This is an archived post. You won't be able to vote or comment.

all 84 comments

[–]ShulginsCat 47 points48 points  (8 children)

I want to remind everyone that part of the budget LE has for busting markets comes from seized funds. By using multisig we can make it impossible for LE to grab those coins.

[–]honestlyimeanreally 7 points8 points  (6 children)

Blackbank and (electrum + Tails) don't cut it?

Never used it but I thought that place had multi-sig.

Or is it pseudo-sig bs

[–]ShulginsCat 4 points5 points  (0 children)

Yes and no. With BB's multisig you must transfer the funds to the BB wallet first and then it's moved to the multisig account once you make a purchase. This means that:

  • BB can still pull an exit scam if they wanted to, but they would not be able to collect weeks of multisig escrow like Evo (and other markets) did - at least not without faking the public keys of buyer and vendor. I'm pretty sure that I can add some code to my plugin to validate the multisig script against your private key, to make sure they match thus detecting this sort of switcheroo if it happens. That's on my todo list.

  • Assuming that BB remains honest about multisig wallets, it does in fact prevent LE from seizing the funds. Taking over the server will allow them to grab at the very least the hot wallet containing everyone's unspent funds, the site's commission and all non-multisig escrow. But as far as I can tell the multisig wallets will be safe from LE's hands (correct me if I'm wrong).

[–]scrubaccount 1 point2 points  (4 children)

pseudo ms

[–]honestlyimeanreally 2 points3 points  (3 children)

That's a damn shame.

Many bitcoins to whoever will implement a new market with the GUI of EVO but with true MS.

[–]StopMakingStupidPpL 0 points1 point  (0 children)

https://www.youtube.com/watch?v=vefoJLmk88g&feature=youtu.be&t=337

"In comes...BrainWallet!" I love this multi-sig

[–]alwayslookingformore 14 points15 points  (5 children)

Finally some legitimate info on LE methods. Im sure by now budgets have increased along with technical skills, but everyone has to start somewhere.

[–]AgoraMarket 11 points12 points  (3 children)

All of this still makes it sound like if Ross hadn't fucked up with his "rossulbricht@gmail.com" on BitcoinTalk, and the post on StackFlow, they still would have no clue who he is to the present day.

Maybe they would have eventually shut down the SR1 server, but DPR could have just vanished into the night at that point.

[–]honestlyimeanreally 0 points1 point  (2 children)

Could you point me in the direction of the stack flow post?

Silly Ross.

[–]AgoraMarket 1 point2 points  (1 child)

Ulbricht's question, originally as "rossulbricht", changed to "frosty":

http://stackoverflow.com/questions/15445285/how-can-i-connect-to-a-tor-hidden-service-using-curl-in-php

[–]honestlyimeanreally 0 points1 point  (0 children)

Damn, talk about nail in the coffin.

Thanks

[–]honestlyimeanreally 2 points3 points  (2 children)

I rotate between giving my leftovers to Snowden, Gwerny, and the TOR project.

Cause throwing money at things does stuff! Woooo 2015

[–][deleted] 2 points3 points  (1 child)

KONY 2012

[–]deluser 0 points1 point  (0 children)

Free Mumia! Kevin! Tibet! Ross! with purchase of equal or greater value!

[–]II-NataYmleg 7 points8 points  (0 children)

Turns out to be quite exactly what I suspected to be LE's approach, procedure and level of skill. Judging by this they are still two or three steps behind us (or at least behind the smarter darknet folks); but one and a half years have since passed.

Something makes me think however that they still largely rely on web crawlers and social engineering while being notoriously short on personnel. But don't take my word on that. They may suddenly pull some profiling technology out of the hat that isn't vaporware, or just land some more lucky strikes at big vendors or service operators.

[–]bigfondue 9 points10 points  (3 children)

White zebra thanks you,

Love 4 extra dogs.

