Journey Into the Dark Web
By Jason Smith
Climbing the rickety wooden steps of a rundown triplex somewhere on the outskirts of the Sacramento downtown grid, I wiped the sweat from my eyes with a sticky T-shirt that felt pasted to my chest. July was bleeding into August and it was fucking hot. The flesh around my eyes sagged and my corneas felt like they were sprinkled with sawdust, strained by a staring contest my ceiling and I were having ever since the night my AC went out a few weeks earlier. I was really in no condition to be doing any work related anything that day, but I was out of cigarettes and rent was two months late.
So there I was, chasing a ghost.
The door opened before I reached the top of the steps. Drug dealers in my experience have always demonstrated exceptional environmental awareness, so this wasn’t exactly shocking. What was shocking, however, was his appearance.
Oh shit, I thought. He’s a fuckin’ kid.
He looked like some teenager who should be off playing a varsity sport or smoking a joint or vandalizing something, or whatever the hell kids these days do for kicks.
What he most certainly didn’t look like, however, was the very thing that he was — a drug-smuggling cocaine dealer on the run from the feds.
His name was Jim, which is to say his name probably wasn’t Jim. I don’t know what his real name was because I didn’t ask because it didn’t matter.
Jim made his living in a corner of the World Wide Web called the “dark web,” something that came along after I retired from the game back in the winter of 2012, meaning I had no clue what it was. All I knew was that it made me feel old.
Back in my day, when you needed to ingest drugs, you went to your neighborhood drug dealer, the way the founding fathers intended. You covertly and slyly used hand-to-hands, code words, and trap houses. And although I never walked five miles in the snow barefoot up a hill to get drugs, I would’ve.
My world was as crazy to Jim as his was to mine. Hand-to-hands? Too risky. Doing deals in person? Too dangerous. That shit’s old school, old man. Times have changed.
Using easy-to-download, free encryption software, he orders his illicit product from nearly untraceable web pages, then has it shipped through the U.S. Postal Service. And there’s not a goddamn thing the cops can do to stop it.
The cops themselves will tell you as much. William Ruzzamenti, the director of the California Central Valley High-Intensity Drug Trafficking Area, calls guys like Jim the “Next generation of drug dealer.” Said Ruzzamenti, “Thanks to them, the United States Postal Service is now the biggest drug courier on the planet.”
Shaking my hand, Jim welcomed me inside his hideout, where I sat down on a black futon covered with a gray comforter that looked like it had been used recently.
“I know,” he said as he carried a laptop over to where I was sitting, placing it in front of me on the coffee table then sitting to my left. “I look young.”
That’s when he told me he was 19 years old.
Anatomy of an online drug trafficker
Also known as the “Darknet,” the dark web is an expanding virtual space where anything goes. Think of it like eBay designed by Caligula, where crypto currencies like Bitcoin can purchase any vice or horror man has dreamed up — drugs, stolen IDs, assassins, even webcam access to child dungeons.
And if everyone does it the way they’re supposed to, it’s untraceable.
In phone conversations with both Agent Ruzzamenti and Drug Enforcement Agency Special Agent Casey Rettig, both law enforcement officers relayed suspicions that the dark web played a role in the recent nationwide-spat of overdoses involving pills meant to look like yellow Norco 10–325’s, but which were actually counterfeit tablets containing Fentanyl.
To be honest, it sounded like science fiction to me. Chinese fentanyl, dark web drug market places. I mean, really, you gotta hand it to the Millennials. You might say they’re overly-sensitive, self-entitled, coddled brats with sticks up their asses who can’t take a joke. And you wouldn’t necessarily be wrong. But while the rest of us were digging subterranean tunnels between Tijuana and Chula Vista, or swallowing heroin-filled condoms before boarding flights out of Bangkok, the Millennials instead wondered why the same technology used to get them laid couldn’t be used to get them high. It was the ingenuity and innovative thinking of the Millennial Generation that led to the newfound ability for guys like Jim to order grade-3 china white heroin with an app on his phone, and then have it delivered just a few days later by Norma, his mail lady, along with a Penny Saver and his Comcast bill.
