Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
The Courts Bitcoin Your Rights Online

Feds Shut Down Tor-Using Narcotics Store 301

Fluffeh writes "Federal authorities have arrested eight men accused of distributing more than $1 million worth of LSD, ecstasy, and other narcotics with an online storefront called 'The Farmer's Market' that used the Tor anonymity service to mask their Internet addresses. Prosecutors said in a press release that the charges were the result of a two-year investigation led by agents of the Drug Enforcement Administration's Los Angeles field division. 'Operation Adam Bomb, ' as the investigation was dubbed, also involved law enforcement agents from several U.S. states and several countries, including Colombia, the Netherlands, and Scotland. The arrests come about a year after Gawker documented the existence of Silk Road, an online narcotics storefront that was available only to Tor users. The site sold LSD, Afghani hashish, tar heroin and other controlled substances and allowed customers to pay using the virtual currency known as Bitcoin."
This discussion has been archived. No new comments can be posted.

Feds Shut Down Tor-Using Narcotics Store

Comments Filter:
  • by alphax45 ( 675119 ) <kyle.alfred@gm[ ].com ['ail' in gap]> on Tuesday April 17, 2012 @07:10AM (#39708825)
    Why does Slashdot even bother to hire and pay an editor? They clearly don't do anything. That headline is so misleading. They didn't shut down the entire Tor network, they shut down a store that was USING the Tor network. Fix it!
    • by SendBot ( 29932 ) on Tuesday April 17, 2012 @07:12AM (#39708841) Homepage Journal

      AGREED - I was jarred by this headline, then followed it with a heavy groan when I realized what was actually meant.

      Say what you mean, mean what you say...

    • by DahGhostfacedFiddlah ( 470393 ) on Tuesday April 17, 2012 @07:15AM (#39708871)

      It's obviously just a Case Of The Missing Hyphen. The headline should read "Tor-Using Narcotics Store".

    • by Anonymous Coward on Tuesday April 17, 2012 @07:16AM (#39708883)

      Obviously, the feds used a narcotics store to shut down Tor.

    • Re: (Score:2, Flamebait)

      by Nidi62 ( 1525137 )
      Where does the headline say they shut down Tor? THe only way you could come to that conclusion with this headline is by reading that the Feds used a narcotics store to shut down the Tor network. Otherwise it clearly reads that the feds shut down a narcotics store that uses Tor. This is more a case of bad reading comprehension than poor editing.
      • Re: (Score:2, Insightful)

        You don't need bad reading comprehension to come to the other conclusion, it's a poorly phased head line without the hyphen.

      • Where does the headline say they shut down Tor? THe only way you could come to that conclusion with this headline is by reading that the Feds used a narcotics store to shut down the Tor network.

        "Feds shutdown Tor..." Right there. And that IS how they're saying they parsed it.

        You're wrong. It's bad editing, since there should have been a hyphen between "Tor" and "using".

        If what is supposed to be a straightforward sentence is structured such that the reader responds "What the fuck...?" on the first parsing, it's badly structured.

      • Where does the headline say they shut down Tor? THe only way you could come to that conclusion with this headline is by reading that the Feds used a narcotics store to shut down the Tor network. Otherwise it clearly reads that the feds shut down a narcotics store that uses Tor. This is more a case of bad reading comprehension than poor editing.

        Really? Do you know the difference between a direct object and a preposition in a sentence? As worded the direct object in the sentence is Tor. What was meant was that the Feds shut down a narcotics store. What was said was that the Feds shut down Tor. The only reading comprehension fail is yours.

    • by nozzo ( 851371 ) on Tuesday April 17, 2012 @07:50AM (#39709119) Homepage
      wow all this posting over a missing hyphen. If only we could turn our energetic posting into solving cold-fusion then the world would be a happier place. Come to think of it we can skip the cold-fusion and just use the hot air on this forum. Don't mark me Troll - I'm a nice person!
    • They didn't shut down the entire Tor network

      In particular, they didn't shut it down using a narcotics store, as the headline claims. :P

  • Finally (Score:5, Funny)

    by royallthefourth ( 1564389 ) <royallthefourth@gmail.com> on Tuesday April 17, 2012 @07:13AM (#39708847)

    Someone's finally found a good reason to use bitcoin

    • Nope (Score:5, Interesting)

      by betterunixthanunix ( 980855 ) on Tuesday April 17, 2012 @07:26AM (#39708941)
      1. Anonymous payment systems are not good because they let you evade the government, they are good because they protect spenders and merchants from various types of fraud.
      2. A large drug dealing operation that uses Bitcoin is no better off than one which uses cash. The drug dealers still need to pay their rent and buy their groceries, and they cannot do that with Bitcoin. All the DEA would have to do is to watch Bitcoin exchanges to gather lists of suspects.
      3. You still need to ship the drugs, so you are still going leave a trail that points to you.
      • Re:Nope (Score:5, Informative)

        by TheLink ( 130905 ) on Tuesday April 17, 2012 @08:53AM (#39709733) Journal

        The drug dealers still need to pay their rent and buy their groceries, and they cannot do that with Bitcoin.

