Silk Road forums
Discussion => Security => Topic started by: railroadbill on September 22, 2013, 06:15 pm
-
Ranchi is a clearnet bbs that has been around for years that trades in cp. Being in the cryptonetwork community since before tor ive become aware of what goes on in the darkweb (its posted on the hidden wiki hard candy section). Its been taken down repeatedly but for some reason the admins have never been caught. As of now its the only cp site left. How is it the feds managed through some way or another to take down every hidden cp site there is and yet this clearnet site has been up for years?
Or look at it this way, if the feds pwn hidden services and take down SR, what to stop someone from adopting ranchi's methods to put up a clearnet SR?
-
I'm not familiar with the site, but logically, the only reason a clearnet CP site should be able to operate openly is that it's hosted somewhere that's too much trouble to take down. My prediction is that if you had a couple US news segments on it, and a few articles, and got people riled about it, it would be gone inside of a month.
Wikileaks is a decent example.. but they had a groundswell of public opinion behind them in many circles. The US strongarmed lots of their hosting nations/providers, but got to a point where they couldn't exactly launch a Tomahawk cruise missile at OVH's French datacenter. And I assume the French government or legal system told them to fuck off. So it stayed up.
I guess it could be done if you found somewhere suitable, but relying solely on political cover for heavily-targeted money making activities is an insane gamble. Google Viktor Bout for a great example.
The whole "bulletproof datacenter" concept only goes so far, IMHO.
-
you have a point, i cant seem to find any news stories about it. i recall a while ago reading a story that was posted on wikileaks on how the russian mafia manages to run its string of financial crime sites and the short hand was they operate using gateways sort of like a botnet does with its zombies, so if they find a gateway and try to link it back to the central server they hit the middle guard which is setup to detect any sort of abnormalities and shuts down and erases itself. Its almost like tor but very disposable. I think it is doable but it would take alot of resources to setup many servers and move them around alot.
-
I'm not familiar with the site, but logically, the only reason a clearnet CP site should be able to operate openly is that it's hosted somewhere that's too much trouble to take down. My prediction is that if you had a couple US news segments on it, and a few articles, and got people riled about it, it would be gone inside of a month.
Wikileaks is a decent example.. but they had a groundswell of public opinion behind them in many circles. The US strongarmed lots of their hosting nations/providers, but got to a point where they couldn't exactly launch a Tomahawk cruise missile at OVH's French datacenter. And I assume the French government or legal system told them to fuck off. So it stayed up.
I guess it could be done if you found somewhere suitable, but relying solely on political cover for heavily-targeted money making activities is an insane gamble. Google Viktor Bout for a great example.
The whole "bulletproof datacenter" concept only goes so far, IMHO.
As far as I can tell, Ranchi never stays at the same spot for long and is constantly moving the location of its server and gateway, and also uses new domain names at a rapid rate. It is hard to shut down because by the time you get to its current datacenter, or seize its current domain, it is going to be at another one half way around the world with another domain pointing to it. They might even use a fast flux Botnet. Another thing is I don't think Ranchi actually hosts CP they only let people post links to legal upload sites that they post CP on.
Although it is possible to host CP from clearnet servers without moving around all the time. Heihachi is a prime example of a hosting provider that has hosted botnet CNC and CP while telling the police of the world to fuck off. To appearances it seems they are able to do this because their datacenter is owned by the Russian mafia, and Russia is so corrupt that the mafia has substantial control of the government, and indeed the line between mafia and government is hard to tell in some cases. For example, the Russian cybercrime group RBN, another provider of bulletproof hosting, is thought to have done contract jobs for the Russian intelligence community.
Motherless is another site that gets away with hosting CP on the clearnet, even in the USA. They have taken a legal approach to security. Pretty much by only allowing user uploaded content, they have made it so they cannot get in trouble for the CP on their servers, so long as they remove CP when requested. The thing is, so many people post CP to motherless, and they are so slow to remove it, that it is essentially perpetually on motherless just like copyright violating material is perpetually on youtube despite efforts to remove it. By the time one offending bit of content is removed, the same thing has been uploaded a dozen other times. Also, they allow people to make uploads behind proxies, so the actual people posting illegal shit are secure because they are anonymous if they are smart, and the people running the server are secure because they technically comply with all laws while accepting CP with a wink and a nudge. Another thing working in their favor is that most of the illegal material depicts underage teenagers rather than true child porn, so the police probably have not made it a high priority, but they are kind of legally bound from doing anything against the operators of the site anyway. There are several other sites using a similar legal technique, but Motherless is probably the most blatantly accepting of CP of all of them. primeassteens is another such site, I see several people here have mentioned it actually, maybe not aware that it has more CP than you can shake a stick at on it. The sad thing is a lot of the people using sites like this don't even realize they are breaking the law because the sites are popular and on the clearnet, and it can be hard to tell legal teen porn from illegal teen porn in some cases. A lot of them probably have convinced themselves they are not breaking any laws, but the truth is all of these sites are bogged down with CP (although almost never anything below 12, and probably mostly 14+). Really nearly any porn site that allows user uploaded content is going to have CP on it, mostly teenagers, but different sites are quicker to take down offending material than others, and different sites have different policies in place to protect from being used by CP traders (ie: approval of all posted content before it is displayed would be an effective way to combat CP on such sites. So would banning images by their hash value instead of deleting offending uploads one at a time, even when they are duplicates of previously deleted images. But a lot of these sites know they are used for CP, and obviously are fine with it), and the groups who are particularly interested in this material are more likely to repeatedly post it to some sites than others (ie: they will post it to the sites that don't screen uploads prior to making the post viewable, and of those sites they will pick the ones that take the longest to take down offending material after it has been reported). Really there is no way to combat sites like this, the government cannot make a person responsible for the content other people have uploaded to their servers without making all sites that allow uploads vulnerable to being guilty of CP offenses, and the government has not even tried forcing sites to screen images uploaded before making them public. I think the law gives the owners 24 hours or something like that to take down CP after it is reported to them, but everybody knows taking it down is just a ceremonial dance, because it is going to be back ten minutes later (if it isn't already there at twenty other locations in the first place), and then it is back to 24 hours again after it is reported again. The police probably have better strategies than to waste their time doing that dance (and indeed they do, since the chatrooms and forums on these sites are totally filled with undercover cops posing as teenagers).
-
I wonder how a site like http://silkroadlink.com is set up.
-
I wonder how a site like http://silkroadlink.com is set up.
Hosted on a dedicated server in Iceland. Iceland has become a massive supporter of free speech on the internet, and sesides, talking about or linking to SilkRoad isn't illegal.
-
In the USA linking to silk road is illegal under the Ryan Haight Online Pharmacy act
-
Iceland is a great place to go for hosting servers. Orange Website is a recommend VPS hosting site out of Iceland. It's more costly than some places but IMO it's worth it given the political balls of the country.