[–]honestlyimeanreally 0 points1 point  (2 children)

Sick mnemonic bro

[–]Munchie_King 3 points4 points  (3 children)

I wonder why Chuck Schumer went out of his way to start a "war" against Darknet Markets. I remember him declaring something and making it big news, but I never really paid much attention considering he actively campaigned against a lot of things (unsuccessfully that it is).

Very interesting compilation. I haven't gotten to read all of it so far, but I got a little more than half way. Will continue reading and posting based on what I think.

[–]Munchie_King 0 points1 point  (0 children)

This also effectively declared Bitcoins and online currency as "drug money."

[–]XanaxBaratheon 0 points1 point  (0 children)

I wonder why Chuck Schumer went out of his way to start a "war" against Darknet Markets.

Because his district was out of IRL dealers to lock up?

[–]II-NataYmleg 1 point2 points  (2 children)

Agreed. A book is a must.

[–][deleted] 2 points3 points  (1 child)

Can we get a book please /u/gwern? Pretty sure the Sub would Crowdfund the costs :-)

[–]II-NataYmleg 5 points6 points  (0 children)

I would do a German translation for free. Potential audience +100 Million ;-)

[–]AphoticBass 0 points1 point  (1 child)

I would fork out 100$ for a complete history of SR until the evo exit scam, would make very good reading!

[–]winlifeat 0 points1 point  (0 children)

Check out Eileen Ormsby's book and lamoustache's website. Lamoustache's website is a great starting point for information and what I like to do is search events (vendor names, drama, etc.) on the old /r/silkroad subreddit or /r/darknetmarkets.

[–]OzFreelancer 3 points4 points  (7 children)

Very nice summary, thanks Gwern.

Just a clarification:

and it's noteworthy that someone contacted Eileen Ormsby in December 2013 (http://allthingsvice.com/2015/04/02/special-agent-force-alpacino-and-me/), referring to Force's info and telling Ormsby to "ask M___ how DPR knew stuff that helped him not get busted. He won't know how, but he will know what you are talking about"; Marlostanfield is the only vendor named in the entire file whose name begins with "M" and if he had already run afoul of the law many times, he would be quick to disappear upon being warned.

The "M" referred to in that communication was not Marlostanfield. It was a pretty well-known figure in SR1.

[–]OzFreelancer 2 points3 points  (1 child)

The original message is useless as it is encrypted to a PGP key that I no longer have the key to. I remember the names in the message as they were well-known SR users and I had that note (as quoted in the blog) in a very early draft of the book.

[–][deleted] 1 point2 points  (0 children)

SADFACE

[–]anon847478488483 1 point2 points  (0 children)

Marcel?

[–]boofk 0 points1 point  (1 child)

Also it says "the Nod operation is out of NY." Wasnt nod from the north west?

[–]bowlingin45 4 points5 points  (0 children)

NCK is in California

Breakthrough if I've ever seen one.

[–]OliverSR1 2 points3 points  (3 children)

Wow I loved the Costco info. I sold them $5000 worth of Xanax Powder when I was vending on SR1 right before I had to stop vending due to my shipments getting seized. When I was exercising my 5th right amendments their name came up very, very fucking often. I even saved their ass because I knew Homeland Security was trying to infiltrate them and I gave them a heavy warning. Damn... the good old days. Good read - thanks.

[–]WhiteZebraThanksYou 2 points3 points  (2 children)

Were you taken into custudy / questioned? Were you charged?

[–]rulinus 0 points1 point  (1 child)

awesome user name ;)

[–]WhiteZebraThanksYou 1 point2 points  (0 children)

Thanks,

Love,

4 eXtra dogs.

[–]MLP_is_my_OPSEC 4 points5 points  (18 children)

Great work as always gwern

So here's what I gather from this:

  • LE is underfunded and short staffed when it comes to investigating DNMs
  • They don't have too many tech-savvy people on staff (not surprised tbh)
  • Now confirmed that LE has done DoS/DDoS attacks on DNMs
  • Coinbase should be avoided completely
  • Firearms seem to be the main focus/concern
  • LE does focus on buyers, but are only concerned about bulk resellers
  • Investigation isn't moving as fast as they like due to political issues
  • Some buyers are idiots and shouldn't be using DNMs

I think the most surprising thing here is that most domestic BTC exchanges aren't playing ball with LE.

[–]MLP_is_my_OPSEC 2 points3 points  (10 children)

I'd bet my left nut that there was some restructuring after the Force/Bridges farce, as well as new systems put in place so something like that couldn't happen again. It's probably also safe to assume that they are now working with the NSA in a higher capacity under the guise of "anti-terrorism".

After Operation Onymous proved successful, they now have even more reasons to get funding and extra resources.

[–][deleted] 4 points5 points  (9 children)

[–]MLP_is_my_OPSEC 8 points9 points  (6 children)

Microsoft provides advance warning to the NSA the vulnerabilities [...] before fixes [...]

Why doesn't this surprise me

A Microsoft official [...] said that Microsoft can't be held responsible for how the NSA uses this advanced information.

Oh I'm sure they're using it for national security reasons. What complete and utter bullshit.

[–][deleted] 5 points6 points  (2 children)

You should read the Snowden docs if you haven't already. You get used to the lingo. NO FORN US FIVE EYES. Citizenfour is also good.

There's no way these guys aren't involved. If you want to get technical you could argue that TOR does not count as domestic internet traffic and isn't subject to domestic law.

[–]MLP_is_my_OPSEC 5 points6 points  (1 child)

Hahaha since when has the Five Eyes cared about domestic law? We can't legally spy on our citizens, so how about you spy on them for us and we can swap data!

I've seen Citizenfour a few times, truly scary stuff. I've been meaning to read the Snowden docs as well.

[–][deleted] 6 points7 points  (0 children)

The NSA can't do something, so GCHQ will use TEMPORA or something and send the intel to the NSA. Add in "parallel construction" and you can fabricate almost anything. The NSA has been giving intel to the DEA for years.

The docs are hosted on The Intercept.

[–]delta_eight 5 points6 points  (2 children)

This shit right here is why I will never buy another Windows license ever again. Oh you can be sure I'll use windows for it's user friendly UI and general ubiquity, but I'll be damned if Bill will get a single of my bills. And companies wonder why people pirate their software.

[–]II-NataYmleg 5 points6 points  (0 children)

But pirating isn't the answer either TBH – it continues the treadmill of vendor lockin. You can use WINE on Linux for legacy Windows apps if you really need a reason to migrate away from Windows, or – in a corporate network environment – a single Windows application server with *nix terminals. The Windows UI is IMO really not that advanced or consistent in its usability compared to, say, KDE (provided we are talking heavyweight DEs here).

But I'm just an old Unix hippie, so don't take me too serious ;-)

[–][deleted] 2 points3 points  (0 children)

So you would run a bootleg copy of Windows instead of a legit copy? That sounds like a really bad idea.

[–]autowikibot 0 points1 point  (0 children)

Tailored Access Operations:


The Office of Tailored Access Operations (TAO) is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least circa 1998. TAO identifies, monitors, infiltrates, and gathers intelligence on computer systems being used by entities foreign to the United States. The NSA terms these activities "computer network exploitation".

TAO is reportedly "now the largest and arguably the most important component of the NSA's huge Signal Intelligence (SIGINT) Directorate, consisting [more than] 1,000 military and civilian computer hackers, intelligence analysts, targeting specialists, computer hardware and software designers, and electrical engineers."

A document leaked by former NSA contractor Edward Snowden describing the unit's work says that TAO has software templates allowing it to break into commonly used hardware, including “routers, switches, and firewalls from multiple product vendor lines". According to The Washington Post, TAO engineers prefer to tap networks rather than isolated computers, because there are typically many devices on a single network.

Image i - A reference to Tailored Access Operations in an XKeyscore slide


Interesting: NSA ANT catalog | Special Source Operations | Bureau 121 | MYSTIC (surveillance program)

Parent commenter can toggle NSFW or delete. Will also delete on comment score of -1 or less. | FAQs | Mods | Magic Words

[–]bigfondue 0 points1 point  (0 children)

Really not too surprising BTC exchanges didn't cooperate at first. Anyone willing to take a risk to open an exchange believed in anonymity. Once LE threatens to destroy everything they worked for, they caved.

[–]1234567as1 0 points1 point  (4 children)

Why should coinbase be avoided completely? Are other places like circle still good?

[–]MLP_is_my_OPSEC 1 point2 points  (3 children)

Well in the OP it says that they are cooperating with LE, so I guess that'd be a good reason to avoid them. Circle is safe for now, but LocalBitcoins is the best option if it's available in your area.

[–][deleted] 1 point2 points  (2 children)

circle IS NOT SAFE. They were subpoena'd within days of opening.

http://america.aljazeera.com/articles/2014/2/27/prosecutors-subpoenahighprofilebitcoinstartup.html

[–]MLP_is_my_OPSEC 0 points1 point  (1 child)

Well shit, thanks for the link. I guess the only relatively safe method to purchase BTC will be cash from now on, for our purposes anyway.

[–][deleted] 0 points1 point  (0 children)

yes I'm very surprised that no other agencies have covered this story. Also another red flag re: circle, if you look at their job postings its 95% compliance...

[–]omfgihavetosggoooooo 2 points3 points  (0 children)

I have one complaint about this,

WHY ISNT THIS PINNED TO THE TOP FOREVER

[–]rudetopigs 1 point2 points  (1 child)

My respect for Backopy continues to grow. He really bounced out at just the right time and let us keep our money. I love that man!

[–]sharpshooter789 1 point2 points  (3 children)

For example, it would be known that Nod operation is NY

I thought Nod was WA.

[–]sharpshooter789 0 points1 point  (0 children)

Thanks for clarifying that for me.

[–]deluser 0 points1 point  (0 children)

I noticed that too, has to be a typo or ForceIV didn't have all the info he thought he had or something. Nod was in WA.

[–]k9atemybuds 1 point2 points  (0 children)

As always good stuff Gwern.

[–][deleted] 1 point2 points  (0 children)

Gwern. THANK YOU!

[–]StillNotLovingLE 1 point2 points  (1 child)

That feeling when you live outside the jurisdiction of any US agency besides the CIA which doesn't give a fuck about drugs, feels so good.

Land of the free my ass, you guys are fucked as far as DNM go.

[–]deluser 0 points1 point  (0 children)

They don't care about you until they do.

[–]bigtimetimmyjim22 0 points1 point  (0 children)

Interesting write up.

Re Point 4: I think zero of those things are surprising, we as a community significantly overrated our importance to LE as a whole.

[–]theeagle_ 0 points1 point  (0 children)

You couldn't make this stuff up if you tried. This is better than a movie.

[–]sharpshooter789 0 points1 point  (1 child)

Kind of convenient for the US govt that gox was hacked and went out business.

[–]Vendor_BBMC 1 point2 points  (3 children)

MTGOX was Silk Road's sister site.

Silk Road chose a young crypto currency which was doomed to be used to pay for dungeons and dragons characters until it was chosen as the money laundering fluid between the engine of silk road and its japanese radiator, circulating between the two and turning drugs into $US.

The day Silk Road was busted, bitcoin dipped below $100. Karpeles didn't expect bitcoin to survive without MTGOX's sister site, so this is when his autobots began trading and bitcoin went above $1000.

MTGOX finished on Feb 6th 2014. "Transaction Malleability" was the exit strategy of all the early bitcoin users. Even bitcoin's inventor, who was terminally ill by this time, thought it was over for bitcoin. The very first bitcoins ever moved between wallets, moved to a modern wallet the same day. Bitcoin was supposed to die on Feb 6th last year.

This caused panic at Silk Road 2.0, which had looser links to MTGOX, and SR2's exit was exactly a week later, when the escrow went for a walk on Feb 13th.

That was a bad week for me.

The BTVA had hired SheepRoadreloaded2 back at Christmas, when SR2 was originally going to steal the escrow. They claimed that DPR2 had run off without telling them where the escrow was kept, but SRR2 found it in about half an hour - still being used - and I messaged SR2's admins to tell them the wallet address. I think they chickened out, and mysteriously "found" the escrow. So when it went missing on Feb 13th, SRR2 knew where to start looking. I paid him half a bitcoin, and "Hank" paid him half a bitcoin, but he sent the money back because finding the escrow was "too easy".

We didn't know about the inseperability of SR / SR2 and MTGOX at that time, so when SheepRoad stumbled upon 1.2 million bitcoins in 120 wallets, stashed there on Feb 6th, he assumed that it was something to do with the SR2 escrow. He was the originator of a technique of marking suspicious wallets with 0.000666btc payments - "666ing". He kept seeing wallets containing 10,000 BTC marked with "777". All from the same wallet, which I will publish in the comment below this, in case reddit's stupidbot deletes the post.

This was followed by a laughable situation where sheeproadreloaded was 666ing the wallet which had been 777ing more than a million stolen bitcoin. BBMC wanted our 2.1 btc back from Defcon, so Sheeproad sent him a message, spelling out "VENDOR BBMC" in bitcoin payments, where 1=A, and Z=26.

Except it wasn't the escrow. It was money stolen from MTGOX victims. SheepRoadReloaded2 realized this, assumed it was Mark Karpeles, and handed all his information over to the legal team working for the MTGOX victims group. He then accepted a job with a bitcoin exchange, where he has a very cool boss who lets him spend all day chasing stolen bitcoin on the blockchain. Like you say, none of the exchanges want the authorities involved, and he is the main line of cooperation between us, and the exchanges with each other.

This stopped exit scams by darknet marketplaces DEAD for a year, until Evo was stupid enough to try it. You've probably noticed that thieves who robbed us and you thought had gotten away, like Defcon and SheepMarketplace, have all started getting rounded up. Drugs might be illegal, so we can't go to the police, but that doesn't mean we can be robbed by computer geeks

Defcon took very few precautions when stealing the escrow, even paying 10 to 13btc at a time to SR2's admins to refund vendors as they saw fit. I'm sure the admins thought it was coming from fresh SR2 commission, but that went to Defcon.

Bitcoin turned out to be unkillable, unlike "Satoshi". But we may not have seen the last of him.

http://nextshark.com/one-of-the-earliest-bitcoin-pioneers-is-cryonically-freezing-himself-for-the-future/

Bitcoin enthusiasts are beginning to notice that Satoshi has gone quiet. Well, he's dead guys. And just because he invented bitcoin and PGP, it doesn't necessarily mean that he was a totally a good man, and Mark Karpeles totally bad.

This is where the story begins to get strange, and if you've believed me so far, you will probably stop at the next thing I'm going to tell you, because if it's true, bitcoin is worthless as a curency.

In February last year, two British companies controlled 51% of the blockchain. They were both bitcoin foundation members, Satoshi (who had never profited personally from bitcoin) still had a fully-functioning mind, trapped in a body that was turning to shit. Everybody hated Mark Karpeles, so they made a rash decision. In February 2014, the blockchain was "forked", and the falsified version became the official one. The main difference, was that 1.2 million MTGOX bitcoins were stashed in wallets to be used to support Satoshi's widow, and to keep him cryogenically frozen unril a cure could be found for his wasting disease - one wallet per year until 2140, when the blockchain stops.

Soon after, everybody with a concience began resigning from the bitcoin foundation. SRR2 and I. and a few others, have struggled to reconcile what we know, because bitcoin is our livelihood.

How would you prove something like that, anyhow? Well, orphaned blocks would start appearing, due to a major blockchain, and a minor one, in feb 2014.

[–]Vendor_BBMC 1 point2 points  (1 child)

"Go and smoke some more meth, limey"

All in good time.

Here is the wallet that SheepRoadReloaded2 used to use for crimefighting, back when he was an amateur chasing sheepmarketplace through tumblers:-

https://blockchain.info/address/1AhYNAoMxDPD7bnNvxuSY9FB1CDviEuqzZ

You can see the spikes of activity in November, when he developed a lot of the techniques of forensic blockchain analysis on the hoof, right here on reddit DNMs, firing pennies into sheepmarketplace, watching where they came out, then jumping in the wallet with them.

Sheepmarketplaces exit in November 2013 was the pivotal moment when the tide turned against the marketplaces, in favor of vendors. I had only been trading on the darknet for 3 months. Maybe its because I'm a manufacturer, but I'm not used to being robbed like dealers, or "vendors" in the middle of the the drug food chain.

There is another spike of activity in december2013, when DPR2 went nuts and ran off, leaving SR2 to be run by the janitor, Defcon. That's SRR2 marking SR2's escrow, when they pretended to lose it.

Theres more activity starting Feb 13th, when Defcon plucked up the courage to steal the escrow, but then SheepRoad became fixated on THIS wallet:-

https://blockchain.info/address/12Nxd2X12WZeYSjUcbtm5NpS3d81Yh8sKh

Scroll down to the bottom of the page, and those red arrows (payments) of "777" on Feb 6th each mark a wallet with at least 10,000 stolen bitcoins. There are pages and pages of them.

Seeproadreloaded2 first marks it on 16th February. Then working from the bottom upwards, you see him trying to spell "Vendor BBMC" with payments between 1 and 26.

He no longer uses that wallet, because that android phone was stolen last year (nothing else was taken).

I WAS going to show you a graph of orphanned blocks against date, but

https://blockchain.info/stats

isn't working. Ironic, because they are one of the two British companies that conspired to fork the blockchain. If it starts working again later, I'll post a link.

Right, that's me done. Most people won't notice or understand this, but I think Gwern will. Big things have been happenning in the world of bitcoin, and on the darknet. Like the Forrest Gump of TOR, I always seem to bumble in and cause trouble, when all I want to do is just sell my shit Sunday.

After the events of a year to 18 months ago, Evolution didn't really hold any fear, if you think the British Tor Vendors Association "offed" it nonchalantly. Its because the age of marketplace power expired a year ago. Vendors now hold the power to dictate trade on the darknet, but vendors also need to accept responsibility. Especially American ones, because until THEY collectively organize, this uncomfortable deadlock will remain.

I nearly forgot to say, good work, gwern. If you ever want a job...

[–]Hank_Vendor 0 points1 point  (0 children)

I dunno man, karpeles is s piece of shit. I'm pretty sure me and sheep agreed on that. even though I didn't have a fuckin clue what he was talking about most of the time.

also he returned me 0.4998 bitcoin.

[–]alexdahbomb 0 points1 point  (0 children)

wow this really could be made into a movie. its so surreal i had no idea any of this happened.

[–]TotesMessenger -2 points-1 points  (0 children)

This thread has been linked to from another place on reddit.

If you follow any of the above links, respect the rules of reddit and don't vote. (Info / Contact)

reddit gold

In Summation

Want to say thanks to %(recipient)s for this comment? Give them a month of reddit gold.

By purchasing Reddit Gold, you agree to the Reddit User Agreement.

  • make my gift anonymous
  • include a message

Please select a payment method.

Give gold often? Consider buying creddits to use, they're 40% cheaper if purchased in a set of 12.

Would you like to learn more about giving gold?