        The big boys just use stuff like Wachovia/Wells Fargo and Bank of America: http://www.bloomberg.com/news/2010-06-29/banks-financing-mexico-s-drug-cartels-admitted-in-wells-fargo-s-u-s-deal.html [bloomberg.com]
        A few more details here: http://www.guardian.co.uk/world/2011/apr/03/us-bank-mexico-drug-gangs [guardian.co.uk]

        Wachovia admitted it didn't do enough to spot illicit funds in handling $378.4 billion for Mexican-currency-exchange houses from 2004 to 2007. That's the largest violation of the Bank Secrecy Act, an anti-money-laundering law, in U.S. history -- a sum equal to one-third of Mexico's current gross domestic product.

        Must have been really difficult to notice the flow of 378 billion over 3 years?

        Or maybe not:

        "It's the banks laundering money for the cartels that finances the tragedy," says Martin Woods, director of Wachovia's anti-money-laundering unit in London from 2006 to 2009. Woods says he quit the bank in disgust after executives ignored his documentation that drug dealers were funneling money through Wachovia's branch network.

        If you're going to make those drugs illegal you should make the money laundering illegal AND enforce those laws. No wrist-slaps. You see the Feds doing anything that would make the Banks change?

        "There's no capacity to regulate or punish them because they're too big to be threatened with failure," Blum says. "They seem to be willing to do anything that improves their bottom line, until they're caught."

        That's complete bullshit. All you have to do is throw those involved into prison. Keep the bank running and let others take over the jobs. I'm sure the bank can figure out who was involved in the 300 billion. If the bank can't then the people responsible for keeping track should go to prison, just for criminal negligence.

        They seem able to throw the small fry into prison:

        All three Oropezas pleaded guilty in U.S. District Court in Brownsville to drug and money-laundering charges in March and April 2008. Oscar Oropeza was sentenced to 15 years in prison; his wife was ordered to serve 10 months and his daughter got 6 months.

        So in my opinion this shutting down of narcotics stores is just an expensive and pointless show.

      • by Weezul ( 52464 ) on Tuesday April 17, 2012 @09:10AM (#39709927)

        Bitcoins aren't even slightly anonymous. All these sellers were outed by the feds simply buying some drugs with bitcoins and watching the bitcoin transactions through block explorer. A few tracked bitcoins wound up passing their way through a legitimate exchange like Mt Gox. Voila, the feds start tracing the transaction history back up the chain. It's actually less secure than old fashioned money laundering.

        • by Time_Ngler ( 564671 ) on Tuesday April 17, 2012 @11:54AM (#39712037)

          All these sellers were outed by the feds simply buying some drugs with bitcoins and watching the bitcoin transactions through block explorer.

          Citation? This sounds like some serious BS. First, TFA states the feds never revealed how they caught the suspects. Second, according to the TFA, the farmers market used at least 4 methods of payment, including paypal and western union, so there was no need to trace somebody through bitcoin. Third, if the Feds were tracing purchases through bitcoin, then how would they know when the bitcoin had changed ownership? If the bitcoins that were used to buy the drugs were then spent by the selling party on incense candles, and then spent again by a third party for a pair of Alpaca socks, before being changed to dollars, how would the Feds know who the original purchaser was?

      • Yes, the shipment of the drugs is probably one of the main weak points where the feds can catch you. However, if you live in a major city and mail from a random mailbox every day, in a totally nondescript package, I think it would be very hard for them to catch you. Even so, to be profitable, you'd have to deal in a fair amount of volume, and patterns will emerge: your packages will probably have a certain look to them that postal workers in that city can be trained to watch for, so at least the supply of

      • Re:Nope (Score:4, Interesting)

        by BitterOak ( 537666 ) on Tuesday April 17, 2012 @11:21AM (#39711609)

        Anonymous payment systems are not good because they let you evade the government,

        Well, that's a matter of opinion.

    • by azalin ( 67640 )
      That's exactly what I thought. I mean slashdot had many stories about bitcoins getting mined or stolen but this is the first time I remember bitcoins actually being used to purchase real world goods in an online shop. Looks like they aren't hypeware after all.
    • Re: (Score:3, Insightful)

      by mysidia ( 191772 )

      Unfortunately it's not a legitimate use of bitcoin. It's the kind of use that will be at risk of getting bitcoin banned, if someone doesn't popularize a legitimate reason for using bitcoin soon.

      • Re:Finally (Score:4, Insightful)

        by omnichad ( 1198475 ) on Tuesday April 17, 2012 @08:23AM (#39709445) Homepage

        And what hasn't come under attack that has a single illegitimate use? We have bittorrent, home email servers, MP3, dvd rippers... If it has one illegal use, the whole lot of users will be deemed criminals.

      • Re:Finally (Score:5, Insightful)

        by Hatta ( 162192 ) on Tuesday April 17, 2012 @11:39AM (#39711865) Journal

        Sorry, it is a legitimate use of bitcoin. Evading oppression is not only a legitimate use, but the most important possible use of technology. Buying drugs with Bitcoin is every bit as honest and just as, e.g., evading the Great Firewall with Tor.

  • Clearly there is a market for this, and no amount of government bullying will stop it.
    • by Anonymous Coward on Tuesday April 17, 2012 @07:24AM (#39708935)

      The last thing government wants is to "solve" the "problem" and eliminate the black market. After all, they created the black market. They created it specifically to justify the expansion of their business (i.e. by "solving" the "problems" which they themselves created). Notice that I quite deliberately called government a business.

      If you need proof, simply follow the money. Prohibition has justified hundreds of billions in spending, and the kicker is that the "tougher" they get (i.e. the more they spend), the more sophisticated the black market becomes, and therefore the more money they need to "solve" the "problem". It's a cycle of WIN for government, and a cycle of LOSE for everyone else (at least the ones who can see through the smokescreen and admit the truth).

      When it comes to government, ALWAYS follow the money before listening to a word they say.

  • by trancemission ( 823050 ) on Tuesday April 17, 2012 @07:22AM (#39708921)
    I first read it as:

    Feds Shut Down For Using Narcotics Store.

    Hooray I thought.

    I should lay off the Narcotics......

  • LSD and extasy (i.e. MDMA) are two of the least addictive drugs. In fact, LSD isn't addictive at all. And the side effects are very mild to none in either case.

    But yeah, good job federal agents of the USA, your work is making the world a better place.

    • by mbone ( 558574 )

      And, neither one is a narcotic at all, at least from a medical standpoint.

    • Re:LSD and extasy (Score:4, Interesting)

      by AshtangiMan ( 684031 ) on Tuesday April 17, 2012 @08:21AM (#39709427)

      A friend did her dissertation on the long term effects of MDMA ... For people who have done it more than 25 times there is a remarkable decrease in ability to strategize. The 25 times did not have to be in a quick time period, but generally had occurred over 5 years. The population she used was one that was not using other substances (alcohol, marijuana, caffeine, etc). Strategizing in this case was things like skipping a question you struggle with and coming back to it after finishing the other questions. Very interesting. I think MDMA is useful, but should be used carefully.

  • by jholyhead ( 2505574 ) on Tuesday April 17, 2012 @07:37AM (#39709015)
    Just another example of the job killing regulations enacted by the Obama administration. When will the federal government get out of the way of small business owners and job creators?
  • by BenEnglishAtHome ( 449670 ) on Tuesday April 17, 2012 @07:39AM (#39709043)

    From the article, emphasis mine:

    ...the operators used software provided by the TOR Project that makes it virtually impossible to track the activities of users' IP addresses. The alleged conspirators also used IP anonymizers and covert currency transactions to cover their tracks. The indictment, which cited e-mails sent among the men dating back to 2006, didn't say how investigators managed to infiltrate the site or link it to the individuals accused of running it.

    I'm willing to bet that money transfers and the transfer of goods sold are still far more discoverable than individual Tor users but any assurances of that would certainly be welcome. I hope the Tor Project will be forthcoming with some as soon as some technically useful info is available.

    • by betterunixthanunix ( 980855 ) on Tuesday April 17, 2012 @07:53AM (#39709143)

      I hope the Tor Project will be forthcoming with some as soon as some technically useful info is available.

      They might not even know. There are quite a few people in the computer security community who keep their work on breaking the security of systems like Tor a secret, and only tell US law enforcement about their results. I have met such people, and they are generally well-meaning -- they really do believe that they are helping to catch dangerous criminals (and they can cite cases where that happened, usually child sex abuse cases).

      Unfortunately, because such researchers believe that fixing these problems will help "the enemy," they generally refuse to disclose details. One of the common themes is variations on fingerprinting attacks, where you communicate with your target over Tor but use a covert channel that can be used to distinguish your target from other Tor users. These sorts of attacks usually involve narrowing down the geographic area where your target is, but for attacking a drug dealing operation that is not hard to do -- just look at where packages from the operation are coming from.

    • Re: (Score:3, Insightful)

      by edave22 ( 2601393 )

      From the article, emphasis mine:

      ...the operators used software provided by the TOR Project that makes it virtually impossible to track the activities of users' IP addresses. The alleged conspirators also used IP anonymizers and covert currency transactions to cover their tracks. The indictment, which cited e-mails sent among the men dating back to 2006, didn't say how investigators managed to infiltrate the site or link it to the individuals accused of running it.

      I'm willing to bet that money transfers and the transfer of goods sold are still far more discoverable than individual Tor users but any assurances of that would certainly be welcome. I hope the Tor Project will be forthcoming with some as soon as some technically useful info is available.

      They use bitcoin. The security reaches only as far as bitcoins security. You can hide behind an IP in the middle of the red sea if you wanted. If your bitcoin transaction can be tracked, you bet your ass you can be tracked as well.

  • by dryriver ( 1010635 ) on Tuesday April 17, 2012 @07:43AM (#39709077)
    That none of the various "anonimizer" services out there, from HotSpotShield to Tor, actually give you any kind of tangible identity protection in the "real world" of the current internet. Hell, maybe these services were even setup expressly to lure people seeking "increased anonimity" for various reasons to make use of one these services, so it becomes that much easier to identify, tag, track & monitor them. Maybe some or all of these services have been electronically monitored 24/7 from the day they were born, but we are still told, over and over, and quite falsely, that these services magically "hide your identity" and give you some "online privacy"... In the increasingly Orwellian online and offline world we live in, precisely that being done by the powers-that-be would make a lot of sense, no? Tell all sorts of gullible internet users that using "Service X" magically "hides your identity on the internet", then monitor precisely that service 24/7, to get your hands on the data of a subgroup of internet users who seek to be "more anonymous" online. ... If your organizational mantra consists of "People who try to hide themselves online must have something important to hide, and must be monitored carefully", then you would to precisely that, no? You'd set up a dozen or so "anonimity services" under a variety of different names and front companies, then monitor the f__k out of the people who use those services, on an around-the-clock basis.
    • by ledow ( 319597 ) on Tuesday April 17, 2012 @07:49AM (#39709111) Homepage

      "The indictment, which cited e-mails sent among the men dating back to 2006, didn't say how investigators managed to infiltrate the site or link it to the individuals accused of running it."

      For all you know, they packaged up the drugs without wearing gloves and their fingerprints were in a database somewhere, and they then posted them (with a nice local postmark) to a Fed posing as a customer (how would you know? Their customer will be just as anonymous). Somehow you had to get a physical product to someone else - and that's probably the weak-point. Hell, they could have just offered to drop it off on a street corner as a "one-off" delivery and got caught that way, you have no idea.

      It's then only a small step and the simple matter of suspecting they may be a vast drug operation in place, finding out anything you can from the drugs collected by similar methods and narrowing down until you can just tap someone's whole Internet connection (Tor provides ANONYMITY, not SECURITY). Which they seem to have because they have emails of these people talking to each other.

      Or maybe they just talked their way into an IRC channel or something that these guys used. You have absolutely no idea how they were caught, or whether they were just incredibly thick.

      Using a tool badly does not mean the tool is broken.

    • by betterunixthanunix ( 980855 ) on Tuesday April 17, 2012 @08:00AM (#39709199)

      That none of the various "anonimizer" services out there, from HotSpotShield to Tor, actually give you any kind of tangible identity protection in the "real world" of the current internet

      Except that these are not the be-all and end-all of anonymity systems. The anonymous remailer system is much more secure than Tor, and is not vulnerable to the sort of fingerprinting attacks that Tor is vulnerable to. Intelligence agencies have known for decades that perfect receiver anonymity is possible: broadcast an encrypted message (online, this is alt.anonymous.messages on Usenet, or other similar media).

      The problem is that people want to be able to do things in real-time. People are not content to wait 48+ hours to receive a message. People are generally willing to sacrifice some security to get speed and convenience, and thus Tor is the most popular strong anonymity system out there.

    • by AmiMoJo ( 196126 ) on Tuesday April 17, 2012 @08:21AM (#39709429) Homepage Journal

      Tor is open source so you can check what it is doing for yourself. It works, no-one can tell where a Tor connection comes from as long as you don't leak that information in some other way (DNS requests, exposing personal data and so on). It is known that there are Tor exit nodes being monitored but that was always assumed to be the case, i.e. Tor does not rely on trusting exit nodes.

      What got these guys was the need to exchange goods for real money. Goods have to ship or be collected from somewhere. Money has to change hands at some point. From the information we have it appears that the Tor part worked fine.

      • Tor has limitations (Score:5, Informative)

        by betterunixthanunix ( 980855 ) on Tuesday April 17, 2012 @09:08AM (#39709901)

        It works, no-one can tell where a Tor connection comes from as long as you don't leak that information in some other way

        There are a number of well-known attacks on Tor that can compromise your anonymity, especially if your location can be narrowed down to a small geographic area. Suppose that I can narrow your location down to a small town, and I can make a reasonable guess that you are using WiFi. Here is an attack:

        1. I establish a connection with your computer over Tor. This might be done by convincing you to download a large file from a server I control (or visa versa if you are running a hidden service or connecting to a P2P network), or by engaging you in a chat, etc.
        2. I create a recognizable pattern of latency in my connection to you; that is, I create a covert channel that can be externally observed.
        3. I use a high-gain WiFi antenna and search for a signal that exhibits that latency pattern.
        4. I am now in a position to locate you, using radio direction finding equipment.

        Easy to pull off? Not at all -- this is something that would only really be done for a high-value target, a priority target on which resources can be spent. This attack has already been used in the past, not when dealing with Tor but when dealing with legal barriers to wiretapping. It is not unreasonable to think that the Chinese government might try something like this to crack down on political dissidents.

        Obviously there are some assumptions here that are hard to meet in the general case. How do I narrow down your geographic location? How can I be sure that you use WiFi? In the case of a drug dealer, narrowing down the geographic location is not terribly hard, since packages have to be shipped; the dealer might make long drives to far away post offices, but with enough packages one could get a good idea of where the deal is physically located (again, we should assume that this is a large-scale dealer, someone who would ship large numbers of packages -- someone the police could order a large number of packages from). WiFi is just a good guess, but it is not strictly necessary; an ISP could identify the covert channel too, and I would not be surprised if that was ruled legal by the courts.

        At the end of the day, Tor cannot protect you from a concerted, well-funded attack. There are other systems that offer a higher security level (Mixmaster comes to mind) but which are less flexible than Tor, and thus less popular. Tor makes several trade-offs to achieve low latency, and nobody should claim that it could protect you from an intelligence agency or a military force (the DEA comprises both).

    • by Americano ( 920576 ) on Tuesday April 17, 2012 @08:51AM (#39709721)

      I doubt they even had to "crack encryption" on any of these services. Place an order, or two or three, and see where they originate. Chances are, you can locate the origin point pretty quickly. Then you just put some surveillance on the place(s) the shipments are originating from, and place some more orders, and find the people who are inexplicably rich while not leaving the house all day except to go to the post office. Put THEM under surveillance and chances are you just busted your Tor-using drug shop, congratulations Agent!

      As soon as you're shipping physical products through a public shipping network, you're going to be relying solely on "blending in with the crowd" to maintain your anonymity.

  • Given the nature of Bitcoin, the feds would probably have to rely on tracking the shipments of illicit goods back to their source to try and bust Silk Road. But as I understand it, Silk Road does not sell the drugs themselves; they simply act as an eBay-like service for others to sell their drugs. So even if the feds do find the initial source of a package, the most they've accomplished is to remove one seller from Silk Road, and not the site itself.
  • by gedeco ( 696368 ) on Tuesday April 17, 2012 @08:39AM (#39709585)

    It's not a easy job, but the Feds have better resources.

    What I imagine as workable

    - Monitor up/down time of such website.
    - Match them with provider related or internet related troubles.

    Eventually when identifying the provider, you can tune it done by provoking a temporary connection failure. A connection failure on the right bottleneck will even make TOR traffic unreachable for the rest of the world. This should lead you to the ip of the TOR webserver

  • lessons learned (Score:5, Interesting)

    by green1 ( 322787 ) on Tuesday April 17, 2012 @09:15AM (#39709973)

    What the lesson should be:
    - We already have the resources and abilities to tackle real crimes using new technologies. no new laws are required.

    What lesson law enforcment/government will likely spin on this one:
    - Criminals are now using new technologies, we need more draconian laws to allow us to catch every single one of them.

Technology is dominated by those who manage what they do not understand.

Working...