Dear Would Be Drug Marketplace Operators

[alani123]

Actually they caught this guy by becoming apart of the site's support staff, so it had nothing to do with computers or anything it was really old fashion cop work. Go undercover and becoming one of them.

Social engineering at it's best.

[Kimowa]

Actually they caught this guy by becoming apart of the site's support staff, so it had nothing to do with computers or anything it was really old fashion cop work. Go undercover and becoming one of them.

Are u sure ? Because I read that they got Defcon's IP from Google as he used Gmail for some registrations.

It was both. There was an undercover agent that was a staff member of SR2, but they likely used some kind of advanced tracking to find the SR2 server. The complaint really did not go into how they found the server, only that they found it back in may.

[thew3apon]

Actually they caught this guy by becoming apart of the site's support staff, so it had nothing to do with computers or anything it was really old fashion cop work. Go undercover and becoming one of them.

Social engineering at it's best.

Well apparently the ownership/control of SR did actually transfer in December. It is apparently not known who created/started SR2.

While putting on my tinfoil hat, I would speculate that SR2 was created by law enforcement as a way to entrap people running the site and law enforcement would have made up a good portion of the support staff

[SpanishSoldier]

Actually they caught this guy by becoming apart of the site's support staff, so it had nothing to do with computers or anything it was really old fashion cop work. Go undercover and becoming one of them.

Social engineering at it's best.

Well apparently the ownership/control of SR did actually transfer in December. It is apparently not known who created/started SR2.

While putting on my tinfoil hat, I would speculate that SR2 was created by law enforcement as a way to entrap people running the site and law enforcement would have made up a good portion of the support staff

It has been reported that this Defcon is not the first Defcon. It is the fifth one. So, those who actually created and launched the site on November 6, 2013 are probably not caught as of yet.

[thew3apon]

Actually they caught this guy by becoming apart of the site's support staff, so it had nothing to do with computers or anything it was really old fashion cop work. Go undercover and becoming one of them.

Social engineering at it's best.

Well apparently the ownership/control of SR did actually transfer in December. It is apparently not known who created/started SR2.

While putting on my tinfoil hat, I would speculate that SR2 was created by law enforcement as a way to entrap people running the site and law enforcement would have made up a good portion of the support staff

It has been reported that this Defcon is not the first Defcon. It is the fifth one. So, those who actually created and launched the site on November 6, 2013 are probably not caught as of yet.

Do you have a link/source to defcon being the 5th one? I would somewhat doubt that. The complaint does not mention anything about there being more then one defcon.

[SpanishSoldier]

Actually they caught this guy by becoming apart of the site's support staff, so it had nothing to do with computers or anything it was really old fashion cop work. Go undercover and becoming one of them.

Social engineering at it's best.

Well apparently the ownership/control of SR did actually transfer in December. It is apparently not known who created/started SR2.

While putting on my tinfoil hat, I would speculate that SR2 was created by law enforcement as a way to entrap people running the site and law enforcement would have made up a good portion of the support staff

It has been reported that this Defcon is not the first Defcon. It is the fifth one. So, those who actually created and launched the site on November 6, 2013 are probably not caught as of yet.

Do you have a link/source to defcon being the 5th one? I would somewhat doubt that. The complaint does not mention anything about there being more then one defcon.

Source: https://www.cryptocoinsnews.com/silk-road-2-0-users-defcon-5-as-related-arrests-continue-around-world/

Check the last sentence of the article...

The fall of Silk Road 2.0 was expected: This is Defcon 5, not Defcon 1.

[bitkilo]

Satoshi is doing a good job staying hidden and his probably one of the most hunted people on the net at the moment. It's not easy but it's possible as he has showed us.

[Gumbork]

Actually they caught this guy by becoming apart of the site's support staff, so it had nothing to do with computers or anything it was really old fashion cop work. Go undercover and becoming one of them.

Social engineering at it's best.

Well apparently the ownership/control of SR did actually transfer in December. It is apparently not known who created/started SR2.

While putting on my tinfoil hat, I would speculate that SR2 was created by law enforcement as a way to entrap people running the site and law enforcement would have made up a good portion of the support staff

It has been reported that this Defcon is not the first Defcon. It is the fifth one. So, those who actually created and launched the site on November 6, 2013 are probably not caught as of yet.

Do you have a link/source to defcon being the 5th one? I would somewhat doubt that. The complaint does not mention anything about there being more then one defcon.

Source: https://www.cryptocoinsnews.com/silk-road-2-0-users-defcon-5-as-related-arrests-continue-around-world/

Check the last sentence of the article...

