The counterintel file turns out to contain Force's initial emails
corresponding with Ulbricht, in exchange for the initial retainer of $5k
or whatever in June-August 2013. While a bit rambling, the emails
constitute a fairly thorough briefing on the progress up to then,
investigative methods and level of monitoring of the DNMs, internal
politics, motivations, and limitations of the investigations into SR1.
Force reveals, among other things:
Know that some of your vendors have been approached for (and have
provided for money) buyer information (the idea is to purchase buyer
information, which gets dumped and collated into excel). Vendors that
get banned are approached via the email addresses they provide on their
pages "in the event SR is down, contact here..". Just recently a New
York based pill guy sold his entire customer list to what he thought was
atlantis. Can find out his handle so you can poke around old private
messages if need be. Several uses for databases of buyer
information...Vendors HAVE been approached off-site (most list their
tormails on their pages) for customer information. This has been bought.
Then collected and dumped. It has mostly been vendors who have
vanished/been banned/ or slowed down. They're deemed to be the most
vulnerable. This is not pursued as much due to a poor ROI. Most
vendors/former vendors have not entertained such advances and those who
have have demanded funds that simply are not available even in the
discretitionary account(s). Like any other government effort/agency/JTF,
funds are near impossible to get approved & released. Even
undercover buys require paperwork and approval. There is no joint kitty
of BTC available to make purchases from every vendor. It would take 2-3
days to get funds released for anything, and approvals are not that easy
to obtain AFAIK. And in any case in this scenario, verifying
information would be a nightmare. No guarantee that they would not just
copy and paste names from the phonebook or use a name generating site.
No real benefit other then to identify potential bulk buyers who would
resell IRL (and this information would get kicked down to state/local).
...Am certain there are not many techies involved. Due to the
unconventional nature of this network and technology, not much use for
full time "geeks" being sourced & assigned anything more then
standard workload. Unless there's some specific technical
question/explanation needed
...Again, something you would probably be able to verify - maybe half
a year ago a guy from podunk Virginia contacted local and was crying
about being blackmailed for his personal information by 'anonymous
criminals' (Phil something). Middle aged guy who ran a travel agency.
Even down to that level pops up on the radar nearby to where the birdie
hangs out. Did not take long to assemble the backstory (small time
recreational buyer just got blackmailed if you want to call it that by a
crooked vendor) and dismiss as utterly irrelevant. I'm sure old private
messages or communications can be examined to verify that instance.
...Prominent on the radar is Silk Road (amongst other known
sites/actors on TOR) and since late 2011 there's been a lackluster yet
interagency effort to monitor, disrupt, infiltrate and/or penetrate
operations. The office of the DAAG (Deputy Assistant Attorney General)
Computer Crime (at time Jason Weinstein) was the principal in
spearheading. This is after Sen. Schumer & party created a hoo-ha.
Weinsteins office jumped to take charge and assume oversight. Under the
auspices of the NCIJTF (National Cyber Investigative Joint Task Force
which is DOJ), the following fed agencies have a presence when it comes
to SR (Stateside)
1) DEA
2) FBI
3) DHS
4) ICE
5) USPIS
6) ATF
7) CBP
That should NOT worry you, because by "presence" I only mean their
are active agents and officer level involvement from who's resources are
pooled and budgets are shared. On a limb I'll say this, everything
having to do with Silk Road (like any other open set of investigations)
is on shared drives that almost all can read+write, and there is a
shared public Outlook folder where all emails/correspondence pertaining
to SR are routed. Everybody (and I mean everybody) from entry level up
to the heavens have "read" access. Additionally, people talk a LOT.
Loose lips is an understatement and the level of immaturity and juvenile
attitude is staggering. There is no such thing as "confidential", and
this is a culture where people are numb. You must understand that part
of why I'm so confident (in my ability to maintain this relationship) is
that nothing is treated as sacred and there are probably 100 people
like me who could offer the same level of access. Analysts do collate
data and prepare summarizations/status sheets and CC the requisite
list/group.. and majority of the time nothing happens. Little to none
replies/discussion. This is not SR specific, but does include SR. For
example reports related to CP sites/forums or BMR often get the same
treatment.. ambivalence. Here is something that will bring a smile to
your face.. it is just not in the budgets to aggressively dedicate
resources to SR. The way the budgets are allocated are almost certainly
political in nature, and the lions share goes to War on Terrorism or
"real world" drug activity. That's the cold hard truth. That's not to
say that there are no zealots who do have a harden for SR related
activity, but that is more focused on suspected real world trafficking.
Ironically enough, guys at USPIS do not care in the least about SR. Yes
you read that right. They're broke and have no concept of tech savvy..
and frankly, they are not interested. DEA guys often initiate most
chatter having to do with SR, yet follow up is minimum and they are too
bogged down in pending investigations of subjects whom they have the
ability to surveil and/or who's circle they can infiltrate by way of
CI's (conf informants).. none of which is possible when dealing with a
beast that is virtually immune to real world surveillance. It's not a
question of getting warrants to ISPs.. its a question of who/where to
begin looking. They're stuck.
At the analyst level, SR forums and the main site are
crawled/monitored. Not more then 4 people are tasked with just crawling
and mining the forums main site in an observational capacity. These 4
people are also tasked with crawling and mining many other websites and
forums on TOR and clear net. So while everything is printed, you can
guesstimate the scrutinity level is not extraordinary. That's not to say
that others do not actively surf the forums and maintain both buyer and
vendor accounts on the main site, they do. But at any given time, there
are not more then a handful of people overseeing a crawl. When
something deemed highly interesting or important pops up, they will CC
the SR mailing list with a description and screenshot with their
thoughts. Otherwise, there is a weekly status sheet that gets dumped
with the most relevant/interesting/useful occurrences on the forum along
with a summary on value/suggested "action items". Everything you post
(along with the time stamps) is copied. You are referred to as DPR
across the board. Often there is nothing interesting, and if there is
there is it would be a bullet point such as "Vendor XYZ (who deals in
ABC..) said his packaging methods consist of 123" etc. This is so they
seem like they're doing their job as often there is nothing interesting
at all taking place on the forum side. When moderators quote you, that
is often the bulk of what gets bullet pointed "DPR has instructed us to
do such and such". Now, there have and continue to be attempts to
compromise staff accounts (on the forum and main side) by the normal
methods of password guessing, but AFAIK none have been successful. There
have been successful instances of cloning lookalike accounts which have
all been shut down on your side. Of significant focus is attempts to
impersonate you and your moderators on not only SR mainsite/forum, but
on other TOR sites such as BMR or Atlantis to see if any prior
correspondences can be restarted. Nothing there either.
...There HAVE been concentrated efforts to DoS/DdoS the site and
forum to assess your response time and technical acumen. I'm not too
savvy regarding this, but on a horizontal scope there have been/are
attempts to run exit notes [exit nodes] and track traffic across TOR. To
what end this has been aimed at SR would be something I would need to
poke around about...6) Yes. I can poke around more, but in short - yes.
What the end-goal was, I'm not sure. What they assessed, I'm not sure.
But further attempts on the integrity of the site will be executed, be
sure of that. Although I can tell you, that won't be a long term play.
It can't be sustained forever...The DDoS would certainly be NCIJTF/FBI.
...The high-vol vendor operations such as (to just name a few) Nod,
NorCalKing, RxKing are all under scrutiny. They've all been purchased
from multiple times and general geographic location is assembled. For
example it would be known that the Nod operation is NY, NCK is in
California, RxK is Southwest US etc. There are also ongoing attempts to
befriend the 'biggish' vendors through private message/forum
pm/privnote/pgp and take correspondence off-site. This is where off-site
deals and 'partnerships' would get cooked up and layers of anonymity be
peeled away, leading to more detailed profiles. No high volume US
vendor has been surveilled. On a state level, several suspected major
vendors have been surveilled, yet none have been touched as that won't
happen till a multi-jurisdiction plan to move on several vendors
simultaneously in a grand slam display is logistically possible let
alone greenlit. AFAIK, something of that magnitude would not be possible
currently. There have been one-off prosecutions on county and state
levels. What happens is that a vendor that has confidently
profiled/ascertained to be originating packages out of a certain
jurisdiction, that information is shared down to local/state to put
eyeballs on. A lot of that was happening in the beginning, but now
there's more of a "hands off" approach. They'd want to sweep the maximum
amount of vendors at once. Having the Sheriff of Mayberry hit one based
on JTF Intel is just not the culture/mindset. Nearly all efforts are
conducted out of Jersey and Los Angeles.
...Posing as vendors - yes. That has happened. Although, DOJ
attorneys will never ever allow drugs to 'walk' en masse. Especially
after scandals such as Fast and Furious where the guns were allowed to
walk.. they simply can not introduce narcotics into circulation. Vendor
accounts have been bought to gain access to that side of the site and
Vendor Roundtable and to establish longterm credibility, but any
"purchases" would be absolutely fake and bought by their own accounts to
build credible stats. Pm sure on state level there have been targeted
vendor-posed operations to net bulk buyers, but those are highly
controlled and short term. I have not heard of any of the top of my
head. That does NOT mean that is not currently happening or will not
happen in the future, but any significant bust would have made waves.
...One thing to be cognizant of, there's a lean on the domestic BTC
exchanges to cooperate. There have been informal discussions in the last
few months to develop working relationship with Coinbase (I know for a
fact). After DHS hit Gox, even the boogeyman of a FinCEN violation is
enough to mortify any of the btc guys. Anyone moving large sums of BTC
will be open to scrutiny. I reference Coinbase because I know there was a
series of meetings with Compliance at Coinbase. That can only mean one
thing& BUT, that does not mean that the full on arm twisting by
Treasury is going to be utilized to track black market vendors. They're
more concerned (and justify) their desire for access due to terrorism.
Most of the black market economy is essentially low hanging fruit in
comparison to terror funding. But if OC activity is disrupted and theres
political mileage for DoJ, the wide dragnet serves a multi faceted
purpose.
1) a) BMR is on the radar and that is ATF's baby. Politics plays a
significant role in prioritization of which agency gets to own which
investigations. The climate is aggressive when it comes to weapons
trafficking and with the gun control hot potato has guaranteed virtually
a carte blanche to ATF. And they have deep pockets as well. Because tor
based weapons traffickers are almost always running guns IRL, there is
synergy between federal and state. Federal approves staggering sums of
money for surveillance,undercover and CI's. I don't want to say BMR is
"infiltrated", but there are a lot of compromised accounts and there
have been a few quiet busts. Nearly every bust has resulted in
cooperation. I am not sure what the long play is, but as long as this
current administration is in power the gunrunners will always be hard
targets. They are intimidated with the threat of tangible charges
(interstate trafficking, conspiracy, organized crime, distribution) and
they ALL cooperate. The general consensus is that weapons dealers are
not sophisticated and have a lot of IRL visibility, so they are ALWAYS
on the radar.
...c) HackBB and TCF are prominent and actively surveilled. Have not
heard of any significant operations that have netted any majors, but
there have been some successful prosecutions/interagency wins. HackBB
especially is monitored closely. There is another counterfeit site whose
name escapes me now, but there was a major sting that happened in
Boston last winter which was a result of efforts focused on it. Paypal
was involved and was very accommodating to SS in handing over logs.
...8) Some, yes. Off the top of my head - I know that "Costco" is a
West Coast operation and theres some fair certainty that it's an Asian
gang deal. There is an immigration element and tied to IRL dealing. I'm
not sure what the wait is, but there's some play that probably involves
state/local. "Marlostansfield" is NYC, and the guy has a lengthy record
and has been a CI in the past. "Godofall" is NYC and they're Dominicans
who are street level/wholesalers. "DaRuthless1" has been surveilled by
local in Queens and has a prior for distribution oxy.
"UndergroundSyndicate" I know was assumed to have been made, but there
was some snafu with that and bickering state level. I know there were a
few California based pot guys who were being surveilled, I can circle
back on vendor information. There is a vendor in Dade County, FL that
was surveilled, grabbed and turned but the focus was on his IRL connects
to coke wholesalers, not on mail.
[Marlostanfield, Godofall, and DaRuthless1 seem to have disappeared
before or during the fall of SR1 and no busts are known to be
associated; UnderGroundSyndicate was busted as part of the SuperTrips
case; the CA and FL mentions are too vague to judge. Ulbricht in his
journal credits Force's info with saving at least one vendor, and it's
noteworthy that someone contacted Eileen Ormsby in December 2013 (http://allthingsvice.com/2015/04/02/special-agent-force-alpacino-and-me/),
referring to Force's info and telling Ormsby to "ask M___ how DPR knew
stuff that helped him not get busted. He won't know how, but he will
know what you are talking about"; Marlostanfield is the only vendor
named in the entire file whose name begins with "M" and if he had
already run afoul of the law many times, he would be quick to disappear
upon being warned.]
...Now, when Gox was hit in the spring.. that was literally over an
unchecked box on some form asking "Are you a money transmitter?"!
Because (the US subsidiary) of Gox failed to check the "Yes" box.. that
alone was enough to get a judge to sign off on a warrant. The rest is
history. LE has reached out to EVERY SINGLE DOMESTIC btc exchange and
asked them to share records on vague grounds (ongoing narco-traffic
investigations, Islamic charities/donations etc) and establish channels.
The exchanges seem to talk to each other, and have by large put a
united front and rebuffed these advances so far and have insisted their
Ts are crossed and I's are dotted, which means they are not obligated to
share records with any LEA on gratis. And since their paperwork is in
order, LE is stuck here. They have not been enable to find cause to hit
any of the other exchanges the way they hit Gox. I can tell you that LE
is so used to banks bending over backwards to accommodate, they're
annoyed that the exchanges have not rolled over. They have not seized
servers of any domestic btc exchange. Even Mutum Sigillum's seizure was
just their Dwolla account, not their servers or any stateside Gox data.
Coinbase, however, is probably playing ball at some level. If you recall
they scored like $5mil in a Series A round a few months ago. Few weeks
after that (I'm talking June), there were meetings between there
Compliance/attorneys and Treasury. This is not public knowledge. Either
this was the investors insisting that they reach out to the feds and get
in their good graces, or Treasury tried to squeeze them and maybe found
something they thought they could use to bully them. But that's been
quiet since. Have not heard anything. Gut says they probably reached
some tentative agreement to pass on records in a limited capacity. Long
story short, no, they are not tapped in to the exchanges (yet), aside
from possibly Coinbase. ...About Gox: No way. Hitting Mutum Sig was a
last resort and reactionary because they had approached Gox directly and
were rebuffed, and then reached out to the Japanese government to no
avail. Although on good relations, Japanese companies are very anal when
it comes to perceived threats to their bottom line. Must not forget
that Gox is fully aware that that a staggering amount of traffic is
dirty money (no offense), and that makes them money. They can't fathom
turning over records and data to the Americans without a crippling mass
exodus of capital (if it ever came to light). Also Japanese are a proud
people when it comes to their work. There are free trade agreements with
Japan that have binding clauses to provide financial information to
requests from say the IRS, but something that like can't be used as a
tool with the Japanese government because of limited resources and
approvals on our end. It's very beauracratic and not just a matter of a
few phone calls and emails. And even still the Japanese can stall and
pushback. As long as Gox is operating where they are, they will guard
the integrity of their records/logs/data. Gox is outside the tentacles.
[–]ShulginsCat 47 points48 points49 points (8 children)
[–]honestlyimeanreally 7 points8 points9 points (6 children)
[–]ShulginsCat 4 points5 points6 points (0 children)
[–]scrubaccount 1 point2 points3 points (4 children)
[–]honestlyimeanreally 2 points3 points4 points (3 children)
[+][deleted] (2 children)
[deleted]
[–]honestlyimeanreally 0 points1 point2 points (1 child)
[–]StopMakingStupidPpL 0 points1 point2 points (0 children)
[–]alwayslookingformore 14 points15 points16 points (5 children)
[–]gwern[S] 8 points9 points10 points (4 children)
[–]AgoraMarket 11 points12 points13 points (3 children)
[–]honestlyimeanreally 0 points1 point2 points (2 children)
[–]AgoraMarket 1 point2 points3 points (1 child)
[–]honestlyimeanreally 0 points1 point2 points (0 children)
[–][deleted] 20 points21 points22 points (3 children)
[–]honestlyimeanreally 2 points3 points4 points (2 children)
[–][deleted] 2 points3 points4 points (1 child)
[–]deluser 0 points1 point2 points (0 children)
[–]II-NataYmleg 7 points8 points9 points (0 children)
[–]bigfondue 9 points10 points11 points (3 children)
[–]honestlyimeanreally 0 points1 point2 points (2 children)
[+][deleted] (1 child)
[deleted]
[–]honestlyimeanreally 0 points1 point2 points (0 children)
[–]Munchie_King 3 points4 points5 points (3 children)
[–]gwern[S] 7 points8 points9 points (1 child)
[–]Munchie_King 0 points1 point2 points (0 children)
[–]XanaxBaratheon 0 points1 point2 points (0 children)
[–]AzimuthCoordinator 10 points11 points12 points (5 children)
[–]II-NataYmleg 1 point2 points3 points (2 children)
[–][deleted] 2 points3 points4 points (1 child)
[–]II-NataYmleg 5 points6 points7 points (0 children)
[–]AphoticBass 0 points1 point2 points (1 child)
[–]winlifeat 0 points1 point2 points (0 children)
[–]OzFreelancer 3 points4 points5 points (7 children)
[–]gwern[S] 4 points5 points6 points (6 children)
[–]OzFreelancer 2 points3 points4 points (1 child)
[–][deleted] 1 point2 points3 points (0 children)
[–]anon847478488483 1 point2 points3 points (0 children)
[–]boofk 0 points1 point2 points (1 child)
[–]gwern[S] -1 points0 points1 point (0 children)
[–]bowlingin45 4 points5 points6 points (0 children)
[–]OliverSR1 2 points3 points4 points (3 children)
[–]WhiteZebraThanksYou 2 points3 points4 points (2 children)
[–]rulinus 0 points1 point2 points (1 child)
[–]WhiteZebraThanksYou 1 point2 points3 points (0 children)
[–]MLP_is_my_OPSEC 4 points5 points6 points (18 children)
[–]gwern[S] 9 points10 points11 points (11 children)
[–]MLP_is_my_OPSEC 2 points3 points4 points (10 children)
[–][deleted] 4 points5 points6 points (9 children)
[–]MLP_is_my_OPSEC 8 points9 points10 points (6 children)
[–][deleted] 5 points6 points7 points (2 children)
[–]MLP_is_my_OPSEC 5 points6 points7 points (1 child)
[–][deleted] 6 points7 points8 points (0 children)
[–]delta_eight 5 points6 points7 points (2 children)
[–]II-NataYmleg 5 points6 points7 points (0 children)
[–][deleted] 2 points3 points4 points (0 children)
[–]autowikibot 0 points1 point2 points (0 children)
[–]bigfondue 0 points1 point2 points (0 children)
[–]1234567as1 0 points1 point2 points (4 children)
[–]MLP_is_my_OPSEC 1 point2 points3 points (3 children)
[–][deleted] 1 point2 points3 points (2 children)
[–]MLP_is_my_OPSEC 0 points1 point2 points (1 child)
[–][deleted] 0 points1 point2 points (0 children)
[–]omfgihavetosggoooooo 2 points3 points4 points (0 children)
[–]rudetopigs 1 point2 points3 points (1 child)
[–]gwern[S] 1 point2 points3 points (0 children)
[–]MrCrappy57 0 points1 point2 points (0 children)
[–]sharpshooter789 1 point2 points3 points (3 children)
[–]gwern[S] 1 point2 points3 points (1 child)
[–]sharpshooter789 0 points1 point2 points (0 children)
[–]deluser 0 points1 point2 points (0 children)
[–]k9atemybuds 1 point2 points3 points (0 children)
[–][deleted] 1 point2 points3 points (0 children)
[–]StillNotLovingLE 1 point2 points3 points (1 child)
[–]deluser 0 points1 point2 points (0 children)
[–]bigtimetimmyjim22 0 points1 point2 points (0 children)
[–]theeagle_ 0 points1 point2 points (0 children)
[–]sharpshooter789 0 points1 point2 points (1 child)
[–]gwern[S] -1 points0 points1 point (0 children)
[–]Vendor_BBMC 1 point2 points3 points (3 children)
[–]Vendor_BBMC 1 point2 points3 points (1 child)
[–]Hank_Vendor 0 points1 point2 points (0 children)
[–]alexdahbomb 0 points1 point2 points (0 children)
[–]TotesMessenger -2 points-1 points0 points (0 children)
reddit gold
In Summation
Want to say thanks to %(recipient)s for this comment? Give them a month of reddit gold.
Please select a payment method.
Give gold often? Consider buying creddits to use, they're 40% cheaper if purchased in a set of 12.
Would you like to learn more about giving gold?
reddit gold
In Summation
Want to say thanks to %(recipient)s for this submission? Give them a month of reddit gold.
Please select a payment method.
Give gold often? Consider buying creddits to use, they're 40% cheaper if purchased in a set of 12.
Would you like to learn more about giving gold?