Before his current troubles, Jim spent his days soaking up the south Florida sunshine buying uncut cocaine with Bitcoin from a seller off the dark web. Jim would spend his nights flipping the product at retail prices to college kids, spring breakers, professional athletes, businessmen and tourists, who he claimed spent “stupid money” on the drug.
“Everybody wants to get high when they vacation down there, including people who’d never sniff coke back home,” he told me.
Less than a month before meeting me, Jim says, the feds kicked in the unlocked doors of his home just before sun-up. Drugs were seized, the home’s occupants’ hands were zip-tied and the apprehended were counted:
The suspects were all there. All except for one.
Two days before the raid, a neighbor informed Jim that he’d seen some guys that looked like cops trying hard not to look like cops going through his trash. Jim had a feeling something was about to go down. He broke the neighbor off a gram to say “thank you,” then caught the first flight from Miami to Sacramento, where he had a friend in a run down triplex with rickety steps and a futon.
I tracked down Jim through a matrix of online message boards where people discuss the type of shit people discuss when they think nobody’s looking: sex, drugs, money laundering, credit card fraud, financial scams. Needless to say, popping in with, “Hey, I’m a writer doing a story on the dark web, would you be willing to talk?” wasn’t received with warmth. There were a lot of swings, a lot of misses and more than one, “Fuck you narc, leave us alone.”
Jim was understandably hesitant at first, but he eventually warmed to the idea of talking to me after skimming a few pieces I’d written. He told me there was humanity in my writing. I told him I didn’t know what that meant. He said, “Exactly.” I still don’t know what he meant, but the humanity was my ticket into the dark.
“There’s some awful shit on here,” he warned me. “In the old days, if someone was kidnapped, they asked for ransom. Now, these teams in South America abduct kids and women from areas that are poor, knowing the media won’t give a shit about them, and then hold them in dungeons with webcams. People then make requests using Bitcoin, as to what they want to see happen to the person. It’s fucking sick.”
Jim says he never ventured into that more insidious, disturbing side of the dark web because it scared him. But he has plenty of acquaintances who did, he says. He claims it changed them. He couldn’t say how, exactly. Or maybe he could but didn’t want to. Regardless, Jim said, they weren’t the same after.
“I’m good, man,” I promised. “But I don’t want to go into all that shit. Let’s stick to drugs.”
“Okie-dokie, so the first thing you wanna do,” he began, immediately absorbed by his computer, “is get a VPN. It’s a ’virtual private network.’ It’s like a condom for your phone or computer. Everyone needs to use one of these, even if you’re just using the surface web.”
Many surfaces, many webs
The “surface web” Jim was referring to is the internet that most of us utilize day-to-day. The terms “deep” and “surface” were cemented in a 2001 white paper written by Michael K. Bergman for the Journal of Electronic Publishing, which explained that the surface web is the portion of the internet that can be found by search engines like Google, Bing or Yahoo. Any link that pops up in a search is considered part of the surface web.
According to Bergman’s white paper, the vast majority of the World Wide Web resides below the surface, where pages and URLs are not found by search engines. These sites are part of the “deep web.” For example, your bank’s homepage is on the surface web. However, the intranet used by bank employees to communicate with each other is the deep web. There’s no way for someone to find those pages using a search engine.
These are the internet’s two neighborhoods — surface and deep. The surface is accessible to anyone, the deep is more exclusive.
But that exclusive neighborhood — the deep web — has a red light district. A dirty, shady, libertarian utopia where the black market adheres strictly to free market principles, void of any government regulation, while a showgirl blows a tourist for a twenty next to a shop that sells identities, passports, and stolen credit card numbers.
This is the dark web.
