Dark markets have evolved to use encrypted messengers and dead-drops

["Dave Farber" <farber () gmail com>]

Begin forwarded message:

> From: Dewayne Hendricks <dewayne () warpspeed com>
> Date: January 15, 2019 at 7:41:24 AM GMT+9
> To: Multiple recipients of Dewayne-Net <dewayne-net () warpspeed com>
> Subject: [Dewayne-Net] Dark markets have evolved to use encrypted messengers and dead-drops
> Reply-To: dewayne-net () warpspeed com
>
> [Note:  This item comes from friend David Rosenthal.  DLH]
>
> Dark markets have evolved to use encrypted messengers and dead-drops
> By Cory Doctorow
> Jan 14 2019
> <https://boingboing.net/2019/01/14/drone-serviced-dead-drops.html>
>
> Cryptocurrencies and Tor hidden services ushered in a new golden age for markets in illegal goods, especially banned 
> or circumscribed drugs: Bitcoin was widely (and incorrectly) viewed as intrinsically anonymous, while the 
> marketplaces themselves were significantly safer and more reliable than traditional criminal markets, and as sellers 
> realized real savings in losses due to law enforcement and related risks, the prices of their merchandise plummeted, 
> while their profits soared.
>
> But much of the security of dark markets was an illusion. The anonymity of cryptocurrencies could often be pierced; 
> the services themselves could be subverted by law enforcement in order to roll up many sellers and buyers at once; 
> and the "last mile" problem of shipping illegal substances through the mails exposed buyers and sellers to real risks.
>
> The buyers and sellers in dark markets have responded to these revelations and new facts on the ground with a range 
> of ingenious, high-tech countermeasures.
>
> Buyers are now more likely to conduct sales negotiations through encrypted messenger technologies, and each customer 
> is assigned their own unique contact, staffed by a bot that can answer questions on pricing and availability and 
> broker transactions. Many of these transactions now take place through "private cryptocurrencies" that have improved 
> anonymity functions (there is a lot of development on these technologies).
>
> Delivery is now largely managed through single-use "dead drops" -- hidden-in-plain-sight caches that are pre-seeded 
> by sellers, who sometimes use low-cost Bluetooth beacons to identify them (these beacons can be programmed to 
> activate only in the presence of a wifi network with a specific name: a seller provides the buyer with a codeword and 
> a GPS coordinate; the buyer goes to the assigned place and creates a wifi network on their phone with the codeword 
> for its name, and this activates the Bluetooth beacon that guides the buyer to their merchandise).
>
> The logistics of these dead-drops are fascinating: there's a hierarchy on the distribution side, with procurers who 
> source merchandise and smuggle it into each region; sellers who divide the smuggled goods into portions sized for 
> individual transactions, and sellers, whose "product" is just a set of locations and secret words that they give to 
> buyers.
>
> The hierarchy creates the need for auditing and traitor-tracing to prevent the different layers from ripping each 
> other off. Dead drops are randomly audited and audits are verified by reporting on the contents of unique printed 
> codes that accompany each drop. Distributors post cryptocurrency "security" (bonds) with sellers and lose their 
> deposits when their dead drops fail.
>
> In a fascinating paper on the rise of these "dropgangs," Jonathan "smuggler" Logan identifies some key weaknesses in 
> the scheme, including the persistence of trackable coins being spent by buyers at the end of the transaction 
> (dropgang members are more likely to adopt private coins than buyers); and the lack of the buyer-and-seller 
> reputation systems that the dark markets provide. 
>
> Logan proposes that this can be resolved with "proofs of sale" that would be published on public forums, which 
> increases the risk from law enforcement.
>
> Logan also proposes that ultrasonic chirps may replace Bluetooth beacons, with per-drop codephrases doing a 
> call-and-response to help buyers home in on their purchases.
>
> [snip]
>
> Dewayne-Net RSS Feed: http://dewaynenet.wordpress.com/feed/
> Twitter: https://twitter.com/wa8dzp



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-a538de84&post_id=20190114175035:CBAFE124-184E-11E9-8264-8FB216B05369
Powered by Listbox: https://www.listbox.com