On March 10th, several days after Incognito Market was assumed to be shut down or no longer be processing transactions, the site posted a message to its homepage that reads as follows:
”Expecting to hear the last of us yet? We got one final little nasty suprise for y'all. We have accumulated a list of private messages, transaction info and order details over the years. You'll be surprised at the number of people that relied on our "auto-encrypt" functionality. And by the way, your messages and transaction IDs were never actually deleted after the "expiry"...”
”SURPRISE SURPRISE !!! Anyway, if anything were to leak to law enforcement, I guess nobody never slipped up. We'll be publishing the entire dump of 557k orders and 862k crypto transaction IDs at the end of May, whether or not you and your customers' info is on that list is totally up to you. And yes... YES, THIS IS AN EXTORTION !!! As for the buyers, we'll be opening up a whitelist portal for them to remove their records as well in a few weeks.”
”Thank you all for doing business with Incognito Market”
Exit scams are not uncommon on dark web markets, but this one is particularly large and openly threatening compared to most. Incognito Market requires the loading of cryptocurrency to a site-based wallet, which can then be used for in-house transactions only. All cryptocurrency on the site was seized from user’s wallets, estimated to be anywhere from $10 million to $75 million. After seizing the cryptocurrency wallets of all of the marketplace’s users, the site now openly explains that it will publish transactions and chat logs of users who refuse to pay an extortion fee. The fee ranges from $100 to $20,000, a volume based 5 tier buyer/seller classification.
Incognito Market also now has a Payment Status tab, which states ”you can see which vendors care about their customers below.” and lists the some of the market’s largest sellers. Sellers which have allegedly paid the extortion fee to not have their transaction records released are displayed in green, while those who have not yet paid are displayed in red.
Additionally, in a few weeks the site claims it will have a “whitelist portal” which would allow buyers to wipe their transactions and re-encrypt chat records.
Whoever is behind the website must be extremely, extremely confident in their anonymity, already working with government agencies, or both, because a bounty on this person is likely worth millions.
One of the funniest things in the world to me is when libertarian bros, whose entire ideology is built solely on trust in non binding agreements, get destroyed when one side breaks the trust. It happens every single time and it is always funny. Non binding trust agreements can only work in a world built around human empathy, community, and mutual aid (aka: anarchism). Individualism and trust based ideology are at direct odds with each other, and yet libertarians are literally too dumb to realize this, and they fall for it every time.
I'm not saying that incognito market is a libertarian site, or that its users are libertarians, but this sort of thing is exactly what the libertarian ideal looks like. A completely unregulated marketplace built solely on the basis of trust. Every single time it happens it backfires spectacularly. It's the oldest trick in the book and people keep falling for it.
Put 10 libertarians in a room and every single one thinks they're the smartest person in there and their gonna scam all these other suckers for everything they've got.
Crabs in a bucket
Incognito and virtually all drug black markets in general are necessarily ancapistan writ small without even being ideological on either the market's or customer's end. It's just the natural outcome of a black market that can't possibly be regulated. If the US government ever wants to stop the flood of fentanyl deaths, the only way forward is to legalize pharmaceutical heroin and distribute it for free without a profit motive to people suffering from addiction. Too bad that'll never happen.
If the US government ever wants to stop the flood of fentanyl deaths, the only way forward is to legalize pharmaceutical heroin and distribute it for free without a profit motive to people suffering from addiction.
Not true. Post-ww2 china dealt with the massive amounts of opium addicts without legalizing it and freely distributing it.
Different conditions. Opium was forced on China at gunpoint as a tool of imperialism.
In the US, the criminalization of drugs is to this day used as a tool for police to terrorize marginalized communities and feed the prison slavery industrial complex. The solution to this problem is not going to be comparable to China's.
Also, no matter how much the US tries to restrict opioids, fentanyl will always be the easiest to smuggle and sell because it is synthetic and insanely potent. With more and harsher drug enforcement, all we observe is higher and higher concentrations of deadly fentanyl analogues in the drug supply.
You can draw a parallel between how imperialists forced opium on China and how the American state pushed a lot of working-class people to fentanyl first by getting them addicted to pharma opioids and then cutting their legal supply off.
As you mention, criminalization of drugs is being used as an oppression tool. But the solution to that is not necessarily legalization, because decriminalization may suffice. I believe that the best solution is not to attempt to regulate but to limit the incoming supply and attack the many roots of the problem: the pharma opioid epidemic, the unemployment and poverty ravaging former industrial centers, etc. All of this while the drugs are decriminalized and rehab programs are well funded and plentiful.
You can draw a parallel between how imperialists forced opium on China and how the American state pushed a lot of working-class people to fentanyl first by getting them addicted to pharma opioids and then cutting their legal supply off.
Definitely, I think that's a great point. In both cases we have the initial proliferation of opioids and addiction in pursuit of profit. But in the case of the US, I believe the over prescription of opioids is already over and now we're just dealing with the remaining consequences. The pendulum swung away from pill mills and forcefully towards doctors and pharmacists treating every patient in pain like a criminal. Especially black patients.