Media outlets often conflate the two terms, colloquially using “deep web” and “dark web” synonymously. They are not, however, the same.
To gain entry to the dark web, Jim explained, you need to download Tor, which is tech shorthand for “the onion router.” According to the book, WikiLeaks: Inside Julian Assange’s War on Secrecy, Tor was originally developed in the mid ’90s by the U.S. Naval Research Laboratory with the goal of facilitating communication between members of the U.S. intelligence community. The Naval Research Laboratory released the open-source code for Tor to the public in 2004, and it’s been maintained by the nonprofit The Tor Project since 2006.
“Tor is a mask that hides your identity,” Jim explained. “You have to be wearing the mask to get to the good shit. No mask, no entry. You can take your ass on to Kohls.”
With Tor and a VPN masking your IP address, you can then access what’s called the onion network. Here, instead of a site’s URL ending in “.com” or “.gov” or “.edu”, it ends in “.onion”.
According to Sarah Jamie Lewis, an independent privacy and anonymity researcher and dark web expert, data coming across the onion network is encapsulated by multiple layers of encryption, similar to layers of an onion.
When using the surface web without Tor, she explains, a computer requests data from a server directly from its IP, or “internet protocol,” which refers to a set of networking guidelines that allow two or more computers to communicate. This IP leaves a trace, meaning anything that’s sent or received leaves behind a device’s fingerprint, which can be traced back to the person.
Tor makes tracing someone’s movements on the dark web almost impossible, Lewis tole me via email. Tor renders the user anonymous as it routes encrypted data requests through three different servers, positioned anywhere on the globe where internet access is available.
“The Tor [makes] three hops, [or in] the case of a hidden service connection, six stops — three from the user making the request, and three from the service responding to the request,” she wrote. “Each hop introduces a new layer of encryption.”
Not even the servers know what the requests passing through them are. They’re simply conduits of encrypted data. Were law enforcement able to somehow intercept the transfer of data between servers, they would still need to decode the encryption. Even then, there’d be no way of determining who made the request, since the Tor masks one’s identity and location.
In her email, Lewis called it a “robust” scheme.
Jim put it more succinctly. “It’s total privacy, total anonymity,” he said.
Preying on human error
Authorities have claimed a couple of big darknet victories, but they’re the exceptions that prove the rule.
In July of this year, one month before I found Jim, Attorney General Jeff Sessions took a victory lap for shutting down a group of dark web marketplaces, the biggest of which was a site called AlphaBay. These sites sold drugs, guns, child pornography and offered services ranging from hacking someone’s Facebook to ordering a hitman. The investigation involved the FBI, Drug Enforcement Administration, Dutch National Police and Europol.
Sessions praised law enforcement for what he called good, old-fashioned police work. But according to Phil Muncaster, an information technology journalist for the MIT Technology Review, traditional police work is only a factor once human error has occurred.
“Law enforcement has been able to capitalize on basic mistakes made by some of the perps,” Muncaster told me. “[I]f they all used Tor and anonymizing services correctly, police would stand no chance.”
The first and most (in)famous dark web marketplace was Silk Road, launched in 2011. Wired magazine called it the “Amazon of contraband,” but investigators were only able to track down the site’s founder after the real IP address, unmasked without Tor, was accidentally broadcast. Investigators were tipped off by a Reddit thread attempting to alert site administrators of the breach.
AlphaBay founder Alexandre Cazes was discovered after password resets for the site were sent directly from his hotmail account, “firstname.lastname@example.org.” That email was connected to his LinkedIn account for a computer repair service in Canada, leading investigators to his real identity and, eventually, his residence in Bangkok, Thailand. Cazes was found last July hanging in his jail cell, dead from an apparent suicide.
“We should remember that it still takes some skill to turn those rookie mistakes … into a concrete conviction,” Muncaster said.
