Dread to Return with Fixes and Some Data Loss
People have taken this opportunity to spread fear, uncertainty, and doubt about Dread.
Attempts to visit Dread last week often resulted in a 502 error or short periods of complete accessibility. One of the Dread staff members, Paris, posted a post about the forum’s instability and issues handling Dread’s rapidly growing user-base.
In one comment on the post, Paris wrote:
We are currently sitting at about 150-175GHz of raw CPU power with the core and the front servers. The vast majority of the CPU usage is on the front servers handling the building and breakdown of all the trash circuits caused by the DDOS attack. In total we have like 50 to 60 CPU cores working constantly just to keep us up.
Its a lot. The server cost is very high. The infrastructure change isn’t really going to reduce the total cost but will make it more economical in the longer term but much higher value.
According to Dread’s creator, HugBunter, the server experienced a crash that resulted in the corruption of the data on the server. The most recent backup is two weeks old. HugBunter also explained that the crash had taken place at one of the least ideal times; he has been working on “new server infrastructure to handle a significantly higher load and provide complete uptime across the board, not only solving our recent 502 error issues, but also ensuring any future Tor DoS attacks would be futile in rendering the service unavailable.” Backups of Dread seemingly slipped his mind. He promised to automate backups in the future.
When Dread comes back it will bring some changes, including “includes bug fixes, optimizations and new features.” He is changing some of the rules as well, although the changes are not likely to have a significant impact on the majority of Dread users or their ability to use Dread. His complete message is available below and a signed version is available here.
HugBunter’s Message
Hi all, Been a while since I’ve necessarily needed to provide an official status update, but we’ve been down for almost 2 days now. This is fortunately not a DoS attack of any kind, however I do have some bad news to bring. I’ve warned for the need of a large update to the platform for a long time as it has became extremely unstable as it has significantly grown over time. Since I rushed the initial development there have been many factors that have caused issues for us behind the scenes on a regular basis, whilst appearing everything is running perfectly to the end user.
Yesterday, our core servers gave in and had a fatal crash which left the whole web server data including the database completely corrupt. We do usually have regular backups made, however this has really caught us off guard since we were in the process of building a new server infrastructure to handle a significantly higher load and provide complete uptime across the board, not only solving our recent 502 error issues, but also ensuring any future Tor DoS attacks would be futile in rendering the service unavailable.
At this point it appears that we have in fact lost around 2 weeks of data from the platform. So any posts, comments, new user accounts, etc within that time frame will now be gone, I can only apologize for this and reassure that this will not occur again as automated backups will be made on a very regular basis from here on out. We are finalizing the new server infrastructure right now as well as providing an update to the platform which includes bug fixes, optimizations and new features. There are also rule amendments that will be going live, which I will discuss at the time.
I cannot provide a specific eta right now, however we are hoping to be up and running within 48 hours at the very most.
Thank you for your patience and understanding.
Source: DreadAlert on Reddit
Comments (27)
It's not right2019-11-18860299a0
Smells fishy. He went mia for two weeks previously now this. He runs shops for vendors which puts a target on his back as big as any market admin. IRS chasing him down for tax evasion don't think he isn't wanted because it's only a "forum". Adding new admins like Paris out of the blue it all stinks. Avoid Dread and Envoy with the large amount of vendors and even market admins on there the feds would love to control it. Think about it they could capture every admin in a single go.
Pata42019-11-1811932550
People and their asinine intuitions do very little for themselves, or others. To the first comment, what exactly evidences any truth the statement that this is 'not like him'? Regarding the second comment, what behavior preceding the last extended period of downtime has been any different to inspire any degree of confidence not currently held? Wouldn't you agree it would be, at minimum, just as likely for the administrator to be a federal, state-sponsored actor the entire time?
pata4isfed2019-11-18c8408ae0
dude you have the same type style as paris.....interesting? i don't know if hugbunter has been arrested but this cant be a coincidence witchman05 cant even confirm his pgp when he came back.after there was a post from him saying he had been busted hugbunter disappears and paris somehow has full control of the servers nah dude this aint right when has an admin ever given a server to one of the mods?
Done with Dread2019-11-18c68422f0
Won't be going back on Dread for a long time. No market admin is going to let anyone access their server period but they did take over Hansa! The claim is Hug has been caught and rolled over probably during the two weeks mia not that he was a fed all along.
pata4isfed2019-11-18be2c1990
witchman yes he disappeared and reappeared with the promise he would verify his pgp but he never did
John2019-11-18df777960
@It's not right: What makes you think HB is American, to give a fuck about the IRS ?
John2019-11-189bf4b700
You guys are dicks, most of you. You start bitching whenever there's a slight problem with Dread and when it's back up you forget all about it and go write crap guess were: on Dread. Nice.