The fall of Silk Road 2.0 was expected: This is Defcon 5, not Defcon 1.

http://en.wikipedia.org/wiki/DEFCON

Read the above wiki. "defcon" is a measure of "preparedness" of the military with 5 being the least prepared and 1 being the most prepared

[ruthless09]

Satoshi is doing a good job staying hidden and his probably one of the most hunted people on the net at the moment. It's not easy but it's possible as he has showed us.

The difference between satoshi and defcon is that defcon was active in the community he was participating in while satoshi left the community long before he was someone that people would want to dox

[bluemountain]

Actually they caught this guy by becoming apart of the site's support staff, so it had nothing to do with computers or anything it was really old fashion cop work. Go undercover and becoming one of them.

Social engineering at it's best.

Well apparently the ownership/control of SR did actually transfer in December. It is apparently not known who created/started SR2.

While putting on my tinfoil hat, I would speculate that SR2 was created by law enforcement as a way to entrap people running the site and law enforcement would have made up a good portion of the support staff

It has been reported that this Defcon is not the first Defcon. It is the fifth one. So, those who actually created and launched the site on November 6, 2013 are probably not caught as of yet.

This is not true. The complaint says that defcon was the original defcon and did not present any evidence of him being a successor to the original one. It did mention that DPR was suppose to be not the original DPR as it was suppose to be a take-away from the princess bride

[repentance]

Satoshi is doing a good job staying hidden and his probably one of the most hunted people on the net at the moment. It's not easy but it's possible as he has showed us.

The difference between satoshi and defcon is that defcon was active in the community he was participating in while satoshi left the community long before he was someone that people would want to dox

In fact the most useful piece of advice which would be marketplace operators should follow is to check their ego and be as invisible and behind the scenes as possible.  Actively participating in "the community", and especially adopting the role of "visionary leader" is just plain stupid.  It's an illegal business first and foremost.  Leave the ideological bullshit to the users instead of courting their adoration.

[deluxeCITY]

Satoshi is doing a good job staying hidden and his probably one of the most hunted people on the net at the moment. It's not easy but it's possible as he has showed us.

The difference between satoshi and defcon is that defcon was active in the community he was participating in while satoshi left the community long before he was someone that people would want to dox

In fact the most useful piece of advice which would be marketplace operators should follow is to check their ego and be as invisible and behind the scenes as possible.  Actively participating in "the community", and especially adopting the role of "visionary leader" is just plain stupid.  It's an illegal business first and foremost.  Leave the ideological bullshit to the users instead of courting their adoration.

I think the reason why "defcon" was adopting the role of a "leader" was to inspire trust in his marketplace, especially after it has been hacked as many times as it was hacked. If you are not active in the community then people will not trust you as much

[Beliathon]

Yup, same thing I noticed, good point.
Crazy how fast this cat and mouse game happens...always the good vs. bad, one playing catchup!

Lets see them try and shutdown openbazaar where there is no site operator, no server, and no domain to shutdown.

Yeah, but can we get weed there yet?

[inBitweTrust]

Yeah, but can we get weed there yet?

Given that many of the darkmarkets have been shutdown recently, I would avoid buying drugs on any of the remaining ones for some time. Use a local drug dealer instead.

Openbazaar beta 3 about to be released. I expect to start seriously using it in Jan 2015.

[justusranvier]

You see, the U.S. govt. is very resourceful and can (for now) print just about any money it needs for any task.

They can print infinite money, but they can not print infinite human resources.

Open drug sale is too large a political issue for them to put up only half efforts.

That's actually what makes open drug sales such a perfect strategy. Lure them into a fight they can neither resist nor win. (where have I heard that strategy before?)

The reason they can't win is because the USG is operating with a goodwill account that's overdrawn.

Like an overdrawn checking account, every further attempt to withdraw from the account just makes the balance more negative due to overdraft fees.

Each time they act, their pool of talented individuals willing to accept their money shrinks a little bit. At the same time, more people decide to apply their talents toward thwarting them.

How many more people are going to spend some time auditing or hardening Tor hidden services today that would have not done so absent this announcement?

They think that they can scare people into submission, because only the types of people who'd make that kind of error would be in that job in the first place. Of course it will backfire on them.

We should be thanking them for providing the incentive to produce the kinds of technology improvements that will result from their actions, to their own detriment.

[repentance]

I think the reason why "defcon" was adopting the role of a "leader" was to inspire trust in his marketplace, especially after it has been hacked as many times as it was hacked. If you are not active in the community then people will not trust you as much

The cult of personality which has existed around SR "leaders" may have inspired trust, but it's been misplaced trust.  Hackings and law enforcement take-downs have happened under the watch of these trusted leaders.

Whenever the shit hits the fan, there's always a big "trust no-one" push and the emerging leaders always tell the community to assume everyone is law enforcement and act accordingly.  That advice is very quickly forgotten as people once again get wrapped up in the idea that they're part of some heroic movement for change and that the leadership is going to great lengths and making great sacrifices to protect them.  The reality never matches the rhetoric, though.

Power and money are heady intoxicants, but there's a danger in believing your own publicity.  When you start believing your own PR, you put others at risk.

Users need to stop buying into the idea of SR as a movement or community.  They need to view it as a commercial enterprise and stop believing that the people at the top are martyrs who'll protect those beneath them.  They need to stop wanting to like and be close to whoever is at the top.  Buying into the mythology creates vulnerability on both the part of the leadership and the users and leads to stupid mistakes.

[inBitweTrust]

The cult of personality which has existed around SR "leaders" may have inspired trust, but it's been misplaced trust.  Hackings and law enforcement take-downs have happened under the watch of these trusted leaders.

Whenever the shit hits the fan, there's always a big "trust no-one" push and the emerging leaders always tell the community to assume everyone is law enforcement and act accordingly. 

Agreed, mutisig and auditing is the right solution:

https://blog.openbazaar.org/migration-of-our-project-funds-to-a-multisig-address/

[deluxeCITY]

I think the reason why "defcon" was adopting the role of a "leader" was to inspire trust in his marketplace, especially after it has been hacked as many times as it was hacked. If you are not active in the community then people will not trust you as much

The cult of personality which has existed around SR "leaders" may have inspired trust, but it's been misplaced trust.  Hackings and law enforcement take-downs have happened under the watch of these trusted leaders.

Whenever the shit hits the fan, there's always a big "trust no-one" push and the emerging leaders always tell the community to assume everyone is law enforcement and act accordingly.  That advice is very quickly forgotten as people once again get wrapped up in the idea that they're part of some heroic movement for change and that the leadership is going to great lengths and making great sacrifices to protect them.  The reality never matches the rhetoric, though.

Power and money are heady intoxicants, but there's a danger in believing your own publicity.  When you start believing your own PR, you put others at risk.

Users need to stop buying into the idea of SR as a movement or community.  They need to view it as a commercial enterprise and stop believing that the people at the top are martyrs who'll protect those beneath them.  They need to stop wanting to like and be close to whoever is at the top.  Buying into the mythology creates vulnerability on both the part of the leadership and the users and leads to stupid mistakes.

You are correct, it was misplaced trust, as SR2 was hacked multiple times to the tune of millions of dollars worth of bitcoin. They were however acting "honestly" and were eventually able to repay users their lost bitcoin by using funds from site commissions. It was only when the site was eventually shut down that users lost money

[repentance]

I noticed that the Europol statement specifically referred to investigating the technology.  I don't think it's safe to assume that human error alone is responsible for every bust.  Yes, good old fashion police work has played a huge part in the very public busts to date, but it would be extremely unwise to assume that access to awesome technological resources hasn't also given investigators far more information than has been made public.

I'd be inclined to take Europol at their word about going after users - not because they care about people buying small amounts of drugs but because they want to create the impression that involvement in the dark markets is unsafe whether you're an operator, a vendor or a buyer.  For the most part, non-vendor buyers have felt relatively safe up until now - so safe that they're posting on clearnet trying to track down contact details for known SR vendors.  Prosecution of buyers will disrupt that feeling of safety.

[RobertDJ]

I noticed that the Europol statement specifically referred to investigating the technology.  I don't think it's safe to assume that human error alone is responsible for every bust.  Yes, good old fashion police work has played a huge part in the very public busts to date, but it would be extremely unwise to assume that access to awesome technological resources hasn't also given investigators far more information than has been made public.

I'd be inclined to take Europol at their word about going after users - not because they care about people buying small amounts of drugs but because they want to create the impression that involvement in the dark markets is unsafe whether you're an operator, a vendor or a buyer.  For the most part, non-vendor buyers have felt relatively safe up until now - so safe that they're posting on clearnet trying to track down contact details for known SR vendors.  Prosecution of buyers will disrupt that feeling of safety.

Well one thing that I think is interesting is the ratio of sites they took down to the number of people they arrested. It appears that they took down ~400 sites while they were only able to arrest ~15 people. I would highly doubt that those 15 people were running 400 sites as this would not be very efficient. I would speculate they were able to find the hosting of the sites easily (probably via traffic analysis) but would have more problems locating the people who are actually running the sites).

You would however have problems trusting that a dark market site is not now running as a honeypot as law enforcement could potentially take over the site and allow it to continue to run to see who buys/sells on it