Law enforcement in its current design, acknowledged Ruzzamenti and Rettig, cannot possibly meet the challenges presented by modern technology. City police departments and county sheriff’s departments in the United States are heavily jurisdictional, and highly territorial, bound by city limits, county lines, state lines, and national borders.
How, asked Ruzzamenti, are officers supposed to trace an illegal request sent to three different relays on three different continents when their jurisdiction doesn’t even extend into the neighboring county? Cooperation between departments and across county-lines is rarely fluid and oftentimes contentious. Do we really expect the same city police department that struggles to cooperate with the county sheriff’s department due to inter-departmental cultural differences, to strike up a solid and productive partnership with the Thai police, Italian Carabinieri, and Interpol?
To navigate these barriers, agencies have responded by getting creative, which both the American Civil Liberties Union and the Electronic Frontier Foundation claim raises constitutional concerns.
In February 2015, a dark website that hosted child pornography called Playpen inadvertently revealed its IP address, giving the FBI the physical location of its server. According to the FBI’s website, the agency said it used “court-approved investigative techniques” for a joint investigation named “Operation Pacifier.”
But some government watchdogs believe the feds may have gone too far.
Court records show that the FBI hijacked the Playpen server and ran the site for two weeks, distributing child pornography but using a custom malware that exploited a hole in the Firefox browser, allowing the FBI to infect the computers and identify those who were downloading their illegal bait.
U.S. Judge Robert Bryan, a federal magistrate in Tacoma, Wash., ruled that Jay Michaud, one of the defendants caught in the Operation Pacifier sting, had a right to see the malware code that infected his computer as part of the case’s discovery. Federal prosecutors in Seattle chose instead to drop the charges and protect the code’s secrecy.
Annette Hayes, a federal prosecutor for the Western District of Washington, wrote in a motion following the judge’s decision that, “Disclosure is not currently an option.”
This raises a serious moral and ethical dilemma: Are we, as a nation, OK with law enforcement breaking the very laws they’ve sworn to protect — or in Playpen’s case, facilitating criminal behavior themselves, as they distributed child pornography during the two week period in which the FBI controlled Playpen’s server — if it makes us safer? Is there a moral equivalency between criminals who distribute child pornography, and FBI agents who distribute child pornography? Is that an insidiously dangerous and risky seed to sow, giving cops the green light to break the law to catch criminals who break the law? Might less scrupulous officers abuse such an extension of leniency by the courts, and if so, what might that look like?
As for now, these questions remain unanswered, but it also mustn’t be forgotten that the FBI tactics in question resulted in the arrests of nearly a thousand individuals accused of distributing child pornography.
A small number of those individuals were found to be sexually abusing children themselves.
Once again — do the ends justify the means?
If you’re a civil libertarian, this is disturbing.
If you’re the parent of a child living next to a pedophile that was discovered and arrested in this operation, you probably don’t give a shit how questionable the investigative techniques were.
It’s this divide that America’s yet to figure out how to bridge.
Light amid the dark
Despite being a professor of computer science at Sacramento State University, Dr. June Dai said the dark web is a place he chooses not to visit.
Dr. Dai, also the director for the Center of Information Assurance and Security, did point out, however, that the dark web is also used by political dissidents to organize in countries with strict censorship, and where real-world political activism risks a prison sentence.
“The dark web anonymity can be used for things other than bad things,” he said in an interview in his Sacramento State University office. “It is also used for protecting rights and speaking out against governments in places where such things are not permitted.”
Cindy Cohn, executive director of the Electronic Frontier Foundation, told The Guardian in August, “We see Tor use go up whenever a dictatorship takes over or a coup occurs. Tibetans, United Arab Emirates, Tunisia, Egypt. The list goes on and on.”
The journal Survival: Global Politics and Strategy published a study last year that found 40 percent of the dark web was used for illicit purposes. Cohn points out that, therefore, 60 percent is not.
