Full title: Ripping Off Professional Criminals by Fermenting Onions - Phishing Darknet Users for Bitcoins
Had the second half been used as the truncated title, I would have saved myself the click: I was hoping for something related to onion futures or some such.
The big problem I have with this, is that: are drug dealers and organized money launderers professional criminals? who are taking advantage of people, and spreading suffering? Yes, they are.
But lots of regular ol' struggling drug addicts use these services, to get generally much safer drugs than on the streets, under much safer circumstances.
Sure, everyone who uses these types of markets and services is (usually) committing a crime, but I think its a bit much to call everyone you'd wind up taking advantage of here a "professional criminal". And that thinking just sorta feeds the stigma and condemnation of drug addicts who are struggling and just want to be safe, and are already taken advantage of by society enough.
I don't think you can say this is 100% morally sound. Unless you're super mindful and careful about it, you'll have collateral damage of people who aren't bad people, even if they are doing illegal things.
from an infosec perspective, im surprised no ones brought up how stupid dangerous this is.
crypto mixers and ransomware groups frequently have ties to organized crime, so the list of people you are "ripping off" could include formidably dangerous groups like the black axe mafia. If you really are ripping off "professional" criminals, you clearly havent considered their moral turpitude or your own personal safety.
He's not breaking any news here. This has been a well known and widely deployed attack for years, to the point that darknet markets impose multiple anti-phishing mitigations (as best they can, at least, e.g. signing a PGP message with the URL and then posting that PGP key on the landing page, and trying various JS tricks for reverse proxy detection to warn user they might be on the wrong site).
You're correct and the other responses you've got miss the mark. While stealing for thieves might be morally or ethically defensible (in some moral or ethical frameworks), it IS still illegal. You can go to prison for it. Your PSA is warranted.
For your comment to be not just downvoted but also flagged for saying something true is a farce.
PSA: Many criminals enforce 'don't steal from us' in with punishments that are more brutal and with a lower procedural protections than the state does.
This is of course an obvious side effect of having to protect one's criminal resources from as large a potential criminal threat as the state does without the state's resources.
As a general rule the problems of misbehavior among criminals are not actions that in the courts would be seen as criminal matters but rather things that would be seen as civil.
Despite what one sees in the movies the general problem one has is not some guys running up with masks on ripping you off of the money you made selling drugs, but rather the people you have fronted drugs to not giving you the money they owe you or the people you are buying drugs from ripping you off (using drugs because it is the most generally distributed type of organized crime but similar situations apply to other forms of organized crime)
The problem then is that you have people who have taken from you, there is no system to force them to pay, you must assume the state's monopoly of violence to get what is owed or decide to write it off. If you write off too great of losses you cannot stay in business, if you write off losses too frequently you cannot stay in business, and in writing off losses you may give other people the idea that they can steal from you as well.
Thus as you get to a certain level of organized crime you have to punish the people who do not fulfill the contracts they have undertaken with you.
This is sometimes also described as the actual origins of the mob, because they were the guys who could enforce contracts among the various criminal factions (by using violence)
PSA: Applying a consistent moral code when others refuse to do the same leaves you at a competitive disadvantage. It's better to play by the rules of whomever you are playing with. A thief likes to play the theft game. Murders like to play the murder game. Normal people play the polite society game. Play the game that is currently being played, not the game you think everyone should be playing.
> PSA: Applying a consistent moral code when others refuse to do the same leaves you at a competitive disadvantage. It's better to play by the rules of whomever you are playing with. A thief likes to play the theft game. Murders like to play the murder game. Normal people play the polite society game. Play the game that is currently being played, not the game you think everyone should be playing.
I've no idea why parent was voted down[1]; presumably a large number of people both object to "do unto others as they do unto you" AND are too shy to reply.
[1] Honestly, in the last few days the voting of comments seem completely out of tune with how comments normally get voted. I'm seeing immediate downvotes of comments, which, over time, sometimes normalise. It's very odd.
The Golden Rule is that you should do unto others as you would have them do unto you. Not as they do do unto you.
Applying a consistent moral code even when it puts you at a competitive disadvantage is what makes it a moral code in the first place. If you only stick to your morals when it's advantageous to do so then they're not your morals at all!
Back when we had high trust societies[0] that worked out ok, but that's just not the world we live in anymore. I have respect for people who hold themselves to a moral code and play by those same rules in dealing with them, but I don't have a lot of pity when they scream "life's not fair" when they try to play hockey against people who are playing baseball.
New accounts can't downvote, so I'm suspicious of the idea that something weird is going on with downvoting. It's more likely the result of natural growth in the userbase.
> It's better to play by the rules of whomever you are playing with.
This depends significantly on how you define "better." If I become a thief by stealing from thieves, I would not consider that to be a net positive outcome for me.
Theft is the taking of property without consent. I argue that engaging in theft gives implicit consent to be stolen from, after all if you felt theft is bad you wouldn't of engaged in it. Therefore stealing from a thief isn't really stealing.
Same goes for violence, if you had a problem with violence you wouldn't have engaged in violence, now that you have, let's be violent together.
In a world of thieves, if you steal from a thief there it is a net-positive outcome for you. Because in that world everyone steals so that creates a baseline. If you don’t steal, then it’s a net negative for you relative to that world.
It still depends on how you define the outcomes. In a world of thieves, I still would not define becoming a thief as a net positive. If you're talking solely in terms of material wealth, then sure.
