Home » Articles » Interview With Middle Earth Marketplace Admin (Post Onymous)
Click Here To Hide Tor

Interview With Middle Earth Marketplace Admin (Post Onymous)

After the recent Operation Onymous and the take down of many markets, we were wondering how the remaining markets are doing, and what are their plans for the future, luckily we had a chance to conduct an interview with the admin of one of the newer markets – Middle Earth marketplace and get some comments:

Market listing and url:  Middle Earth Marketplace

Proof of ID middle earth market

Proof of Id of the market admin

Proof Of ID2: Signed message

So how does it feel to be one of the survivors of operation onymous?
TH- Firstly, thank you DeepDotWeb for this interview. I appreciate you taking the time to do this.
To be honest with you, a mixture of relief and indifference. I do not mean to sound nonchalant about the gravity of the situation, however I know every inch of my marketplace and know that Middle Earth is secure. Middle Earth is constantly backed-up/copied and we have multiple servers in case of emergencies. If we were to ever go down, we’d pop back up soon after with everyone’s BTC intact and the site operating at 100% in a new URL. My team are excellent, adaptable and intuitive individuals that I know are not going to do something crazy like letting an undercover agent infiltrate our team. Although I can’t deny that as the news came in of this Operation’s path of destruction, 1 down, 2 down, 3 down… Myself and the team certainly raised our “Defcon” alert level (no pun intended at all).

How long have you been online?
TH- Almost 6 months.

How long do you think it will last and what would be your exit strategy assuming you will be the one to decide when it happens?
TH- People will keep rebelling forever, whether it’s at Middle Earth or another site, rebellion and fighting for your freedom is something that will never end. That gives me some comfort. Exit strategy? Well I had a lot of respect for the way BMR stopped. Backopy took BMR down piece by piece and informing everyone of the procedure as he went along, I was vending there at the time so I really appreciated that a lot! In an ideal scenario if I am the one to decide, then I would eventually retire gracefully like Backopy and BMR did.

Is it not scary to run a market at times like this when even the guys from Tor are not sure what was the exploit used by LE?
TH- One must have courage DeepDotWeb. Fear is a healthy emotion to embrace to a certain extent, it keeps you grounded and alert but you cannot focus on it or the pressure will get to you, then you will break. History shows us that heroes have changed the fate of the world by standing their ground in the face of adversity, that truly inspires me.  Am I scared? Should a site owner admit such things? Yes. I am the owner of a global illegal trading platform and I know all too well that sometimes, people don’t return from their adventures. But I am “TheHobbit”… and I’m going on my adventure.

What do you do to protect yourself? (general stuff that you are able to discuss, not specific technical details)
TH- Magic spells :) Sorry I cannot discuss that.

What type of security measures are implemented in your market in order to protect buyers?
TH- For buyers safety, we do not let any vendor request FE without earning the right to do so properly (unless they have absolute proof they are a well known, reliable and approved vendor from another visible market, with a signed PGP message and positive FE based customer reviews). Everything deleted by a user is permanently wiped from the server, all meta-data of user’s pics are automatically stripped when uploaded. We have 2-Factor Authentication. The site is monitored 24/7 by real security experts. Also everything in Middle Earth is custom built, we use no 3rd party software at all. Everything is encrypted so much behind the scenes that even if a server was seized, it would be impossible to retrieve any usable data, just an encrypted mess. Our users, both vendors and buyers, are safe.

Any plans to implement multisig?
TH- Yes. I have plans to implement it but multi-sig is very hard for basic users to understand. I will only implement multi-sig after the multi-sig system’s user friendliness is maximized and more clear for basic users. That is why I can’t say when to expect it yet. In time Middle Earth will add it maybe. For now Middle Earth is working hard for it’s users and the market’s security.
Multisig is good, but it’s not panacea. You know? In the big picture it does not solve all a marketplace’s problems. Hydra had multi-sig but they still got fucked on security… You follow me?

