I like how they try and color the site by associating it with sites that sell weapons and child porn.
> It is Hansa Market, currently the most popular dark market in the ‘anonymous’ part of the internet, the so-called darknet.
> ...
> The darknet markets enable large-scale trading in chiefly illegal goods, such as drugs, weapons, child pornography, and ransom software. ... No weapons or child pornography were sold on Hansa Market.
Even if it was -- not all illegal (or wrong) things are equally wrong.
I'm much more okay with, eg, petty theft than murder, and would find it weird if people tried to make people stealing candybars from Walmart out to be equal to murderers.
Except it is completely unequal because you've been given 3 chances to follow the laws of the society in which you live. And because sentencing will still be much less severe than that of murder.
Why not three? This "wide range of offenses" generally applies to felonies, which are grevious enough to be placed into their own category with its own suite of punishments, and it is not entirely unreasonable to apply a singular repeat offense rule to all of them. The fact that the number seems arbitrary to you does not make it invalid.
I am sure we can agree that repeat felony offenders need to be handled specially, and, unfortunately, given the [archaic] nature of the judicial system, laws must be codified and at least in theory represent majority agreement. Whether influenced by baseball or something else, three is the number that lawmakers deemed reasonable, and you have not presented a valid argument against the concept or the number.
Three strikes applies to both violent and non-violent felonies and the example earlier in the thread is for petty theft. Do you consider those crimes to be equal? Are all felonies equal?
Why does sentencing vary but strikes do not? Why is there a "suite of punishments" for these felonies but only one number of strikes?
I never said the concept of strikes is wrong or even that three is the wrong number. I asked why the value is fixed across different crimes because it seems arbitrary. I have yet to see any evidence to the contrary. My question stands, why three instead of some other number?
Do you have a reason for three strikes other than "because that's what we always did" or "baseball"? If those are the only reasons then I think we need to rethink this practice.
Actually yes. But California allows some stupid felonies. Petty theft with priors can be charged as a felony, so, third strike can be shoplifting a candybar, since a third strike for stealing anything can be a felony at the prosecutor's discretion. So, it has to be three felonies, but the third doesn't have to be violent, and "prior conviction" upgrades make a lot of petty third strikes "felonies" in CA that would not be such elsewhere.
There's a big discussion about what's bad about drugs. But I wonder if we can rationally work out what's bad about child porn.
My understanding is that possessing it means you obtained it from someone, who probably wanted some kind of payment, who abused children to produce the material so he could get that payment.
There are quite a few gaps there. What if it was published for free? What if children weren't physically abused but were secretly and anonymously photographed? Shouldn't there be exceptions for victimless child porn?
Of course the dominant factor is people are horrified by deviant sexualities. We're barely managing to accept homosexuality which is probably more common than peadophilia.
> There's a big discussion about what's bad about drugs. But I wonder if we can rationally work out what's bad about child porn.
You're right that this is a very difficult topic to discuss rationally but I'm going to try anyway.
> What if it was published for free? What if children weren't physically abused but were secretly and anonymously photographed? Shouldn't there be exceptions for victimless child porn?
1) Compensation does not have to be financial to be an incentive.
2) Anonymous photography of individuals without their knowledge can absolutely cause harm.
3) Being a victim of a crime does not require knowledge of the crime taking place nor does it require physical contact.
> Of course the dominant factor is people are horrified by deviant sexualities. We're barely managing to accept homosexuality which is probably more common than peadophilia.
You're equating homosexuality to child abuse which puts you on the wrong side of history.
Paedophillia != child abuse. It's a deviant sexual preference just like homosexuality, even though perhaps you think it is more morally wrong to have paedophillic tendencies than to have homosexual tendencies.
I don't think it is productive to strongly stigmatize all forms of paedophillac tendencies, specifically because it reduces the chance of would-be child abusers getting help controlling and/or channeling their urges.
There is some research that suggests higher availability of child pornography (including the simulated/drawn) reduces occurences of child abuse, and although it is of course highly controversial, to me it indicates that it is worth investigating.
As a specific example of what I consider to be a very harmful way of dealing with the (real or fake) child porn issue, is the UK porn identification requirement. No paedophile is going to enter their details when they want to look at loli hentai, so they'd be forced to find some other outlet, for instance by going on the darkweb. Or they end up not doing anything to pacify their urges, which might well raise the chances of them actually participating in child abuse. Of course this is purely speculative, but I don't think these are outcomes you can reasonably dismiss out of hand.
I'm not saying I condone the use of photographic material of minors, I tend towards "90% bad" but really have to think it through more, but I do believe it to be harmful to make hand-drawn or CG child pornography illegal. The "but you're abusing the children without their knowledge" argument doesn't hold water there, and it'd be great if it usurped large swaths of the market for abusive child pornography.
While I believe that western sexual norms are a bit puritanical, the premise behind protecting children with zealous laws is that it is extremely difficult to judge whether child pornography is truely victimless, even if you believe that harm from childhood sexuality is overstated in modern society. Because of the power imbalance between adults and children, and the permanent effects that abuse can have on children, it is reasonable to err on the side of caution and keep all child/adult sexual interactions illegal, and reduce demand for such interactions by keeping pornography illegal.
As an aside, I am curious as to the reason you are being down voted, besides your audacity of expressing an unpopular opinion.
Short of presenting data I think you're making a bit of a leap to say that pornography encourages some undesired behavior. It could easily be argued either way.
I tend to agree with "better safe than sorry" since it's unclear. It can go too far though if you end up punishing many more adults for tangentially related crimes than the number of children who were harmed by actual abuse.
As for cultural norms. Many primitive cultures use age of puberty as age of consent. I heard of one (probably Amazon) tribe where sex was treated as common as eating or pooing. It wasn't related to marriage, which they did have. Children were involved much younger than our age of consent. I don't think you could say they were harmed since it was normal behavior and they apparently grew up without emotional problems.
We tend to confuse normal sexual attraction to teenagers with peadophilia and lump them all into the same group. For example teachers having relationships with underage teenage students. It might be harmful but the sexuality is normal, not deviant.
That's not expressing an "unpopular opinion". They're being ignorant about the harm being done to the victims of child pornography and (it seems) trying legitimize that harm by drawing a dotted line to homosexuality.
It has no place on HN. I would downvote if I could.
Someone drawing or 3d modelling fictional underage character?
In many jurisdictions thats the same thing as genuine child abuse base child porn. In my jurisdiction, Harry Potter fanfiction with sex counts as child porn - and as one with extended penalty because it is "delivered through very efficient means like computer network".
Not all things are all the same, even with the same label.
>They're being ignorant about the harm being done to the victims of child pornography
You are foolish to believe that all children are harmed by childhood sexuality and/or child pornography. Sex is part of the human nature, and we do not wake up on our 18th birthday and realize that we are ready to begin exploring our bodies. Never mind the fact that human beings can be conditioned to both be traumatized by and accepting of sexual activity by/as children.
>It has no place on HN. I would downvote if I could.
This amounts to morally-derived censorship.
It is foolish to presume that your cultural programming should not be scrutinized; society is worse off for this kind of puritanical closed mindedness. No, I'm not asking you to accept victimization of children, but if you cannot honestly discuss and/or examine both sides of an issue, you cannot be confident in your opinion.
If you believe the MPAA/RIAA's claims that piracy harms sales, there would be some moral case for piracy of CP. Although, there is still some direct harm from the distribution of the material (for the privacy for the victim). However it's more likely that (contra the MPAA) piracy actually serves as advertising, just like in the ordinary entertainment industry.
> What if children weren't physically abused but were secretly and anonymously photographed?
Still harmful for privacy reasons mentioned above, even if less harmful than actual physical abuse.
> Shouldn't there be exceptions for victimless child porn?
Probably, but the example I would reach for is art / drawings of obviously fictional characters, rather than any of the above. The fact that many CP laws extend to this is better evidence that lawmakers are being irrationally swayed by puritanism. (Or that puritanism breeds indifference. Maybe they don't care about the "deviants" interested in these sort of drawings enough to specifically target them, but they also don't care enough to carve out an exception.)
