This is a great article, I love reading stuff like this that goes into detail into interesting and unusual lives, whether criminal or not. Is there any collection of similar articles, related podcasts, or particular stories I should check out?
The host is masterful at divulging the right amount of technical detail to keep both casual and tech savvy listeners engaged. He is also very good at finding good topics and getting hackers to talk on the podcast.
I'm more at contemplating what level of "kingpin" could run technical operations that tight and also move a buncha drugs. I think the stress might ruin my stomach in a week.
Along the same lines there’s a German show (on US Netflix) called “How to Sell Drugs Online Fast” that’s loosely based on the true story of a teenager[1] who started an online drug business from his bedroom. It’s pretty funny and a bit Silicon Valley-esque. There’s also a documentary where he’s interviewed. I think it’s called “Shiny Flakes” which was the name of his website.
Like snoop from the wire using her profits from a (fictional) west baltimoreheroin selling conspiracy to,in fact, establish a west Baltimore heroin selling conspiracy.
Wow, there's a blast from the past. Here's another piece [0] by Ratliff about trying to go off the grid while orchestrating a manhunt for himself. It scratches the same spy-crime-opsec itch that the other links in this thread do, and left a lasting impression on 8-year-old me.
> This section tries to be as operating system independent as possible
But if you are going to interact with Tor and setup hidden services, Whonix[0] is your best bet. The idea behind Whonix being that even if there's some javascript-based 0-day that tries to decloak you, it can't leak your naked IP, because it fails closed and everything is routed through Tor.
Huge difference. Whonix consists of two VMs, one where you actually work and another which acts as a "router" sending all of your traffic out over Tor.
Code running in the work VM can't leak your IP even with root access.
The dual VM part is the essential difference - if someone were to gain root to your Tails installation with a zero day they could decloak your IP. If you are running whonix that is not possible without also breaking out of the VM into the hypervisor.
This is a meaningless statement. Just because there is no way to log into the root account doesn't mean there isn't a kernel that treats uid 0 specially.
where is a good place to discuss current and proposed Tails OPSEC
most of the stuff I find on Tor is very outdated, still enough relevant to piecemeal some decent OPSEC, but being able to bounce ideas of people objectively seems to be lacking - or I don't know the communities
there is the tor reddit page, but reddit is periodically hostile to tor connections. dread on tor is often down, so thats annoying, but I found onion services within tor often had the best information on using tor
> Huge difference. Whonix consists of two VMs, one where you actually work and another which acts as a "router" sending all of your traffic out over Tor.
Honestly, it seems like it'd be safer just to run two different machines. IIRC, I saw some instructions a long time back for turning a small travel router into a OpenWrt-based Tor router.
That can be much better, but you should take care to not get deanonymized based on your hardware serial numbers. Less of a concern when working with VMs.
>If you want to have some fun at the expense of business in the short
term, intentionally take your service offline periodically in order to
mess up attempts to match your downtime with public information
Wow, I would have never thought about that to use public-downtime to find/match your service.
It is also a fantastic way of knowing where the owner of the site lives and their daily routines. For example, if the site owner is doing maintenance 03:00 GMT, they probably are in Europe. If they are active during only evenings in Americas, they probably live in somewhere in America and has a day job or they study.
So, activity hours and maintenance hours can be used to pinpoint the timezone of the owner and their daily habits. Randomizing every bit of information is important.
> So, activity hours and maintenance hours can be used to pinpoint the timezone of the owner and their daily habits. Randomizing every bit of information is important.
Or injecting disinformation: pick a misleading timezone, and only connect at times compatible with that timezone (e.g. 03:00 GMT is 11PM EST). Though that might not be compatible with making all your connections from unconnected locations (not many coffee shops/libraries are open that late).
FWIW we don’t know if Satoshi remained anonymous. We just know that he wasn’t conclusively identified by relatively unsophisticated internet commenters and journalists.
OTOH there were many times when Satoshi connected to IRC with non-Tor residential IPs, it’s possible that deanonymization was just one subpoena away.
Yep, it's survivor bias to assume Satoshi's methods were effective, because he could be incarcerated or kidnapped or traced with his methods and it would not be general knowledge.
No, that either they didn’t identify him as a threat, or that he was a fed all along (in which case, fair enough, the feds also invented Tor, they do cool shit occasionally).
Speaking of time-matching you should also avoid starting a publicly observable spike in Tor-related activity just before the date your new Darknet service goes online.
Do we have enough info to even pinpoint this type of data to him (or her) ? I was under the impression the links were nebulous at best. But I do not know that much about Satoshi
This is super interesting, most writeups I've seen similar to this focus more on hardening the server itself and not the adjacent OPSEC necessary like TOR best practices or hosting strategy.
. . . and of course, if you already have a lucrative clean-money life, there's not much point to risking it all to get involved in dirty money activities
It seems the best way to do it would be to be sponsored by the FBI or whatever in your country - use your expertise to setup a honeypot system with their prior knowledge and you'll feed them data when it is setup... they get info feed to collar criminals, no cost to their budget, are they going to care if you make your cut along the way?
[note the "It seems" — I have zero experience with what the FBI may or may not require for such an operation]
There’s nothing stopping the feds from double crossing you though. You could be the leader of a sovereign country and they will literally invade your country just to arrest you. That’s how they did Noriega.
NFT is just digital art fraud. Fine Art is often used to transport millions of dollars across borders. NFTs are `probably` used in a similar way.
We make a deal via some marketplace. Doesn't matter. We agree on a price and an amount, and some other specifics.
In a different marketplace, you offer up a jpg of a monkey. I offer thousands of dollars to own it.
In the real world, you ship me a big box full of dope, and email me a hyperlink to a jpg. I send you bitcoin, and all of a sudden, we're both legitimate actors in this little NFT art biz.
If someone sends you $1M in Bitcoin out of the blue, that's very suspicious. You didn't earn that and the tax man knows it. If you make a goofy picture of a frog and someone "buys" it from you for $1M in Bitcoin, that's just the wacky world of NFTs, and the government will have a hard time proving that that wasn't a legitimate purchase.
It's not convoluted at all; it's actually pretty elegant when you get down to it. It's almost enough to make the entire NFT phenomenon make sense.
If you have $200,000 in ETH, you can sell yourself a $200,000 NFT. Externally it looks like some anonymous person gave you $200,000 for an NFT, rather than you just trying to legitimize illegal cash flows.
Or alternatively, you can double your net worth, because you go from having $200,000 ETH to having $400,000 ($200,000 ETH and a $200,000 NFT). This can then be used to fool naive lenders (or buyers) to giving you money at a fraction of the amount the NFT is worth, which is still a net gain for you.
If you're buying NFTs like they're legitimate "art" and not aware that NFTs exist for these purposes, then you shouldn't be playing the NFT game.
Really, it's about not drawing attention to yourself. You can probably buy a Tesla if you also have a regular job, just don't buy it in cash. That cash transaction may be reported. Act like a "normal person" that has loans.
I know I should never do this but if I ever get semi rich I legitimately do want to walk into a nice car dealership with a suitcase full of real cash handcuffed to my arm :-D
Meh... they'll secretly get upset with you. Plus it is much smarter to pay for it with a credit card and then pay the card off. That way you can get those sweet sweet rewards points...
At least in the UK, they might not accept it. I believe there is a limit to what you can spend in cash at places like car dealere, art houses, jewellers etc. I believe it's about £9000.
Crime doesn’t pay. If you look up earnings of US mafia members you’ll find that your average organisation has few people on top making ton of money they are just sitting on because its dirty money they can’t easily launder or spend, with under-bosses making middle-class money and everybody else scrapping by, with their possesions being in illiquid assets that are hard to turn into cash in time of need like stolen goods (electronics, clothes, cars etc. ect,) or property shares.
I guess my point is that crime is like being an actor. Only the 0.001% who hit it big do better than they would have as an engineer, doctor, lawyer, or MBA.
I think that is probably what most people expect - and what most Mafia bosses would want. If your underlings dont make a ton of cash on their own and are reliant on you for nice stolen goods, illegal apartments where they can (relatively comfortably) live, etc etc then they will have more trouble leaving the mafia life than if you just paid them a decent wage.
On the topic of darknet markets, I keep thinking that a darknet gold/hard currency market would be way more interesting than drugs. It would provide a way to convert crypto to real world fungible assets outside of the exchanges. Wonder why it has never been done.
There have always been vendors on the markets who have purported to send you cash in the mail for your bitcoins. Several vendor arrests have been attributed to theses vendors being government agents (or to keeping customer records that were discovered after their arrests).
It's much more difficult to cloak, because the transactions are necessarily tied to a physical address. If you're okay with being identified, why not use the legal markets? If you're not okay with being identified, you probably don't want to leak a physical address.
I struggle to think of useful ways of cloaking the physical transaction. You can have it shipped somewhere you don't live, but then you have to get there to pick it up, probably leaving a massive trail of GPS data and gas receipts.
I wouldn't be surprised if shipments of gold or cash raise eyes at customs, either.
I think what OP was trying to get at is that a dark web crypto exchange would not offer any benefit over a clear web one (both need to know who you are to send cash).
Meanwhile, there simply is not clear web drug store, so dark web ones don't have to offer anonymity to their buyers
Required to buy, the seller is at higher risk and wants to be anonymous and does not need to provide an address to fulfill orders... same goes for the host of the hidden service
You are probably better off just using Craigslist and finding legit Gold/Silver deals to do transactions with in person. Of course you need to make sure to vet them carefully and also check and make sure whatever you are buying or selling is actual gold/silver.
A big misconception that the author and others have is that if two countries don't have an extradition treaty it means that you won't be extradited.
It doesn't work like that. All it means it that instead of you being more or less automatically extradited now a negotiation process starts between the two countries. Put another way: extradition is manual instead of automatic.
Plenty of people were extradited from "no extradition treaty" to US.
> One very important takeaway from this article should be that just because a country does not have a formal extradition agreement with the United States, does not mean that the country will not extradite you.
Yeah, same as the British monarchy after the murder of Charles 2. Or James 2. But they tracked down the killers all the way to America, or so they say. Same with Stalin getting Trotsky in Mexico.
But there's others who never were captured, Hannibal evaded Rome until they almost captured him, but he successfully killed himself so they never got him alive. There's many others on both sides.
They didn't have to look far for the murderers of Charles 2 - very probably the treatment his doctors gave him for his ailments were the proximate cause of his death.
> Keep in mind that the NSA will start scooping up all of your packets simply because you visited torproject.org.
This particular one might not be true but the general spirit probably is. This is why I sometimes do things which a drug lord would do even though I am not one (I swear). It's for the benefit of possible-future me where I do have something to hide.
The correlation of the time where you started using Tor extensively and the time a particular Darknet service started operating? Certainly a possible leak of a few precious bits of those ~30 bits that are needed to pinpoint you.
It's a generalization of the rule that you should not restrict encryption to only those messages that are important.
> This is why I sometimes do things which a drug lord would do even though I am not one (I swear). It's for the benefit of possible-future me where I do have something to hide.
They are a bit more than missiles, as the operator can fly them around, re-target or even call off without hitting anything (I believe they aren't recoverable though).
That's why they are called loitering munitions rather than missiles.
“Add up all the of contracts we know about, and AeroVironment has received at least $105.4 million worth of orders for 1,500 Switchblades produced -- which works out to a unit cost of more than $70,200 per Switchblade. Minimum.”
> You don't want to be like Ernest Lehmitz, a German spy during World War II who sent otherwise boring letters about himself containing hidden writing about ship movements. He got caught because the non-secret portion of his letters gave up various minor personal details the FBI correlated and used to find him after intercepting just 12 letters.
Opsec is incredibly difficult to get correct - especially in the long term. Many of the people who need to be getting it correct do not and the only reason they are not in front of a judge or serving time is simply because their government hasn't given a shit to so much as glance their way. Because if their government actually gave a crap to investigate they'd be found almost instantly. From doing stupid things like sharing photos of their pets to more mundane things like having very obvious hours of activity and using vocabulary that varies spelling regionally (eg: how you spell color/colour suddenly matters) or even worse using regional slang like a bunch of Australian slang.
If you want to be a darknet drug lord my advice is of a different flavor: Don't let yourself become too big. Once a (or multiple) governments are after you it is very likely only a matter of time before you get caught. Not because the government is particularly good at tracking people down or somehow nearly omniscient but simply because you likely had or have terrible opsec and finding you is more trivial than you've led yourself to believe. If you believe they are already looking for you it's time to abandon everything and disappear. Live your life like it never happened and whatever you do don't pass on the torch. Let your work die and be buried and someone else build on top of the grave.
I find DNMs fascinating and love reading about how founders are eventually caught.
> Opsec is incredibly difficult to get correct - especially in the long term
I'd say if you are doing it long term then you are doing it wrong. The longest surviving DNM by far was Dream which I speculate had some nation state backing it.
> I'd say if you are doing it long term then you are doing it wrong.
I agree entirely but it also depends on your threat model. When making my post I didn't have DNM's in mind (though that's the context...) and was actually thinking about the abysmal opsec of many private tracker admins.
Nice try, intelligence agencies. Drugs are illegal but still bought and sold which means the state has monopoly on their trade, while also has monopoly on escalation of violence. Fundamental condition is having plugs in the law enforcement and intelligence agencies. Without plugs one has immediate full attention of law enforcement and of competition.
TIL about doxbin [0], the site allegedly maintained by the author. apparently doxbin hacked The Hidden Wiki and deleted the links there to child porn, in a surprisingly wholesome bit of hacking.
I'd love to play around with like, a CTF where one side sets up a hidden service and the other side has state-level access to try to uncloak it. something that simulates what powers the US has, e.g. red team has a limited number of raids it can do, ability to patch things into network cables or hack routers, while the blue team has several fake cloud providers in fake countries, a Monero testnet etc.
So how do we proceed? I've noticed there is no contact information in your profile (mine lacks that too), so I've made a new public Matrix room: #torctf:matrix.org
reply