I met Eric Ford on a drizzly afternoon in Edinburgh in a bar in the city’s west end. I had been referred to him by a friend who said that Eric might know something about preserving one’s anonymity online. Eric, I was assured, had purchased class A’s on the internet.
‘Don’t tell him I’m a journalist,’ I said.
‘I’ll tell him you’re a client.’ Suddenly I had visions of Al Pacino in Scarface.
But it was all a joke. Eric wasn’t a drug lord. Not even a drug mule. In fact Eric was just your run-of-the-mill university student and casual weed toter.
Of course the first thing I did when I met Eric was tell him about me being a journalist. He agreed to talk to me and let me write about him as long as I changed his name, didn’t publish his address etc etc. Was I allowed to say we were in Edinburgh? He supposed so. After we had established that it wasn’t mere legal highs Eric was purchasing but real ‘soviet-grade’ marijuana – we moved on to the good stuff. Or at least the stuff I’m interested in: The Deep Web, The Tor Network and The Hidden Wiki.
Like many others Eric had stumbled across discussion boards that mentioned an elusive website called the Silk Road. This e-bay style site allows its users to purchase illicit substances with complete anonymity. The reason I say that it is elusive is because you can’t just go looking for it on Google; to get to the Silk Road you have to enter the Deep Web, the part of the internet that isn’t indexed by conventional search engines. The process is relatively esoteric and complex. ‘It took a bit of perseverance,’ said Eric. ‘But in reality it’s not all that hard to get it all set up. I did some research on TOR and then downloaded the browser the next day.’
Originally sponsored by the US Naval Research Laboratory, the Tor Network is widely used around the world for protecting anonymity online. Controversially though it is also used by people who want to remain invisible when making illegal transactions in the Deep Web. Visiting a website through Tor re-routes your connection through a random path of other Tor users’ computers before reaching the target web server, masking your originating location from that server. Thus your unique IP address is hidden and the authorities shouldn’t come knocking at your door. I should stress that this isn’t meant to be a how-to guide – and I don’t condone the use of drugs having taken ill after a calpol overdose at the age of seven. Mother calls it my Woodstock.
Unlike normal websites, Deep Web pages do not have catchy titles and user-friendly URLs. What you get are a series of random numbers and characters followed by, somewhat mercurially, “.onion”. This is the ‘O’ in TOR, which stands for The Onion Router. Like someone peeling an onion, each onion router removes a layer of encryption to uncover routing instructions, and sends a message to the next router where this is repeated. Easy as that.
Enter the Deep Web and one of the first pages you will likely be confronted with is the infamous “Hidden Wiki”. This is a bit like a map of the TOR network. It provides listings of various sites that range from the disturbing to the utterly insane. Listed below are some of the most notorious:
Banker & Co.- Professional Money Laundering Service.
Buttery Bootlegging: This person will go shop lifting for you.
Paypal4free – Hacked Paypal accounts for cheap, with balances.
Atlantic Carding – Credit Card information sold at a discount rate.
All Purpose Identities – US and Canadian Drivers Licenses, passports and much more.
Rent-a-Hacker – Professional hacker for hire.
White Wolves Contract Killer – speaks for itself.
The Human Experiment – where allegedly one can view medical experiments carried out on human subjects. Nice.
Mikko Hypponen, chief research officer at security firm F-Secure believes that although TOR has many laudable uses, others are content to abuse it. “It reminds me of the web in 1995. In those early days, once people got the hang of it, anything goes as there seemed to be no law, no police and no regulation. People trust they will never be found when they are on Tor.’
Some of these websites are probably hoaxes, aimed at perpetuating the myth of the Deep Web as a murky place to hang out. Yet there is certainly a great deal of harrowing material to be found, or avoided. I asked Eric whether he had come across anything that he found uncomfortable.
‘Personally I have only encountered one or two things that you could call dark or sensitive. I think like the regular internet it’s just a matter of avoiding that stuff. If you don’t want to find it you probably won’t. Obviously never click things like CP.’[CP stands for Child Pornography].
I asked Eric to tell me a bit more about the process of buying cannabis on The Silk Road. Was it easy? Did you worry about your bank details being stolen?
‘Apart from setting up the TOR browser on your computer you also have to make a bitcoin account. [Bitcoins are a way of paying for the purchase anonymously]. Sellers on the site are rated on their reliability so you kind of know who’s going to pull through. When you’ve made your purchase your bitcoins are held by a middleman until your purchase is completed. Then you get an envelope in the post.’