Australia is stricter. Somebody was charged for possessing Simpsons porn because it was "sexualised depiction of persons under 16". The defence argued they weren't human because they only had 4 fingers on each hand!
bro.. don't try and make the abusers out to be victims.
the dominant factor in stigmatized pea do philadelphia has very little to do with deviant sexuality and has everything to do with coercion and rape of still developing human beings. this is seen across just about every other facet of civilized society as well.
We don't allow minors into enforceable contracts, leave home or check out of school, smoke cigarettes or drink booze, and we sure as hell don't allow them to participate in "amateur" pornography where the consequences can be life long.
We restrict these things because the mind isn't developed or experienced enough to understand and appreciate the effects of these actions.
The abusers are not the issue here, the parent is questioning whether possession should be illegal in all cases, especially if we are talking about a victimless crime. Photoshopped adult porn to make the actresses look young, for example. It's a good question. However, I expect that no politician is brave enough to ask the question for fear of getting precisely the criticism you just demonstrated. So the discussion will remain theoretical.
Go with an even easier case. What if it is of a 17 year old who is old enough to consent, even by the law where they live, who willingly takes the photograph and releases it. Technically illegal, but why?
> ...It's legal to think about murder as long as you don't behave that way.
Sort of. https://www.law.cornell.edu/uscode/text/18/1117 ("conspiracy to commit murder") only requires one person to take action and everyone in the group that did the thinking with them is guilty of a crime. This is in the US, but I would be quite surprised if various other countries did not have similar statutes.
More generally, there are all sorts of laws out there that effectively criminalize thoughtcrime rather than behavior. Of course behavior might be needed for anyone to _discover_ the thoughtcrime.
> Sort of. https://www.law.cornell.edu/uscode/text/18/1117 ("conspiracy to commit murder") only requires one person to take action and everyone in the group that did the thinking with them is guilty of a crime.
Wrong. It requires all the people to have taken action to communicate their intention to collaborate on the plan, and only one of them to have taken additional action toward acheiving it.
People don't think in groups; thoughts have to manifest as action for people to conspire.
> to communicate their intention to collaborate on the plan
What the law says is "conspire to violate".
If person X and person Y together work out a way for person Y to commit murder and then person Y commits murder, is person X considered as conspiring?
> People don't think in groups
Sure they do. It's called "conversation" or "correspondence". If we had telepathy, we could skip the transcoding to sound or text, but we don't yet, but fundamentally it's the same thing.
> Sure they do. It's called "conversation" or "correspondence"
Conversation is action, not thought.
> If we had telepathy
There's a couple different things (in fiction, naturally) that go by that name; the active analog to oral communication is also action, the sort of passive integration associated (not exclusively, just as an example) many hive-mind collective organisms in sci-fi is thought rather than action, but also not analogous to what goes on between humans.
I think the distinction here is a pretty dubious one. Consider, as a hypothetical, a situation in which one can actually tell "what someone else is thinking" based on a more advanced form of EEG. Would it still be "thought" as opposed to "conversation" if two people are doing it to each other simultaneously? Why is transcoding in terms of pixels on a monitor different from transcoding as sounds? Is the key difference for you whether the transcoding is active or passive on the part of the thinker of the thought?
Put another way, if we define "thought" as being limited to those things which have no perceptible effect on the world at all, then we run into the separate question about whether this "thought" thing exists in the first place.
FWIW, the lawyers in this thread tuned out at this point. Nothing is very simple in law, but the ambiguities of criminal conspiracy are reasonably distant from the situation you've described. Conspiracy requires communication in order to agree to commit a crime. Positing a kind of thought that communicates doesn't really muddy the waters much.
I don't think the philosophers engaged, either. Redefining thought to be imperceptible denies everything we actually do know about the biological process of thought, so it's not clear the discussion leads anywhere worth going.
I think what you're trying to ask is: Is being labeled gay grounds for imprisonment? Or does one have to be caught in the act of fornicating with a male to be imprisoned? I'm sure it depends on the jurisdiction, but many jurisdictions that have this kind of explicit law usually frowns upon homosexuality so much, that the mere accusation is enough to be damaging.
What I'm asking is more like, if the government microphone in your potted plant hears you coming out as gay to your friends, would that be grounds for criminal punishment?
Laws against inherent characteristics seem to me at least to be worse than laws which ban behavior. Conflating the two in order to make some particular law sound worse seems sort of dishonest to me.
Perhaps. But within the context of gay rights it is the government that behaved improperly. Society bundled behaviour and innate characteristics into a single thing. That was wrong, and it is important to highlight that.
Of course in a post homophobic world the distinction is rather irrelevant. It makes no difference to anyone if homosexuality is innate, or just a set of chosen behaviours. Why would it matter either way? But for a while it was necessary to remind people that you don't have any choice about being gay, or about having gay relationships. That claim was a response to homophobia, not something rooted in science of philosophy
There's still plenty of conservative people who believe the being gay is a personal choice, or perhaps something caused by your upbringing/environment, not something you're born with.
Of course, this has as much veracity as the idea that the Earth is flat or that the Sun and planets revolve around it, but there's a lot of people who believe it.
But the whole argument is ridiculous. Maybe there is a choice element to being gay. So what? That is a perfectly valid choice to make. But attacking someone for that is not valid, it is completely perverse.
It seems to me that the purpose of the "born with it" argument is to develop empathy among people who lack understanding. Because it helps explain why people act on their feelings, even if they are not a good idea. We can all relate to the power of lust, love etc. It is an important point to make. But that argument only has relevance to people who find it distasteful in the first place. The argument is a reaction to homophobia.
I agree that it's a valid choice to make, and people should have the freedom to make such choices if they want. However, you said before that "It makes no difference to anyone if homosexuality is innate, or just a set of chosen behaviours." and that's incorrect. It does make a difference, to some people. To those people, they'd oppose it if it were proven to simply be a choice, whereas they'd have more empathy if it were proven to be completely innate: it'd like being mad at a mentally-retarded person for doing something dumb, compared to being mad at or disappointed in a very intelligent person for making a very dumb decision. I'm not defending this mentality (because again, I have no problem with homosexuality and I think people should be free to have whatever physical relationships they want), but I'm explaining it.
Also, remember that a lot of people (particularly religious ones) want to regulate social behavior, even in the bedroom, because they believe this is important for society's survival and prosperity. So in their view, homosexuals should be oppressed (either strongly by the state, or more weakly by social pressure) for the good of society, and to keep their behavior from "spreading". There's not really a way to counter this mentality by people like us because their worldview is so entirely alien to us: we don't believe in divine retribution for "immoral" behavior (a la Sodom & Gomorrah) and they do, and nothing's going to shake their belief.
>There's not really a way to counter this mentality by people like us because their worldview is so entirely alien to us
As you hint at up above, there are non-religious people who believe regulating sexual behavior is important for society. Do you have a way to counter that idea when it's based on a secular worldview which is not so alien to yours?
Liberty versus authoritarianism? I acknowledge such people exist, but I don't pretend to know or understand their full argument of why it should be regulated. At least with the religious people, I can understand why, I just reject the silly premises (that God will smite us like in the story of Sodom). With atheists (presumably Stalinists?), I really don't get it. Besides, we've seen atheistic authoritarian societies before, and they were a complete disaster, not only economically but also as far as having a happy, functioning society. Hint: if you have to have a wall to keep people from running away from your society, and you shoot people who try to climb over the wall, then the fundamentals of your society are not worth preserving. Now it might be obvious that I'm following a fairly utilitarian philosophy here (happy = good), but if you're not religious and don't believe in utilitarianism, what exactly is the goal for your society? Generally, societies which do not value the happiness of their citizens are religious, because they claim that they need to "please God" or act in certain ways to have a better afterlife. Remove the afterlife and deity and what do you have left? Either wanting people to be happy (but still functional; not happy as in drugged-out all the time and unable to keep society functioning), or you're running the society on what makes one person happy and to hell with what everyone else wants, which is basically narcissism (which probably describes North Korea today).
>but I don't pretend to know or understand their full argument of why it should be regulated
One reason might be that they believe that having a culture which is hedonistic toward sex is harmful for society, and they believe that acceptance of homosexual behavior necessarily leads to having such a culture.
>presumably Stalinists?
That is definitely not a reasonable assumption to make.
>but if you're not religious and don't believe in utilitarianism, what exactly is the goal for your society?