Med3l1n2019-11-194bddfc30
Looks very much DREAD got busted, there are similarias to the Hansa bust in 2k16, first Witchman disapears, ''loses'' his PGP key 2 times, then hugbunter disapears aswell and then Paris has Admins rights? Dread is busted, we all should assume that
Return With Fixes!?!2019-11-1940e596b0
Dread returns with fixes = feds have complete control over dread now.
xxxxtentacion2019-11-195e935d60
i dot know guys i think dread is finished there is noway it not run by feds now you can still buy from me on emptire
Paris2019-11-19717b0840
When did Paris first show up? Was it during the two weeks Hug was mia? Was Paris around before?
Yall dummies2019-11-197edf2f10
Paris been there for a while. He used to be a mod long ago before he got promoted to admin. So much FUD and hate here in comments imo.
Fieldy Monkey2019-11-20ed1f5b40
U must be a noob guy if u think bunter still running dread. Its full of nasty pigs that want to make their food by chasing the wrong people. They all should be kill like comunism!!
Pata42019-11-2030b18c80
Someone fetch this malnourished youth his formula and a Pilate. He's obviously long overdue for a good, old fashioned nap. **Maybe** after he wakes up, loosens the straps on his hockey helmet, and has a juicebox- he'll consider reading the whole message and infer the actual position I took. Have never even once spoken with Paris. ...and to be accused by someone who prays at the altar of subjectivity! For a (self-)certified pattern recognition, and type~~hand~~writing analysis expert, you sure are a special kind of slow. Fucking dunce!
Katchup2019-11-2056125910
Every time I tried using dread it would take me back to home page no matter what I clicked on
pata4iscop2019-11-2072ddc520
stop spreading fud pata4 we know you are paris and you work for le only a fucking retard would believe dread is safe what the fuck are you talking about juiceboxes for are you autistic or something? Lets set the record straight 1 hugbunter has been arrested by fbi 2 witchman has been arrested in the us and had his acount taken over 3 paris is a fed plant anyone who says otherwise is just spreading fud we all know dread is run by feds but we need to spread the word people.
yes2019-11-20f64c50c0
I am starting to come to the conclusion none of this makes any sense i mean how does paris have access to the servers anyway if he is just a moderator?
alternativetodread2019-11-2022422150
where do people go if they dont want to use dread anymore the hub is shit and envoy is cringe
Pata42019-11-20dff157d0
@Pata4isacop It's difficult to determine whether you're actually dumb enough to not deduce I was suggesting it has been operated by law enforcement since its' inception, or if you're some 400lb freakshow ala Penismith. Have you lost your adopted mother's jitterbug again and passing time here at the library public access point since you've no way to congregate amongst your own on LiveLinks!?
TheEconomist1(i love him but am not him)2019-11-25e7f351a0
So... Instead of fear mongering heres what you need to do - and I've been around since the early sub days several years ago and have seen way worse things happen (like AB and of course one of the worst, all the subs including main getting perma banned) and at that point our backup plan was based on the 4 people who used Avengers and me and W2C who placeholdered a lot of Voat accounts to ensure that they were verifiably obviously given to who they belonged to if shit ever hit the fan so people wouldn't be entirely left in the dark out of nowhere… Dread was cool, I never was into it yet I admired Hug from his work around the times of the demise of AB and Hansa and I am to have been apart of ensuring the community would come back together despite the obstacles that are enforced by dudes with gun at your head. I faded out right around when Dread saw a peak user registration and people were ecstatic to be able to reconnect to old faces. I was tired, as many will attest active members of this community dedicate hours on hours to answering and helping with the same problem we've posted and helped people with 100000 times over without fuss (usually) because opsec is paramount and if people didn't feel like they could comfortably post in order to get help with security issues and flaws then this whole thing that we love so much would become a hellish version of its previous self. Without a community that acts as basically a representative and homogenous republic where there are lurkers, those who only give, those who take and those who do everything in between we would be paralyzed by easy to spot honeypots, exit scams and the shittiest people getting away the shittiest things for as long as they choose. I say all that to say, while from all public available information, and some not so public, but definitely not insider information, that several team members concur with the diagnosis of what happened to the servers. A couple of skeptics felt a little puzzled by this answer and their exact phrasing which led them to make an important discovery, while they do say that Hug did tell the truth about what we are left with now and pretty much the data he said (I question this as well but I'm no expert) they DO NOT know why this happened and this "critical point" which according to Hug is where the camels back broke doesn't seem to check out with the people who know about darknet markets but more importantly a lot of the only semi-private information given out to the few trusted members out there. Jeffrey Epstein did not kill himself. From what I see, and this is an opinion that you should fact check yourself and not just trust blindly, something weird happened and Hug got stung by one of the several dozen people he has exposed and white hat over a recent period of time. I'm not a developer, I do not know how a hacker just bricks "two weeks" of data and not other info or any longer term storage with an attack method that I'm explained maybe one of the only possibilities for the alleged breach. I wish that people aren't afraid to use Dread when it comes back, because I know that the people(s) behind the alias did not get burned nor turned