[Analemma_]

> Every time a market has been taken down it's been due to OPSEC failure and other information leaks (

This is true, but it dangerously misses the point. Every time someone gets taken down, the know-it-alls on various fora sneer and go "Ha! What terrible opsec! I wouldn't have made that mistake!" No, you would've made some other mistake.

To run a darknet market and not get caught, your opsec has to be perfect. Every second, every minute, every day, every person involved, forever. That is simply not possible once an operation exceeds a certain size. Like the IRA once said: "We only need to be lucky once. You need to be lucky every time". This is the "defender's dilemma" that guarantees you will be caught as t goes to infinity: sooner or later, you'll make some mistake that burns you.

Focusing on the specific mistakes made by bust-ees only boosts your confidence and ignores that you, in their situation, would've leaked information somewhere else.

[nissimk]

I'm sorry to nitpick and I mostly agree with you, but similar to a casino game that favors the house, if you are lucky and quit while you're ahead, you can avoid capture. Your statement is only true in the long run. Of course criminals usually become addicted to their risky behaviors just like gamblers... It's a frequent trope in crime movies: one last job before the criminal retires, but that last job is the one where he makes a key mistake.

[armitron]

This is a very superficial way to look at things, and ultimately, entirely wrong.

One of the cornerstones of OPSEC is persona creation & management. This is orders of magnitude easier to perform in cyberspace than in real life, and can be used as a catch-all safety -- for exactly when mistakes are made and layers are compromised --.

You will make many many mistakes, but part of a well-implemented OPSEC strategy, is to have those mistakes land in a compartment, an illusionary persona that you created out of thin air. Operation size has nothing to do with it and should be completely irrelevant when the compartmentation strategy used is solid.

[maratd]

> That is simply not possible once an operation exceeds a certain size.

A good argument for not getting too greedy and keeping things small. It's the nail that sticks out that gets hammered down.