Tons of people who legitimately needed opioid painkillers were kicked off their prescription and made to suffer in agony. At the same time, tons of people who didn't initially need their prescription were also cut off, but their resulting chemical dependency presented a legitimate medical need for opioids all the same. Buprenorphine and Methadone maintenance therapy success rates prove that a maintenance dose of an opioid is a valid and effective treatment for opioid use disorder. Some countries are taking this further by prescribing clean Heroin, Morphine, and Hydromorphone in the same capacity as a Methadone clinic, these programs are essentially always successful at reducing overdoses.
Unfortunately in the US, Methadone clinics have strict rules that I believe are designed to deter patients from actually receiving Methadone maintenance therapy. You need to show up every single day to take your dose, and you probably don't live near a clinic unless you live in a big city. Regardless of whether you were addicted to anything other than opioids, using marijuana will also disqualify you from the treatment even in legal states. There are so many hoops to jump through that Methadone is not a viable option for most addicts in the US. Buprenorphine is easier to get prescribed and much harder to abuse, it's how I got clean from full agonist opioids seven years ago, and I still take my maintenance dose to this day. But since it's a partial agonist, it has a dose ceiling at which point taking more of the drug does not have any effects. People who have a huge tolerance to fentanyl will have a much harder time keeping their withdrawals at bay using Buprenorphine than they would using Methadone.
So barring those two maintenance therapy options, people who were kicked off their prescription in the US had no other immediate recourse other than to illegally seek out street opioids. These days, heroin and pharmaceutical grade opioids are increasingly rare on the black market. In some areas Heroin has all but disappeared and been replaced with fentanyl analogues and tranquilizers. You can't get that dangerous shit off the street with more enforcement. Opium requires large tracts of arable land in an appropriate climate to grow whereas fentanyl and its analogues are fully synthetic drugs produced in labs. As I mentioned earlier, these drugs are insanely potent, so it is vastly easier to hide and smuggle them than an equivalent number of opium doses.
In this situation, the more you crackdown on dealers, the more you disproportionately remove safer opioids from the drug supply while fentanyl remains in increasing concentrations. And the more you crackdown, the more you empower the racist, capitalist serving policing institutions in this country.
I can see an argument that a more China-like drug policy could work in the US after a proletarian revolution, but it isn't in our best interest otherwise. So long as the legacy of slavery and Jim Crow lives on in the modern US policing and prison institutions, the only viable goal is for us to push for full legalization while banning all profiteering from the production and/or distribution of addictive drugs. I recommend you take a look at Canada's safe supply program to get an idea of what such a program looks like and how it has been successful in reducing overdoses.
I don't really follow your argument. I understand how the opioid crisis in the US came to be, but just because synthetic opioids are a thing now doesn't mean that we have to accept them and fully legalize them. If someone made a dedicated effort to smuggle fentanyl to China (or produce it there) and they were successful in addicting a not-negligible part of the population (or even some cities), does that mean that the CCP would have no choice but to legalize opioids? It doesn't make sense to me.
I also want to raise two more points. First, I'm glad that you and other people have successfully battled opioid addiction with maintenance therapy, even if you're planning to be on maintenance indefinitely. However, I'm critical of the indefinite part, because pharma companies are incentivized to push for treatments like that, even though people may be able to completely ditch the maintenance dose.
Also, while reducing overdoses is a goal we should aim for, one must ask if the safe supply program has other consequences, such as more people being addicted in the long term.
My argument is that these potent synthetic opioids are killing people in large numbers, drug enforcement has done nothing to mitigate that, only having served to further terrorize marginalized communities and enslave racial minorities, and, as enforcement cracks down harder, we observe the situation getting worse as less potent opioids are replaced with fentanyl in the drug supply.
Clearly drug enforcement in the US isn't capable of dealing with opioid addiction, and that's not going to change until we've fully abolished the existing capitalist police and prison system. On the other hand, safe supply programs have not increased addiction rates in places where they have been implemented, they have only reduced overdoses and massively increased the quality of life for addicts. No one actually wants to use fentanyl, most people using it are doing so unknowingly or because it's the only option. If any regulated supply of pharmaceutical opioids existed for these people, fentanyl would absolutely disappear overnight.
It’s not that synthetic opiods should be legalised. Heroin should be legalised on prescription, in the same manner as methadone. And an equivalent stimulant for stimulant addicts.
In combination with available rehab and mental health treatment this leads to significantly less drug users and a change in the cultural attitude to drugs.
If the aim is simply to eradicate drug use to the maximum extent, that can also be achieved via state violence. That would carry greater dangers, costs and ethical concerns, so that the cure would turn out to be worse than the disease.
Mao’s success was achieved within the context of a revolutionary society. Drug reform is possible without even needing to take on the status quo, other than relatively minor vested interests like the police. And in some theoretical revolutionary context, it’s obviously not desirable to inflict unnecessary violence, indeed that’s one of the reasons that China, the USSR and other communist states ended up becoming revisionist, because of an excess of needless revolutionary violence.
