Brewly - Worldwide Marketplace

[BigBaldBeardGuy]

Here you go Brewly. I get to hammer the last nail in your coffin.

https://abcnews.go.com/International/wireStory/...e-75196750

The servers were located in Moldova, where steroids are legal. Now I know there was a lot more than steroids sold on DarkMarket but the point is that you aren’t untouchable. And more importantly, your website isn’t offering anything more in the way of “security” than the way things are done already.

 

[shackleford]

Here you go Brewly. I get to hammer the last nail in your coffin.

https://abcnews.go.com/International/wireStory/...e-75196750

The servers were located in Moldova, where steroids are legal. Now I know there was a lot more than steroids sold on DarkMarket but the point is that you aren’t untouchable. And more importantly, your website isn’t offering anything more in the way of “security” than the way things are done already.

I leave for a couple days and you recruit a few more brewly busters. I'll have to get a few more shirts made up. Keep on bustin!!!

 

[Bengan]

Its not legal to sell steroid in ukraine where server is located.

 

[Brewly]

Its not legal to sell steroid in ukraine where server is located.

I am pretty sure it is, though our servers are in Malaysia. What you were looking at earlier in the thread was a proxy. Illegitimate traffic gets filtered out before it hits the origin server. Though, we use a different service for that now.

 

[muscletrain]

As someone who has dealt with this type of thing before, you're basically a darknet market without the security that TOR/onion hosting offers. I see no benefit to this at all besides you trying to appeal to people who aren't tech saavy enough to use TOR.

I would love a breakdown of how you keep everything Full disk encrypted etc if you don't mind. No matter what you are operating what amounts to a darknet market on the clearnet which is just lunacy.

Best case scenario is teaching the meatheads how to properly use PGP as well as the actual labs. Learning to actually communicate with PGP you can send your orders through damn Gmail and it doesn't matter instead of relying on 3rd parties like yourself or web providers that pinky swear they are secure.

 

[Whopperflopper]

It doesnt take 60 pages to vet a source. I've seen them gone in one. This looks like a couple guys with the different handles talking to themselves. I have no skin in this game, I admit it was amusing at first. Now, it's just the same few doing their utmost to protect us from one of the better raw sources out there. Grudges, feuds, I think someone fucked a dog or something. Keep bumping the thread, DO has his shit together, I haven't seen a single post where brewly scammed anyone. Less sources on his forum as they get culled out. BUMP FOR BREWLY! Everyone is thinking of you at night, sweet dreams

 

[BigBaldBeardGuy]

It doesnt take 60 pages to vet a source. I've seen them gone in one. This looks like a couple guys with the different handles talking to themselves. I have no skin in this game, I admit it was amusing at first. Now, it's just the same few doing their utmost to protect us from one of the better raw sources out there. Grudges, feuds, I think someone fucked a dog or something. Keep bumping the thread, DO has his shit together, I haven't seen a single post where brewly scammed anyone. Less sources on his forum as they get culled out. BUMP FOR BREWLY! Everyone is thinking of you at night, sweet dreams

Well fuck it then.

You miss the whole point. There’s other sources besides Dragon on the website. If it was just Dragon this wouldn’t even be a discussion.

Order up. First round is on @Whopperflopper

Enjoy guys and good luck. The Underground can fucking burn for all I give a shit.

I’m off to BoP to invite Victory Pharma, PSL, and whoever the fuck else wants to source here.

 

[shackleford]

Well fuck it then.

You miss the whole point. There’s other sources besides Dragon on the website. If it was just Dragon this wouldn’t even be a discussion.

Order up. First round is on @Whopperflopper

Enjoy guys and good luck. The Underground can fucking burn for all I give a shit.

I’m off to BoP to invite Victory Pharma, PSL, and whoever the fuck else wants to source here.

You big bully beard guy. How dare you attempt to hold sources accountable. Dont you know this is a source forum and members are guests here.
/sarcasm

 

[DrinkFlintWater]

Only needed to read this page....already know

Ohhh nice, we got GIFs now

 

[Bengan]

I am pretty sure it is, though our servers are in Malaysia. What you were looking at earlier in the thread was a proxy. Illegitimate traffic gets filtered out before it hits the origin server. Though, we use a different service for that now.

