
Dream Vendor "Canna_Bars" Sentenced to Prison - a5withtrrs
https://darknetlive.com/post/dream-vendor-canna-bars-sentenced-to-prison/
======
jasoneckert
What I find the most interesting about this article is that someone was able
to be identified using a picture of their fingerprints.

Thus, any photos posted online could be scoured for identification
information. And with computer vision technologies becoming more mature, it
means that regular video footage of people could identify them the same way in
seconds or less using a wide variety of different visual traits.

The implications of this on individual privacy are immense.

~~~
genewitch
There was some pytorch software called "enhance", i.e. ./enhance <image>
[options] and you could take an image that someone took of their unpowered tv
across the room and pull out a high resolution image of their face from the
reflection in the matte-ish surface.

I used it on reddit to convince people it was unsafe to post any images of
that sort. It seemed to work for about 6 months.

There's magic in image enhancement, but I don't know that ridges and valleys
of a fingerprint are there, yet. I don't even know that "this specific person
is scared that they leaked their face in a way that is recognizable to them"
even scales to "never upload anything" \- it could be this sort of news is
programming the population that computers can tease out identities with any
and all leaked information, pictures, audio, etc.

Heck, a decade and a half ago there were claims that governments could narrow
a search for an audio file upload based on the deviation from 60hz on the
power line noise - in an audio recording.

So who knows?

~~~
absorber
> Heck, a decade and a half ago there were claims that governments could
> narrow a search for an audio file upload based on the deviation from 60hz on
> the power line noise - in an audio recording.

Wow. Any source for this?

~~~
RisingFusion
I think it was referring to Electrical network frequency analysis, which is to
find the time that the recording was made. It compares small changes in mains
hum frequency to historic records of the changes. I am not sure how it is in
the US, but the UK grid has a single frequency over the network so it wouldn't
work for finding the location.

~~~
teruakohatu
The propagation of waves is very fast, but wouldn't distance from multiple
large sources or sinks fluctuate the frequency just slightly based on
distance?

~~~
torified
Distance doesn't change frequency, only velocity. Doppler effect.

------
varispeed
It's incredible that so much tax payer money and human resources are devoted
to defend pharmaceutical companies monopoly on drugs. By his inventory it
sounds like his customers would likely be people with chronic conditions that
have strong presence of pharmaceutical lobby to prevent legal sales of
cannabis and probably cannot afford Xanax through legal means because the cost
of getting medical help is extortionate.

~~~
grugagag
That wouldn't be too far from truth. 75 percent of people started their
addiction from prescription medication who then turn to the black market to
maintain their habit. The big pharma is loosing a large profit. They heavily
opposed marijuana legalization, their role in the war on drugs is quite clear
to me.

------
modin
> The pictures included closeup pictures of Porras’ hand with visible
> fingerprint ridges.

I thought via the title that they fingerprinted the lens used to take the
photograph, not that there was literal pictures of fingers.

~~~
heelix
I strongly suspected that is what they did too. Got to wonder if they used the
EXIF data to find him - linking photos of the pot and other social media/etc
public shots, then used the fingerprints as parallel construction.

~~~
ficklepickle
Imgur strips exif by default. I agree it sounds like parallel construction.

The article mentions they compared his finger prints to those from the
picture. How did they know to check against his prints? Sounds like they
already knew who it was, by means that aren't admissible as evidence.

~~~
Jabbles
Imgur certainly doesn't display EXIF by default, but are you sure it doesn't
retain it such that it could be obtained by a warrant?

~~~
Scoundreller
If I were them, I wouldn’t save it just to reduce my warrant workload.