Decriminalisation means that drug profits still end up with organised crime.
Legalising opioids like alcohol is legalised is obviously bad, but government subsidised prescription opioids would allow users to get in the headspace to sort the rest of their lives out while they become more ready to stop using (or not, some people last forever on methadone programs).
rehab programs are well funded and plentiful.
does anyone actually know what this would entail?
As a SUD counselor it would probably start with
actually funding residential treatment programs and nationalize healthcare so that you dont have to shop around for a program that takes your specific insurance private or public. In LA county, which is the county with the most amount of treatment programs in the country there are roughly about 100 open beds at any given moment for a speculative population of 120,000 people from the streets and prisons.
simplify the process of opening a residential treatment program, the average time it takes for a new house to open from proposal to the city to accepting Patients is six years
Fast track higher education for medical personal, especially SUD Counselors, Clinicians, Psychiatrists the latter of which is a greying field. We lack staff all the goddamn time.
Actual Reentry Programs. The highest reason for relapse for almost all my patients center around a lack of reentry resources that ensure their material circumstances being stable.
Why would someone not know? Rehab programs are already a thing and they do help people, but they can be understaffed, which more funding can solve. They also need to be constantly educated on novel drugs (like research chemicals) which isn't happening at most places -- plenty of posts in research chemical subs where people go to a hospital or rehab and they don't even know the substances they're taking.
The leopard was never supposed to eat their face, or so they usually say at times like these.
Imagine if 4chan or reddit or w/e did get their own country kekistan it'd be on fire and the copper wire gutted out of the walls by day 2
This already happened in Grafton, New Hampshire as a result of the so-called “Free Town Project” and the town got so overrun with management issues, including an infestation of black bears and other beasts of the forest, that even the libertarians who lived there determined the project had to be abandoned. Not an exaggeration. Here’s a brief section from the Wikipedia article about it:
In 2004, Grafton became the focus for Libertarians as part of the Free Town Project (a single-town version of the Free State Project). One of the goals was to advocate for legal changes. Grafton's appeal as a favorable destination was due to its absence of zoning laws and a then-low property tax rate. John Babiarz, a Grafton resident and prominent member of the Libertarian Party, encouraged libertarian people to move there.
During this time, the town's population grew by about 200 people (about 20%); nearly all of the newcomers were men. Project participants did not find themselves as welcome as they had hoped, but they voted in changes including a 30% reduction in the town's already-small budget. This resulted in eliminating funding to the county's senior-citizens council, town offices going unheated during the winter, poorly maintained roads filled with potholes, and inconsistent basic services, such as trash collection. The libertarian newcomers additionally increased the town's costs by filing lawsuits against it in attempts to set various legal precedents.
Some libertarian newcomers to Grafton refused to buy bear-resistant containers. The project has been associated with an increase in the number and aggressiveness of black bears in town, including entering homes, mauling people, and eating pets. A single, definitive cause for the abnormal behavior of the bears has not been proven, but it may be due to libertarian residents who refuse to buy and use bear-resistant containers, who do not dispose of waste materials (such as feces) safely, or who deliberately put out food to attract the bears to their own yards, without caring how this affected other people.
After a rash of lawsuits from Free Towners, an influx of sex offenders, an increase of crime, problems with bold local bears, and the first murders in the town's history, the Libertarian project ended in 2016.
Comrade bears come to deal with the lolbertarian menace.
infestation of black bears
"See, you authoritarians only ever have rats or cockroaches infestations, we freedom loving ancaps are getting BEARS, proving we are better at everything"
There's a book about this called, "A libertarian walks into a bear". I enjoyed it.
Highly recommend looking g up libertarians previous attempts at independant towns that have hilariously predictable results.
Like the town in the desert that collapsed because nobody wanted to pay to have water trucked in after they decided they didn't want their taxes going to things like a water line.
Or the town in New Hampshire that was ruined because bears don't respect rhe NAP after they refused to pay money for garbage removal services.
Libertarians don't intellectually advance past the point where your 10 years old and think you're going to go build a house in the wood out of sticks and live there.
Can you imagine some kind of IASIP-style story set in a Star Wars-like universe where it's just ancapistan system failures 24/7 but all the characters are true believers.
we never did what we were claiming to do with your data but this time we'll really delete it if you pay us, promise
I feel like paying for your data to be removed will be used as further evidence by the Feds of your identity. If you just leave it be, you can claim plausible deniability and suggest that anyone can use any address as a decoy/dead drop, which is a common tactic for dark web vendors.
Yeah that’s a fairly common understanding of the situation thus far. Speculation at this point is that they are already in cooperation with the Feds and have been for some time
The CIA definitely works with crypto to acquire black market cyber tools, among other illicit activities, but I can’t imagine the profits from a market ransom being that great compared to traditional gun running and drug trafficking (or just creative banking and front orgs).