Still ukraine. 82.82
Dont trust cloudflare so mutch. Over and out!

PS: I belive your coding knowledge is better than hiding server.

 

[Brewly]

As someone who has dealt with this type of thing before, you're basically a darknet market without the security that TOR/onion hosting offers. I see no benefit to this at all besides you trying to appeal to people who aren't tech saavy enough to use TOR.

I would love a breakdown of how you keep everything Full disk encrypted etc if you don't mind. No matter what you are operating what amounts to a darknet market on the clearnet which is just lunacy.

Best case scenario is teaching the meatheads how to properly use PGP as well as the actual labs. Learning to actually communicate with PGP you can send your orders through damn Gmail and it doesn't matter instead of relying on 3rd parties like yourself or web providers that pinky swear they are secure.

Only steroids

Well I'd say a fully fledged darknet market is not a good comparison seeing as we only sell steroids. We do not offer narcotics, stolen credit cards, fraud services, murder for hire, etc. Things you'd find on a darknet marketplace. Things that are illegal on every corner of the planet.

Proof is in the pudding

Consider the PoS (point of sale) steroid websites that exist today: Steroidify, PPL, DO or even the forums: Meso, SST, BoP, aasforum. They've all existed for years without problem. We're not unlike a steroidify or a PPL except instead of one vendor selling, it's multiple. These sites has stood the test of time. The proof is in the pudding.

Tor and .onion TLD

With regards to Tor and "onion hosting", to my understanding (correct me if I'm wrong) darknet markets are on onion domains primarily because no ICANN registar could ever let the services DNM provide, slide (guess im a rapper). Being on an onion domain doesn't mean you're secure. It just means your site is not reachable by a standard TLD like .com or .org or .net or the thousand others. It's .onion.

Encryption

I've gone over our encryption as well as the fact that orders are auto-deleted when they're marked as "Shipped". I've never claimed our entire drives are encrypted, that's not necessary. Emails are encrypted, passwords are hashed, shipping info is encrypted (and automatically deleted). There's no science to it. All that data is encrypted at rest in the server and encrypted in transit via SSL (that lil security lock sign you see on most websites in the url bar).

PGP

Like you said, if you want to take things to the next level of security, you can use PGP. We've built in convenient support for that.

Third parties

And yes I agree. Let's involve less third parties. Instead of forums and emails, condense the process into a one stop shop. One that's encrypted, securely hosted, and doesn't comply with government requests (like protonmail or tutanota).

 

[BigRed91]

It doesnt take 60 pages to vet a source. I've seen them gone in one. This looks like a couple guys with the different handles talking to themselves. I have no skin in this game, I admit it was amusing at first. Now, it's just the same few doing their utmost to protect us from one of the better raw sources out there. Grudges, feuds, I think someone fucked a dog or something. Keep bumping the thread, DO has his shit together, I haven't seen a single post where brewly scammed anyone. Less sources on his forum as they get culled out. BUMP FOR BREWLY! Everyone is thinking of you at night, sweet dreams

Why do u think there is less sources on there now? Bc he kept getting called out, he was gonna let Any shitty source sell on his "steroid amazon". I agree the thread should die now but idiots will still order from him anyway

 

[Brewly]

Why do u think there is less sources on there now? Bc he kept getting called out, he was gonna let Any shitty source sell on his "steroid amazon". I agree the thread should die now but idiots will still order from him anyway

Why spin listening and being responsive to the community like that? Seeing how open, unfiltered, and uncensored Meso is, I genuinely thought that was the model you guys wanted.

A model where anyone is allowed to post and sell and the community decides their worth based on the pictures they provide (or whether or not they even do), reviews, testing, etc.

You guys have pushed for something more curated, and we've gone in that direction. We listened and promptly responded.

Think about our financial incentive. We want happy customers that buy from good sources because those are returning customers. We want good sources to rise while bad ones fall. That means more business for the site.

 

[JPadjacent]

As someone who has dealt with this type of thing before, you're basically a darknet market without the security that TOR/onion hosting offers. I see no benefit to this at all besides you trying to appeal to people who aren't tech saavy enough to use TOR.