Many newspapers, including USA Today, the New York Times and the Guardian, have launched their own secure drop servers for whistleblowers to upload documents using Tor and the dark web. SecureDrop is an open-source submission system used by media outlets to gather information from sources whose identities cannot be revealed, protecting both the source and the journalist.
The same anonymity that protects the identity of an individual slinging kiddie porn across the globe is the same anonymity that protects the voice of political dissidents trapped inside regimes where political action risks prison-time or death.
The same cloak of anonymity used to by drug dealers to sell heroin is the same cloak of anonymity used by whistle-blowers to hold both corporate and legislative bodies accountable. The Panama Papers, Paradise Papers, and recent FIFA scandals all came to light after whistleblowers, utilizing TOR anonymity, came forward, confident they were protected against retaliation.
There is no way to keep one and lose the other. We either fight to protect the Tor’s anonymity, or we fight to destroy it. This has put Washington in an interesting bind: The State Department openly contributes funding to the proliferation and protection of Tor via its non-profit. At the same time, the Justice Department openly contributes funding to hacker groups hired to create viruses that will circumvent and infect Tor, rendering it incapacitated or unusable.
Again, it seems we have a choice to make as a society.
Jim doesn’t concern himself much with political activism, or moral relativism, or social justice. But he does, however, think the dark web has its public safety benefits.
Retrieving a package from the closet with markings indicating it was shipped via the U.S. Postal Service to a P.O. box, he sits down and peels it open. Inside the cardboard envelope is a paper envelope, and inside that paper envelope are two vacuum-sealed packages: one containing white powder, the other containing a dozen pink pills.
“These were freebies,” he said, pointing to the pills. “My coke guy hooks me up. Once you make reliable connects on here, they start giving you better deals and sending you free shit. It’s like Yelp. They need a good rating to survive.”
He pulled up the site where he placed the order for the cocaine. Vendors indicate everything from purity of the drug to the methods they use for shipping. Most state they’re willing to walk first-time buyers through the process to mitigate the risks of shipping. When a vendor says their cocaine is uncut, previous buyers leave reviews either confirming or disputing the claim of purity. It’s easy to see from the outset which vendors deliver on the product they promise, and which do not.
The DEA’s Rettig strongly disagrees with Jim’s assessment that these rating systems reduce harm for addicts or for the community. “You cannot apply a rating system that works in the regular world, and apply it to an illicit substance,” she told SN&R.
“A person ordering on the dark web still has no idea what they’re getting,” she added. “I don’t think reviews by a bunch of drug addicts are going to make it safer.”
Jim seemed to disagree.
“The people I order from, I know them and they know I test what they send me,” he said. “This is 10 times safer than buying something that was cut with God knows what.”
In the meantime, there may be no stopping the dark web.
When AlphaBay was shut down, it had 10 times the number of users that Silk Road had. More than 400,000 users shopped the 369,000 listings spending $800,000 per day, according to Deep Dot Web, which monitors dark web frequency. Every expert interviewed for this story agreed that shutting down the dark web is not realistic. Like it or not, they all agree, the dark web is here to stay.
“It’s not a civilized world, this underground market,” Professor Dai said. “There’s no way to shut it down or regulate it.”
Asked if this was the future of the internet, he paused. “I don’t know,” he said, still considering the question. “Nobody can answer this. Maybe. Maybe not.”
Ghost of a chance
Being pulled southward across Third Avenue by an overly-anxious 3-year old black lab Johnny, I gave up fighting and just let him drag me. Wrapped in a dry, long-sleeved thermal, I shivered as October blew into November and winter loomed, just on the other side of Thanksgiving.
Pulling the door open at Sacramento Harm Reduction Services on Stockton Blvd., I’m greeted by Executive Director Melinda Ruger, who immediately falls for Johnny’s charm and gives him a treat.
As its name suggests, the clinic meets drug users where they are in their addiction — providing resources to those who want to get clean, and overdose prevention training, clean syringes and other harm-reducing tools to those who are not yet ready.