but clearly one can never been truly known when it comes to anything on any of these platforms... On top of that I have the understanding that a relaunch will be here sooner rather than later but I keep getting told to ignore the timeline promises and that its still unknown. One individual stated its very likely that we will see at least a soft launch by mid next week but this person was also under the impression that Hug has created the correct conditions to ensure the integrity of the site without even a soft launch yet there was early talk of this when people were going crazy but may have been scraped for security reasons (last part unconfirmed conflicting reports, not drastically conflicting just because of the process by which Hug broadcasts important confidential information to people the people who NEED to know). The core issue here, which is the easiest thing in the world to solve is to use proper OPSEC when accessing dread and ANY site INCLUDING THIS ONE at all times! Proper OPSEC isn't what you think is okay or just because you lurk who cares they wont see me, no no no, if you aren't using proper, thorough and peer reviewed (not invasively I just mean by listening and discussing with people who verifiably know what the fuck they are talking about, so clearly not some random person, don't ever download or travel to any site they ever ask you to go to especially on the Clearnet, even if its a reddit link ask for search terms for google so you can pull it up yourself as ive seen people be like OK lemme get this great opsec package and ends up instead with a false sense of security and a nasty RAT that will fuck your life over. Dread isn't even a market, you shouldn't cross usernames/passwords/aliases under any circumstance, and as long as you are not a complete and utter tard you should know never to have any identifiable information posted or messaged and that with proper OPSEC leads to the possibility of Dread, even if they flipped the whole fucking thing, you will not be affected and still able to connect and read discussions. Things to look for when the site is back up, signed messages from Hug and Paris that should be able to be requested at least once a day at anytime for a week or two to cement that fact at least, Hug's writing style which because I have studied this topic for many years of my life can be easily damning one way or another despite even the feds attempting to replicate him, other than that im guessing if you are still reading you may or may not recognize the power behind this mini essay and with that being said you need to source as hard as you can to get each and every link to all used forums and markets and hardcopy them, especial emphasis on the forum part as your best weapon against getting honeypot'd is cross referencing several times over. The government sucks at what they do, everything they do is sloppy, they leave clues, the fent ban right as the AB and Hansa train began to derail immediately sounded all the alarms in several deep communication pathways and combined that with a couple other clues we dug up using some old fashioned research and some autistic dissection of the tiny bit of info we were privileged to caused the first mentioning of the dark road ahead when it comes to those two once glorious and respected markets even though these people where restricted in many ways on how that info is allowed to be disseminated to the masses or risk being not only ostracized and removed from their passion and hobby but also put a target on their back which best case scenario is an arrest warrant and worst case being kidnapped and... by the cartel , and to circle back that which was allowed to be said unfortunately wasn't in the form of "both markets are flipped, many have been pinched and they are just getting started... burn burn burn" but other less explosive but fairly scary issues that should have drawn the connection in many heads which I personally believe it did (well that and W2C's dedication to ensuring that everyone understood all of his hatred towards AB lol). Dread will be back, and whether it'll will be used is yet to be seen but the decision will be obvious very early on as W2C knows more than just about everyone plus some and he has a special way of ensuring people are inundated with what he believes to be safe and unsafe and for years now, its his way or the highway. Its worked so beautifully that I get a little bad about the defamatory flack from knuckleheads like me when W2C came out of the woodworks to as we all know now, to be groomed by Econ to lead us all into the future as very unfortunate things in his life made the added stress unbearable and more likely than not impossible to continue without help and eventually at all. Look towards for input and guidance, but hes not saint and just a man who can also be flipped, compromised, extorted and/or bought like any online persona can be so that should never escape your mind and its futile to just listen to what dude anyways. If you don't understand PGP and why YOU need to be verifying upcoming messages then the easiest way I can explain this is that not only is it one of the easiest opsec upgrades one can make within like 3 minutes and MAYBE a 10 minute walk through via youtube and will allow you to be fact witness that regardless of opinion at least the person behind the message is more likely to be the same person than if it checks out and is consistent (duh). Next, don't accept PGP changes even with a signed handover, people who are in the upper echelon circles take PGP seriously and are very good at knowing the right time and place to do something like that and until further notice now is not the time whatsoever. Finally, be thankful that you hopefully had half a brain and have no identifiable info on dread (you would be a retard) and frankly more importantly not in any messages to higher profile accounts and from here on out spend an hour some day when your high and bored to become a PGP wizard and understand why its like the first amendment, without it or without an analogous system this would make this whole thing the most well, probably exist in a very