Silk Road forums

There's no way to tell what originated from your network from what was relayed through your network.

Sure there is. Who is the attacker (ISP, node, a few nodes, website, etc)? Are you a relay or an exit?

The down side is you have a steady stream of Tor traffic going through your home network, which your ISP will notice sooner or later (especially if you let your Tor relay hog all your bandwidth, which it just may do).  This will give you the kind of attention you may not want.

The down side is that you have no membership concealment and make yourself significantly weaker to a lot of serious attacks (and yet more secure from others...although imo it is totally not worth it). I encourage people to run Tor relay nodes. Don't run a relay on the same machine you use for your client though. Or even the same internal network. VPS nodes are cheap. I highly suggest that you contribute to the Tor network by buying a cheap VPS and setting it up as a Tor relay, exit or semi-public bridge. But if you run a relay, exit or bridge on your home PC you are going to be reducing the anonymity you get as a client.

The thing is that it might need to be quite a lot of space to make a significant difference. Also I wouldn't assume that the vendors here even know about this sort of attack.

I figured someone was going to say that, but the truth is you are speculating and only hoping that doesn't happen.

If it even happens once, don't you think one ruined life is enough?

My point is the vendors, unless they are good humans, will not have a vested interest in keeping you not addicted to these drugs. The point is to get people hooked so they keep buying more. It's a dirty dirty business and it needs to be put out of easy view. Sure there could be vendors who aren't like that, but people can get hooked anyways because of the nature of the drug.

Trust me, there will be more and more people figuring out how to get on to this website. If I can do it, anybody can. I'm only saying this for future reference. Plus it may keep some heat off of SR's back when it comes to authorities.

Don't you think one ruined life from the drug war is enough? How many of us do you want to die in prisons? Also fwiw I used heroin regularly for about two weeks and then quit. I smoked crack once. I smoked meth a dozen times and quit (although I still get cravings for it on occasion, like seven years later, after only having smoked it a dozen times.... the shit is fucking super addictive and I highly suggest that people avoid it).

Driving a certain type of truck doesn't necessarily mean that you are robbing banks but LE are still going to check DMV records to see who all owns that sort of truck in a certain area, if a certain type of truck is spotted at a bunch of bank robberies. You guys entirely miss the distinction between intelligence and concrete evidence. Intelligence narrows in on evidence and usually it isn't even brought up in court, although you can find examples of it in case studies. We should have an intelligence forum to post case studies in, for all types of crime (since the general techniques hold true between all sorts of crime, even if the implementation details change).

Stop missing the forest for the trees.

if it is possible to get your WiFi network details it will be possible to get your IP address in the same way though

You could just get statistics straight from the government agencies. USPI publishes how many people they arrest per year for getting drugs in the mail. Would be NICE IF WE HAD A DEDICATED INTELLIGENCE SUBFORUM FOR THE GROUP GATHERING AND ANALYSIS OF INFORMATION LIKE THIS, but for some reason everyone in any power position here completely ignores my request for this despite the clear benefits of having such a subforum

http://www.postalinspectorsvideo.com/uspis/AnnualReport2010.pdf

I think ICE publish statistics also....but fuck me digging it up (or digging through my massive collection of LE documents) for this forum if I can't even get an intelligence sub forum here

in 2010 uspi had (for drug in the mail crimes)

1,075 investigations opened, 1,322 arrests, 481 indictments, 1,083 convictions

that covers the majority of domestic arrests for drugs via mail....for international we will need to get ICE statistics. Go ahead and look for other nations also, I used to have shit from Australia and a few other places. We might need to get DEA statistics also but I think USPI is the primary agency that manages domestic drugs in the mail, and ICE is the primary agency that manages international packs. Although I think even if a pack passes customs it could still be snagged later on by USPI, ICE doesn't screen domestic to domestic mail though.

Welcome to open source intelligence.

edit: Hm on second thought this isn't the same as interceptions, since some of the people they busted obviously had multiple interceptions, and some were getting packs and some were sending packs out. It also includes drug money and paraphernalia.

The U.S. Postal Inspection Service interdicts mail-
ings of illegal drugs and drug proceeds and inves-
tigates organized narcotic distribution groups to
protect employees and customers from the violence
related to drug trafficking and to preserve the integ-
rity of the U.S. Mail. Postal Inspectors, often work-
ing with other law enforcement officials, arrested
1,322 suspects for drug trafficking via the mail in
FY 2010. Their investigations resulted in the seizure
of approximately $7.6 million in cash and monetary
instruments, and 37,759 pounds of illegal narcotics
found in the mail.

they do mention interception statistics specifically, but you will need to analyze this entire document as well as perhaps other documents/sources to get the complete statistics for the entire USA interception rate of USPI (not including love letters that do not lead to further investigation)
                                                 

Illegal drug mailings from South Texas—identified       
as a problem for several years running—continued       
to rise in FY 2010. By the end of the fiscal year,       
Postal Inspectors in McAllen had interdicted 3,364     
parcels, a whopping 44 percent more than those           
seized only one year earlier; they attribute the rise   
to trafficking by Mexican drug cartels. Inspectors in 
Texas staged numerous interdictions of the mail,         
seizing 20,020 pounds of marijuana and arresting         
39 marijuana mailers.