At first you insisted on using JS and later disabled it – What made you change your mind?
TH- I knew this one was coming :) I made a dual-version of the site, one that functions Non-JS and one that has a much more pleasurable user experience, that functions with JS. I did this dual-version because everyone kept saying “I like your site but I won’t use it because of JS” and you should always listen to what your customers want. I would like to add though, that in no way is Middle Earth’s JS unsafe!
I use the JS version and I’m still here after Operation Onymous. Don’t you think that I would have eaten shit if my JS was unsafe? Definitely. We had hackers come and try the XSS attacks and SQL injections etc. They didn’t get anywhere.

What features do you have on your market that in your opinion are making it better than other markets?
TH- What makes it exceptional is the customer service and the security. The high quality and attention to detail of Middle Earth marketplace is to a very high standard, it is a very fast site with a smooth interface. A pleasure to use. The community is fantastic too, it has a fresh feel to it, a growing tight-knit community like SR1 used to have. Myself and my team all try to promote as much community spirit as possible because that really makes a big difference. We are all on the same team and we need to be a community that has each others well being in mind and communicates/educates well together on DarkNet matters.

Did you see people migrating to your market after the recent takedowns?
TH- Yes, big time. I don’t know about the other markets but we had many big-hitters join and there are more coming in every few minutes. Over the next few weeks, I know for a fact that you will be seeing some of the most well known vendors out there, selling in Middle Earth. Many are already there and are making their listings as we speak.

Can you say approx numbers of growth or in general how many users / listing / vendors you have on your market?
TH- So over the first few months we had about 10,000 members join but very few vendors, it was slow. We were settling in to the DNM scene and many markets had just opened but we were staying afloat. It just seemed like everyone was waiting for something, not just the whole JS thing but a migration. Many liked the site but were busy at other markets at the time. After the busts, new users count went through the roof and to my delight, the big vendors started knocking at my door. Maybe now Middle Earth will get to realize her full potential and give users a great experience and a safe place to trade. We only had 200 listings for the last 5 months, in the last 48 hours, there are already another 200 listings! We will be at a 1000 listings in no time at this rate. Having 10,000+ listings is the goal of course, but this is a great step in the right direction.

What do you do to attract vendors?
TH- Treat them with respect. Also at the moment I am waiving all vendor fees for vendors affected by the recent events. If you need a new home, you are most welcome at Middle Earth and will be treated with respect, be safe and receive great customer service. Everything you need.

What are the fees on your market?
TH- It ranges from 7% – 2%.
Vendor award structure is as follows:
(first $49 of sales is 7% commission)

THE GIFTED APPRENTICE – $50-$250
1 star – 6% commission

SHROUD OF PROGRESS – $250-$1000
2 stars – 5% commission

SCROLL OF HONOR – $1000-$2500
3 stars – 4% commission

RUNE-STONE OF TRUST – $2500-$5000
4 stars – 3% commission

LEGENDARY BATTERING RAM OF VENDING – $5000+
5 stars – 2% commission

Any products are prohibited on your market?
TH- Child porn is strictly NOT allowed at all and neither are assassination services.

Can you tell us a bit about yourself? (vague and general stuff of course)
TH- All I can say is that I am “TheHobbit”.

Obviously most DNM admins have skills, What made you decide to choose this line of work and not lets say normal programming work…?
TH- I break the mold I guess :) It just happened this way, I went right down life’s rabbit hole and ended up as TheHobbit. I was already a vendor for so long that this was the next logical step after losing so much money to scams (thank you Sheep and TorMarket for that). My entire focus and specialty is Tor network security and defense.

What are the hard parts of running DNMS today as oppose yo lets say few month ago?
TH- For me it’s the same every day no matter what. SECURITY SECURITY SECURITY. That is number 1 and top priority every single second.

Did you experience any attacks on the markets so far that you could share?
TH- Yes we have been attacked almost daily. XSS attacks, SQL injections, you name it, they’ve tried it. Nobody ever got shit. Zero security breaches so far.

Did you have any funny experiences as a market admin with vendors/buyers/LE that you would like to share?
TH- Not really it’s always work work work behind the scenes. We don’t play about ever within the site. Ever.