It is perfectly possible to be utilitarian, non-religious, and opposed to the acceptance of homosexuality. All it takes is a belief that acceptance of homosexuality is on the whole and over time more harmful for people than intolerance of homosexuality.
Yes we've rehashed the difference between internal thinking and action. I don't think anyone believes that a government is directly oppressing internal monologue.
The original quote was "being gay is illegal in many places". By saying "being gay is illegal" it seems to imply a behavior though. Being a murderer, or being a pilot, or being a carnivore...
But, you're right. We can all agree that it's totally legal to be a murderer or thief as long as you don't behave that way.
>totally legal to be a murderer or thief as long as you don't behave that way.
You must know this doesn't make any sense. Murderer and thief are words that describe people who actually murder or steal, not people who just have a desire to murder or steal. Gay describes who you are attracted to.
True. It sounds like the site was mostly dealing in drugs, which for small time dealers I feel is a waste of time to prosecute... But the problem is that larger organized criminals often get their funds to do worse things from the drug market.
Wait, it sounds like you're saying big drug dealers are just selling drugs to get money to, I don't know, go on murder sprees? I'm not saying violence is not a part of these kinds of crimes, but I don't think the purpose of their participation is just to enable other, more serious crimes.
That is, I don't think it's very common for someone to say "I want to sell a lot of drugs because I can't afford to kill enough people otherwise," rather than what I think is more common, "I want to sell a lot of drugs because I want to buy a house without a lot of effort."
For an example of this, check out Portugal that legalized and had great success.
I wonder if anyone can point to place where drugs are legalized and violence increased? Where addiction increased?
Seems absurd, yet people don't think the drug war is absurd-- they don't immediately see this takeover of Hanza as the government illegally operating a black market for weeks and thus committing massive crime, and they don't see the shutdown of the market as a further crime violating the rights of the sellers to sell something that morally and practically their buyers should be able to buy (when it comes to drugs anyway)
> it sounds like you're saying big drug dealers are just selling drugs to get money to, I don't know, go on murder sprees
No. I'm just saying that the people upstream manufacturing massive quantities of meth and heroin probably aren't the kinds of organizations that you want to be making that kind of money.
But until that happens, don't buy from big drug sellers.
In a broader sense: We can acknowledge that there's an underlying problem, and how to fix it, while at the same time being willing to advocate a temporary fix until the underlying problem actually is fixed.
Think of it like polyfill: The underlying problem is that old browsers exist, but we can't boil the ocean and make everyone upgrade, so we use polyfills to gain the functionality we want on those old browsers.
These laws don't usually get changed until people violate them en masse, showing utter disrespect and contempt for the laws.
Remember Prohibition? That wasn't lifted because people wrote to their Congresspeople, but otherwise respected the law and followed it. It was lifted because it was widely disrespected, and a huge black market for alcohol was created, along with a lot of brutal violence. Same goes for civil rights for black people in the 1960s. Same goes for civil rights for gay people (like legalizing gay sex, previously criminalized). People committed the crimes and got caught, it went through the justice system somehow, and either a law was passed or the Supreme Court rule on it. It took a Supreme Court case to nullify the anti-gay-sex laws when some people in Texas were prosecuted for it and it got appealed up to the supremes as a privacy/freedom issue.
Paying your taxes funds real crimes too. Should I stop paying taxes?
According to you, the people in the Underground Railroad were doing the wrong thing, and should have followed the prevailing laws on slavery, and it was wrong for slaves to rebel, even when they were being brutalized and murdered. Your position is disgusting and repugnant.
And I'm saying that it sounds like you think "the kinds of organizations" are using drug money to enable worse crimes. I mean, it's no secret that the purpose of certain laws are to prevent anybody from making "that kind of money," but to me your comment read as if there was more to it.
Because that's also the case.
Big organized crime groups often have access to exactly the kind of logistics required to manufacture and smuggle drugs across large distances.
They have the muscle to stay competitive in a market where there is no state authority to give you guarantees on anything.
Most drug dealers are not "big organized groups." I don't know from Hansa, but I'm betting a big organized group is not likely to use them as a single point of failure.
Of course, it wouldn't have been their only market, but it's among them.
Even something ostensibly harmless as cannabis can finance quite questionable people and groups.
A while ago Arte France released a series titled "Cannabis", where the plot revolves around a shipment of Morrocan hashish lost on the Mediterranean sea, with the consequences playing out all over Europe. And while it's a fictional plot, it still paints a somewhat accurate picture how a lot of this business goes down.
You are correct. Making drugs illegal has funded the creation of massive cartels who use that funding to pursue other crimes and to war against any competitors.
The solution will never be shutting down darknets and arresting people.
The counterargument is that if drugs are legalized then the crime syndicates will need to find a new line of work. It's possible they'll go "legit" like the mob did after prohibition and get into the Casino business, but it's also possible they'll switch to human trafficking or gun running or some other harmful trade.
This is an especially big danger if you're talking about a gang that currently deals mostly drugs but also smuggles forced prostitutes over borders on the side. Take away the drugs and they're likely to expand the side business.
If they could expand the side business, they already would have. The massive profits of illegal drugs gives them the capital to invest in new side businesses, take that away they can't expand anything.
The Mafia was all about prostitution, gambling, and protection rackets. The prohibition gave them a business where you could make far more than all the others combined, and all you needed to do was to kill people who got in your way.
I dont think human trafficking is as easy as drug trafficking and gun running is a much smaller market than drugs. Legalization will be a severe impediment to the activities of the cartels.
> The counterargument is that if drugs are legalized then the crime syndicates will need to find a new line of work
Is that a counter argument? There are bad actors (in society). Some bad actors have social, moral, physical, intellectual barriers that prevent them from acting WORSE. Raising the social barrier (marketplace) isn't any different than the social barrier (legality). If you rather not compete bad actors out of the market because of what they might do, why legally punish them out of the market? Why bother trying to stop them at all?
Society doesn't want to consider certain transactions to be legitimate.
Allowing a marketplace for murder or human trafficking (or the other nefarious things organized crime gets up to) allows the most efficient and effective bad actors to prosper, as markets are designed to do. But society doesn't want bad actors to prosper, it wants them prevented from acting badly.
I agree. This is why the "counter-argument" doesn't make sense. It assumes that it's not preventative (so it's a negative effect?). Might as well let them carry on?
The point is that gansterism will become a smaller part of the economy, have "less funding" if you want to think of it that way.
Gangsterism is funded by various econmic oppornities which for one reason or another are illegal. Some things like assasination and extortion need to be illegal by their very nature.
But by passing laws that make new things illegal, we increase the amount of resources available to fund criminalality.
The counter-counterargument is that we can legalize difficult-to-police but high-volume "sin" crimes, such as drug use and prostitution, regulate them to the point it's impossible to be a criminal syndicate in those realms, and leave the syndicates with lower-volume crimes, such as murder for hire.
Sure, we can't possibly legalize murder for hire and still have a functional society, but how much profit can you really make filling those kinds of contracts, especially in a world with no illegal drug trade and no human trafficking because hookers are now clean and legal? They can try to expand side businesses all they want, but some of them have a natural cap to how much demand there can be.
And 'small time' drug dealers get their supply from the bigger fish. The value in prosecuting them isn't in stopping end users or sales that max out at like $200, it's in working towards shutting down large international suppliers. Because they don't just ship drugs, they ship people and weapons too. Regardless of how one feels about drug use, the realities of the trade are grim.
I think there's also value in defining what people mean by 'small time dealer' in this context. To me, that connotes someone selling a bit of pot to their friends so they can smoke for free or something. People who ship misc. substances internationally and in some cases earn six figures plus annually don't fit that definition in my eyes.
The reality of illegal drugs is by making them illegal you give massive amounts of capital to the worst people in the world, who invest those profits into other awful trades.
You legalize drugs, you take away their massive cash flies and cripple their organizations.
> You legalize drugs, you take away their massive cash flies and cripple their organizations.
I'm not convinced this is true, there's lots of ways to make a big profit illegally, drugs are just comparatively easy. I'm a proponent of full drug legalization (it's a space where I have large amounts of first hand experience that won't be discussed on HN), but it's still important to separate an ideological position from reality. The international drug trade is directly tied to human trafficking. Turning a blind eye to one is turning a blind eye to both.