                  Five-Year Trend  (south texas)
                                                     
                    DRUG           POUNDS OF             
                  PARCELS             DRUGS             
    FY 10           3,364           20,020 lbs.
                                                     
    FY 09           1,759           19,380 lbs.         
    FY 08            699             7,010 lbs.         
    FY 07            303             3,471 lbs.
                                               
    FY 06            221             2,310 lbs.
                                                     

about.usps.com/publications/pub162.pdf

                                                     In an average year, the U.S. Postal Inspection Service:

.....

arrests roughly 1,000  suspects for drug trafficking and money laundering via the mail.

hm this article indicates that non-federal agencies are also involved with mail interceptions, but I have never heard of a local police agency initiating a drug pack interception unless USPI handed it off to them....

South Florida drug smugglers increasingly are using an alternative method of sending their shipments: the mail.

As bloody drug wars rage at the Mexican border and police efforts are stepped up to stop drug trafficking by the trailer load, the mail — both the U.S. Mail and commercial carriers — seems a less- risky way for drug dealers to ship their packages, authorities say.

"As the Border Patrol increases security on the border, it leads to smugglers using different tactics," said Miramar-based Postal Inspector Blad Rojo. "You know you can put it in the mail and it's going to get there. But we don't want the criminals to exploit the efficiency of our postal services."

Many of the marijuana and cocaine shipments to South Florida are coming from the Southwest region of the country, Rojo said, because Mexican drug dealers are crossing the border to mail their shipments.

Nationally, intercepted shipments of marijuana in the U.S. mail have been steady, if not decreasing, since 2009. But in Florida, more shipments are being stopped.

Nationally, there was 43,564 pounds of marijuana intercepted in the mail in 2009; 35,773 pounds confiscated last year; and 23,758 pounds confiscated through June this year, records show. In Florida, that was 2,158 pounds in 2009; 2,789 pounds last year; and 3,368 pounds through June.

Cocaine interceptions are on the rise both nationally and in Florida, records show. Nationally, there was 506 pounds intercepted in 2009; 657 pounds last year; and 434 through June. In Florida, there was 37 pounds of intercepted in both 2009 and 2010, and 44 pounds through June.

The packages typically contain 20-30 pounds of marijuana or a kilo or two of cocaine, Rojo said.

As Mexican drug lords get stronger, they no longer have to rely on Colombians, who typically shipped their drugs via the Caribbean, said Jim Hall, director of the Center for the Study and Prevention of Substance Abuse at Nova Southeastern University in Fort Lauderdale.

As the quality of Mexican drugs has improved, the quantity has increased along the U.S. border, he said.

U.S. mail statistics for Broward andPalm Beach counties were unavailable. But records for private carriers inspected by sheriff's deputies — show spikes in drug interceptions.

The Palm Beach County Sheriff's Office reported 130 drug packages intercepted in 2009; 220 last year and 100 through June. The Sheriff's Office would not release what types of drugs were stopped.

Broward County has seen increases mainly in cocaine and prescription pill interceptions, the Sheriff's Office said.

In 2009, deputies intercepted 80 kilos of cocaine and 21,512 oxycodone pills; 276 kilos of cocaine and 53,819 oxy pills in 2010 and 13 kilos of cocaine and 28,057 pills through June, records show.

Both sheriffs' offices declined to be interviewed for this article, citing security issues.

Officials of FedEx and UPS said they have security programs in place but declined to discuss what would lead them to deem a package suspicious.

Public and private carriers, and law enforcement officers, need a warrant to open and search a package.

"We do a good job identifying suspicious packages," FedEx spokesman Jim McCluskey said.

Drugs usually come tightly packed in boxes, wrapped several times in plastic. When they contain pungent marijuana, that plastic often is covered in axle grease or fabric softener sheets to disguise the smell, inspectors said.

With the increase in drug interceptions comes an increase in drug arrests, authorities said.

"We are here to investigate and get big convictions so we discourage other people from doing it," Rojo said.

That's what happened to Charles Clayton, 39, of North Lauderdale, who was sentenced last year to 30 years in federal prison for having a kilo of cocaine shipped to him, court documents show.

Clayton's long criminal history contributed to his stiff sentence, Rojo said.

U.S. Customs and Border Protection officers in San Juan, Puerto Rico, intercepted a package labeled "Legal Documents," coming from St. Thomas and headed to Clayton's home, court records show.

The kilo was sent to the Postal Inspection office in Miramar and an undercover agent delivered it to Clayton.

