Another Sloppy Security Blunder Takes Down Another Dark Web Drug Emporium

Crime
A blog about murder, theft, and other wickedness.
Oct. 17 2013 1:57 PM

Another Sloppy Security Blunder Takes Down Another Dark Web Drug Emporium

162913476
Yes, but are you ever *really* anonymous online?

Photo by Mohammed Al-Shaikh/AFP/Getty Images

It’s been a bad month for people who like to buy illegal drugs online. Just a few weeks after the illicit marketplace Silk Road got shut down by the feds, one of that site’s main Dark Web competitors is closing down as well. The proprietor of Black Market Reloaded—which Bitcoin Magazine has described as a Silk Road for people with "no moral restrictions at all”—announced Thursday that he was shutting the site. The reason: He’d made a sloppy decision that may have compromised his real-world identity—which is pretty much exactly what the FBI says happened to Ross William Ulbricht, the guy who allegedly ran Silk Road.

Here’s what seems to have happened. As you might imagine, Black Market Reloaded was deluged with new users in the wake of the Silk Road seizure, and the site’s owner, “backopy,” apparently had to acquire new servers to keep the site up and running under this increased demand. In a forum post published today under the title “The end of the road,” backopy wrote that he decided to use a virtual private server, or VPS, in order to meet demand. While you can get a VPS up and running faster than a dedicated physical server, the VPS will be less secure, in part because it is not wholly controlled by the site owner. Sure enough, as backopy wrote, the VPS administrator allegedly leaked the Black Market Reloaded source code. From that code, a careful investigator could have theoretically determined backopy’s identity, and possibly more. With the site compromised, backopy apparently decided to shut it down.

Advertisement

As a frequent evaluator of dumbness, I feel confident in my assessment that this was even dumber than the mistakes that allegedly sank Silk Road. Ross William Ulbricht’s alleged slip-ups came in the site’s early days, before Silk Road became a billion-dollar business. They were novice mistakes made by a novice manager. But Black Market Reloaded has been around awhile, and the site’s administrator should have known the risks of using a VPS. In this case, he actively chose to ignore safety in favor of expedience.

Sites like these promise safety in anonymity—that it’s a security feature when nobody really knows who they’re dealing with. But, as we’re learning, “you don’t know who you’re dealing with” can also be a huge negative when you don’t really know whether that person is taking the appropriate security precautions. And I guess you could argue that total security is always an illusion in cases like these—that as a site scales in size and popularity, it becomes harder to manage, and leads to more opportunities for a breach. Creating a digital trail is always fraught, no matter how well that trail is supposedly concealed or encrypted. That, to me, seems more convincing than the idea that these sites could’ve gone on forever if the creators weren’t big dummies.

Anyway, there are still several Dark Web marketplaces out there, and backopy himself has already promised that he will "come back in the future" with a new, safer version of the site. (Hooray?) I’m eager to see whether he and the other remaining proprietors have learned any lessons from Silk Road and Black Market Reloaded, or whether they, too, will fall in the wake of some digital blunder.

Justin Peters is a writer for Slate. He is working on a book about Aaron Swartz, copyright, and the rise of “free culture.” Email him at justintrevett@fastmail.fm.

TODAY IN SLATE

The World

The Budget Disaster that Sabotaged the WHO’s Response to Ebola

How Movies Like Contagion and Outbreak Distort Our Response to Real Epidemics

PowerPoint Is the Worst, and Now It’s the Latest Way to Hack Into Your Computer

Everything You Should Know About Today’s Eclipse

An Unscientific Ranking of Really, Really Old German Beers

Education

Welcome to 13th Grade!

Some high schools are offering a fifth year. That’s a great idea.

Culturebox

The Actual World

“Mount Thoreau” and the naming of things in the wilderness.

Want Kids to Delay Sex? Let Planned Parenthood Teach Them Sex Ed.

Can Democratic Sen. Mary Landrieu Pull Off One More Louisiana Miracle?

  News & Politics
Politics
Oct. 22 2014 9:42 PM Landslide Landrieu Can the Louisiana Democrat use the powers of incumbency to save herself one more time?
  Business
Moneybox
Oct. 23 2014 11:51 AM It Seems No One Is Rich or Happy: I Looked
  Life
The Vault
Oct. 23 2014 12:02 PM Delightfully Awkward Studio Action Shots of Players, Used on Early Baseball Cards
  Double X
The XX Factor
Oct. 23 2014 11:33 AM Watch Little Princesses Curse for the Feminist Cause
  Slate Plus
Working
Oct. 23 2014 11:28 AM Slate’s Working Podcast: Episode 2 Transcript Read what David Plotz asked Dr. Meri Kolbrener about her workday.
  Arts
Brow Beat
Oct. 23 2014 12:01 PM Who Is Constantine, and Should You Watch His New Show?
  Technology
Technology
Oct. 23 2014 11:45 AM The United States of Reddit  How social media is redrawing our borders. 
  Health & Science
Bad Astronomy
Oct. 23 2014 7:30 AM Our Solar System and Galaxy … Seen by an Astronaut
  Sports
Sports Nut
Oct. 20 2014 5:09 PM Keepaway, on Three. Ready—Break! On his record-breaking touchdown pass, Peyton Manning couldn’t even leave the celebration to chance.