Drug trafficking funds human trafficking. It's not the other way around. Removing profit incentives from bad behavior is an easy way to improve human behavior. Our murder rates plunged after prohibition was repealed, for example.
And human trafficking is for a purpose, take away it's incentives and it mostly goes away too. Legalizing prostitution eliminates a big incentive for human trafficking. Rationalizing immigration laws eliminates most of the rest.
Extortion, money laundering, racketeering, human trafficking, illicit organ selling, slavery, gun running, piracy (Somalia not Napster), poaching, assassinations, political violence for hire, etc. are all independently profitable. There will be profit incentive for bad behavior as long as laws exist that people don't want to abide by. People are terrible to each other on a daily basis, the world over.
> Rationalizing immigration laws eliminates most of the rest.
This is indicative of what I'm taking about, approaching these problems in an extremely reductive way. Did you know there's an estimated 21 million slaves in the world today?
Buying drugs can fund actions far worse than just creating drugs. From human slavery (drug mules) to murder. Some of the other things on that list are bad not because the actual item being traded is bad, but because of what the trade enables. I'm not seeing a significant difference between the markets in this regard, except for popularity.
Compared to the example you gave, where no one is harmed and no further harm is caused or funded by people being gay.
Edit to specify that this doesn't happen in every drug transaction.
Buying drugs doesn't fund those actions. Making drugs illegal does, just like when Prohibition started murderous gang wars, gave us the highest murder rate in modern history, caused thousands of deaths from adulterated spirits, and funded the modern mafia.
Murder is illegal. But somehow the profits from tens of millions of murders aren't injecting cash into a vast underground economy. It's the money that does that.
Buying drugs does fund those actions. Drugs being illegal are a major reason why, and why I support legalization. But that doesn't excuse anyone currently making a purchase today.
Think of it this way, illegal images could be produced by advanced CGI, but aren't because that tends to be just as illegal. That doesn't excuse anyone who consume images not produced by advanced CGI.
People have the right to control what goes in their bodies. I don't have the ability to see if my weed is "violence free", because drug prohibition took that away. You can't hold me responsible for violence among marijuana cartels if you don't give me a clean source for my marijuana.
It's like saying encryption is used by terrorists, so if I buy encryption I'm indirectly supporting terrorism.
You can be held responsible. You don't have a right to obtain a substance just because you want it. It doesn't matter if it "goes in your body" or not. That's not how rights work. You have to justify the value to society.
It's exactly how rights work. Freedom of speech doesn't have to justify it's value to society, it's an innate right that's not up for vote. Google the founding fathers and natural law.
If freedom of speech didn't have to justify its value, you wouldn't need legislators to enact it as a law. Legislators aren't going to legislate without justification, and they shouldn't.
Doesn't this holds true of the other crimes we were talking about taking place on the dark-net as well? Maybe not at the same rates, but even weapon sells don't definitely mean someone is coming to harm by that specific sell.
Paying taxes contributes to legally dubious actions such as drone strikes at weddings. Buying certain types of cheap clothing or manufactured goods supports slave like conditions for some workers. Buying beef and other food products contributes to deforestation, depletion of fishing stocks and other things destructive to the environment. Going to a strip club supports human trafficking and sex slavery. Buying diamonds and rare earth metals necessary for tech devices supports bloody, endless civil wars. The drug wars raging in Mexico pale in comparison to the atrocities and Heart of Darkness horrors happening still in the Congo, with its rich supplies of coltan.
Don't think that you can claim innocence because you are following the law.
It's more accurate to say that government prohibition fund actions far worse than just creating drugs, human slavery (drug mules) to murder.
It promotes growth of the marketplace which also allows buying/selling of drugs that do involve victim crimes. If the market was limited to safely produced/trafficked drugs, it would be different. One might even make the argument that shutting down a market that only allowed victimless drugs end up causing harm.
This is a dangerous way to present facts that changes the perception of the reader in ways that may not be noticed while not technically telling a lie.
You are claiming that all crimes are of equal severity and should have equal consequences. That is absurd.
I would love to know how they got caught. There is probably something to learn about opsec from this.
The paranoid side of me says Tor is unsafe (due to whatever - the authorities having backdoors on most hosting services, on your PC, due to the encryption being cracked by some unknown breakthrough or due to 90% of entry nodes being controlled by NSA). And NSA and FBI and co just have hundreds of people working on "parallel construction" of evidence.
Of course, a blunder by the operators is much more likely...
Every time a market has been taken down it's been due to OPSEC failure and other information leaks (e.g. Silk Road captcha IP leak, DPR's advertising of market being linked to his personal email address). AlphaBay Which got taken down first in this operation was due to a personal email being included in the header of the welcome email sent out to new users 3 years ago [1]
> Every time a market has been taken down it's been due to OPSEC failure and other information leaks (
This is true, but it dangerously misses the point. Every time someone gets taken down, the know-it-alls on various fora sneer and go "Ha! What terrible opsec! I wouldn't have made that mistake!" No, you would've made some other mistake.
To run a darknet market and not get caught, your opsec has to be perfect. Every second, every minute, every day, every person involved, forever. That is simply not possible once an operation exceeds a certain size. Like the IRA once said: "We only need to be lucky once. You need to be lucky every time". This is the "defender's dilemma" that guarantees you will be caught as t goes to infinity: sooner or later, you'll make some mistake that burns you.
Focusing on the specific mistakes made by bust-ees only boosts your confidence and ignores that you, in their situation, would've leaked information somewhere else.
I'm sorry to nitpick and I mostly agree with you, but similar to a casino game that favors the house, if you are lucky and quit while you're ahead, you can avoid capture. Your statement is only true in the long run. Of course criminals usually become addicted to their risky behaviors just like gamblers... It's a frequent trope in crime movies: one last job before the criminal retires, but that last job is the one where he makes a key mistake.
This is a very superficial way to look at things, and ultimately, entirely wrong.
One of the cornerstones of OPSEC is persona creation & management. This is orders of magnitude easier to perform in cyberspace than in real life, and can be used as a catch-all safety -- for exactly when mistakes are made and layers are compromised --.
You will make many many mistakes, but part of a well-implemented OPSEC strategy, is to have those mistakes land in a compartment, an illusionary persona that you created out of thin air. Operation size has nothing to do with it and should be completely irrelevant when the compartmentation strategy used is solid.
1) They were investigating AlphaBay for nearly 3 years
2) They came upon somehow control of an email address which contained 3 year old mail that contained the password reset email
3) They are capturing and storing large amounts of tor traffic much like the NSA does on clearnet see: xkeyscore
Apparently, he leaked the email address in an early email sent to site users. It contained his real first name and birth year, and he used the address on several other sites.
When he was busted he was logged in to the site, and had several passwords/keys stored in plaintext on his machine.
They could have gained knowledge of the email address through classified means, and made up the email header story to hide their method of initially obtaining it.
Honestly it doesn't seem that interesting - browsing /r/DarkNetMarkets, dnstats and just signing up yourself is enough. I've signed up for a few for shits and giggles but never bought anything, browsing is pretty interesting. You just need to find one person like me who'd be willing to give them the email... not exactly hard.
Perhaps it's from someone they were investigating for other crimes. I mean, it doesn't seem beyond the realm of possibility that law enforcement were going after say, a drug dealer who was using the site to sell goods, and found the welcome email from the platform he or she was using in their inbox.
Isn't it likely that a number of recipients did not delete that particular message? Also that a number of them sold drugs by mail order, not uncommonly a short lived profession?
Does "parallel construction" mean "finding plausible but fake explanations for how we got the evidence so we don't burn our successful and secret investigation techniques"?
Just guessing from context...
That's definitely a cynical way (that I would tend to lean towards agreeing with) to describe it.
The other spin would be "we discovered illegal activity through evidence that would be inadmissible in court, so we went ahead and focussed on gathering admissible evidence". Probably by looking in places they wouldn't have looked otherwise, but not by making anything up or breaking any laws.
Apparentle the Alphabay moron had his real hotmail address in the welcome e-mail they used to send and the same nick on another message board with more personal details as well. Massive OPSEC failure.