“Welcome back,” she said as she stood to give me a hug. “Thank you,” I replied. “It’s good to be back.”
Light pierced the windows as a woman on her staff took down Halloween decorations. A young lady with a baby secured firmly in its car seat spoke with a case manager, and johnny walked up and licked the baby across the cheek. The baby laughed with a purity that only a baby could produce. You know it’s real. You don’t know how, but it is.
Jim had disappeared. He stopped responding to emails and I couldn’t find his user name on any message boards. I remember him saying he’d lived in eight different states since 2012, so the math checked out. Ghosts rarely stick around to say goodbye, and they certainly don’t do it on your time.
Here at SHRS, they treat Jim’s remnants. The unregulated Libertarian free market online drug bazaars, it turns out, have a byproduct, a problem for which society’s yet to find a solution that’s been successful:
How do we stop a generation — my generation — from killing itself with drugs?
The Center for Disease Control and Prevention published a report in the December 2016 National Center for Health Statistics that found for the first time in more than two decades, American life expectancy has actually declined.
National public health and safety experts pointed to the rise in overdose deaths and suicides as the culprit. CDC maps show California has been hit particularly hard. Deaths by “drug poisoning” have increased statewide more than 50 percent since 2002, far outnumbering car accidents. Overdoses have become the leading cause of death for people below the age of 50, and the CDC report found precisely what Special Agent Rettig and Officer Ruzzamenti both told me were decimating a population of young people across the country: illicit fentanyl from China being ordered over the dark web.
Neither Ruzzamenti nor agent Rettig sounded optimistic about the nation’s outlook. Law enforcement currently sits patiently awaiting the nextdark web slip up, while USPS carriers continue operating as inadvertent drug mules.
Meanwhile, guys like Jim proceed to order Schedule-I narcotics online the same way the rest of us order gifts for our families.
It’s a clusterfuck. People are dying, prisons are filling up, and nothing changes. More people died last year than at the height of the AIDS epidemic.
More Americans died from drug overdoses in 2016 than died during the entire duration of the Vietnam War.
And we’re not even close to getting a handle on this thing.
I felt lost in the story. Totally overwhelmed. I didn’t know where the hell I was supposed to end it because there was no end in sight. The drug epidemic had just begun, and we were already drowning, meaning I was drowning in a story about a nation drowning. I didn’t know how the fuck to get out.
As I watched Melinda and her staff interact with individuals caught in the grips of the epidemic, I realized I was witnessing something that was missing until now. All the interviews of dark web and cyber security experts, and DEA agents, and law enforcement officers, and drug dealers, they were all missing what was on full display at Harm Reduction Services: Humanity.
When a homeless woman walked in, crying hysterically, because all of her belongings had been stolen, I watched three different SHRS staff approach her, give her a hug, rub her back, and tell her it was going to be ok.
Here, drug addicts were treated by staff with kindness and hugs and empathy and understanding. They were treated as equals, with dignity.
Humanity managed to pierce the darkness. The special agents, narcotic task forces, DEA, DOJ, none of them were able to do for any victim that I saw, what I watched a hug and human compassion do in that building that day for those people.
In many ways, this was the antithesis of the TOR browser. TOR was total privacy, total anonymity. This was total humanity, total vulnerability. It was one human being holding another. This was something I understood. This made sense. Truth be told, VPN, Onion Routers, they all seemed just as bat-shit crazy to me now as they did back in July, when I started this story.
But this? The humanity on display that morning? The feeling brought closure. It just felt right. Like the baby’s laugh. I didn’t know how, or why, it just did.
I thought back to what Jim told me in the beginning. He told me there was humanity in my writing. I didn’t understand what he meant, and I didn’t care. That was my ticket in.
I still don’t know what he meant. But humanity wasn’t just my ticket in. Seeing humanity, in the flesh, up close and personal, shown to a group so used to being shown the opposite.
Turns out, it was also my ticket out.
Reach the author at email@example.com