Perhaps the most interesting point is in the last paragraph:
> Moreover, the deep web’s denizens will continue to adapt. Jamie Bartlett, author of “The Dark Net”, predicts: “The future of these markets is not centralised sites like Silk Road 2.0, but sites where…listings, messaging, payment and feedback are all separated, controlled by no central party”—and thus impossible to close.
I know some work along these lines has been started with e.g. OpenBazaar, but it may be a while before they are seen in any large scale activities - maybe another five years still until they are at all commonplace, or even available to the general public.
At this point it is stable and can be used to run a store via Tor. The last of the core system (arbitration and notary) will be completed by the end of the year.
I've been following the dark net markets subreddit for a while because I'm fascinated by that question too. The consensus there seems to be, surprisingly, that having the authorities connect your address to illicit activity isn't that big a deal. When I've suggested that such association would constitute probable cause for a search warrant and hence anyone who's clearly exposed their address by communicating it unencrypted to a drug dealer should consult a criminal lawyer and henceforth keep their house clean of evidence, I've been downvoted. It really surprises me that people are risking their liberty this way.
You've likely been downvoted because you misunderstand how it works.
Only idiots are communicating their addresses unencrypted - PGP encryption for addresses is standard. So the only way for your address to be matched to your dark net activity is if a.) the person you are buying from gets busted and b.) the person you're buying from doesn't destroy the address after they ship the package.
There are reputation systems on most sites. Unless the site operator was in on it or they were actually providing product, they would not get a lot of addresses.
This is a good point. I've also heard stories of cops busting people and then forcing them or strongly encouraging them to leave a review to keep the ball rolling.
Who says they have to bust you immediately? How long-term can a sting run? Why not collect addresses for six months, and then wrangle up hundreds of purchasers?
That's what I meant with having to provide product. If they don't deliver they will receive bad reviews. I do not know if it is legal for American law enforcement to sell drugs, though.
This would be a U.S problem then I guess. Most places in Europe don't allow entrapment, and policymakers typically have the sense to target dealers vs consumers anyways.
Also in other countries (like Canada) police don't even care about drug use as it's not illegal. So purchasing grams of a substance wouldn't even be worth a raid as they'll not find anything to charge you with and the fallout would be greater than the reward.
The political fallout in Canada for running a raid where nothing is found is massive. Warrant mistakes have landed police agencies on the front pages for weeks, if it came out they were doing raids based on next to no police work, not only would the police be under fire but the judges would be too.
As someone who is well aware of being hopelessly clueless regarding discovering even the most simplest of illicit transactions to save one's own life, I was wondering how people find out about new or existing dark-net markets beyond nebulous "word of mouth" scenarios one sees amongst the "old guard" "Liam Neeson"-type gangster characters in film.
This is something I've been curious about as well. I would love to be able to wander into such places as a lurker to see exactly what is going on. Are things as horrible as the popular media leads us to believe or are things far more banal.
However now, with the revelations of the past year or so, it seems like the kind of thing that is risky to try and discover until after you learn tradecraft and how to protect your identity while exploring darknets.
If you're just lurking then you're committing no crimes, and sure if you've ever even googled "Tor" or "Tails" the NSA will have you marked for it anyway. [1]
I decided to fire up Tor and have a look at the places mentioned in the article, having previously browsed (but never used) Silk Road before it was busted out of similar curiosity.
They're basically as described. It's fairly disturbing that these exist. I don't mind people buying and selling drugs, as people are going to do that, but on these same market places people are selling identities, fraud equipment (POS and ATM skimmers), stolen credit card details, funds from hacked accounts and, most disturbingly, weapons.
The weapons are by far the worst aspect of it. There's listings for everything from 3D printed guns through to modified AK47s that are now fully automatic. Worst of all, there is materials listed for making explosives, as well as components like fuses and switches.
I hate to think of whose hands these things end up in.
I don't think there's much risk of legal trouble from accessing markets for research purposes, as long as you don't actually buy or sell anything illicit. Also, the level of tradecraft required to securely browse a website with Tor is pretty low - just boot to a Tails LiveCD.
Using a properly configured, Tor-enabled browser/OS is the first step to protecting your identity, not the last.
You still have to compartmentalize your illicit (or, in the case of research, simply suspicious) activity from your day-to-day computer activities, rigorously.
Tails helps you do that... If you want to go trough tor, you have to boot the live cd. Of course you can still blow your anonymity by torrenting or accessing gmail at the same time, but it helps.
Thats partly what I'm getting at. When you start down the path of maintaining a real-life identity and a Tor identity, it becomes increasingly difficult to avoid contaminating one with the other.
But I suppose for the original, "read only" purpose of perusing dark markets, Tails may suffice.
You could also use drop box services like Parcel Motel and maintain a degree of anonymity through it. Depending on how well you set it up, the only real chance of being caught is if the package was found in transit and the authorities decided to essentially set up a sting on the drop box and wait for you to collect it.