I'm sorry but if your business is running an illegal drug market and you're sending out account emails with your real name and year of birth from a non-burner email, I think "moron" is probably a pretty apt description.
I always find it incredible when these takedowns occur, how much effort they put into the graphical design. And it doesn't look like a hobby designer among the police did this, but they hired somebody.
Also, considering this is a drug sting, which should be a really serious thing, it's strange that they make a joke on the page.
I would expect a plain HTML page saying "This hidden service hosted illegal activities. All transactions have been logged. If you participated in these activities, contact your local authorities."
This image, however, seems to be a stock photo, the Dutch police logo, and white lettering. Given that it uses no less than four different fonts, I bet it was a quick paste job by someone from the cybercrime unit, not a professional graphic designer.
fwiw and to spell it out for the hard of understanding they were trolling the users by saying have 'no' but we wouldn't tell you even if we had >WINK< (we did) and then present a PGP signature with 'proof' that they had - the sig is invalid btw and in any case could have been replayed. More recently I read that they allegedly waterholed a child abuse site in order to pwn one of the admins. So although none on Hansa they knew the admin was a disgusting piece of filth (or maybe by sheer luck?) Anyways - good work fellas.
I can't see many dealers using dark markets above plausible personal use amounts since you get caught importing dealable quantities you are screwed, dark market or not (And the mail system will get a % of buyers). You might have a $1000 per week habit or be a $1000 per week dealer. Who's to say?
Well given that this party is funded by taxpayers, for the purported benefit of said taxpayers and their society; I do think its problematic that said party would hold such a view.
I have no problem calling out what you believe are unjust laws, but the way you did so implies some agreement with those laws from the commentor you were replying to, as well as some responsibility for those laws existing from the police that carry them out.
Calling out a commentor's statement about the police's state of mind at concluding what was undoubtedly a large project for their department doesn't effectively work as a launchpad into a critique of those responsible for the law when done through terse sarcasm that seems to target the wrong responsible parties.
They fund the ones supplying those drugs which involves a significant harm to society. Just look at people who are unwilling participants in the drug trade or those who receive funds from selling drugs to sell other things such as weapons or even humans.
(Yes, I realize legalizing local drug production and distribution would undercut the market, which is one reason why I am for legalization. But that does not excuse supporting the current cartels.)
People under influence do indeed pose danger to other people. Even the influence of alcohol is potentially dangerous in certain situations leading to incidents ranging from hit and run to domestic violence.
Even alcohol? Alcohol is the most endangering drug. Because of wide spread use (no competition because in many places it's the only legal drug), addictiveness, toxicity and intrinsic nastiness of influence it has on some users.
It's not a semantic argument. It's important to make it plain, before having a reasoned discussion, that there are legal drugs that people use every day but wrongly categorizes as "not drugs." Alcohol, nicotine, and caffeine being the main culprits. Food, exercise, and social media also cause experience-shifting changes in neurotransmitters (the drugs that are always mediating your experience). It's important to get this straight before lumping things that are illegal into a poorly-conceived category.
While it is true that there are other substances that could and should be called drugs, it is not conducive to discussion to argue over definitions when it is clear people are talking about drugs colloquially. To bring up coffee serves no purpose other than to derail the comment thread - as it has.
Air also causes experience shifting changes in body. Think of the last time you went without it. Also thoughts cause multiple experience shifts during the day. Maybe we should start be controlling the air and eliminating thoughts before we get to these bigger things?
everything does. it's a question of individual context, individual biology, and what you define as "experience-shifting" + our ability to understand and measure the human brain.
I don't think this is a semantic argument. The comment I replied to was making the argument that alcohol use is widespread because it has no legal competition. This does not appear to be the case to me, thus undermining the argument.
You are right about availability of nicotine and caffeine but I'm not sure if you can make an argument that they could compete with alcohol.
I know that caffeine was a bit of competition for alcohol in the period right after it was introduced (some think that enlightenment was caused by this), but I don't think it's like that anymore.
Nicotine and caffeine are drugs but when did you last hear of people crashing cars or killing other people because they were high on nicotine or caffeine. I'm sure it's an ancillary factor and if you could investigate with strict accuracy you'd find they had a non-zero influence. But putting them on the same semantic plane as you are doing implies that people in the grip of a nicotine or caffeine buzz are little different from people who are drunk, and anyone with real-world experience knows that's nonsense. You're not helping your point by reflexively making nitpicking arguments.
I'm pro legalization for all drugs, but but I'm not going to dispute the fact that booze, cocaine, and heroin are just like cannabis, caffeine and nicotine because it just isn't true. If you don't acknowledge the reality of people's experience when making your semantic arguments then people are going to ignore you.
If someone gets off work and wants to get loaded to forget about their problems, are they more likely to get a 12-pack of beer or a pack of cigarettes?
People with _______ pose a danger to other people. It is incredibly hypocritical to come down on someone for consuming LSD in their own home, but not on someone getting pissed drunk in their own home. Tens of thousands of people are killed by people under the influence of alcohol in the United States. How many people are killed by people under the influence of LSD?
From what I remember poking around at Hansa that's not true. Each vendor / user had a public key associated with their account. All text communication through the website was supposed to be with GPG encrypted text secured by private keys unavailable to website.
So law enforcement has lots of encrypted text along with some clear text from users not informed enough to follow any kind of opsec.
Law enforcement could have easily MITM'd the PGP.
They replace the public key of a vendor with their own public key (on the vendors's page, without the vendor's/buyer's knowledge), then the buyer address gets encrypted with that public key. Then they decrypt and resend the message using the sellers original public key.
They almost certainly did. I do market research and a number of vendor keys changed on Hansa and Dream on June 23rd. Some had various comments in them claiming to be older, e.g. "EST June 2016".
I'm a developer on the OpenBazaar project which is a p2p Bitcoin market. Because DNMs are the most popular Bitcoin marketplaces I keep up with them and their features and trends. They're great sources for discovering security concerns.
Can you give an example of some of the security concerns you have discovered? Do you keep a formal list of threat vectors? I would have thought they are pretty much the same as regular web apps.
PS. OpenBazaar seems to have received $3M funding. Interesting about change for a project started by Amir Taaki given his very anarchist professions.
PPS. Desktop client seems a bad thing to develop first (in the true tradition of Bitcoin!). Perhaps you guys could have stuck with network client daemon + API for starters. Anyway, good luck.
Furthermore, in order to lower the risk of anyone detecting this here's something the LEO could do:
1. They seize control of the servers.
2. They make note of who is an existing user and keep serving them the real PGP keys of other pre-existing users.
3. For anyone who registers after the point in time where LEO controls the servers, replace the PGP keys of sellers and also the keys of these new users with MITM key pairs.
Then when they run the site for a month as they did and they have the influx of users they got from AlphaBay, they will have plenty of evidence on all of the sellers that are active during that period of time due to there being so many new users all of whom you are MITMing, regardless of whether the sellers are new or old because the old sellers are also being MITMed in all exchanges they have with new users.
The sellers were the primary target of interest, so the LEO got what they wanted.
All of what I said is just something they could have done though. Not saying that it's what they actually did.
The impression that I get is that after they busted Alphabay, they nabbed a number of sellers and possibly some large buyers, who were held incommunicado. When there was a big migration from Alphabay to Hansa of both customers and sellers, there was an opportunity to set up many of those sellers' entire presence from scratch there. So it wasn't just the site that was compromised, but many of the largest individual sellers themselves, physically.
Of course, I know nothing and have just heard of either of those sites this morning.
While I doubt that many people check the vendor's public keys, it would just take one person to notice that a vendor has a different public key from another site (for example, AlphaBay, since there must have been lots of users moving to Hansa from there). If they questioned the vendor about it, they'd discover something was wrong. This would then blow the cover of the police, or at the very least be a big red flag showing that the site had been hacked.
In short, I doubt the police did this kind of thing because they risked blowing their cover for the sake of getting some buyers' addresses.
Also, these sites tend to have a big button labelled 'encrypt my message' - which ostensibly does all the PGP for you. I'd guess that most people are lazy and just press this instead of running PGP/GPG manually. It would be trivial for the police to capture the unencrypted messages just by subverting the auto-PGP.