While obviously purchasers have to give over an address at some point, no names are exchanged. This means that were the police to intercept a package the purchaser has a degree of what you might call ‘plausible deniability.’
The attraction in the system insists Eric is that he doesn’t have to put himself at physical risk by purchasing street drugs. He insisted that the cannabis he was buying was also better and safer than what he could get in Edinburgh. ‘You are buying direct from the grower – which means the quality is more consistent.’
The time and effort required by police to track nefarious Tor users (even when possible) would be almost laughable if it weren’t such a serious issue.
Police have little to go on other than powerful servers known as TOR ‘end nodes’. These are servers which, in effect, connect the TOR network to the wider world. Yet it is a risky business managing one of these nodes as, unlike those on the TOR network proper, your IP address isn’t hidden. The owners of computers acting as end nodes for Tor traffic are usually volunteers – often with an interest in facilitating free speech for the oppressed. Donating your computer to be used as an ‘end node’ is in many ways a noble act. These volunteers have no idea what criminal traffic is passing through their machines however it is common for them to be harassed by police. Here is the account of one such end node operator posted on Spyblog.uk:
I totally believe in Tor. I think it is a magnificent force for the circumvention of internet censorship but there is a problem.
I was visited by the police in November because my IP address had turned up in the server logs of a site offering, or perhaps trading in (I was not told the details of the offence) indecent images of children. The date of the offence was about one month after I started the server so it looks as though the site in question had been under surveillance for more than a year.
It was what is known as a ‘dawn raid’ and, amazingly enough, my children were still asleep when it occurred. Thank God.
I explained to the officers, who we had heard threatening to break the door down before we let them in, about Tor but they had never heard of it. My wife says she thinks they were about to arrest me before that. I was not arrested. I was told not to touch the computer and it was placed, considerately, in a black plastic bag and taken away for forensic examination.
This man – who didn’t want to be named – was eventually cleared of all wrongdoing. At present TOR has around 4000 end nodes which allow the network to handle roughly two or three million daily users [at the time of writing]. But to sustain millions more users and keep traffic from slowing down it would take around 10,000 nodes. Tor is currently developing hardware that volunteers will be able to buy and plug into home computers to automatically become nodes. For those uncomfortable about running the nodes with all that illegal activity on the network, Tor offers a program to sponsor a larger one that is operated by experienced developers and serves as the final risky node in the chain. The incident above reveals just how eager the authorities are to infiltrate the TOR network but also a lack of understanding in just how the system works.
Underneath the nose of these authorities the operators of the Silk Road are making a tidy profit. The website receives around 60,000 hits a day from users all over the world and according to research by the Carnegie Melon institute the site was generating around $1.2 million dollars per month in the early part of 2012. Since then, Forbes magazine have estimated that the site was due to bring in around $30-$45 million dollars in 2013. For every transaction the site takes a 10% commission fee.
The founder of the site is the notoriously secretive Dread Pirate Roberts (a nom de plume taken from William Golding’s novel The Princess Bride) who is sought by governments across the world. Roberts does not permit the sale of child pornography, stolen goods or guns on the Silk Road. We know this because he is an active presence on the site’s discussion forums where he often shares his views on the US government and the Austrian school of economics; a school that bases its analyses on the purposeful actions of individuals.
“We can’t stay silent forever,’ he wrote recently, ‘We have an important message, and the time is ripe for the world to hear it. What we’re doing isn’t about scoring drugs or ‘sticking it to the man.’ It’s about standing up for our rights as human beings and refusing to submit when we’ve done no wrong. Silk Road is a vehicle for that message. All else is secondary.”
He insists that The Silk Road is part of a larger project to grant power back to the individual and take it away from big government. However we probably won’t be seeing him on the ballot box any time soon.
The important question in all this is whether software like TOR encourages criminal activity. It certainly enables it; a point which it its supporters concede. They also like to stress that traditional police techniques are still effective against Tor. Police can still investigate means and motive, analyse writing styles, conduct technical analysis of the content and various other types of physical investigation. The developers of the Tor Project also insist they work with governments and the police to train them how to use the Tor software to safely conduct investigations and anonymised activities online.
I asked Eric if I could see his set-up but he didn’t feel comfortable taking me to where he lived. After our conversation it didn’t really surprise me that he might be man with a few privacy issues. As we wondered to the exit we shared a joke about the TOR network possibly being a mythical pathway to the cosmos. He admitted that he had done a bit of fruitless alien hunting on the Deep Web. Well Eric, I was tempted to say, that’s what happens when you smoke too much dope brother.
(image:XuanChe/FlickrCC)
Planet Edinburgh 