With good opsec (i.e. only PGP-encrypted messages) sellers should still be able to operate safely.
Buyers slightly less, considering that the sellers might be cops (which is also the case on a non-honeypot site), or because the PGP-keys of the sellers might be fake (for MITM).
But considering that feds generally seem to target sellers, I don't think the usefulness of this as a honeypot would be huge. But it's definitely possible, especially given that the feds have the source code and all.
Why wouldn't law enforcement pose as buyers, as well? This is a common tactic in narcotics enforcement. Entrapment often isn't an issue, as the seller took the first step of advertising the drugs for sale.
Are you getting at the fact that the buyer must have a receiving address, while the seller can ship anonymously? I would be skeptical of that. If I were attempting to track the source of a package, and I had the full force of warrants behind me, I bet I could track down most shippers.
Every shipping company has its own tracking information. Much of this may be opaque to the end user. The tracking might be much more detailed than what you can see as an end user with a tracking number. Assuming the carrier cooperates with law enforcement, tracking could (presumably) be further enhanced for targeted post offices, routes, etc..
For example, suppose I, as a law enforcement agent, receive an order from a Silk Road seller. Let's say it was shipped in an envelope, dropped off at a USPS street-corner box. From the tracking info, I identify which post office first handled the envelope. Thus I narrow my search to a few possible mailboxes served by that post office.
I instruct the carriers at that post office to assist me. As they follow their routes, emptying mailboxes, I have them sort outgoing mail into separate bags, one per box. I have the post office flag any mail going to my address.
I place another order from the same seller. When it hits the post office, it gets flagged, and because of the per-box sorting, I know which mailbox was used.
For round three, I place yet another order, this time with the mailbox under surveillance. I also install a camera inside the mailbox that sees the destination address of every envelope deposited. When the seller drops his shipment, my surveillance team detects it. They then follow the person who dropped the letter. Now I have the shipper's identity.
Can these measures be defeated with appropriate opsec? Maybe, if you know exactly what tactics law enforcement will employ. But you don't. You could spend all your time defending against the tactics I just described, only to get caught because law enforcement came up with a totally different strategy.
This is what made Kaczynski (the Unabomber) so difficult to track. IIRC, he would travel for a few hours (by bus) to a town and deposit his packages in a mailbox there [citation needed]. This made it difficult to track him, since the origin of the package didn't leak any information about the sender.
For sellers, proper OPSec requires that they do not leave fingerprints in/on the package, that mailing locations are reasonably random and not isolated to a small geographic area, and that the sender masks his identity (veiled face, no cellphone, no car) when dropping off the packages. Additionally, a seller should use a variety of packaging types for shipments to make detecting the illicit shipments harder.
Given these precautions, it would likely be infeasible for law enforcement agencies to identify a given seller. However, they would also reduce profits for the vendor.
A good precaution would be to use a range of mail boxes that, when plotted on a map, form a ring around a population centre far removed from the one you are actually residing in.
Even then, there are still possible information leaks.
For example, conceivably when you package the drugs in your warehouse, local pollens and molds could find their way into the insides of the packaging. If the distribution of pollens and molds is unique to a reasonably small area, that would be an information leak.
A bit sci-fi? Sort of. You'd need a database of mold and pollen distributions for the whole country, plus tools to analyze the distribution in a given package. That's daunting, and maybe it's more trouble than it's worth for drug enforcement. But it's not outright impossible. And I have no idea what's the maximum effort DEA is willing to spend to track down Silk Road sellers.
This is just one example of a possible information leak, off the top of my head. I'm sure we could come up with others, if we thought hard enough about it. All of this is to say that it's not the information leak you're worried about, it's the one you haven't thought of that will ruin you.
DEA effort is generally a faster than the slowest person type problem, you don't need to be better than the DEA, just better than someone else.
Agents need to make busts in order to get promoted, therefore 'rational' agents will catch those easier to catch before devoting resources to harder to catch suspects.
In the aggregate, I'm sure this is true. If I were an individual criminal, I'd still be nervous. What if I'm the outlier, i.e. the criminal who gets caught despite an abundance of caution?
