pull down to refresh

I am looking for advice on best practices when ordering bitcoin hardware online (hardware wallets, mining rigs, etc..)
The major threat vector I am trying to address is if the company has a data breach (example: ledger data breach). Data from these bitcoin only companies seems to be a huge honey pot. As there is a strong correlation that you own bitcoin if you bought from them and might be a good target for a 5 dollar wrench attack.
There seems to be two major privacy components here.
  1. Payment
  2. Shipping
Payment - Appears to be handled in a couple acceptable ways that perseveres enough privacy. Pay in Bitcoin, gift cards, per paid card, etc... So this is not an major issue.
Shipping is the piece I don't have a good option. Here are some thoughts I have had and the down sides:
  • Shipping to someone else's address (neighbor or family member). Down Side: This puts the third party at risk however.
  • Contract with a Mailbox company. Down Side: Many appear to want ID information to open an account. Some cost associated with the service. An extra party has access to your package and hopefully will not tamper with it.
So I ask the SN community for any tips and advice that I have not considered.
Thanks in advance.
1,500 sats paid
Wumbo's bounties
Shipping is the piece I don't have a good option. Here are some thoughts I have had and the down sides:
  • Shipping to someone else's address (neighbor or family member). Down Side: This puts the third party at risk however.
  • Contract with a Mailbox company. Down Side: Many appear to want ID information to open an account. Some cost associated with the service. An extra party has access to your package and hopefully will not tamper with it.
I bought ledger when I was traveling before, so I just used the place where I was staying, and I didn't use my fiat name - I had tried ordering it to Portugal, and everything was really smooth; But the second time, I ordered it to Hungary, and I received an mail saying that I needed to fill in the missing family name and submit my ID for the custom control or something ( one mistake I made during the ordering I only fill the name without a family name, but then I searched online many people have the same experience - got asked for ID from DHL ), so I wrote back with a family name but ignored the ID part because I'd rather get a refund than sharing the ID.
And guess what, three days later, it's delivered and no question asked.
reply
I asked about this here and didn't really get any good output :/ hopefully you get better answers!
reply
Thanks, interesting read.
reply
In Europe, at least in some countries like Hungary, some online shops, “bigger” ones, and delivery companies install their “pick up boxes” here and there and people can specifically ask for delivery of their items to these boxes. Boxes can be open with a QR code, so you just need to fake the registration, typically there is no KYC. But this of course depends on whether online shops have and offer delivery like this. Maybe worth checking? It could be that some posted this already, I am just too tired to scroll:)
reply
Good thought. I will have to see if there are any Parcel Lockers https://en.wikipedia.org/wiki/Parcel_locker around me.
reply
If you can buy in a brick and mortar store and pay cash that would solve many problems.
On line:
  • Use a temporary email address. (Simple login is a good option)
  • Pay with BTC
  • Delivery to a PO box or a place where you can collect it from.
reply
If you can buy in a brick and mortar store and pay cash that would solve many problems.
Wish I could.
reply
12 sats \ 1 reply \ @Bullen 22 Feb
Buy the parts to a seed signer and build it yourself.
reply
This. You dont order something related to bitcoin and you can even order the different parts from different vendors.
reply
353 sats \ 2 replies \ @fm 22 Feb
Shipping to someone else's address (neighbor or family member). Down Side: This puts the third party at risk however.
Dont burn your friends or family..
Use a business.. Like the local hotel, the local grocery shop.. Simply say you will be away for a short time and ask if they can receive the package..
Business receive a lor of mail, so, not likely to cause any problems..
reply
Interesting thought about a local business.
I can see the Hotel working ok. You are correct it is not odd for a customer to have a package delivered to the Hotel.
reply
12 sats \ 0 replies \ @fm 22 Feb
Not at all, I used to travel a lot.. Airport was my second home.. So neither the hotel or the bar down the road next to your house will put you any problems.,. Also, nowadays everybody gets shit from amazon
reply
235 sats \ 3 replies \ @OT 22 Feb
Using a PO box is a pretty good way for receiving goods privately
reply
Seems like they all want some form of ID to open up the Box.
reply
2 sats \ 1 reply \ @anon 22 Feb
They do. This will generally be a decent privacy improvement, but realize if asked any PO box provider will immediately turn over all of your personal info. I view very similar to a VPN, yes you probably get some decent general privacy but you do centralize into a trusted entity that the government can dox at will. It can be a reasonable tradeoff depending on your individual concerns and priorities.
reply
27 sats \ 0 replies \ @OT 22 Feb
Maybe not perfect but it would be effective for everything but a state level attack (police).