Disguised as a postal carrier, the undercover agent asked Clayton if the package was his. Clayton said yes, signed for it, and when he tried to take the package, he was arrested.

sorry to hijack your thread I guess but since there is no intelligence forum to put all this shit in what else can I do

If they don't find physical drugs they could still try to charge you for various crimes related to drugs but they will have a much much much harder time getting anything to stick.

Designed and optimized for hidden services, which are much faster than in Tor

This is probably still true. I2P has a lot more routing nodes than Tor does and a lot lot lot less clients than Tor does. It was also designed and optimized for hidden services. I would be surprised if Tor ever beats I2P for speed or scaleability. However Tor has made serious improvements to its hidden service load times since a few years ago (when this was written).

Fully distributed and self organizing

This is kind of neat but many people would argue it makes it less secure than Tor. Tor uses centralized directory authority servers because they think it is required for anonymity. I2P people disagree. I am kind of on the fence regarding this issue, but I certainly see the problems with both systems.

Peers are selected by continuously profiling and ranking performance, rather than trusting claimed capacity

I am pretty sure Tor does this too now

Floodfill peers ("directory servers") are varying and untrusted, rather than hardcoded

I2P people see this as a benefit, Tor people see this as a vulnerability. It isn't so black and white.

Small enough that it hasn't been blocked or DOSed much, or at all

security by obscurity

Peer-to-peer friendly

Meh so is Tor if you know what you are doing.

resilience vs. failures by running multiple tunnels in parallel, plus rotating tunnels

Do Tor circuits really fail so often?

Unidirectional tunnels instead of bidirectional circuits, doubling the number of nodes a peer has to compromise to get the same information.

Dubious claim, research needs to be done to determine if I2P is more resistant to active correlation attacks than Tor is.  And it isn't any safer from passive correlation attacks. If it is safer from active correlation attacks or not will have to do with every node being a router, not using unidirectional tunnels. It may very well actually double your risk of being pwnt by an end point timing attack, since if you connect to a malicious hidden service if they have active nodes at either your inbound or outbound tunnel they should be able to correlate packets to deanonymize you. Tor uses one node for inbound and outbound traffic. You only need a few high precision measurements to deanonymize someone with a timing attack if you can position yourself properly, I2P tunnels have two nodes to target (inbound and outbound) that each have half the traffic going through them than a Tor entry guard would....Tor has a single entry guard with twice the traffic on it. Unless someone can show me otherwise, I think Tor has the better design in this aspect.

Tunnels in I2P are short lived, decreasing the number of samples that an attacker can use to mount an active attack with, unlike circuits in Tor, which are typically long lived.

]

Tunnels in I2P are short lived, increasing the rate at which you will eventually use a node owned by X attacker.

I2P APIs are designed specifically for anonymity and security, while SOCKS is designed for functionality.

True

Essentially all peers participate in routing for others

How is this a benefit over Tor? I don't want to participate in routing for others. This is a benefit if you want a fast network that scales, not if you want anonymity as a client. Having all clients participate in routing for others is actually one of the biggest weaknesses of I2P as far as I am concerned, it makes it easier for a weaker attacker to get a list of all I2P peers IP addresses. At least with Tor as a client the attacker needs to monitor the directory authority servers, or your connection at your ISP, or your entry guard. I2P lets anyone who adds some high bandwidth nodes to the network to get everyone elses IP address.

It also makes it so that if you have any down time your eepsite is as good as deanonymized. I also hope you are not in an IRC chat and running as an I2P router at the same time, because if you have down time you are going to be kicked from the IRC at the same time your I2P node goes down.

The bandwidth overhead of being a full peer is low, while in Tor, while client nodes don't require much bandwidth, they don't fully participate in the mixnet.

Which is great if you want a fast network that scales but shitty if you want membership concealment as a client. It probably is also bad for client anonymity in other ways, running as a Tor relay actually decreases your anonymity if you use the same node as a client.

Integrated automatic update mechanism

Integrated automatic backdoor mechanism is not a benefit over Tor...and Torbutton lets you know when your Tor is out of date and lets you update it yourself

Both TCP and UDP transports

This is certainly a benefit if you want to use UDP

TOR also has a vulnerabilities:
https://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf (Hot or Not: Revealing Hidden Services by their Clock Skew)
https://www.packetstormsecurity.org/0610-advisories/Practical_Onion_Hacking.pdf (Practical Onion Hacking: Finding the real address of Tor clients)
https://www.cs.colorado.edu/department/publications/reports/docs/CU-CS-1025-07.pdf (Tor (The Onion Router) Open To Attack)
http://web.crypto.cs.sunysb.edu/spday/presentations/Angelos.Keromytis.pdf (Simulating a Global Passive Adversary for Attacking Tor-like Anonymity Systems)

Yes Tor has many vulnerabilities and it sucks, but for anonymity it sucks a lot less than I2P does IMO. I would use Freenet before I used I2P. But I think Tor is the best choice.

Also I2P is just as weak to all of those attacks as Tor is. Tor has had a fuck ton more research done on it than I2P has, but a lot of the attacks against Tor apply just as much to I2P.