In the world of thieves, stealing isn’t a negative or even positive action, it’s just the way of life. Therefore, getting what you want by stealing leads to positive outcomes for you.
> PSA: Applying a consistent moral code when others refuse to do the same leaves you at a competitive disadvantage. It's better to play by the rules of whomever you are playing with. A thief likes to play the theft game. Murders like to play the murder game. Normal people play the polite society game. Play the game that is currently being played, not the game you think everyone should be playing.
Problem is that your perception of what kind of game is played might be wrong. And you treat people that don't deserve* more harshly or people that deserve* more lenient.
This is an article about darknet markets, and when I hear "darknet markets" I think of drugs. The impression I get from Bruce Schneier's blog is that other shady stuff like stealing credit cards or murder-for-hire sites (which are all fake) mostly happens on the clearnet. So it was odd to see someone make the casual jump from darknet markets to theft/murder.
I was thinking of sites that deal exclusively in carding, scams, fencing stolen goods, etc.
If your actions have blowback on morally innocent people (ie. Technically a law was broken but it was a crime without a direct victim), inadvertently or not, you are not acting morally.
People have run phishing schemes against Darknet targets almost as soon as the concept existed. It's both "too late" (in the sense that it's no longer novel and everyone expects it) and, apparently, not too late (in the sense that attackers keep thinking it will be worth their time).
Had the second half been used as the truncated title, I would have saved myself the click: I was hoping for something related to onion futures or some such.
So that only criminals have onion futures. And we all know that to stop a bad guy with onion futures you need a good guy with onion futures.
But lots of regular ol' struggling drug addicts use these services, to get generally much safer drugs than on the streets, under much safer circumstances.
Sure, everyone who uses these types of markets and services is (usually) committing a crime, but I think its a bit much to call everyone you'd wind up taking advantage of here a "professional criminal". And that thinking just sorta feeds the stigma and condemnation of drug addicts who are struggling and just want to be safe, and are already taken advantage of by society enough.
I don't think you can say this is 100% morally sound. Unless you're super mindful and careful about it, you'll have collateral damage of people who aren't bad people, even if they are doing illegal things.
Good thing: criminals don't go to the law when you rip them off.
Another good thing: You don't suffer any moral qualms about stealing their money.
Not so good: they kill you instead
crypto mixers and ransomware groups frequently have ties to organized crime, so the list of people you are "ripping off" could include formidably dangerous groups like the black axe mafia. If you really are ripping off "professional" criminals, you clearly havent considered their moral turpitude or your own personal safety.
For your comment to be not just downvoted but also flagged for saying something true is a farce.
Are all buyers of substances the U.S. controls inherently “professional criminals”?
Does the belief that someone is a criminal justify taking their money?
(I trace cryptocurrency professionally, depositing is key to identifying clusters and it sure is nice to get the money back)
“Vigilantism” : well-established net negative for any land of law
Despite what one sees in the movies the general problem one has is not some guys running up with masks on ripping you off of the money you made selling drugs, but rather the people you have fronted drugs to not giving you the money they owe you or the people you are buying drugs from ripping you off (using drugs because it is the most generally distributed type of organized crime but similar situations apply to other forms of organized crime)
The problem then is that you have people who have taken from you, there is no system to force them to pay, you must assume the state's monopoly of violence to get what is owed or decide to write it off. If you write off too great of losses you cannot stay in business, if you write off losses too frequently you cannot stay in business, and in writing off losses you may give other people the idea that they can steal from you as well.
Thus as you get to a certain level of organized crime you have to punish the people who do not fulfill the contracts they have undertaken with you.
This is sometimes also described as the actual origins of the mob, because they were the guys who could enforce contracts among the various criminal factions (by using violence)
I've no idea why parent was voted down[1]; presumably a large number of people both object to "do unto others as they do unto you" AND are too shy to reply.
[1] Honestly, in the last few days the voting of comments seem completely out of tune with how comments normally get voted. I'm seeing immediate downvotes of comments, which, over time, sometimes normalise. It's very odd.
Applying a consistent moral code even when it puts you at a competitive disadvantage is what makes it a moral code in the first place. If you only stick to your morals when it's advantageous to do so then they're not your morals at all!
Also, Jesuit parochial school told us an improved version: Do unto others as they would have you do unto them.
It would seem to preempt a lot of imperialism.
[0]https://en.m.wikipedia.org/wiki/High_trust_and_low_trust_soc...
Needless to say, I could not disagree with your stance more strenuously.
This depends significantly on how you define "better." If I become a thief by stealing from thieves, I would not consider that to be a net positive outcome for me.
Same goes for violence, if you had a problem with violence you wouldn't have engaged in violence, now that you have, let's be violent together.
In a world of thieves, if you steal from a thief there it is a net-positive outcome for you. Because in that world everyone steals so that creates a baseline. If you don’t steal, then it’s a net negative for you relative to that world.
Problem is that your perception of what kind of game is played might be wrong. And you treat people that don't deserve* more harshly or people that deserve* more lenient.
*deserve your intended outcome
A guy selling credit card numbers, given the opportunity he'd have nothing left.
No, but I'd guess that GP feels morally justified in buying weed from him or selling weed to him.
If the weed-buyer isn't playing the theft game, why do you believe that the GP would play the theft game?
If your actions have blowback on morally innocent people (ie. Technically a law was broken but it was a crime without a direct victim), inadvertently or not, you are not acting morally.
This is fun to think about though, it’s like being Omar from “The Wire”. As the author points out, different targets have differing moral valence.