However, for recreational consumer use, you're talking quantities that absolutely could not justify such an operation. The value in such an operation through a traditional drug dealing network would be that the person caught could serve up information on who they got it from. When you're talking about buying drugs anonymously online, none of that information will be available.
In Germany, DHL is offering what in the US is known as Amazon Lockers. And they got hacked and used for drug trading.
After the money/bitcoin transfer you simply got the access code and could get your drugs like from a vending machine. Though they somehow got busted.
I would imagine they're also all in places with 24/7 video surveillance. The Amazon lockers here are in 7-11 convenience store, each of which has more video cameras than a fleet of drones.
No not necessarily. I use PM a lot here in Ireland, mainly for things that only have UK shipping available, or free shipping to the UK but not elsewhere, etc.
PM is €3-€4 for a standard package, so what I'll regularly encounter is things on Amazon that are free delivery to the UK but quite a bit more expensive than PM to be delivered to Ireland.
Things also seem to ship through PM drastically faster than through the normal postal service.
That'd just be more suspicious than regular deliveries. Your mailman might think it odd that you are receiving packages for different names at your address...
I've never lived in a house which didn't regularly receive letters for at least 5+ people who previously lived there. I'm sure your mailman nor any intelligence agencies keep notes on mail arriving with a different name.
Actually, since the NSA disclosures showed that they often photograph postal envelopes, I'm pretty sure that there are databases of names and addresses somewhere...
But you make a good point - if you are going to invent a name, you should probably choose one of the previous occupants.
If I were going to make such a purchase, I'd just have it shipped to a made-up name 'c/o' another address, e.g. a friend's apartment. With my friend's permission, of course.
There is plenty of extortion attempts, not for narcotics but for weapons sales many of those listings are criminals who will threaten you once they get an address according to their market forums. Buying a gun online isn't really necessary, here gangsters pop down to Arizona and buy any gun they want on craigslist or local classifieds for cash in a parking lot, then mail the gun(s) in pieces camoflauged with spare bicycle parts back to themselves.
Most buyers on these sites are using some kind of drop, like a virtual office that accepts the package then forwards it or they go pick it up.
That will depend on the drug. If you're talking about heroin or crack addicts who've to essentially approach random people they don't know, then yes there is obviously risk associated with it.
However when you're talking about recreational / party drugs like marijuana, MDMA, etc., these come through large distribution networks with an inherent level of trust and common cause to minimize risk inbuilt. If you, for example, wanted to get some marijuana, you'd probably go to a friend that you know smokes it, because he clearly has a source for it.
You'll go to someone you feel you can place some level of trust and confidence in, and likewise they will go to, or direct you toward, someone they place a level of trust and confidence in.
Every actor in that scenario is seeking to minimize their risk. The consumer will use caution in who they deal with and likewise the middlemen or distributors will use caution in who they deal with.
This will be underlined by the fact that low level recreational drugs dealing isn't a massively profitable activity. Only further up the distribution chain, far away from the end user, will profit rise and with it, risk.
I personally cannot fathom buying drugs from someone totally unconnected online. The odds of you ending up buying drugs from a police officer when you go to a friend of a friend, versus when you're buying them from a faceless entity online are incredibly different.
You do make excellent points on the more recreational side of things. To be honest I wasn't really thinking small amounts - I had an assumption that people were buying in wholesale amounts on Silk Road and the likes
Most of them don't. They use a drop, or a combination of other methods. One of which is find a random street person to walk into a UPS store and grab a PO Box and pay for the month. At that point you have an "untraceable" box. When it is time to do the pickup you can do it yourself or pay someone else to do the pickup, choice is yours. I am not a buyer on any of these buy from reading these posts long enough I know of at least 5-6 other methods where you never have to use your own address and as long as you deal in small quantities never get caught.
Pick a house you believe to be abandoned or at least temporarily empty. Make up a name and have a package sent to that name at that address. Carefully go get the package or pay a third party to pick it up and bring it to you. Not my cup of tea, but it doesn't seem too hard.
In John Markoff 's 2005 book What the Dormouse Said: How the Sixties Counterculture Shaped the Personal Computer Industry (even the book's title is from a hoary old Jefferson Airplane track) he reveals that the world's first online transaction was a drug deal:
In 1971 or 1972, Stanford students using Arpanet accounts at Stanford University's Artificial Intelligence Laboratory engaged in a commercial transaction with their counterparts at Massachussetts Institute of Technology. Before Amazon, before eBay, the seminal act of e-commerce was a drug deal. The students used the network to quietly arrange the sale of an undetermined amount of marijuana.
To clarify, you need a Google account for providing service to the network, but it's not required for starting instances. Instance starts also support dynamic callbacks, so you can bounce the start off StackMonkey to another instance that provides credentials and provisioning info. There's a security brief at the bottom of the readme: https://github.com/StackMonkey/utter-va#security.