I would love a breakdown of how you keep everything Full disk encrypted etc if you don't mind. No matter what you are operating what amounts to a darknet market on the clearnet which is just lunacy.

Best case scenario is teaching the meatheads how to properly use PGP as well as the actual labs. Learning to actually communicate with PGP you can send your orders through damn Gmail and it doesn't matter instead of relying on 3rd parties like yourself or web providers that pinky swear they are secure.

 

[muscletrain]

Only steroids

Well I'd say a fully fledged darknet market is not a good comparison seeing as we only sell steroids. We do not offer narcotics, stolen credit cards, fraud services, murder for hire, etc. Things you'd find on a darknet marketplace. Things that are illegal on every corner of the planet.

Proof is in the pudding

Consider the PoS (point of sale) steroid websites that exist today: Steroidify, PPL, DO or even the forums: Meso, SST, BoP, aasforum. They've all existed for years without problem. We're not unlike a steroidify or a PPL except instead of one vendor selling, it's multiple. These sites has stood the test of time. The proof is in the pudding.

Tor and .onion TLD

With regards to Tor and "onion hosting", to my understanding (correct me if I'm wrong) darknet markets are on onion domains primarily because no ICANN registar could ever let the services DNM provide, slide (guess im a rapper). Being on an onion domain doesn't mean you're secure. It just means your site is not reachable by a standard TLD like .com or .org or .net or the thousand others. It's .onion.

Encryption

I've gone over our encryption as well as the fact that orders are auto-deleted when they're marked as "Shipped". I've never claimed our entire drives are encrypted, that's not necessary. Emails are encrypted, passwords are hashed, shipping info is encrypted (and automatically deleted). There's no science to it. All that data is encrypted at rest in the server and encrypted in transit via SSL (that lil security lock sign you see on most websites in the url bar).

PGP

Like you said, if you want to take things to the next level of security, you can use PGP. We've built in convenient support for that.

Third parties

And yes I agree. Let's involve less third parties. Instead of forums and emails, condense the process into a one stop shop. One that's encrypted, securely hosted, and doesn't comply with government requests (like protonmail or tutanota).

What? Absolutely not they are hosted via TOR so that you can't do what others here seemingly already did and pinoint your and the servers location. They are setup to point to 127.0.0.1 / localhost so that no traffic from the regular internet can touch them and all traffic must come from within the TOR network. It has nothing to do with bulletproofing the domain/DNS.

It absolutely means you are more secure, a smart person would host their site on an encrypted VPS/server with the site running within it and receiving no requests from regular internet traffic.

Similar to how people sandbox their TOR browsing/work in a Virtual Machine that is set to block/receive zero non TOR traffic, you then encrypt that folder so your entire environment is isolated. Or better yet just Full Disk Encrypt your entire drive. This is similar to how DNM's are run so the hosts can't poke around as its typically still on regular hosting before it is setup to only communicate with Onion traffic.

Just by that response alone I would put into question your overall security or maybe you're just the PR guy.

 

[Brewly]

What? Absolutely not they are hosted via TOR so that you can't do what others here seemingly already did and pinoint your and the servers location. They are setup to point to 127.0.0.1 / localhost so that no traffic from the regular internet can touch them and all traffic must come from within the TOR network. It has nothing to do with bulletproofing the domain/DNS.

It absolutely means you are more secure, a smart person would host their site on an encrypted VPS/server with the site running within it and receiving no requests from regular internet traffic.

Similar to how people sandbox their TOR browsing/work in a Virtual Machine that is set to block/receive zero non TOR traffic, you then encrypt that folder so your entire environment is isolated. Or better yet just Full Disk Encrypt your entire drive. This is similar to how DNM's are run so the hosts can't poke around as its typically still on regular hosting before it is setup to only communicate with Onion traffic.

Just by that response alone I would put into question your overall security or maybe you're just the PR guy.

I'll be the first to admit I'm no expert on the exact way Darknet markets are ran, so I appreciate the insight you provided. Please keep in mind, we're not a darknet market. We don't sell narcotics, stolen credit cards, etc. There's a lot less heat here, so to speak.

Fortunately, you don't have to take my word for it.

There is a long history of steroid websites on the clearnet (we're on one). There's plenty of clearnet PoS sites around, and they've been around for years. Not to mention the forums that have been around for decades.