Not that I'm disagreeing with you at all. Your point seems spot-on.
Isn't that also a result in the quantity of packages sent? If you want to run a business, you'd need a much larger set of "random" mailboxes then if you are sending out a handful of bombs over years.
Exactly. There's very little incentive to participate as a seller on Silk Road if you have to take these extreme measures for every package you send out. It's not economical.
If you're smart enough to devise these opsec procedures, you're probably smart enough to make a decent living doing something legal. So being a drug dealer is only worth it if you can do it at scale and make serious money. But these opsec procedures would significantly erode your hourly rate, making Silk Road an unattractive proposition. Unless, of course, you're willing to throw caution to the wind and optimize for efficiency rather than security.
Unless the seller is actually a co-op of sellers, distributed world-wide. It would be fairly trivial to make the seller group wide enough, and using a lifestyle type of profit (i.e. each person makes a reasonable amount of money, but no-one becomes a millionaire) it may not be worthwhile for law enforcement to coordinate and monitor so many drop points around the world
Not really, if you take a major metropolitan area there are plenty of mailboxes.
The post office also happens to have a list of these mailboxes, if you use random selection and travel during peak hours they can't reduce much below the 'people who live in the metro area and commute' level.
I'm sure there are other examples, but this method of monitoring mailboxes was used more than a decade ago to catch the person behind the Tesco letterbomb campaign:
That guy seems to have been pretty stupid, to be frank. Used the same postbox for all letters, and didn't put enough stamps on some packages. I don't think this in any way suggests somebody with basic common sense couldn't be quite considerably more secure when sending things they don't want traced back to themselves.
"...while the Royal Mail intercepted several other packages, which had been held up because insufficient stamps had been put on them."
"After receiving the second letter, which had been damaged by fire, police made enquiries with the Royal Mail and discovered that a fire had been reported in a postbox on Bradpole Road, Bournemouth, leading to speculation that "Sally"—the alias by which all the letters were signed—had changed his mind and attempted to destroy the letter."
"The police received another letter from "Sally" on 7 December. Once again, the letter was traced back to the Bradpole road postbox, where the surveillance operation had continued. The operation had captured good-quality footage of all the users of the postbox that day, but, as it was close to Christmas, the postbox was busier than normal, with 172 items posted by 38 people. Royal Mail regulations meant that detectives could not open or delay the letters, so they made enquiries with the recipients to identify the senders. They eventually managed to identify all but a small number of the senders."
"On 17 February 2001—over six months after the receipt of the first demand and three months since the last letter from "Sally"—the police made a major breakthrough. Detective Constable Alan Swanton, a junior detective on the case, spotted one of the people caught by the surveillance of the postbox who had yet to be identified. The man was carrying a fuel container, which Swanton believed had come from a nearby filling station. Officers obtained CCTV footage from the filling station, where their suspect had paid by cheque, and identified the man as Robert Edward Dyer."
As described in my post above, the police don't initially know who the seller is. But the whole point is to find out by working backwards from the package the police receive.
Wouldn't it be a great honeypot for one big bust? Delay the launch as long as possible due to "load issues" to bring in as many sellers as possible and then take them all down after their first transaction.
How are you going to find a seller? They use Tor, don't need to enter their details anywhere; they just send packages to addresses they receive in encrypted form.
Most sellers are too lazy/cheap to properly set-up their fulfillment operation with good enough security. If you read accounts of the seller busts from Silk Road 1.0, the authorities can trace where your packages have been sent from and where you bought the postage from. If you don't operate as if the police are actively using this information to track you down, they will be able to.
Sellers don't reveal their personal details to the site - maybe having a honeypot site would make it easier to track them down, but it wouldn't be simple.
Buyers slightly less, considering that the sellers might be cops (which is also the case on a non-honeypot site), or because the PGP-keys of the sellers might be fake (for MITM).
But considering that feds generally seem to target sellers, I don't think the usefulness of this as a honeypot would be huge. But it's definitely possible, especially given that the feds have the source code and all.