Kinda like 4chan and DMCAs: there’s no point since it’s usually deleted by the
time it’s submitted anyway.

~~~
mianas
4chan is a bit special when it comes to government orders.

For example, they have a (heavily limited) de-facto warrant canary. Since damn
near all of them specify that no data should be deleted for a period of time,
posting is disabled on a board, or the entire site so nothing gets deleted.

They also disallow posting of files with embedded data (based on some
heuristic) and either strip exif data, or forbid posting images containing it.
(the exif stripping thing comes from people accidentally doxing themselves by
posting an image from facebook a few years back)

------
mschwaig
'So we have these fingerprints, and we think they belong to this guy we
already have prints on file for. Can you give us a yes/no answer if they match
up?'

seems like a pretty low bar for evidence. Seems like the kind of thing that
could heavily skew towards telling you what you want to hear. Maybe someone
else knows if it actually works like that, the writeup made it sound like that
to me.

I'm just some guy who saw a tv documentatary at some point about how forensic
techniques that worked like that got called into question when conflicting DNA
evidence started turning up.

~~~
zapdrive
My understanding from skimming the article is, they only identified the
suspect from fingerprints. After identification they did surveillance and
gathered additional evidence.

~~~
mschwaig
> The FDL [HSI Forensic Document Laboratory] returned the request after
> conducting a comparative analysis of the friction ridge detail of the
> fingerprints from the Imgur album and the fingerprint samples taken after
> police had arrested Porras for a different crime. The fingerprints in the
> Imgur album matched the prints they already had on file for Porras.

It doesn't sound like that to me, but maybe I am misunderstanding what a
comparative analysis would entail.

~~~
zapdrive
It doesn't say they arrested him immediately after the match. If you read the
article they say they placed multiple orders and would surveill him after
every order. That's how they gathered evidence.

~~~
mschwaig
I did read the article. I am interested in how forensic evicende like that is
gathered in general and how reliable it is in general. It's debatable what
role that fingerprint played in that investigation, but I did not want to call
into question that particular outcome.

For example my impression is that DNA evidence is very reliable while for
example optically matching hairs or matching bite marks, which I think was
done in the past in a similar 'does A match B setup' is fairly unreliable.

It's interesting to me both from both the 'what bar does evidence have to meet
to make sure there are no false convictions' side as well as the 'what are the
privacy implications of posting pictures with fingerprints in them' side.

------
djinnandtonic
I don't like to sound like I'm wearing tinfoil, but I'm not sure I believe
this. We keep getting eyebrow-raising explanations for how computer criminals
are caught; I always ask why bother?

The American intelligence apparatus has compromised nearly all network
traffic, from hardware backdoors on up. I assume the real way this person was
detected and caught would be too embarrassing to admit, hence the
fingerprints-from-a-photo cover.

~~~
justanotheranon
Parallel Construction.

it would be a national security catastrophe if it leaked that NSA was bulk
decrypting all TLS/SSL traffic Internet-wide, by using a giant rainbow table
of prime pair products for instant decryption without factoring, which was
first proposed by Rabin back in 1997 at a NIST working group for establishing
crypto standards.

then NSA would lose the biggest SIGINT advantage since ENIGMA back in WW2.

so instead, DEA is tasked with finding the dummies who post photos of their
hands or bookshelves or who made n00b opsec mistakes like re-using handles or
email accounts that connect to their real names. then DEA applies Parallel
Construction to fabricate an investigative evidence chain to present to the
Court. the Court never needs to know the truth.

by the way, i personally do believe NSA is doing this, and all of Tor is as
good as plain text to Ft Meade, because Rabin's idea really would scale with
today's computing and storage capacities, and because that is exactly what i
would do too.

just what do you think Bluffdale is really for?

~~~
schoen
> by the way, i personally do believe NSA is doing this, and all of Tor is as
> good as plain text to Ft Meade, because Rabin's idea really would scale with
> today's computing and storage capacities, and because that is exactly what i
> would do too.

I love to talk about how we can mitigate attacks on cryptography as much as
the next person, but have you looked at what algorithms Tor uses?

While they have a bunch of alarming legacy 1024-bit RSA and DH stuff, they
also have Ed25519 identities and Curve25519 ECDH key exchange, plus running
everything over TLS with various ciphersuites -- many of which are now ECDH.

[https://github.com/torproject/torspec/blob/master/tor-
spec.t...](https://github.com/torproject/torspec/blob/master/tor-spec.txt)

The type of handshake and key exchange is chosen by the client, and I think
the default has been to prefer the ntor method for a long time.

------
mabbo
> Porras also admitted possessing a Model A uzi-style pistol; a MAK 90; and an
> S&W .44 caliber revolver. Although all weapons in Porras’ possession were
> legal firearms (the uzi-style pistol used post ban parts), a felony
> conviction for possession with intent precluded firearm ownership.

Can someone explain this part to me. Was he _previously_ convicted of a crime
that precluded ownership? Or are the police able to take legal behaviour and
change it to illegal behaviour later on?