The pool is intended to function as an aggregation point for the instances. There should not be a way for a bad actor to use the pool to affect appliances or compromise instances. And the code is Open Source under the MIT license, as all infrastructure code should be. If you find an issue, please open a ticket: https://github.com/StackMonkey/utter-pool/issues
Appliances create addresses and map them to instance templates. Appliances send those mappings to the pool where they are placed in an NDB database used for searching. Users can search or have prior knowledge of an address to get instance addresses. Appliances listen to the blockchain for payments sent to the address and make instance starts based on those payments. Before an instance is started, the pool may send data to the appliance to effect provisioning tasks. Alternately, a callback URL can be returned, which is then used to 'bounce' the provisioning request to a third party site.
Note the pool never sends a start request directly to an appliance. Instances 'time out' when they run out of time, but that could also be done using another payment to another address. Provisioning requests are probably the weakest link currently, but we have plans for dealing with that shortly.
It is rather naive for this writer to assume that things like online reviews will work or continue to work for these illegal sites. Why do they believe that illegal drug sites will have honest reviews when even yelp, which is supposed to be completely legal and reviews completely legal businesses has obviously manipulated reviews. Of course people will eventually start padding their ratings, and the websites themselves will start manipulating ratings.
So this is not some panacea for getting higher quality drugs. It is not even something that will ensure your safety from the police. As I have mentioned before, the police can get you online the way they usually get you -- by having an undercover police agent pretend to be the seller. In fact it would be much cheaper and more effective for the police to collect addresses from an illegal drugs site than the dangerous and tricky business of using undercover agents on the street.
I think the economist is being very disingenuous by cheerleading for these online sites. These are not safer from police or drug purity standpoint.
Regarding the reviews, I haven't been on these sites but I suppose that they would only allow buyers to make a review.
Even if sellers cheat and create fake transactions to be allowed a review, people who are not happy with the service will still leave a bad review.
So because reviews are not under the control of the seller, there is a high incentive for them to be honest.
Don't think of it as yelp, think of it as Alibaba/AliExpress.
Sellers can always cheat, but it's harder and the risks of being booted off the site if you are a crappy vendor are higher as well.
> It is rather naive for this writer to assume that things like online reviews will work or continue to work for these illegal sites. Why do they believe that illegal drug sites will have honest reviews
It is rather naive to call that 'rather naive' given that the black-markets have functioned well since January 2011 (so, coming up on 4 years soon). I don't think it would take scammers 4 years to realize that reviews can be faked.
> when even yelp, which is supposed to be completely legal and reviews completely legal businesses has obviously manipulated reviews.
Yelp doesn't control purchases of services and take commissions and only let buyers review, so it's in a different position from the operators of a black-market.
> As I have mentioned before, the police can get you online the way they usually get you -- by having an undercover police agent pretend to be the seller.
So why don't they? Why are they ignoring the infallible wisdom of the great hristov?
Also worth noting the reason Yelp's reviews are obviously manipulated is that a lot of Yelp's money comes from people paying to be able to manipulate the reviews. Not hard to get better review accuracy than that.
There was a group of folks on Silk Road buying lsd from various vendors, running gas chromatography, and posting externally verified purities and reviews. I'm sure the silk road people will coalesce on some other site and someone else will do this.
Remember when you're buying anything but pot or shrooms through the friend network you don't know what you're getting or how stepped that coke is.
edit: Also, these sites directly observe transactions plus financial exchange. That gives them a lot more tools to detect straw vendors. What lengths are local cops willing to go to to catch people buying personal use amounts of drugs, particularly when anyone can claim their house was used as a drop address.
Virtually nobody has been prosecuted for purchasing drugs on silk road; the only limited attempts so far look to me to be attempts to build cases against the vendors [1]. The guy in that article has purchased narcotics from someone in Washington.
> Why do they believe that illegal drug sites will have honest reviews when even yelp, which is supposed to be completely legal and reviews completely legal businesses has obviously manipulated reviews.
Because anyone can write reviews on Yelp, but getting privileges to write darknet reviews is fairly difficult. And IIRC if anyone who you invite into the review system tries to astroturf, then you and everyone else you've invited automatically get banned also.
> the police can get you online the way they usually get you -- by having an undercover police agent pretend to be the seller.
Except this method doesn't work online because they can't prove you are the one who ordered it.
Anyone can order illicit material to any location and with any name over TOR. Without corroborating evidence, no court would convict purely on the involuntarily act of receiving mail.
> Moreover, the deep web’s denizens will continue to adapt. Jamie Bartlett, author of “The Dark Net”, predicts: “The future of these markets is not centralised sites like Silk Road 2.0, but sites where…listings, messaging, payment and feedback are all separated, controlled by no central party”—and thus impossible to close.
I know some work along these lines has been started with e.g. OpenBazaar, but it may be a while before they are seen in any large scale activities - maybe another five years still until they are at all commonplace, or even available to the general public.