And also we super promise that even though we have a bounty of probably millions on our heads right now that we will totally be honest with your extortion transaction and not only not leak your data to the only people (govt agencies) who will care about protecting us, but also we super promise to permanently delete your data. We also super promise to delete our backdoor key to the site-wide auto encryption so any transaction and chat data which already exists will be inaccessible forever.
To be fair anyone who’s foolish to use an on-site encryption feature is foolish. Almost every basic deep web guide explicitly says to use your OS’ pre-downloaded encryption apps and to never trust a site’s encryption.
I mean yeah of course, but it tracks 100%. People who already think they are smart for using the dark web and crypto would many times be the exact people who think they’ve already taken adequate precautions. A learned fool is more of a fool than an ignorant fool.
Wow that's pretty wild, even for the darknet. The operator is putting a lot of heat on themselves by doing this.
To think, if we all legalized drugs then there would be none of these darknet exit scams.
It sounds like those who practiced proper OPSEC are unaffected by the extortion. Hopefully that encourages more people to take their own OPSEC seriously.
Yep, ALWAYS encrypt your messages yourself (pgp) and don't rely on the site's encryption. Ever. This isn't just opsec 101, but absolutely basic practice for anyone using DNMs. Literally the only downside of doing that is that it's slightly less convenient while the upsides can't be counted but include making it impossible for the market/site admins to extort you like this. Any buyer should know this but it's understandable that some people just need to get their meds as easily as possible and let the opsec slide where they shouldn't. But vendors?? Not using PGP to talk to people you're selling drugs to is just astoundingly short sighted. The whole purpose of DNMs is that anonymity is maintained to an extent that this kind of thing isn't possible.
Auto-encrypt is a shady feature to have on a shady site. I wonder if vendors had a way to deny those customers? Even if there was, I get the impression that it wasn't a common practice. It also looks like some people were still using BTC.
Vendors I think have the ability to deny customers for whatever reason they want and vice versa. If you're a buyer and your vendor refuses to use PGP, you should find another vendor. If you're a vendor and your buyer refuses to use PGP you should simply block them and not vend to them. I'm also getting the impression that this wasn't common practice on Incognito, but years ago back when I, um, read about this stuff, it was never a majority but it wasn't uncommon for vendors to state up front they only vend to people who will use PGP. Sometimes vendors would give a discount to people who did. I'm sure a lot of vendors right now are wishing they had followed that very common sense policy.
for vendors to state up front they only vend to people who will use PGP
If you're playing it by-the-book, that is the standard operation procedure. You don't want to give any data to or have any other connection with a vendor who doesn't 100% require PGP.
Vendors I think have the ability to deny customers for whatever reason they want and vice versa.
What I meant is: I don't know if there was a way for vendors to identify whether a specific buyer was using their own PGP key or the auto-encryption feature. Both might have looked the same from the vendor's side of things. If so, they wouldn't have been able to selectively deny auto-encryption users.
I edited this comment for clarity and because I accidentally said something backwards initially:
Hmm, it should be plainly obvious if someone is encrypting their messages to you. Like, what I think you're describing couldn't even work by accident. Other people's keys can't be used. If someone wants to communicate with you, they need your public key to encrypt their message to you and only you can then decrypt that message with your private key. If you then want to respond, you need their public key to encrypt your response, which only they can decrypt.
Example: if a buyer contacts a vendor, the buyer is not using their (the buyer's) own key. The buyer must use the vendor's public key to encrypt a message that the vendor then decrypts locally (which only the vendor can do with their private key). If the buyer used any other key, the vendor couldn't decrypt the message and no transaction could proceed. If the vendor wants to then send a message to the buyer, that's when the vendor uses the buyer's public key to encrypt that message. If the buyer gave the vendor any public key that is not their own, that buyer then couldn't decrypt the message the vendor sent them. There's really no place in this process where the vendor wouldn't know if the buyer was using their own PGP key.
In my past experience, people would put their public keys in their profile. The auto-encryption doesn't even look like encryption, it just looks like sending messages normally, the same way it looks using any encrypted messenger service: you just accept and trust that the service really is encrypting and decrypting at both ends and all you see is the text that someone sends you. There are steps both you and the person you're talking to have to take when doing your own encryption. Even when you're using PGP, you're still sending text over the market messaging system, and the market is encrypting that, but the text you're sending will look like total gibberish to everyone. Not just to the market, but it will look like total gibberish even to you after you encrypted the text locally on your own device, and of course it will also look like total gibberish to the person you're sending it to until they decrypt it locally on their end. There really should be no room for confusing who's public key is being used, not even mistakenly because the decryption wouldn't work. Unless I'm still misunderstanding you, or unless communication methods on the DNMs have so drastically changed in recent years that they're incomparable, but I know that's not the case.
Yes, I think we might be missing each other a little bit again, perhaps due to different ideas about how the auto-encryption is operating.
The correct public and private keys will always be used if the communication is going to work. Auto-PGP would still be using public and private keys for the buyer and the vendor.
The way I understand it, auto-encryption is a one-sided mechanic: It's something that the buyer ticks on/off.
If so then it is designed to interface fine with people using manual PGP, such as vendors.
If such a system generates the proper keys for the buyer and handles encryption/decryption automatically so that everything always appears to them as plaintext on the frontend (because the system maintains their keys), then it would still be able to serve the vendor a traditional UX that requires manually handling the keys. In this case, the experience of the vendor would be identical regardless of whether the buyer is using auto-encryption or not.
This would only expose one side of the conversation to the server admins, of course: The messages sent from the vendor to the buyer (because the system only has the buyer's private key).
I do not know if this is the way it was actually implemented. However there is discussion on Dread right now that leads me to believe that auto-encryption works somewhat similarly to what I have just described (at least from the vendor's perspective).
edit: Looking back, I might have introduced some confusion with this line:
to identify whether a specific buyer was using their own PGP key or the auto-encryption feature
It would have been more clear for me to say:
to identify whether a specific buyer was using their own manually-generated PGP keys or using PGP keys generated for them through the auto-encryption feature.
I would simply not use the Internet for anything illegal enough that this is a concern
I person I used to know, who turned out to be a real piece of human garbage, told me that they were using the internet to connect with dealers for irl small time consumption purchases.
Yikes
I learn a little bit more about it. It's done through Discord.
Bruh
I don't even trust Signal or Telegram that much that I'd be comfortable connecting with new people and arranging specifics relating to criminal activity. But Discord!?
Smh
And it gets worse. It's a Discord group and the mods facilitated a verification process - you would literally upload a photo of your purchased goods to the moderators.
Holy fucking shit
By this stage I'm like "Nope, I don't want to hear anything more about this" because this was either a massive honeypot or as soon as a moderator got flipped by the feds or had their account hacked by them, it was going to turn into one. The less I know about that shit, the better. There's just no way that this server doesn't end badly and it's only a matter of time.
or as soon as a moderator got flipped by the feds or had their account hacked by them
not even necessary, why wouldn't Discord give the feds some kind of full-record transcript file or a ghost guest account on the server? Discord doesn't make any extreme privacy claims AFAIK.
Fascists often refer to Discord disdainfully as Doxcord because they believe that it leaks their details to the feds.
I'm not one to take the fash at their word but in this case I'd be inclined to agree. There's nothing about Discord that indicates to me that it's anything but a typical leaky platform which collaborates closely with government like WhatsApp or any other typical service like that.
You don't have to, Discord doesn't have end-to-end encryption at all. It's as secure as an IRC channel on a public network. While good IRC networks are moderated and everyone understands that their chats are logged, Discord has been able to sell its software to millions of users who have no digital consciousness to realize that none of their messages are private. Discord has ingrained itself into the digital psyche of society perfectly even though it is no less hazardous than any PRISM/Silicon Valley product.
I've had people tell me they feel secure using Discord because there's millions of people using it and they are more secure "in the pack." Like no, you're not more powerful than a HashMap, the entire fucking IT industry is built on chewing data.
Good friends don't let their friends use Discord. Matrix (though it used to be funded by an Israeli tech firm and generates a ton of metadata) in comparison is leagues better in basic decorum (no more gamer slop) + actually being a federated platform.
If you want something that actually checks the boxes for security than you can look at GNU Jami.
Flipping a moderator would let them use the moderator's account to encourage people to leak more details or do more crimes they can be prosecuted for, on top of whatever logs Discord will give them for a warrant (if Discord even requires warrants).
I mean how the fuck else do I reach my plug but with encrypted messaging of some sort?
Drug dealing Discord server is definitely just a terrible idea tho.
Idk about you but it's a bit far for my tastes on a few counts:
-
Finding new dealers online to meet them in person
-
Using Discord to coordinate
-
Using language that is completely unambiguous when communicating with a dealer through a service like Discord
-
Being in a Discord server that's specifically for arranging deals
-
Sending some anonymous third party team
admissible evidenceverification images to confirm that you made a purchase of illegal substances from the other party
I'd only be using personal, encrypted communication for this. I would have an agreed upon code with them that provides me with plausible deniability, something simple like asking if they're free soon and using the length of time to refer to different quantities (swinging past to say hi/catching up/hanging out for the day). I would communicate the rest in person.
Maybe I'm overly security conscious with this sort of stuff but a little bit of preventative effort goes a long way.
Am I putting my phone in their fridge when I get to their place? Lol nah. But if it isn't just a friend who happens to be slinging some merch on the side but they're an actual dealer then I'm turning my phone off before I get there, and a few other things.
Ultimately if the cops really want to get you then they'll probably find a way eventually but that doesn't mean you should make it easy for them.
Do you really think these little "codes" offer any real deniability? Like a dealer would have to be using the same codes for everyone otherwise there would be no way for them to keep track. So their communications if compromised would be easy enough to decypher. I guess it depends on the local jurisprudence but I feel like after many years of cat n mouse this one is probably covered most places. The more despised a person already is due to race, class, etc, the moreso that it's the case.
The dealers I had that I trusted the most took the initiative for security rather than letting customers dictate it. First of all, they never did any business at their homes. But for business, they would only go to yours. Only took customers by referral which was done in person with prior agreement and only after you'd been a customer for a while. Never answered an unknown number. If they found out you gave their number to someone, they'd take you off their list. They had a business phone which was separate from their personal phones and changed the number periodically. They kept scheduled hours when they'd answer the phone, shared between the 3 of them, and turned it off the rest of the time. And they instructed their customers how to talk on the phone, what to say. Nothing about quantities. You invite them over, they already know who you are and where you are, they agree to come and you do all business in person, in your home. No strangers present for the transaction.
Kind of lacked the.... charm of going to the living room where you just show up any time you can hear the music from the street but also you never heard about such n such getting busted. I think if the customer is setting the security protocols you are in trouble because they are probably just humouring you and doing everything sloppy when out of sight. You want to be cagey you gotta find a cagey dealer.
I think it depends a lot on the country you're in, especially the laws, and the size of your city and who you're buying from and what they sell but personally, in the days when I used to do this stuff, it would always be through a friend, and associate, or a friend of one of those. Some of the people were selling to make ends meet but even they were still small-time and so they were definitely more amateurish than someone who is effectively operating a business and it showed in how they managed their affairs.
Do you really think these little "codes" offer any real deniability? Like a dealer would have to be using the same codes for everyone otherwise there would be no way for them to keep track. So their communications if compromised would be easy enough to decypher. I guess it depends on the local jurisprudence but I feel like after many years of cat n mouse this one is probably covered most places.
If you are busted, it isn't going to save you.
But if they're doing dragnet surveillance of the communication that the dealer is engaged in, they might not be assigning a whole lot of resources to the task - it might just be a matter of getting names and identifying the candidates who are the obvious ones but the other minutiae gets overlooked because it isn't considered worth the cops' time investigating every single contact. (This is where the benefit of small-time dealers comes in - they are almost always going to be sloppier with everything they do but if they aren't moving tons of product then the cops are less likely to treat it like they're busting a ring and more likely they're going to take down a couple of people who are the easiest targets before moving on the supplier. In this situation it's a bit like that adage - you don't have to be the fastest runner to get away from a bear, you just have to be faster than the guy next to you.)
Or if it's something where they need to get a judge's signature before they can target you for surveillance or searches then they likely need to at least have a semblance of cause before they will get the go-ahead and simply messaging to ask if someone is free to catch up isn't likely to meet that standard. If it does happen to get the sign off, there's a chance that you'd be able to contest shit in a courtroom if you did get busted but that all depends on your local laws, how corrupt the judiciary is, how much the police think they can get away with when they lie in their testimony and all of that. But cases do get thrown out due to failure to adhere to the correct process often enough that it can be worth taking a shot at it.
Look, I'm no sovereign citizen and I'm not under the impression that you can just utter the correct magical phrase which was taught to you by a more senior
constitutional wizardSovCit and that will dispell any charges against you but at the same time maintaining plausible deniability and covering your tracks is always the best practice. Even if it doesn't prevent you from getting charged, depriving the prosecution of evidence and especially the stuff that clearly implicates you will make their job harder and it can lead to reduced charges, lighter sentencing, and better chances at a suspended sentence or getting parole earlier and stuff like that.If there was one simple trick to this either everyone would know about it or they'd ban it. But most of the time people come unstuck because of the cumulative effect of a series of bad choices and if you can minimise the bad choices then you mitigate the consequences.
(It just occurred to me since I was typing out this comment and thinking about this Discord server - does discord automatically strip metadata from images? Because if not, goddamn that's another massive risk to go exposung yourself to.)
-
hmm what about trans cde living in a reactionary place that need their meds? maybe there's a better option, you think? i don't know too much outside of diy stuff outside the imperial core so feel free to correct me
in the US at least, getting hormones through the internet is grey market,
not actually illegal / black market like most recreational drugs.EDIT: I have been corrected, buying estradiol and progesterone on the grey market is technically not legal, and buying testosterone is actually illegal, which is especially sad for the transmasc bros. but it's still not enforced very strongly, afaik.
I haven't looked into specific state laws, I just know it's not federally illegal – but considering some states are looking to make mail-order contraceptives illegal, I wouldn't be surprised to see HRT on the chopping block next.
It is illegal, just barely enforced for most prescription drugs
hmm what about trans cde living in a reactionary place that need their meds
we're small fry. I make some efforts to hide things but at its absolute worst its in the plausible deniability zone
Ethinyl estradiol is OTC pretty much globally
Regardless I'd hook in with local dealers before the Internet. It's pretty easy to walk around, smell weed, and ask for a plug
Regardless I'd hook in with local dealers before the Internet. It's pretty easy to walk around, smell weed, and ask for a plug
It's great if that's possible for you, but for lots of people it's not. There are so many circumstances where DNMs are the only real option.
No lmao I may have worded that wrong. I was referring only to a way to get a plug, and implying that if femme hrt became illegal drug dealers would probably push it around just like some do testosterone and PEDs
I really feel the market is a bit more segmented than that. Everyone I know who was getting extra legal T (etc) got connected at a gym. It's too niche for the average weed guy to keep on hand or even get it special order because their source also unlikely has it.
You do, but if you actually read the research and ask doctors, it's a good last resort alternative. If your options are no estrogen or ethinyl estradiol, ethinyl is the way to go
BC pills should not be confused with pure ethinyl estradiol post menopausal pills
Yes that's fair enough. I did a brief stint on Ethinyl when I was totally broke and had fuck all and a Romanian lady was nice to me at a bootleg cigarette kiosk in South London
Due to steroids being more and more popular, there's a lot of info about how to get black market testosterone these days.
edit: also you honestly don't even have to go online, just go into a gym (or have a masc presenting buddy go into the gym for you if nervous) and you'll find T
pardon my ignorance, when you say 'these days' does that kinda mean like post 2000s? i imagine testosterone or other compounds weren't always all that easy to get, and is that mostly due to the ease of purchasing online?
It wasn't as easy to get, less people were using it outside of very serious bodybuilders, and yeah online sourcing has made it even easier.
And yeah, I'd say in addition to the internet in general, around late aughts/early 2010s started a rise in social media and accompanying body dysmophria skyrocketing in men and boys due to it.
This was also followed by a shift in body ideals for men. You can see this reflected in our celebrities; take the physique of an 80s action guy like Jean Claude Van Damme for instance vs Chris Hemsworth's Thor.
It followed that guys wanted to look even beefier with physiques that are largely unattainable through natural means, cue rising anabolic steroid usage.
There's also the rise of things like fitness culture contributing to it and "alpha male" stuff so now every other cis guy is at the TRT clinic for supposed low testosterone levels.
As a bonus it's now less stigmatized than it used to be.
So now there's more people using, more people selling it, and more ways to get it if you can't legally, just a numbers game.
Incognito Market requires the loading of cryptocurrency to a site-based wallet, which can then be used for in-house transactions only.
That's like paying for in-game currency in a video game. Losers, lmao.
Turning all your cash into chips at the "were gonna fuck you over casino and resprt"
Online casinos registered in countries that have no gambling regulations be like
For christs sake:
Only ever explicitly discuss serious illegal activities in person, preferably outdoors and without any technology on you
Only coordinate meetings to discuss the above over an encrypted messaging method such as signal, and in this avoid specifics and keep this to an absolute minimum (metadata can also be incriminating, and phones out computers can be compromised)
If significant payment is involved, cash, barter or work trade are the only acceptable forms. Ever.
Don't be a fucking sucker
Any questions?
you are supposed to PGP encrypt all comms with the seller's public key. The only Incognito customers who will be affected are ones who are stupid and trusted the "auto-encrypt" functionality of a site whose CSS and little fake crypto punks told you it was built by not just ordinary criminals but techbros.
RIP vendors though
You'd use the vendors public key actually, no? Then they would decrypt with the private key? That way they could pass around a key that is not secret
wouldnt it not even matter due to the blockchain ledger showing transactions?
even if 90% of vendors paid up the last who didnt would have their clients info published and those wallets/transactions will reveal what was bought by those users from other vendors. even just a small fragment opens up a ton of other vendors and users from being exposed
also, lol
Not with monero, the txes aren't traceable down to specific ppl
Buying drugs in person puts someone at risk of violence and death. Buying drugs on a DNM (assuming you use a very basic amount of opsec) the biggest risk is losing a little bit of crypto.
Don't be a fucking sucker Any questions?
Such an ignorant and privileged thing to say.
And most importantly, buying on the DNM allows you to actually read reviews from other people who purchased from the same vendor. Not on the market itself, but on some of the onion drug forums set up for reviews and discussion. You have the opportunity to check if some vendor's "Heroin" is actually just fentalogues and xylazine. There is no chance to do that IRL unless you're friends with your dealer or something.
This shit is literally life and death for a lot of opioid addicts, and I'm kind of disappointed in Hexbear for this thread labeling everyone caught up in this as just another cryptobro to make fun of. In my experience, neither the vendors nor the customers are using the crypto for any reason other than to facilitate the sales without exposing anything about their identities.
I couldn't agree more. About the importance of being able to read reviews of the vendors made by the community and how much of a boon that is for buyers and their well being, something that simply doesn't exist when it comes to buying from irl dealers. But also about how disappointing it is that so many hexbears not only don't understand this but are being really demeaning towards people who don't deserve it.
The whole "no investigation, no right to speak" thing doesn't just apply to the discussion of politics. And some of the attitudes here about people who use DNMs are almost bordering on victim-blaming. You're right, the ubiquitous use of cryptocurrency on the DNMs is not because the people who use them are the cryptobros we all know and hate, it's because that's literally the only safe way for any of this to work. Most people using the DNMs would rather not have to go through the hassle of having to learn to use crypto in the first place, or deal with the small loss of funds every time they convert their real money into it, or risk losing it because they messed up somehow with their wallet address or something. The use of crypto in this case is an unfortunate necessity most would avoid if they could.
I agree with what you are saying regarding buying drugs online being objectively safer but come on now regarding calling somebody privileged for not wanting to take the other risks associated with buying drugs a different way
"Don't be a fucking sucker. Any questions?" is what the other person said about people who choose to/have to buy their drugs online. I am calling that statement privileged. That person is the one singling out a specific way of getting drugs and demeaning it, not me. Not sure why you'd get on me about something that I'm not only not doing, but actually calling out someone else for doing.
Oh I’m sorry I think I was just tired and misinterpreted the conversation
Lmao You're automatically risking violence with the police by trying to buy illegal drugs. Using cryptography as cover doesn't change that
If you're buying drugs period "you're automatically risking violence with the police." Full stop. Hell, you're automatically risking violence with the police by existing as a person of color. None of that changes the fact that in-person drug deals are inherently more risky than DNM deals. "lmao"
Also, using encryption "as cover" makes all the difference here. It's massively consequential as this news story makes obvious. The person you're responding to is just being obtuse.
The risk I'm more concerned about is the risk of cops accessing info and of felony charges.
The risk of cops busting a buyer (of personal use amounts, or even enough for a couple friends) is almost nil for the DNMs because of the amount of work necessary, but a buyer's odds of getting caught during an in-person deal go up drastically because even if they're just after the dealer, the buyer usually gets fucked too since they're right there and part of the bust. The risk of cops busting a dealer/vendor depends a lot on the volume they move, whether it's online or in person. With good opsec the risk is still much lower for vendors than it is for dealers in person. There's also no risk of getting jumped and beaten/killed while you're making a transaction.
Unfortunately, nearly all sellers keep records of their customers and there isn't anything you can do about it. Your number is in your IRL plug's phone and the cops will seize it. The cops may raid your DNM vendor's house while he's using the computer and has everything decrypted. With thoughtful market design you can ensure that only the seller has your info, so that this risk is no higher than for IRL transactions with no third party. But it'll never be 0
Signal is not secure, nor is Tor. Read "Surveillance Valley". That being said, you probably won't be visited by the cops over a buying a gram of something online.
I'm reading Surveillance Valley, and I'm not sure what you mean by "not secure"
The book states that Signal and Tor were developed by feds, meaning they're completely compromised. It's in the latter chapters.
The fact that tor was developed by feds (CIA agents actually use it in the field, too, IIRC) does not mean it's compromised. Its source code might be among the most audited ones around, including by well-known cryptographers. When the NSA put a backdoor in Dual_EC_DRBG, it was identified quickly and outside of shitty security appliances from RSA in corporate environments, very few projects actually ended up using it. I suspect such a thing would happen with tor.
SELinux is similar: developed by the NSA, but also audited to shit by countless security researcher eager to put their names on the map.
Also, the fact that all tor services that were taken down by LE thus far we know of were taken down through human error on the operator's side or active exploitation of software flaws in the service itself, combined with the Snowden leaks describing tor as a constant pain in their backside, also point towards the same conclusion.
While I don't think Tor is innately insecure or cryptographically compromised, it has been known for many years that a lot of its network nodes are operated by feds. Just due to the way Tor works, if you happen to control every node being used in a session, then you have full control and can de-anonymize users. Anyone can volunteer to act as a bridge/relay/exit node, and the feds obviously have the resources to pull off targeted attacks this way if they wanted to.
Any specific evidence of compromise? Governments have been known to fund and even directly develop tools later used against them.
I don't have the book checked out anymore, but once you get to the part about Ross ulbrecht, it's right around there. At bare minimum, you can force someone's identity. 0day exploits have also been given to the intelligence services first.
Thanks for the recommendation, I'll read that when I get a chance
Most consumers are junkies, so their money goes out faster than it comes in. The sellers, however...
"we scammed you with what amounts to signing up for and engaging with a complicated scam mailing list, so here, sign up on this mailing list to stop our extortion"
Smells like yet another CIA grab after Taliban liquidation of poppy fields strained the black funds. Then again, Pentagon and letters can embezzle money completely in the open without any consequences so idk.
I feel bad for the small people who will be scammed, incarcerated or otherwise have their lives disrupted due to the state/corporate enforcement of unregulated markets.
"Now that we have explicitly fucked you over and shown ourselves to be completely untrustworthy pay us more money and we promise we won't continue to fuck you over."
Anybody who pays that fee is awfully gullible but i guess for a lot of people they probably don't have a lot of options.
The fee ranges from $100 to $20,000
for what I assume most illegal activity vendors are charging for their services, this is probably pro-rated to each accounts's transfers. They estimate that $10 million to $75 million was on the website at the time of closure, so even if it is a trick, I wouldn't be surprised if these ransom fees aren't actually all that high compared to other "costs of doing business".
