Future

Pretty turbulent times right now, eh?


Some words to hansa vendors

Law enforcement has gained a huge advantage by not only seizing and taking ab and hansa offline, but by also running a top market for nearly a month. It allowed them to monitor every link every single user clicked, what messages they sent, what passwords they entered, when they logged in and out, . . .

After they are done jacking off to their gained data, they will fan it out to just about every law enforcement agency around the world so they can use this data to go hunting. And trust me, they will. So I want to take the time to urge vendors to not continue like usual. The past has shown that for example the SR data, which was far less extensive than the hansa data, provided the basis for many arrests even after the initial seizure.

While it is part of law enforcement's strategy to scare users and make vendors give up their aliases, vendors should always choose their own freedom and the one of their customers over a few extra bucks before getting busted. So I urge every vendor that was at least somewhat active on hansa to put their current vendor brand to rest. Pause your vending operation, prepare for the worst case, have a critical look at your operation and start again after some time while learning from your mistakes.

It would be reckless to continue vending with law enforcement having such a huge advantage over you. Here some valuable tips on how to make sure law enforcement can not connect your two aliases. And reading the DNM vendor bible in general will not do harm either.

Response to recent law enforcement actions

Since law enforcement gained a huge advantage with operation bayonet, we need to improve too. We need to learn from our mistakes and think what we can do better to minimize the impact of future market seizures and takeovers. So in the following some points I have come up with.

Auto encryption

Making no auto encryption a requirement for markets to get listed. Sadly, we all experienced the fallout I was talking about. This time it equals to over 10 thousand of addresses now in law enforcement hands. Without ae and the promotion of manual PGP encryption, this number would have been much lower.


2FA requirement improvement

There need to be done some improvements to the 2FA requirement. The decoded PGP message must look like the following:

Only valid for marketAddress1.onion marketAddress2.onion
2bjf7

Imagine this case: Vendor V vends on market A and market B. He re-uses his password on both of them but has 2FA enabled.

Law enforcement seized market A and gets his plain-text password by simply logging it when he logs in next time. They then go to market B and fill out the login form with it. Now they get a PGP message prompted that only the vendor can decrypt. Fortunately they can get the vendor to decrypt PGP messages using the 2FA on their taken-over site.

So they manually put the PGP message they got from market B in the system of the taken-over market and wait for the vendor to log in and decrypt it. As soon as that happened, they log into market B with that decrypted code.

Effectiveness can be improved by keeping an eye on the vendor login times and timing the attacks. By the way: I would really be a good law enforcement agent with such ideas.

Pretty frightening if law enforcement executes such an attack as it allows them to circumvent 2FA on every market and other services. So let us prevent this attack in the first place with the updated requirement.

If a vendor decrypt a message from market B that says it is only valid for market A, he will immediately be alerted and hopefully informs the community too.


Past log-ins

Markets could show the timestamps of the last three successful logins on the front page the vendors get redirected to after a successful login. That way they can easily spot if someone logged that was not them. I took 3 as a number because it is a good compromise between security [vendor can see the dates of several logins] and privacy [market does not store too much data about the vendor].

These last 3 successful logins could be displayed in one column. Two more columns could be added that show unsuccessful logins [wrong password] and semi-successful logins [password correct but 2FA wrong]. In the light of recent events, the community would have been warned early because several different vendors would have gotten entries in the semi-successful login column due to law enforcement trying out the login data from hansa on other markets.

Usability can be improved if vendors can set the timestamps to their timezone, so a quick glance is enough and they do not have to calculate their actual timezone from the UTC timestamp.


Market canaries

Markets have to publish a signed message every week or so that they are not compromised and include the hash of the latest btc block. That way law enforcement would not be able to run a market for horrifying 27 days without also getting control over the PGP key.

It is not waterproof but the potential reward in my opinion outweighs the costs for the market operator [spending 2 minutes every week to publish the signed message]. The message should be displayed publicly on market.onion/canary for example. The time period can be also changed [i.e. reduced] to make a takeover less successful.

For example according to some information we received, law enforcement did not manage to compromise the PGP key of hansa at least shortly after the takeover.


Periodically checking vendor keys

We could get a small 'task force' of users to check the listed keys of vendors on several markets. It would consist for example of a handful of users that already have the 'long term community member' flair [so they are at least somewhat trust-able], who have lists of vendors that they check once or twice a week.

They could focus on higher profile vendors [i.e. large sales volumes and products like fent, heroin, . . .] and check on the markets that are most used. That way we could quickly spot changed PGP keys and act accordingly by warning the community. We even got an early warning sign with hansa, but we did not process that information correctly.

I could probably automate this to some extent, but this takes some time and getting some users to do this regularly would be best for now.


Multisig

Multisig. We will have to deal with that topic in a standalone post. Law enforcement basically played all hansa users and was able to do so because nobody implemented and used multisig properly. It is not an easy topic, but if the recent event are not motivation enough to finally provides guides how to use ms properly. . .


Market bust procedure

We main sub mods will also work on a market bust / seizure / exit scam procedure that we can apply if needed. That way we optimize the workflow in such cases more and can achieve better results [i.e. minimizing the damage and passing important information on quickly].


So what are your ideas on improving the DNM scene [not limited to the requirements of the superlist], to minimize the damage of future law enforcement operations? Because if there is one thing we know, it is that the next operation is just around the corner.

Now some interesting traffic stats as a reward to you because you read through the whole post [keep in mind they do not include mobile traffic]:

Screen shot one

Screen shot two You can really see how the traffic went up right as the press conference began.


Comments


[80 Points] MandyThatGirl:

You forgot Mo-Nero...


[48 Points] DareToHope:

Wow, I must say. Some of these ideas are quite clever and in some cases are simple to implement. I like the canary idea and the 2FA one really helps cover a lot of bases (and so does the tracking past logins) These are all very well thought out so, great job man.

As far as market bust procedure, Ill start trying to think of things that could happen on the sub that would aid the community.


[20 Points] throwaway185973:

I'm not buying that the Hansa sting is as big of a deal as people are saying. It's impressive for the shock-and-awe factor, but in terms of intel gathered I'm not really seeing the problem.

Default OPSEC should prevent any customer or vendor from being exposed this way, even if their username, password, and all messages they sent and received are in law enforcement's hands.

Username should never be tied to you. Password should be random, unique, and generated by a password manager. All messages should be manually PGP-encrypted. If you've been doing things right all along, then the Hansa sting should not have impacted you.

Law enforcement has gained a huge advantage by not only seizing and taking ab and hansa offline, but by also running a top market for nearly a month. It allowed them to monitor every link every single user clicked, what messages they sent, what passwords they entered, when they logged in and out, . . . After they are done jacking off to their gained data, they will fan it out to just about every law enforcement agency around the world so they can use this data to go hunting. And trust me, they will. So I want to take the time to urge vendors to not continue like usual. The past has shown that for example the SR data, which was far less extensive than the hansa data, provided the basis for many arrests even after the initial seizure.

How do you know that the Silk Road compromise was less extensive than this? We know they had full access to Silk Road's server and were sitting on it for weeks or more. I'd be surprised if they weren't capturing passwords and messages back then as well.

Every time I use a darknet market, I always operate under the assumption that LEO actively has control of that server and is seeing every single thing I do.

Regarding your suggestions, I'm going to interpret them as suggested defenses against law enforcement (or even black hats) gaining control of a server and not just as general security tips:

Auto encryption

Absolutely. Auto-encryption needs to be disabled by default or significantly changed.

2FA requirement improvement

Your scenario only makes sense for vendors who aren't practicing the most basic OPSEC (re-using passwords). This is even basic OPSEC for regular ordinary people who don't touch the darknet. If a drug dealer on the darknet can't even help themselves from re-using passwords, they need to find a new job immediately.

2FA is good but meaningless in the face of a site compromise.

Past log-ins

Useless since it can be manipulated once they have control of the server.

Periodically checking vendor keys

Good idea, but I think it should be automated.

Market canaries

Not a bad idea but some % of market takeovers will result in the owner(s) being arrested before the trap is sprung, so they may very well have the owner's canary key before or shortly after they have control of the server. I wouldn't put very much faith into canaries. They make way more sense for people operating legitimate websites and companies.

Multisig

Would really depend on how it was implemented. Could be useless unless it's not dependent in any way on the market or its staff.

Market bust procedure

A new procedure sounds good.

But from an individual perspective, I think people are overthinking things here. Take the security measures you should always be using anyway (including not having more money than you want to spend all at once in escrow or in the market wallet), and a market sting will hardly affect you at all.


[17 Points] DWconnoisseur:

Thank you for taking the time to list all those points.
I'm strongly in favor of 2FA improvements, and the past logins display box -> this is a very good idea.
Couldn't we also work on a PGP public key ledger/superlist on Reddit for market admins and vendors alike ?
I know It would take time and a lot of trust, but the fact that Grams remains the only source to cross reference PGP keys today is.... not really good :(


[15 Points] KPCN:

USE MONERO FOR TRANSACTIONS. IF VENDORS DONT ACCEPT THEM DONT BUY! IT IS THE MOST IMPORTANT THING! People get popped because they use coins (either tumbled of from exchanges) that do not have 100% mandatory privacy are centralised and are non fungible. Be smart and safe.


[14 Points] EatSheets:

"Fuuuuuuuuuuuuuuuuture"


[7 Points] snugglelufugus:

These tactics are all useless crap that can be gamed once leo controlls a market. Vendors reusing passwords in their clearnet life should be shitting themselves for being dumbasses.

Unless they planted a non-js zero-day on teh site that hit tails, no vendor should have anything to worry about.


[6 Points] _PrinterPam_:

Oh boy, this is a lot of tackle. I'll weigh-in on a few, and I'd also like to add a cautionary note that while increased security is great (for everyone, buyers and vendors alike), if the technical bar is raised too high on some of these measures, with no workaround/recourse, it will cut a lot of people out of the game. That makes those of us remaining a smaller target (lack of safety in numbers) and also reduces competition (which invariably leads to higher prices) and choices (which also makes it easier for LE. If there's only two guys left selling 'xyz', and some agency gets a stick up its butt about 'xyz'...all the easier for them).

Here we go:

Vendor responsibility

I think it's absolutely irresponsible to label a vendor who continues to vend during this upheaval 'irresponsible.' Plenty are, sure. Plenty of others have backup plans, ready to go, in these kinds of events or at some unknown interval. Taking shipping for example. I believe that 99% of the time LE is going to go after someone, they'll take the low-tech/cheap approach. Way easier. Maybe make a few purchases to find the city/region the vendor is located. Even easier then. Good & industrious vendors already have a strategy for dealing with that. They'll review it regularly and change-it-up periodically or when needed. That's just one example, but I've already changed that and also switch to the contingency plan in other ways (just as I've already finished with the next contingency plans). Personally, I believe that the steps I take to protect myself also benefits my buyers. Win-win. I've heard some vendors even retain customer info. I think they're insane, personally. I want all evidence relating to a transaction off my systems as badly as the buyer does. I have no desire to hand LE the evidence for additional charges. Anyway, long-point short: Don't sling labels at vendors just because you feel they should have already headed for the hills. A vendor who 'waits this out' as his approach to security will likely just show back up later with the same shitty security practices.

Making no auto encryption a requirement for markets to get listed

As a vendor, I can tell you this simply won't work. I cannot count the number of times buyers who run into any problem whatsoever with encryption (maybe they left out a '-' on the header or footer of my key or any number of other reasons) don't even pause for two minutes. They just send the info in the clear. I think this is the wrong approach to the problem. Do you plan to also enforce the use of some regex server-side to deny clear-text orders? Well, that won't work either since it'll have to go to the server in the clear in order to recognize that it isn't encrypted...solves nothing. Otherwise, you'd need to make use of Javascript and do it client side, which is potentially worse than solving nothing. User education, a la 'local' encryption, is the answer. It's always an uphill battle...but education, education, education.

Market canaries

Something to think about: How would that alleviate a problem like what happened to Hansa? From what we know, and please correct me if I'm wrong, LE did not exercise control of the market. They sat back, observed and logged. The admins could continue right-along with publishing a signed message saying "Yep, we're still cool." The reason the 'canary' thing works in the legal realm is that there are legal workarounds/tricks to combating LE when they try to play the 'national security' card. With a DNM, it's a technological problem with zero legal recourse.

2FA

I'm having trouble seeing how any of that would help. If LE controls both sites, why couldn't they simply change the 2FA portion of the code that shows the address and then encrypt that and the challenge phrase to the vendor's pub key? And it's not like if they have the answer for one they have the answer for the other (or that it would even matter...they control both sites, right? Try encrypting the exact same text multiple times. The encrypted message(s) are entirely different each time. Hell, they could even pretend the vendor entered the correct code to a bullshit message that does no backend checking whatsoever. I'm not actually sure how to address this point because I'm not entirely sure what the point is. Some clarification would be helpful.

Periodically checking vendor keys

That's a thought, sure. Keep in mind this doesn't, in any way, solve the problem of the vendor being nabbed and, voluntarily or otherwise, providing his private key and/or the password which protects it. But if the concern is 'key switching', ubiquity of a vendor's public key on multiple locations is the answer. No matter what you do in this regard, the 'chicken or the egg' problem will exist to some extent. Also, what are you thoughts in terms of key revocation? What if the vendor sets short expiration periods on either his master key, or one of his sub-keys? What if they just generate an entirely new one? How will you handle succession? Solutions to these points are relatively simple enough, but you'll need to plan for them.

Multisig

I'll suspend judgement pending the post. If buyers want it, sure I'll offer it. But, the 2/2 does jack shit for me as a vendor. What do you suppose the chances are I'll see any of my escrow money from Hansa with their purported 'dead man's switch' two months from now? Yeah, 'donut.' Unless buyers also do multisig, and though I'll still play that silly 2/2 game if I must, I just don't see anything significant coming from this. Evo had 'multisig' too, but the implementation allowed them to run off with everything anyway. Something to keep in mind when considering whether to force a market/anyone to use this.

What I'd like to impart upon everyone as a take-away: Most (most, most, most) of the problems are alleviated with user education. It's an uphill battle. Always has been, always will be. But some problems are 'human' in nature and cannot be solved with technology. They must be solved with education/awareness. After that, there's always some risk. But, hey, legally-established businesses defraud customers and the markets themselves all the time.

EDITED: Quotation formatting.

EDITED: Added a point or two to the 'auto encryption' part.

EDITED: Added a thought on the market canary

EDITED: Clarified 2FA section


[6 Points] None:

[deleted]


[2 Points] itsalaughinggas:

won't the 2FA secret usually timeout after a minute or so


[2 Points] wwantt:

Too much FUD labeling going on. If a post/question/discussion is stated as not being fact then it should not be labeled FUD unless proven so. Just because Mods here seem to be bias to markets, vendors, etc doesn't mean they should put limits on the communities discussion of their safety and security.


[2 Points] Chemical_Love_Story:

Great post and great work through this shit storm, mods. We really appreciate all the work you do, and I know it multiplies like crazy during times like this.

Two points:

As a long time member of this community who has only rather recently started participating to the extent that I am, I'd be happy to help by confirming keys in my free time. Shoot me a PM if you need team members!


[2 Points] t0mcheck:

..


[2 Points] SockPants:

The canary part should be set up in a specific way so that it's not as easy for LE to torture admins into posting the canary message. It needs to be infeasible, so maybe it needs to be signed by a large amount of people, that LE couldn't likely collect. It should also be posted say every 48 hours, so as to ensure that LE has time against them to arrange for a canary if they do want to attempt it.

PGP implementation might also be vulnerable. Antivirus might also be able to scan the RAM area of PGP implementations to obtain the encoded/decoded message pair and ship it to LE over the internet via their update servers. For this, the PGP implementation needn't connect to the internet or even write anything to disk, or even be compromised itself. To circumvent this, it seems that doing any encryption on a completely cold system with no internet connection ever would be somewhat safe, if tedious.


[2 Points] fa-yeerrr:

It's time guys. Please put some Monero guides in this sub. Not all the people may agree and use it but at least give everyone another option. It only will help everyone's opsec get better.


[1 Points] None:

[deleted]


[1 Points] f6UmBpI1DQxK:

2 suggestions for markets to implement:


[1 Points] tata54321:

Do I simply not understand your 2FA idea? If im not mistaken alpha already had that in place, didnt they? The pgp message also had alphas URL in it if I remember correctly.


[1 Points] MrOwnageQc:

AB only had forced 2FA for vendors only, for users it was optional, which it should be mandatory from now on. Yes, it took longer to login, but I rather take the extra minute that it was taking rather than deal with possible future consequences.


[1 Points] seventhaccount7:

It is not waterproof

hehe..Think you mean bulletproof.


[1 Points] None:

[deleted]


[1 Points] DNMTiger:

whats a way to tell the owner name on the pgp? im seeing a different one that was made recently


[1 Points] itsalaughinggas:

omit auto encryption, but also reject plaintext? can this be done?


[1 Points] SockPants:

Markets could also be made to force encrypted messages. I'm no expert on crypto, but encrypted messages have certain statistical characteristics such as a relatively uniform distribution of a certain set of characters when compared to human-readable text. By enforcing that all messages look like encrypted messages in this way, plain text messages can be filtered and disallowed and anyone attempting to send them can even be flagged.


[1 Points] JakeTheDog420420:

I have to say I love almost every idea you posted on this however I think removing markets from the superlist if they offer auto encryption is frankly a stupid move regardless... The idea is to protect the users right?

I think it's safe to say that the majority of regular darknet users know to manually encrypt their info. The compromised AutoEncrypted messages were most likely from more noobish people or people so lazy they would send their address in cleartext without that option. We already have plenty of tutorials on multisig for example but as no current market has implemented it in an easy enough fashion for the majority of users to understand it's still hardly used and allows for some pretty big issues if you think about it? So removing all markets from the superlist that offer traditional escrow wouldn't be much help either..

The thing that you have to remember is removing a valid security option doesn't help things ever really but adding more preventative security measures would.

So like on the order page where you enter your encrypted msg or choose the auto encrypt button a far more reasonable approach would be putting a warning to users that encrypting through the site could lead to compromised security and even link to a DNM tutorial on downloading and setting up PGP or Links to online PGP encrypters. I'm sure they'll still be users who choose to trust the sites encryption just like I'm sure they'll be some stupid enough to send it in cleartext anyway.

Also I would imagine that LE would simply come up with a work around to the problem and my worry is their workaround would enable them to gather far larger data regardless on if it was even encrypted.

For example, and considering we don't have all of the data from the hansa breach yet we don't know if LE did or didn't already employ this tactic but for them to compromise even more advanced darknet users they only needed to change the PGP keys of all vendors (or even target specific vendors they wanted more info on) so that people encrypting their vendors PGP will be unknowingly sending their data securely to LE's PGP...!

There are plenty of ways to make a PGP key look almost identical to another persons PGP key unless you know what you're looking at and unfortunately the majority of users don't... The easiest way to compare PGP keys for the regular darknet user is comparing it to GRAMS. I also think that if this grows and people start checking GRAMS more we could soon face a similar dilemma. As such I think it would be wise for GRAMS to also implement a canary. That way hopefully we're covered on multiple bases.

On the canary idea, I love it! 100% Think that should even possibly be enforced on all superlist marketplaces.. They could have it setup on an auto script tbh so it wouldn't even take more than a few seconds every how often its set. I mean the canary idea in essence could be extended to a number of different things and amazing ideas for the darknet community.. Someone should make a thread or subreddit for marketplace features, suggestions, upgrades & comments etc. Would be a good idea and all market operators could just sift through it when thinking of things to improve on or looking to see what the community wants etc!


[1 Points] HardC0r3:

realy awesome ideas. every market should implement that.


[1 Points] TrippleIntegralMeme:

https://m.imgur.com/r/spongebob/2XvYrM6


[1 Points] Eyeh8uAll:

Idea: No USA!

And servers in better locations


[1 Points] Eyeh8uAll:

Idea: No USA!

And servers in better locations


[1 Points] None:

[deleted]


[1 Points] None:

With all the intelligence in here I'd think you can come up with an easier way. Maybe a novel idea but, grow your own! All the time,effort, resources that go into this you can grow the best you've ever seen. Just a thought


[1 Points] Forever_Nocturnal:

Monero is a great option, but what about pivx or verge? I know verge already incorporates the use of TOR and i2p.

Idk much about this stuff so maybe someone could enlighten..


[1 Points] methbat:

wow...sounds like i need to research how to buy monero...but do markets like t.r. and w.s. support it?


[1 Points] Rideonem:

The operators of these sites get lazy or make critical mistakes like buying cars and houses. They should get out while they are ahead like the operator of black market reloaded did. Greed and such brought them down.


[1 Points] None:

[removed]