An idea contribution to the progression of DNMs...

I've started this idea by looking at the current tools and resources available, and then coming to conclusions of the strengths and weaknesses of the current system and how they can be more properly applied. With that said, I do not personally plan to execute this idea. Im sure that some will like the thought process and some will not. Some will balk, and some will roll this idea around and make it workable. I'm sure that there are holes and pieces that I have not thought of, and that is why I throw the concept to the community rather than undertake such a task myself.

To make this idea work, we are going to have to let go of some long standing concepts used in the various market places. The goal is to hide in plain site, have expiring data, weed out the inept, and continuously stay ahead of LE attempts to sack the user base. To do this, we are going to have to quit  relying on TOR and switch to a more time proven and decentralized distribution system. Less responsibility will be placed on the Admin, more responsibility will be placed on the Vendor, and only competent customers will gain access. Lets start with the weaknesses I've identified:

Centralization: Many markets have fallen due to having to host their site on a server. Once the server is seized, everything on it becomes evidence. This is a critical flaw in the concept and needs to go away immediately.

TOR: It has served its purpose, but there is a lot of info out there indicating that it is no longer secure. While it will continue to serve in some aspects, we cannot continue to rely on it as heavily as we have.

Escrow: I know a lot of people will throw their hands up right here and not read any further. But bear with me here; In order to have escrow, someone has to moderate it and make decisions. That person is a weak link. While Muli-Sig is available, it is too complex for the average customer. Until it becomes easy to use, it is not a viable solution. There are some solutions however...read on.

BTC: Its the cornerstone of DN purchases and will without a doubt play a large role in future currency. However, as it becomes more popular, it will inevitably be regulated just like any other currency. We need more options.

Inept User Base: It is currently WAY to easy for someone to stumble onto TOR and log onto a DNM. No knowledge of PGP or Cryptocurrency is required. Sensitive info is passed around and incriminating evidence is recorded and documented.

And now lets look at some of the stronger tools that are already available that can help build a stronger system:

P2P Networking: Want to see a system that has shown incredible resilience? How about The Pirate Bay or any other Torrent tracker? How long has The Establishment been trying to kill that system? Strength in numbers and no specific target to attack. We can all agree that that system isn't going anywhere soon.

TOR: While its beginning to show its flaws, it definitely still has its purpose, and will be around for a long time to come. But hosting centralized markets is definitely not one of its strong suits.

Review Sites: To an extent Reddit and Grams both serve this purpose. However it needs to be more detailed and have a simpler interface. We need multiple sites that share information to collect useful review data on Vendors.

Block chain Technology: There is no doubt in my mind that this is the future of currency. However we cannot continue to rely on a single currency. There are many options for cryptocurrency out there, and for markets to restrict all sales to a single option stifles innovation. Free trade is a major component of any marketing system. The Vendor needs to have the freedom to choose the method of payment they accept.

PGP Encryption: This is still the gold standard for privacy. It is easy to use, and utilizes very strong encryption. While it is currently underused and has more capability than the average person uses/needs it will play a big part in my market idea. PGP signatures, and expiring data are powerful tools.

And now I would like to put the items described above together into a new model for a market. I like to call it "The Freedom News" (TFN). And here are the responsibilities and items we need to do to make it work....

The responsibility of the Vendor: The Vendor needs to fill in a basic template for their product listings with pricing included, acceptable payment methods, and acceptable 3rd party escrow agents. (Independent escrow including multi-sig, is currently available on the DN, but is not a popular option.)They will provide new contact info and a new one month expiring PGP public key for each edition. The contact info can be an Email address, Bit-message....whatever. But it has to be a new one every month. The data needs to be small in size, basic, and simple. Once per month a new template will be submitted to The Editor.

The responsibility of the Admin; I like to call that person The Editor. The Editors job is to create multiple TOR hidden service pages. Not full sites, just single pages. They collect a fee from the Vendors and from the customers for compensation to do this. There are no percentages collected in this market, because sales are not tracked. The Editor gets a flat fee to produce a product. TFN gets a new edition once per month. But is available in one week increments to the customer. When they receive a listing from a vendor, they verify the PGP signature to be sure that it is in fact the stated Vendor and not someone impersonating another. They will verify that the supplied contact info is not the same as the previous months, and that there is a new PGP public key supplied with an appropriate expiry date. The Editor will then collect various news articles from around the world and put them in a Torrent file. This file will contain one file that is encrypted with an expiring key. The rest of the articles are there primarily to provide plausible deniability in the event someone possessing the file is caught with it. The file is then released into the wild. A new file will be released every week, with a new 7 day expiring Public Key. Every week, the TFN file will receive a new and obscure Torrent name.

The responsibility of the customer: In order for a customer to gain access to TFN, they will need to go through some checks and procedures. By default this process will ensure security and a certain amount of OPSEC Proficiency. The customer will go to the TOR Hidden service page, here they will be charged 0.001 BTC to receive the current Torrent File name and the PGP key needed to unlock the encrypted file. See what just happened there? We now only have customers that understand BTC, How to access Hidden Services, and are PGP proficient. The customer will then contact their individual vendors to make their desired purchase. Sales reviews are especially important so customers would need to be provided a link to the Vendor review page.

Following the idea posted above, we now have a decentralized, muli tcurrency, market with optional escrow, and rotating sales data that expires on a regular basis. Any LE effort would need to be completed within a single month or all viability of their evidence destroys itself. With so many Torrent Files available, it would be a significant chore just to pick out the current file before the data expired.

Discuss....


Comments


[4 Points] None:

[deleted]


[3 Points] RosyPalm:

With so many Torrent Files available, it would be a significant chore just to pick out the current file before the data expired.

And that would be true of LE... Vendors... Buyers...

You created a phishing paradise.

You're basically suggesting we take our current model and just make every step incredibly more complicated then it needs to be. The only people that will have the resources and time needed to actually sit down and use such a complicated system will be the LEO's.

No one is going to go to this much work to find out what their vendor had for sale a month ago. I'd rather just head down to MLK Boulevard, hand the first person I see all my money, and just trust them to come back with something fun.


[2 Points] loveisrealnfa:

Nice idea but as you can see, buyers need everything spoonformatted.


[1 Points] motsanciens:

I've thought about how a torrent format might work, too. To me, you'd want to follow a model similar to Popcorn Time. I don't know how they do it, but they use bittorrent to make a very nice looking interface out of pirated movies.

I've also been wondering if you could use bittorent sync somehow. It's just like Dropbox but uses local resources to create cloud like redundancy instead of a central location. A btsync folder could contain an encrypted archive, for example, containing a pdf of a vendor's listing. You're not going to want to btsync every vendor, so a tor service lists vendor names, emails, public pgp, btsync secrets (they're called), and passwords for the encrypted archives. You add the vendor's secret to btsync, and it downloads whatever they have in that folder and seeds it from you and everyone else who has it. Obviously, since btsync isn't open source, you have to question the security of it. Not sure how it could be determined where the folder originated from, but that seems risky. In your scenario, it also seems risky for someone to upload the torrents. They could possibly do it over tor with tor bridges and multiple vpn tunnels from a McDonald's parking lot!


[1 Points] throwaway:

You should post a quick summary. (TLDR.)


[1 Points] midnightketoker:

I don't think making buyers jump through hoops is the right way to stay competitive and secure in this economy. This makes everyone responsible for too much and it'll be too easy to fuck up, not to mention replacing the central point of failure (a server: one basket for all the eggs) with a whole bunch of other points of failure and ditching TOR so everyone needs new ways of disguising IP from torrent trackers.

Instead of "shielding" the market by forcing restrictions on buyers, there should be restrictions in place such that no matter what a buyer does or even if a bunch of spam accounts get together, nobody can DoS a central server and dumb people who give away their identity somehow by neglecting anonymous practices can only fuck themselves over, nothing else can be revealed by user or vendor. Eliminating the central server is the right step, and so is multisig and PGP and they should be mandatory. No javascript automation, but entry fields can easily be checked to make sure PGP is entered and there can be admins for that kind of thing, who don't have access to money accounts and even if they do hold any influence their actions should be transparent and decentralized so no one has a hold over everything.

The idea of somehow P2P hosting is promising and I've brought up the resilience of the torrent guys before. My thought is to go P2P but instead of literal torrents, it should be possible to still use TOR, just find a way that one web server hiding somewhere isn't the end-all of the entire system. I'm not an expert on this but there must be ways to decentralize that and even link up server images, transactions, and feedback on a cryptographic chain the way the Blockchain ensures verifiability.

I'm also in favor of small flat fees for everyone just for registration that go toward maintenance. I do think that mandatory multisig escrow (2/3) is the only way to go, keeping any central marketplace away from the money. 2/2 doesn't make sense even optionally, because of the risk of Bitcoin in limbo forever, unless there was an auto-finalize implementation but I fear again that may place too much power in the hands of admins. As for a third party dispute arbitrator in 2/3 transactions this can be done in a decentralized way by matching or agreeing on highly rated vendors to arbitrate and giving them fees while keeping things transparent. In this system a main "website" can hold item listings, vendor pages and PGP, as well as itemized detailed feedback. There can potentially be a way for feedback and the more detailed listing information to expire after a time from the site leaving only pre-obtained backups of the site that have the data verifiable by crypto so even metadata on the site goes away after a while.


[1 Points] indicasativamix:

Very interesting idea. I like it.