Best setup for optimal opsec when carding. Linux, whonix or qubes? VM or no VM?

Fan1k · #1 03-19-2025, 03:29 AM

What would be in you opinion the safest way to do carding operations?
Host machine with Linux OS installed then USB stick with Linux installed and we boot from the USB install VPN + RPD and card?
Or should we use Whonix or Qubes in the host machine and in the VM Win 7 with VPN + RDP?
Do websites recognize when we are using a VM?

smartguy · #2 03-19-2025, 03:55 AM

if your using AD or some spoofer i dont think they can recognize you are using a VM.
but QUBES is a best and the closest you will ever get go total privacy. I personally would use it if i used RDP all the time.
BEST
QUBES>WHONIX TEMPLATE vm >RDP

Fan1k · #3 03-19-2025, 04:08 AM

Quote:

Originally Posted by TASHO909

if your using AD or some spoofer i dont think they can recognize you are using a VM.
but QUBES is a best and the closest you will ever get go total privacy. I personally would use it if i used RDP all the time.
BEST
QUBES>WHONIX TEMPLATE vm >RDP

Hello, Yes that setup looks very good. I have read bad things about AntiDetect actually but haven't used it. There is this guy on a forum that told me that the best setup to card is to install Linux in the host machine and install Linux in a USB stick non persistent, before carding I run the live OS from the USB stick, change the hostname, change the mac address, install a VPN + RDP and card. Once I finish carding I just shutdown the computer and all the data will be wiped out.
What do you think of that setup?

smartguy · #4 03-19-2025, 04:17 AM

Quote:

Originally Posted by ineedcash

Hello, Yes that setup looks very good. I have read bad things about AntiDetect actually but haven't used it. There is this guy on a forum that told me that the best setup to card is to install Linux in the host machine and install Linux in a USB stick non persistent, before carding I run the live OS from the USB stick, change the hostname, change the mac address, install a VPN + RDP and card. Once I finish carding I just shutdown the computer and all the data will be wiped out.
What do you think of that setup?

You lost me here "best setup to card is to install Linux in the host machine and install Linux in a USB stick non persistent"
are you saying to install Linux as host machine , and run linux again from USB drive??
If that is the case, that is redundant and makes no sense.
running linux OS from usb stick > VPN > RDP , yes that will work perfectly .
very good setup , but i personally prefer whonix as you can just use Remmina to connect to your rdp.. but that setup will work fine.
I think some of the ADV. setup that was outlined in bailopan advanced opsec guide is kinda overkill to me (just my opinion).. its not like am trying to hack into the CIA database.

Fan1k · #5 03-19-2025, 04:24 AM

Quote:

Originally Posted by TASHO909

You lost me here "best setup to card is to install Linux in the host machine and install Linux in a USB stick non persistent"
are you saying to install Linux as host machine , and run linux again from USB drive??
If that is the case, that is redundant and makes no sense.
running linux OS from usb stick > VPN > RDP , yes that will work perfectly .
very good setup , but i personally prefer whonix as you can just use Remmina to connect to your rdp.. but that setup will work fine.
I think some of the ADV. setup that was outlined in bailopan advanced opsec guide is kinda overkill to me (just my opinion).. its not like am trying to hack into the CIA database.

Hello! Thank you for your reply.
>> are you saying to install Linux as host machine , and run linux again from USB drive??
Yes, I am saying that. The reason (I believe) is because Linux will give a little bit more security to my host machine instead of using Windows (that has backdoors to CIA/NSA/FBI according to some people) So installing Linux in the host and running Linux again from USB could be redundant but safer (I believe?)
>>running linux OS from usb stick > VPN > RDP: Would you recommend using NordVPN or a third world country VPN ? A user told me to look for 3rd world county VPNs to do my carding. NO needs for socks5 as I already have RDP right?
>>I think some of the ADV. setup that was outlined in bailopan advanced opsec guide is kinda overkill . Hey! You have read Bailopan's guides?? At least someone that has read the same stuff that I have hahaha. Do you think Bailopan's guides work? I have spoken to a lot of people that tell me that using a VM is stupid because it burns cards and also making an encripted volume with veracrypt is stupid because if LE gets my laptop and see that there is an encrypted volume it would be obvious that I am hiding something.

smartguy · #6 03-19-2025, 04:32 AM

>>>>Seems way overkill to me . i would only do that if i were trying to hack into the cia /fbi database, but if it makes you feel safe , go ahead.
>>Nordvpn is fine , i have been using it for years. Depends certain shops you will have to zero in on location. example amazon, so certain webshops will require socks.
{quote}
Do you think Bailopan's guides work? I have spoken to a lot of people that tell me that using a VM is stupid because it burns cards and also making an encripted volume with veracrypt is stupid because if LE gets my laptop and see that there is an encrypted volume it would be obvious that I am hiding something {quote}
using veracrypt is NOT stupid , its people who dont take the time out to understand and aware of the risks involved in fraud.

Fan1k · #7 03-19-2025, 04:36 AM

Quote:

Originally Posted by TASHO909

>>>>Seems way overkill to me . i would only do that if i were trying to hack into the cia /fbi database, but if it makes you feel safe , go ahead.
>>Nordvpn is fine , i have been using it for years. Depends certain shops you will have to zero in on location. example amazon, so certain webshops will require socks.
{quote}
Do you think Bailopan's guides work? I have spoken to a lot of people that tell me that using a VM is stupid because it burns cards and also making an encripted volume with veracrypt is stupid because if LE gets my laptop and see that there is an encrypted volume it would be obvious that I am hiding something {quote}
using veracrypt is NOT stupid , its people who dont take the time out to understand and aware of the risks involved in fraud.

Great, thank you so much.
I will use nordvpn. If I use a linux live OS non persistent I would not need to make encrypted volumes right? I mean, if I use Live OS there is no need to encrypt anything because the whole point of a live OS is that the information is all wiped out.