Weigh up the risks. If you really have that much bitcoin you can probably pay someone to buy it and pick it up without giving your details.
reply
1786 sats \ 6 replies \ @anon 22 Feb
If paying in fiat Privacy.com is helpful. They could be a honeypot (similar to VPNs), but they are consistently well reviewed and respected. Don't use your real name. Always use a fake name. Get a single use burner email or at least a protonmail account. Extra bonus points for paying simplifiedprivacy to help you setup your own email server. Ship to a business- most workplaces are fine receiving your mail and the secretary or mail person is too busy to snoop anyway. I had a past workplace where everyone had all mail sent to office because mail robbery got so bad in California. Mailbox companies are 100% honeypots that are notorious for losing or leaking, even accidentally, your govt ID and info. Don't be a dick and do things that put friends or family at risk. This is unethical and defeats the spirit of this request.
reply
Ship to a business- most workplaces are fine receiving your mail and the secretary or mail person is too busy to snoop anyway. I had a past workplace where everyone had all mail sent to office because mail robbery got so bad in California.
Looks like Pepe Silvia might getting some mail delivered in the near future!
reply
Privacy.com seems like a great service but I have not used it let. Question: I know privacy.com lets you spin up a new card easily but what does it do for the billing address that many websites prompt your for? Does one put garbage in the fields or does privacy.com have an address to be used with the card?
reply
12 sats \ 0 replies \ @anon 22 Feb
I always put in garbage info and it clears just fine.
reply
16 sats \ 1 reply \ @anon 22 Feb
Privacy.com is also an amazing way to save money. I use them for any online payment where I cannot use Bitcoin. For any subscription or service I only want to use once or limit my spend to a specific $ amount - I use a one time card, and I cannot tell you how many times some forgotten subscription or bullshit charge comes around in 6 or 12 months and I'm saved by this service. So even privacy aside, its a good money saving/budgeting tool because you can control EXACTLY how much and when you spend and it cannot go a penny over.
reply
Spending limits per card per time period is great. Would have been great if banks supported this long ago, but it isn’t in their interest. We were forced into in an envelope method for the longest time
reply
Even if it’s a honeypot that’s fine, I don’t expect privacy from the authorities with it, but from companies and data leaks. Its greatest feature is being able to set spend limits on individual cards. If an app should cost $2, set a limit a little above that, to ensure no funny business or hidden recurring fees.
reply
OK I gotta ask this. Don't you fellaz afraid you pay some hard-earned BTC and send it to some dude in China in hope of seeing your ASIC and it never comes... what then? Truthfully, that's what stops me from getting one...
reply
12 sats \ 0 replies \ @anon 22 Feb
imho 100x better to just stack sats than try to mine unless you can repurpose the excess heat. Home mining should be a fun hobby or passion project and not a profit seeking endeavor. Over the next 6-12 months would you rather have another 2-3M sats or a miner you'll probably lose money on if you pay retail electricity rates and can't use the heat year round? Just one plebs thoughts
reply
There are several resellers you could also acquire from that might be in a location you are more comfortable with.
reply
12 sats \ 1 reply \ @doofus 22 Feb
You could send it to your ex's house if you can get there before they check the mail.
reply
Hopefully the Ex doesn't find the package first.
I am picturing ASIC mining rigs being throw out of a window onto the street.
reply
Well, for a bitcoin-only hardware wallet (more a signing device, but ok) you could build yourself a seedsigner with parts collected from different vendors. Best privacy option for that specific use case, imo.
reply
why seek privacy only for bitcoin related purchases? you are being profiled. privacy should be the default
reply
stackers have outlawed this. turn on wild west mode in your /settings to see outlawed content.