different and higher risk sphere where transaction success rates would be most likely favor the feds. Back on sr1 there would be peoples everyday emails (including school ones, wtf lol), and aliases used all of the over the place and lots of users one way or another putting plenty of identifiable information including their name to anyone who could just open the site up, but they have an excuse YOU DON'T! We've been there MANY TIMES we've done this MANY TIMES we've come back MANY TIMES and the feds have tried this tactic to break and spread us apart MANY TIMES and we know for a fact that this will happen AGAIN MANY TIMES. The most elegant thing is that as we (as a community) spread information, inform users and make things safer first and simpler second which has turned into a pretty decently well oiled machine that gets jammed sometimes but is up and running just fine for many orders of magnitude longer than the downtimes. Stay safe, don't stress, break for a couple days, ive seen takedowns and complications of huge factions of users frequent like we are seeing here and obviously way grander during times where we had 1 not so well known pathways to communicate for some time yet here we are and yes its bad for a while but while the dust starts to settle better and better duplicates that improve from lessons learned from those who have bee less fortunate over the years start to crop up and the process keeps going. Its a cycle though, expect this, if its a governmental agency they don't just take out two weeks of data unless Hug really is as good as the talk is and only had that small amount of information (that could be just as damning for many people don't get me wrong) somehow wiped, and even if he did repel them, that was a message - Shut down so we don't suicide you and your servers. Which Hug could careless about because he knows that stability is what we need to continue to climb the normalcy and relevancy factor which is basically a rebellion from an oppressive government and a way to safe hundreds of thousands lives from brutal murders, lifetime sentences for having addiction related mental illnesses that will never be treated, torture, and the harsh reality that drugs at the end of the day have been "used and abused" for as long back when early on when evolution finally flourished a bipedal way of life. This is long and unreable for the vast majority, that's fine no TLDR needed, just chill out it'll be fine, for those who read and know me you know whats up and just stick to standing up for whats right no matter how many bots or how many losers pick you apart, and for those who read and don't think they know who I am or may not be then remember I'm a person and have biases, opinions, prejudices and preconceived notions about many things from being surrounded by it for a really solid portion of my life, but I hope you parse whats rational and logical in order to improve your experience and safety for all those involved. One thing I want you to see if nothing else is as followed: -------------- GET YOUR OPSEC IN CHECK YOU FOOL. People who do whitehat activities and what not constantly review, refine and publish the most cutting edge and virtually free procedures to make your footprint invisible. Before worrying about Hug's OPSEC and site security (might want to discuss something you are knowledgable about as there are a dozen things on the top of my head that reformed and revolutionized the birthplace of a family that is related via their desires and empathy towards others) and all of that without comprising nearly every feature you could possibly need to make the use feel like muscle memory. And ill say it because its not said enough, OPSEC on sites like say, this one we are on now is in my opinion way more dangerous to especially discuss without being completely obscured, tor is ok for security if you are being investigated by an 8th grader but you are silly to think that the all US federal departments have methods for de-anonymization that can consistently work and not be detected for long periods of times, and you better believe these methods and tools have been spread with all her allies and therefore theres tens of thousands of people who have an entire terabyte of applications and procedures to ruin each and every one of your lifes if they so choose. Don't just work on it blindly, use the DNM Noobs Bible as it has been continuously updated for as long as I can remember by people who A) who up to this point have never been pinched and B) have their information easily not only tested in the real world but reviewed, cross referenced, refined, critized, and made as accurate at the time of creation as humanely possible. If we somehow we all were compromised the DNM Noob Bible would be gone out of thin air, but luckily a very smart group of classy and humble insiders have now and are now working on a tried and true method to solve the whole disappearing act that seems to be growing in popularity and leaving gaps in not only our history but our knowledge base, understand history has and ALWAYS will repeat itself. I wrote this because I smoked a really nice joint, and am sad how the stress is starting to cause tensions to flare, although to most of you i'm just a weirdo typing a wall of text on a site that is johnny come lately, I hope you has some clarification or are given some hope. I always find that looking back at what we've been through and discussing it brings us closer and makes so much more resilant as in my opinion some of the worst attacks currently possible were propagated and we ran right past, it will be some time before we see something other than takedowns, takeovers, comprising, denial of service, coordinated shilling, scattering the community, honeypots, or just general tom foolery because we have their number and simply put have a passion and are driven by some higher power and not driven to this cause by money which makes us impossible to squash. STAY STRONG STAY SAFE. Keep fighting the good fight and I wish the best for everyone feeling heat from the Dread dilemma
this is strange2019-11-17cf770960
i think something is up this isnt like hugbunter