Then users looking at their accounts from other logins would see the wrong public key and know something was wrong. Also wonder if that happened at all
The only reason I mention that this is at all probable is because of the length of a PGP key. How often is the average user of a site like this logging in to verify even the last few bytes of a PGP pub key compared to what is saved in their software? Plus how many users would chalk it up to "oh SellerX just changed their key pair" and continue on encrypting their message with the new key
I highly doubt anyone looked at it or cared. People were most likely on there to buy drugs. Do you think they turned to their friend and asked "hey do you mind looking into this website and comparing the PGP keys with me? I just want to be sure!"
This has me curious (as a complete crypto noob): how would one defend against such a MITM attack in general?
Only send messages to vendors with known "trusted" keys and don't trust new keys? So in general, use a trusted channel for key exchange separate from the communication channel so that a MITM needs to control both channels?
Correct. This is what the PGP "web of trust" is supposed to assist with: a trusted key is either one which you have verified, in person, as belonging to your correspondent, or one which has been signed by a number of other correspondents whom you trust to verify keys (and whose keys you have verified in person).
Using a standard channel for public key exchange is half the battle. The other half is using a trusted channel to verify the public key does indeed match the public key you were originally sent. "Trusted channel" can be broadly interpreted (and is also often subject to tampering as well)
They can't MITM secure email from buyers to vendors (the direction with actual physical addresses) unless they subvert either the buyers or vendors email server. The actual email does not go through the site.
This is true, but if they had taken over the site, they could decrypt anything that the site had 'encrypted' (some sites let you either encrypt stuff yourself, or let the site do it for you... which isn't a very sensible option)
They did exactly this on Hansa. They also used this same method to break the multisig transactions that hansa used to direction bitcoins directly to LE wallets (The dutch say 2million euros worth)
As I understand it, most sellers have their public keys available from several sources and savvy buyers will cross-verify them. It would probably raise too much suspicion of LE swapped out the keys and there was a discrepancy with the cross-references.
"H: Yes, we called them “AlphaBay refugees.” It wasn’t the technical challenge that caused problems. Because this was a police operation, we wanted to keep up with the orders to see if there were any large amounts [of drugs] being ordered to one place, [so that] we could share information with our law enforcement partners internationally."
For which I expect some of them to be charged with tax fraude or racketeering here in Holland. A lot of financial crimes, especially regarding taxes, are punished heavier than other crimes.
I wonder how cannabis dealers based in Holland would be prosecuted. Doing a quick search shows that cannabis distribution/growing is still illegal under NL law. [1]
I thought this excerpt was interesting:
"The sale of small quantities of cannabis in coffeeshops is therefore technically an offence, but prosecution proceedings are only instituted if the operator or owner of the shop does not meet the criteria issued by the Prosecutor General:
no more than five grams per person may be sold in any one transaction and the coffeeshop is not allowed to keep more than 500 grams of cannabis in stock;
no hard drugs may be sold;
drugs may not be advertised;
the coffee shop must not cause any nuisance;
they are not allowed to sell alcoholic beverages;
no drugs may be sold to minors (under the age of 18), nor may minors be admitted to the premises."
Could an implicated dealer use the legal defense that they were operating a coffee shop online? (Provided that they didn't sell > 5 grams of cannabis)
No, it doesn't work that way. One of the other criteria for qualifying as a coffeeshop, is that you obtain a permit from the municipality. Some municipalities simply don't allow any coffeeshops. Coffeeshops also have to be physical stores, and may not advertise.
Also, it's also pretty much at the whim of the public prosecutor whether to close coffeeshops for not upholding the unrealistic 500 gram limit (for the amount of shops in densely populated areas other than Amsterdam).
> Everyone on obfuscating their persona with Tor and bitcoins, still had to enter their postal addresses on the website, to receive the goodies.
Not exactly, these sites allow you to encrypt your address with the seller's public key. Of course it's possible that the site performs a man in the middle attack, but you could test for this. The big problem is that many users do not take advantage of the encryption features and send their address in clear text.
Regardless, there is inherent risk. Even with perfect encryption, as a buyer, you still have to trust a drug dealer with your mailing address. And there's no way to tell for sure that the seller isn't LE.
I have a friend who quite frequently used to buy from online markets (I have since lost touch with him). From what he told me what he and his friends used to do was to buy a new post box and set it up somewhere away from where they lived under a fictitious address and name. So they'd be John Doe living at Copper Street 45 (when it only actually goes to 44 or whatever).
Then he'd track how long the package took, whether or not it was delivered normally by the postal service and even then wait a week or so and get it in the middle of the night. Nowadays they apparently just use drones instead to deliver stuff.
I think they used the kind that you can just buy and prop up next to your garden door or whatever. (Except they apparently put it to the side of some random road, effectively creating a new address not tied to them.)
> Some 10,000 foreign addresses of Hansa Market buyers were passed on to Europol.
That's really bad, because not all countries are Holland, which is famous for its 'relaxed' attitude towards drugs in general, so
some users might have their lives turned around by this - followed, arrested, jailed, extorted, etc.
It would be interesting to compare damages caused by the release of this information versus damages caused by the production, sale, and usage of the drugs themselves.
Well, the cartels have already caused their part and would have done it regardless, now normal people will get in trouble, possibly lose their jobs and get their lives ruined for basically no reason.
To be fair... If you commit a crime, you have to expect there's a risk of being caught and punished. So how is this "really bad", except from the POV of the users who may face repercussions?
Yeah but debating whether the law itself is bad is a separate discussion. Until the laws change people can't be outraged or surprised when they got caught up in them...
Besides, it's possible that many of the users live in countries where _buying_ drugs isn't a crime, or where circumstantial evidence like this isn't enough to warrant opening an investigation. So it's possible that most of these users won't even face those repercussions.
Not outraged at the laws, outraged at being persecuted.
If you know something is illegal, and it carries a fine of $1,000 and you do it, you get caught, and they fine you $1,000 you can't be like "What?! How DARE you catch me and fine me like the law says?! ARRRGH!"
Part of the issue with this line of reasoning is selective enforcement. If the law is unjust and commonly broken, it is fair to be outraged if they choose to target you for punishment. Drug laws are broken every day, and in some cities LEOs are even working with the dealers. Unjust laws allow them to pick on people they don't like and people that threaten their business. Given these circumstances, I think it's still fair to be outraged at the enforcement of unjust laws.
Fair point. Sometimes I think the police state that America has become was in large part facilitated by this kind of thing. Almost everyone is in violation of something these days. If the police or the state don't like you then surprise surprise... you're getting arrested for that thing you've been doing for the past decade that half your neighbours do too...
Why not? If the law is unjust, it's perfectly reasonable to be outraged at being punished when you're caught even if you knew exactly what would happen beforehand.
Since drugs have such a stigma in the countries HNers are likely to be from, imagine if we were talking about laws against, say, women driving cars, or criticizing the president.
Then you'd be using your arrest / punishment as a form of martyrdom to draw attention to the issue. Kind of like civil disobedience... but criminal.
You'd get arrested (as expected), fined or imprisoned (as expected), then be outraged that the law exists. But you wouldn't be outraged that you _were_ arrested... you must have expected that.
I'm confused by this concept of "Kind of like civil disobedience... but criminal." Isn't it exactly like civil disobedience, which is criminal?
I still don't get why we can't be outraged just because we expected it. If the law says I have to sit at the back of the bus, and I get arrested for sitting at the front of the bus, I can't be outraged at being arrested?
> I'm confused by this concept of "Kind of like civil disobedience... but criminal." Isn't it exactly like civil disobedience, which is criminal?
“Can be” rather than “is”. Civil disobedience can apply to laws with civil or criminal penalties (the “civil” in “civil disobedience” does not refer to the civil/criminal distinction.)
Everybody has the right to expect a fair and reasonable treatment and punishment. If that can't be guaranteed it might be imperative to not share the identity, because sharing it would imply another injustice without righting any other.
I'm specifically mentioning it from the interpol-level. They would at that point be essentially handing-down a death-sentence for a crime that they don't view as being that serious.
Well at no point does that chain of events trigger a public witch hunt.
Interpol now faces an ethical / moral / legal dilemma of how to proceed, but passing the addresses _up_ to Interpol was not a mistake.