Is it worth it at all?? Money/Risk wise (for a small market)
TH- Yes. For me it is worth it. It’s not just about money for me, as I said before, this is my role in life and I will embrace that. My team and I want to accomplish this the right way and create the E-bay of DarkNet successfully, safely and with integrity.

Any thoughts about where the DNM’s are heading? (decentralization etc…)
TH- This is about the efficiency, focus and resolve of market’s actual owners. I think that it is important to remember certain facts when debating this point. Speaking as the owner of a marketplace, I believe that DNM’s are fine the way they are as long as they are built correctly and managed properly. Everything based on security, strategy and logic. Yet owners continue to do the dumbest shit and keep getting their markets busted by LE.

-Silk Road 1, security breach.
-Sheep, scam.
-TorMarket, scam.
-Silk Road 2, security breach.
-Utopia, security breach
-Cloud 9, security breach
-Hydra, security breach
-Pandora, security breach

The list goes on and on. Badly executed plans, badly executed security protocols, no safety-nets in place. So in my humble opinion, people are going to keep inventing new gimmicks to say they are more secure, when really you don’t need more gimmicks, you need solid, stringent and concrete security run by an elite team of dedicated security specialists, which is what we are doing and will continue to do at Middle Earth Marketplace.

Anything else that you would like to add or that i might forgotten to ask?
TH- I would like to end by inviting all vendors affected by the tragic events to come and become part of a great community at Middle Earth. I will waive the vendor activation fees so that you can get back to business quickly.
A sincere thank you to my Middle Earth team, you guys are the best. I could not do this without you by my side.

I truly hope to serve you all well.

Thank you DeepDotWeb for the opportunity to be heard here today.

Sincerely,

-TheHobbit.
Owner of Middle Earth Marketplace.

4 comments

  1. i’m now almost 100% convinced that this Operation Onymous only got the busts it did because of the laziness, slackness and lack of security on the sites…most of which, as i understand it, were all connected to a central site….

    that…..and…..informers/snitches/under-cover coppers/narcs….the usual tactics of LE……

    they’re trying to “spook” every-one that Tor ain’t secure….i believe it IS if you use the appropriate precautions…..although….i do have grave doubts abt the Windows o/s…..but…not LINUX….

    even if the NSA could ‘crack’ it….you think they’d share that with a bunch of low-life dead-shite cops from crap-holes like the UK, Lituania and Bulgaria? ………hardly!

  2. @JIMBO I think if the NSA can crack Tor then so can GCHQ. And one of GCHQ’s stated aims is to combat organized crime. Even the Tor devs acknowledge that there are known attacks to decloak hidden services. There are also attacks that can be used to locate Bitcoin clients that are being run through Tor.

    If more DNM operators put back into the Tor network by running relays then it would make it harder for LE to locate their hidden services. DNM operators should run their business so that even if their servers are located that they still cannot be located themselves. I think a good approach would be to keep moving hosting providers. Once LE suspect a hidden service is located at a particular location it still takes time to get a warrant and image the server. By moving around it would frustrate LE and possibly allow DNM’s to stay one step ahead of them.

    Another good idea would be to not keep the private key on the same box that the actual market is being hosted on. By taking enough steps it would be possible to avoid take-down and arrest. Unfortunately it seems that so far many of the DNM operators have had very poor opsec and have made many mistakes that have lead to their demise.

    As the ecosystem matures, and with the advent of distributed markets such as OpenBazaar, I think it is highly likely that we will see the longevity of market-places and vendors increase. I would really like to see some of the big players in this space get-together and start offering bug-bounties and running hackathons as is normal in many other established online industries these days. As this space grows and matures I think it is only inevitable that big players are going to emerge that have learned from the mistakes of the past and that end up sticking around for many years.

    It is exciting to watch, we could very well be witnessing the emergence of a new economy that has the potential to challenge some of the most powerful and entrenched organizations on the planet. This is absolutely the most exciting time we could have possibly hoped to be alive, and things are only just getting started.

  3. MiddleEarth Vendor

    Havent been able to use the site all day and no way to contact the admin.

    The top frame is completely missing. I can see listings and shop but I can’t get into my account at all.

    :/

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *