all your posts will drown in the sea of unrelated search results.
Indeed. Never ever contaminate. If you do, it's a matter of when - not if - the link will be made. Always rotate your identities as you would your keys and credentials.
"when - not if" narratives are often pushed by enforcement groups as a scare tactic. The reality is that so many people are engaged in these activities that, even without any opsec, most will live out their careers unpunished.
The flip side to this problem is that anyone with any notion of security is practically immune. With so many easy targets out there, the hard targets go untouched year after year.
Funnily enough, that's how most criminals get caught. Boasting about it down the pub!
I was once given some wise advice. If you've ever knowingly done something wrong, never tell anyone else, and never admit to it. Your mouth is your worst enemy.
Agreed. It's true that there are probably larger, slower fish than you - if you are a potential target. However, pursuers do not stop with the largest and slowest. They will persist and they do not tire. You will make small mistakes and leave partial identifying marks. It's inevitable - even an expert can't be 100 percent every minute of every operation. If you have their attention and you remain active with a single identity for too long the small mistakes will add up and they will find it and thus they will find you. It's not so much a scare tactic as a gamble - one the house usually wins. The larger one identity becomes the larger of a target it becomes. Make it appear as though you are a thousand bit players and not one large one. Change the equation, change the fingerprint - do whatever you can to protect the identity you can't change because you don't get a second chance and they get all the chances they need.
TL;DR - you can never be too paranoid, so long as the overhead doesn't impact your operations. if it does, you need to take a deep look into your risk appetites.
The funniest of all is that most of the identity leaks happened thanks to NFO files, which are useless except for boasting (the name of the group being usually on filenames already).
Some of these people are serving jail time because their nicks were in a useless text file next to the pirated movies presenting them as proud members of a group (and hopefully with some ascii art).
One of the biggest links from the Silkroad owner's identity outside of tor was the fact that he promoted his own site in the early days, using an alias he had used to ask questions on stackoverflow. He probably didn't realise how important good OPSEC was until much later in the game.
I recently had the chance to help the FBI in an effort to catch a child abuser in collaboration with an NGO. It was very interesting to see how "techies" can piece together a scary level of detail about someone's identity using everyday things like the clothes they wear (if they bought them online) or how their house is decorated. Details of how were withheld from us, but the suspect got caught.