Now, if Interpol was to share the addresses with a country which they knew had cruel and unusual punishments for the alleged crimes then _that_ would be a mistake.
Services like these give Tor and related projects a bad name. Taking down illegal market places is part of the police's job and this is definitely a success story. The article is lacking in details a bit, but it seems they've taken it down using regular old police work as they mention an "undercover operation". This proves once more that the weakening of security for everybody is not needed to catch criminals.
> Services like these give Tor and related projects a bad name
In more ways than one.
What if this had been a tor website that was sharing documents proving government or police corruption? And yet somehow, the police did manage to shut it down. It goes to show that the tech needed for fully anonymous websites may not be good enough yet.
Any sufficiently anonymous website that could be used for good reasons can also be used for bad reasons. If Tor works, we have the good at the bad. If Tor doesn't work, we have neither.
>It goes to show that the tech needed for fully anonymous websites may not be good enough yet.
The tech will never be good enough. Even if we had magic unexploitable webapps hosted in the platonic realm of pure forms whose privacy is protected by magic cryptography, darknet markets would still get busted. Darknet markets require support staff, managers and engineers to run the site. The humans who run such sites will always be exploitable.
It may be parallel construction, but in a kind of cynical way we can publicly praise it as good traditional police work. It takes credibility away from demands for special or clandestine access.
When we call it parallel construction we buy into the surveillance communities marketing... that surveillance it is effective.
I suppose that if you have one administrator in a cell, it's probable that you will get the login credentials after a while.
The question is how to put them in a cell to begin with, but I don't think that it requires some super high tech or shady wiretapping. The publicly known lawful interception laws are most likely good enough for finding almost anyone accessing a know site.
As the current situation is in regards to islamistic terrorism in Europe, I really expect the law to be used to its full extent.
Unfortunately, the harsh stand on drugs play both criminal organizations and islamists in hand as they can make good money on even relatively harmless drugs. I'd prefer a legalization and regulation on those, in order to decapitate the black market.
The darknet they took down is approximately 2,850 times smaller than Europe's cocaine market, or 12,000 times smaller than the general drug market. The Netherlands is also the main drug production and trafficking route to Europe.
So, basically, they took down a minor competitor to the bigger drug trafficking businesses.
>This involved taking covert control of Hansa under Dutch judicial authority a month ago, which allowed Dutch police to monitor the activity of users without their knowledge, and then shutting down AlphaBay during the same period. It meant the Dutch police could identify and disrupt the regular criminal activity on Hansa but then also sweep up all those new users displaced from AlphaBay who were looking for a new trading platform. In fact they flocked to Hansa in their droves, with an eight-fold increase in the number of new members of Hansa recorded immediately following the shutdown of AlphaBay.
So the banner must have been placed there after the server was seized. Keeping the server running long enough to gather evidence of the actions of their high-value targets was probably a higher priority than sweeping-up as many customers as possible.
Possibly there are laws related to entrapment? Allowing new user signups on a police controlled website might cross the line, where allowing existing users to finish their deals might not?
If the police operates the server, I'm pretty sure they would be reluctant to accept new users as it might be illegal. The law in Europe is not as in US and although I'm not certain here, it's generally much more strict in regards to entrapment in most countries.
An interesting situation where they probably were close to hitting some sort of load capacity, but didn't want to spin up new servers/instances and run the risk of making a mistake and tipping off people using the site.
It's just a matter of time until the store fronts are developed open source on Github and hosted decentralized on a network like MaidSafe. People love to get high and are willing to pay. Innovation will follow to meet demand.
> It's just a matter of time until the store fronts are developed open source on Github
Given that Richard Bates faced prosecution for working on the code of the original Silk Road, this could result in very, very bad repercussions.
GitHub would very likely be raided, and anyone who committed to or forked the repo could be prosecuted. I don't think anyone wants that to happen. Actually, I wouldn't be surprised if GitHub will update their TOS to ban this kind of software before anyone gets prosecuted in order to prevent themselves from being raided.
I think it would be much more difficult to prosecute someone for working on a generic storefront application that COULD be used as a darknet market vs. someone who was directly building a darknet market.
There's obviously gradient, because on one side you have Richard Bates and on the other side you have the people who work on Tor. I think that writing a generic "white label anonymous storefront" is much closer to the Tor side than the Silk Road side.
I would imagine it wouldn't be advertised as a product developed solely for Darknet related markets but rather a marketplace for people who value their privacy and such. A few of the torrent sites I use have their tracker source code available on GitHub.
>This was made possible by the arrest of the two administrators of Hansa Market in Germany, aged 30 and 31. Since their arrest, the two men, from Siegen, NorthRhine-Westphalia, have been kept in pre-trial detention, and are only allowed to have contact with their lawyers.
So admins of the other markets: always have a dead-mans switch.
Even if the primary service itself was compromised, it would be possible to have an automated dead man's switch running on an alternative service that would alert the world that you were being held incommunicado.
Of course, failing to disclose the switch to the authorities and thus allowing it to trigger could be considered a violation of a court order and lead to punishment.
Also, it doesn't look good when you're arrested on suspicion of running Hansa and next morning Hansa has a big banner saying "the admin hasn't checked in, we think something is wrong".
> Of course, failing to disclose the switch to the authorities and thus allowing it to trigger could be considered a violation of a court order and lead to punishment.
Black market operators are unlikely to be willing to take this risk for the sake of their customers, but political activists/dissidents might for the sake of their audience.
A dead man's switch could wipe the server and all backups to erase evidence. The police in this case let the server run for months to catch other sellers. A well hidden software trigger would have been hard for the police to notice without a thorough inspection of all the source code.
As the article states, "Immediately after the arrest of the administrators, these servers and their corresponding infrastructure were seized and an exact copy of the market place was transferred to Dutch servers".
A dead man's switch can't wipe the server and all backups, imaging the machine is the first thing one does (before e.g. attempting to log in); the only thing that may vary if you dump the machine with or without turning it off, e.g. getting a memory image by direct hardware access of a live system or imaging disks (and possibly RAM as well, the chips can be read if they're cooled and re-inserted quickly) after cutting the power.
I'm more curious about how the police were able to transfer the operation to servers under their control. Maybe Docker? Haha. My first guess would be that the admins were lazy and never encrypted their systems. Or maybe the cops got them to spill out the password (or hacked it out of one of their systems).
In another hypothetical, I wonder if one can give one's lawyer the (password-protected) decryption key, and he can only release it when one signs a letter saying "I hereby request the keys under my own will with no duress.". If the cops are making him hand over the keys, the lawyer knows that's bullshit and can't legally be allowed to handover said key...
As with all security it's a matter of layers, with each layer making it more difficult, but perhaps not impossible to bypass. A simple deadman's switch might be to host some key piece of the software on a remote server that is harder to access geopolitically and have it stop responding without a periodic login. Recurse a few layers in different geopolitical zones, and it could be a relatively effective deadman's switch. Performance may take a hit such that some kind of in memory caching is needed, but anyone seizing the servers would have to know to capture the memory and not just the disks before the switch activates in this case and it would still probably be effective.
Add in some server wipe jobs, and maybe add some kind of man in the middle payload modifications as well, and you could keep some computer forensics techs scrambling to try to find it all. It'd be a pain to maintain it all, and it'd probably be the operator in the end who compromised everything, but it could be done.
Why would any admin do this? It would absolutely ruin their chances of getting a more lenient sentence by cooperating with the authorities.
The police have these people in physical custody. Why would they take a fall for their (also criminal) customers? There is nothing to gain but much to loose.
PS: If there is not enough evidence for prosecution, having a dead man's switch would be incredibly stupid. It announces to everyone "You got the right guys. Keep digging for evidence"
> Why would any admin do this? It would absolutely ruin their chances of getting a more lenient sentence by cooperating with the authorities.
The police have these people in physical custody. Why would they take a fall for their (also criminal) customers? There is nothing to gain but much to loose.
Actually, having the DB and all important files encrypted would be a better negotiating position for the admin. If the police catch the Admin and also get the DB and important files unencrypted, what is the admins negotiating position? They have the Admin and the important files.