Hell besides forums and PoS sites, the email services everyone uses have, for the most part, not cracked down on steroid-related criminal activity yet.

Sure, forums are just discussion-boards and arenas for free speech, but people are selling and soliciting scheduled substances here, it's not just casual conversation.

To reiterate the security stuff:
- Shipping info is encrypted in transit and at rest
- Shipping info gets automatically deleted when vendors mark your order as shipped

Don't trust any of that? No problem, use PGP. We've made it easy.


I'm not claiming it's on the level of a darknet market.

I am claiming it's better than U.S. hosted forums, email services that comply with gov requests, and wordpress/prestashop websites.

I agree with you that in an ideal world we'd all be buying steroids on the darknet, or at least take advantage of Tor and PGP in a more widespread way. Hopefully we can push the use of PGP, at the very least.


Thanks again for the write-up. It was insightful.

 

[muscletrain]

I'll be the first to admit I'm no expert on the exact way Darknet markets are ran, so I appreciate the insight you provided. Please keep in mind, we're not a darknet market. We don't sell narcotics, stolen credit cards, etc. There's a lot less heat here, so to speak.

Fortunately, you don't have to take my word for it.

There is a long history of steroid websites on the clearnet (we're on one). There's plenty of clearnet PoS sites around, and they've been around for years. Not to mention the forums that have been around for decades.

Hell besides forums and PoS sites, the email services everyone uses have, for the most part, not cracked down on steroid-related criminal activity yet.

Sure, forums are just discussion-boards and arenas for free speech, but people are selling and soliciting scheduled substances here, it's not just casual conversation.

To reiterate the security stuff:
- Shipping info is encrypted in transit and at rest
- Shipping info gets automatically deleted when vendors mark your order as shipped

Don't trust any of that? No problem, use PGP. We've made it easy.


I'm not claiming it's on the level of a darknet market.

I am claiming it's better than U.S. hosted forums, email services that comply with gov requests, and wordpress/prestashop websites.

I agree with you that in an ideal world we'd all be buying steroids on the darknet, or at least take advantage of Tor and PGP in a more widespread way. Hopefully we can push the use of PGP, at the very least.


Thanks again for the write-up. It was insightful.

Correct, and you are right to distance yourselfs from what DNM's sell I guess its up to sellers and buyers to realize if its worth it for your middle man service. Do you escrow the BTC for your buyers/sellers like the markets though? Or is multi-signature available so that people don't have to pray you don't run off with a wallet full of money / get busted / etc.

Basically you are only worth how big you can get imo, if Brewly stays small time you really have zero leverage to pressure sellers if like you said, there are 50 other clearnet sites to go sell on.

 

[Brewly]

Correct, and you are right to distance yourselfs from what DNM's sell I guess its up to sellers and buyers to realize if its worth it for your middle man service. Do you escrow the BTC for your buyers/sellers like the markets though? Or is multi-signature available so that people don't have to pray you don't run off with a wallet full of money / get busted / etc.

Basically you are only worth how big you can get imo, if Brewly stays small time you really have zero leverage to pressure sellers if like you said, there are 50 other clearnet sites to go sell on.

We have a planned formal order dispute system that will function more similarly to how Paypal does things than an escrow. We don't want the threat of an escrow exit scam looming over everyone's heads. And we also don't want to be holding vendor funds for extended periods of time. I've gone over the proposed details many times, early in the thread. If you'd like me to again, let me know.

Though, there's still a place for Escrow I feel. Perhaps as an optional feature for exceptionally large purchases. We'll talk more about this in the coming months, it's not an immediate priority right now.

Yes, I agree. That's an excellent observation. We have a bit of a chicken-egg problem. Assuming Brewly grows over the coming months (and years), we'll have the power to hold vendors accountable in a way that is much greater than currently possible.

I'd say there's about a handful of steroid forums where a vendor can solicit sales. They've been around for a long time, and we haven't. Only time will tell, but I am confident that a convenient one-stop shop is a compelling alternative to forums and emails.

In time, the market will decide our fate.

In the meanwhile, I appreciate the productive conversation.

 

[mo1990]

 

[Brewly]

Fixed. What VPN (if any) were you on if you don't mind me asking?