Ok, so I want to make a website that sells certain things that when abused can be highly illegal. My friend has a degree in computer programming (CPE & CSC) that can make me anything I want but I would like to know what I should do in order to keep myself from getting tracked down by the feds

Move to Amsterdam and sell it there.

Get some bulletproof hosting (http://en.wikipedia.org/wiki/Bulletproof_hosting). Then disguise it by having the main/index page as some bogus shit. Like a tech blog or something. Anything completely unrelated.

Could also use certain browser certificates/SSL etc.

Host it from your house on a system you have locked down to hell and back. Make it available only as a Tor hidden service. Don't allow the webserver access to any other machine other than the one running the Tor daemon. Run the Tor daemon in a chroot or jail on a secure Gnu or BSD system.

At this point, they have to hack through your webserver, out of the chroot, get to root on the webserver, and then find a way to exploit the Tor daemon and get onto the other box. Not really likely you'd miss all of that.

Everything imaginable is legal in at least a handful of countries in the world. Unless its CP - which I hope it isn't - you can lease a server based in that country. I'm trying hard to think of something that isn't decriminalised or at least un-policed somewhere in the world... Never become the big fish and you won't get fried...