In a perfect world, for the police, they want both, but a second best choice would be having the DB and important files with some jail time for the Admin. If I was the Admin I would give the police a choice, you can get me or can get me with reduced jail time and the DB and important file. You can get the conviction for the Admin and the buyers of the drugs too or Life for the Admin and let thousands of buyers and seller go free. Encrypted files would put the Admin in a great position.
An example, an admin could have a personal password that is used to update a secure hash of "last known time the market was not compromised". The users can use the public key to verify the markers. Every day or two, the admin updates that marker using the private key (password). A few days after they're arrested, they won't have updated it, the users will know something is up.
This is an over engineered solution, and I never understood the value of these warrant canaries etc.
In the right set of circumstances you would be compelled to hand over any keys (with their passphrase) in an investigation like this, and failure to do so would result in harsher penalties.
This is fanciful. It assumes both extreme competence and legal powers to compel just about anything, neither of which generally exist.
You can often be forced to unlock encrypted data as part of evidence gathering, but there's no legal power to make you conduct arbitrary processes which only exist in your head.
The founder of the Silk Road was caught because he slipped up and gave away his identity. The founder of Alphabay was caught because he put his personal email address in the welcome emails.
The police relied on opsec faulires, not technical measures to capture them.
Dream Market is still up since Nov 2013. (1 year older than even AlphaBay) Perhaps they're the ones that are actually based in Russia ;P
You seriously have to be a moron to host your DNM in Canada or NL though, NL LE especially has many years of experience and millions worth of equipment for these investigations. Pick a place where they're less likely to have advanced DMA equipment handy! Even better though, is to choose a place where the FBI won't be able to fly a team with advanced DMA equipment.
In fact, I wouldn't be too shocked if the rather sophisticated wiretap gear the Dutch police have at AMS-IX was capable of identifying hidden sites with timing attacks.
It leads one to wonder... what is the "best" place to host servers if you're going to run a darkweb market? Seems like you'd want a place where the government/police/spooks aren't as tech savvy and sophisticated, and perhaps somewhere where the government isn't on the best terms with traditional Western powers.
Venezuela? But do they even have electricity for running servers?
Maybe some smaller African nations? Botswana? Mali? Burkina Faso? Togo? But what's the state of 'net connectivity there? Is sufficient bandwidth available? Are there colo centers or hosting providers there? I honestly don't know...
OK, maybe I was being a little glib. But still, the news reports I hear from that area haven't been very positive as of late, and I do wonder if the country is fundamentally stable enough to rely on hosting anything there.
I'm not sure what you're trying to say. Are you suggesting that Venezuela hasn't been undergoing a recent period of extreme economic and political turmoil and uncertainty?
I have thinking about this and I don't think it really has to do with location of your servers, it is the coding and architecture of the server environment along with server operators OPSEC.
All of the Dark Net drug website busts I have seen over the last few years are because of poor coding, poor architecture, poor security and even worse OPSEC. The people who run these sites are not professionals.
That's a good point, but I can't help but think it would also help to have your servers (and possibly yourself) located in a geo that isn't so willing to bend to the whims the US, various European states, etc.
That would also be very helpful but hiding the ownership of a server behind a wall of LLC's and Trusts from various locations around the world is also a good idea.
I was thinking you would need to ship them custom servers and have a specific network setup on the system. Standard out of the box rental servers are not going to work.
I honestly don't know how that would work with getting servers to an ISP for them to rack and follow the networking instructions.
Even if you did colo and shipped out your own boxes you wouldn't need to set up real LLCs. Fake information would still work fine, many places do colo for bitcoin.
I wonder whether it is theoretically possible to use small-sized botnet (500 nodes?) for p2p hosting. Something IPFS/Maidsafe/Storj-like, for example, tweaked for even more redundancy and small resource consumption.
The Dutch, Russians and US had some deal going on last year where their law-enforcement and even spooks were co-operating, tracking stuff end to end from russia to netherlands. It all got messed up by some CIA with a usb stick apparently. Russians spotted it, didn't like. So hosted in russia is not going to save you, depending on who your friends are of course.
To me this paints a pretty realistic picture of how difficult it is for western LE to co-operate with Russia, it's not impossible but it certainly isn't easy. Both sides will be cherry-picking the things they share, with the Russian cops facing ever-increasing pressure from the intelligence side of things.
It's worth remembering that this story ended with Sergei Mikhailov in a Russian jail cell facing charges of treason.
No, I don't believe hosting in Russia will magically solve all of your problems. I however do believe that it'll make LE co-operation significantly more difficult, especially after the recent events.
Yes this exactly but also heard that there was a fight one day in Dreisberg? He said he saw John Wheeler with a usbstick. He went to the Dutch and that it all got a bit tense. Did GRU then accuse Mikhailovich with passing information to the CIA? Poor guy.
> More than 500 Dutch delivery addresses were reported to couriers and postal services with the intention of stopping the deliveries
Does this mean that the goal of the LEO was to only stop the deliveries without actually arresting the recipients? If that's true then it seems the way law enforcement works in the EU is very different than that in the US.
unless they can link your computer to entering that address, isn't there some plausible deniability that someone else entered your address. Having drugs delivered to your house isn't illegal if someone else sent them there right? (Asking about in the US, but also interested in hearing if it's different or the same in EU)
Whether your denial is plausible is a matter for a judge or jury. Your credibility might be stretched if, say, the drugs were worth a lot of money, you didn't report it when they turned up at your house, you had drugs in your house when the police searched it under a warrant, and you bought cryptocurrency which you can't account for a few days earlier. You might choose to take a plea rather than rolling the dice at that point.
I think there should be plausible deniability but I've read accounts on reddit where people were charged with possession because they received/signed for the package. I'm new to the US and not sure about how the DEA and the cops can actually pull this off without hard evidence.
I may sound paranoid but I've since stopped accepting unknown packages.
So you don't think we should prohibit anything? Should we just let people buy fentanyl by the kilogram without any repercussions? Sure, we should reform drug laws so that user's are not punished as significantly, but completely removing prohibition of drugs I think is pretty counterproductive, considering how the US already has a major opioid problem. Prohibition will obviously reduce drug use to some degree, so it's just a matter of balancing the costs and benefits.
The current version of OpenBazaar doesn't use Tor. The upcoming 2.0 version does work with Tor, but it wasn't built as a darknet market so it might not work well for that use case.
interestingly during the past two weeks the second largest market (dream market) was unusually unresponsive and at times not reachable ... maybe they were testing and deploying their fork of the market ...
I think this is brilliant. A very efficient way of policing and removing a lot of drugs from the market without spending a lot of public money and wasting time on the streets.
Also the darknet is great as it reduces the violence associated with drug crime, by taking the drugs off the streets and into the legitimate courier business. You have to love technology sometimes.
I agree that prohibition doesn't work, but the police needs to do their bit as well. And if a darknet marketplace is taken offline, I don't think its users will have to go on the streets, there are many other marketplaces out there; just in the same way as when a street dealer is arrested, people will just end using a different one.
It seems that you are actually agains policing it, which is not the way forward, as there is a large amount of the population which is against drugs, and their needs need to be accounted for by the Government. So by catering for both parties (users/dealers and police), the darknet is a viable solution that helps everybody in the end (efficient purchase, efficient policing, less violence, less waste).
It's both. From the legal point of view, it's good that drugs are removed from the market, and from a violence point of view, it's good that it's all on the darknet. By clamping down on a marketplace you're basically just attracting attention to it and more people will start using it for buying drugs, thus, there will be less violence as everything is moved online. Also, the police did their job in a much more efficient manner like this. So it's bad for the dealers involved, but ultimately good for society.
A lot of org crime mail order wholesale to distribute at street level, it's how fentanyl got into my country so doesn't stop street trade. Same with Australia there are gangs here that flood the mail system with meth and fentanyl to their gang counterparts there hoping some get through as prices 3x higher there so can afford losses. Ending prohibition would shut all this down though I can't see any politicians surviving a reelection if they do.
Yes, sadly a lot of wholesale is done at street level and supplied using the darknet, but at the same time, I see more end consumers purchasing online.
> It is Hansa Market, currently the most popular dark market in the ‘anonymous’ part of the internet, the so-called darknet.
> ...
> The darknet markets enable large-scale trading in chiefly illegal goods, such as drugs, weapons, child pornography, and ransom software. ... No weapons or child pornography were sold on Hansa Market.