I think the fact that Archex.su is ran by Russians and is on the old Soviet Union domain (.su) (Russian Domain is .ru)..scares people. Some people have Russia phobia too, caused by recent media exaggeration, and liberal wag the dog campaigns, in the US. Ignore all that rubbish.
LOL!
No, I'm not scared by Russians, and do not suffer of "Russia phobia", and Russian politics has nothing to do with that.
The reasons why I don't consider the whole system safe is due to the technical details and lack of may features that are the minimum required when real money is involved.
First is the lack of identification details, all of those websites fail in their identification, who they are, where they are, how can contact in case of issue... Would you give your money to someone never seen before just because he says "
I'm an honest guy"?
Would you consider enough that someone else unknown says "
it's a legit business, you can spend your money there"?
I do not, I first do my search, and if I cannot collect enough information from reputable sources, I don't want to risk.
Then there's the Russian site, not because is Russian and one must be scared by
Evil Communist, but simply because is entirely in Russian, a language that I don't know, is not the most spoken language in the part of the World where I live.
Sorry, I don't consider enough a broken translation made with automated tools.
Last but not least there's the final step, that is the most insecure because some technical features that should not even exists.
Assume that I finally get the ShadowCard code, maybe because directly acquired using cryptocurrency (which one is still a mystery), all I have to do is to
give them my ArcheRage credentials!
Seriously?
What kind of service require to give your credential to another service?
Do PayPal ask for eBay or Amazon password when buying stuff?
If you don't consider this a serious security flaw, you probably have no idea about the consequences that similar request can bring.
Share credentials is a violation of most basic security rules.
Just to be clear, I don't think that they are for sure "evil" and ready to steal money, but if they fail to implement a secure connection, they much likely also fail to implement many other important security features to store safely customer's data. That means that there's a big risk that someone else can steal customer's data.