~~~
ciarannolan
Felons cannot own guns in the US. There's nothing complicated about it.

~~~
garrettgrimsley
It's actually more complicated than that. In many states if you are convicted
of a non-violent felony then at the end of your sentence your firearm rights
are automatically restored. There are also the cases of pardons, expungements,
and other restorations of civil rights. It varies by state, and while USC
922(g) outlaws firearm ownership possession by _any_ felon, in practice the
Federal courts look at whether the person has had their civil rights restored
in the state of the alleged offense. When it comes to Federal charges, the
prospect of amelioration is grim. In the Federal scenario, there is no
expungement or pathway to restore your civil rights, but a pardon is possible.
[0]

There's also a discussion to be had about your and the legal definition of a
"gun." For example, antique firearms such as some black powder rifles are
specifically excepted [1] from the Federal legislation, but it could vary on a
state by state basis.

[0] [https://www.justice.gov/archives/jm/criminal-resource-
manual...](https://www.justice.gov/archives/jm/criminal-resource-
manual-1435-post-conviction-restoration-civil-rights)

[1]
[https://www.law.cornell.edu/uscode/text/18/921](https://www.law.cornell.edu/uscode/text/18/921)

------
syspec
> We know, thanks to documents from other Operation Dark Gold cases, that
> Porras had used a money laundering service controlled by Homeland Security
> Investigations

Geeze

------
ddelt
I’m reading a lot of comments here which tackle the thorny topic of
decriminalization of drugs in the US that we have historically over-
prosecuted. I happen to agree with this sentiment as well. But almost everyone
here arguing for a middle ground agrees that things won’t change because all
three branches of the US seem determined to keep a hard-line or zero tolerance
policy on drugs, even when legalization and medical supervision, creation of
new business and exploration of safer alternatives and research into benefits
of said drugs are brought up as arguments and are summarily dismissed because
“reasons”.

What are some actual, practical steps we all can take towards making
decriminalization a reality?

------
Scoundreller
So uhhhh, who’s building a deep fake generator that’ll transpose someone
else’s fingerprints on a photo containing another hand?

------
booleandilemma
I wish more resources were spent on law enforcement at the local level,
fighting _real_ crime. They could have more police patrolling the streets and
subways, deterring assaults[0] and daylight shootings[1].

Does anyone really care that this drug dealer is locked up? Is anyone safer
now? Do I have to worry any _less_ about getting mugged on the subway at
night?

Of course people are calling to defund the police, and if that happens I’ll
have to be more worried.

[0]: [https://www.nydailynews.com/new-york/nyc-crime/ny-
homeless-m...](https://www.nydailynews.com/new-york/nyc-crime/ny-homeless-man-
arrested-women-shove-penn-station-video-20200919-mvusy4lbk5fm5iqzis5samcdae-
story.html)

[1]: [https://nypost.com/2020/09/08/three-injured-in-broad-
dayligh...](https://nypost.com/2020/09/08/three-injured-in-broad-daylight-nyc-
shooting/)

~~~
mleonhard
The drug dealer was selling meth. Meth destroys people. And meth addiction
leads to many robberies and burglaries. I think punishing this meth dealer is
a net positive for society.

~~~
Sevrene
Someone will just fill the void left by this vendor and no harm will be
removed. It wont be a net positive at all. In the end, all there will be is
another person ruined.

I don't think it's right to punish a pub for all problems caused by alcohol
intoxication, but I do think punishing a pub for serving alcohol negligently
is okay.

My understanding is one of the main reasons methamphetamines are so widely
used and sold is because meth is cheap and easy to make compared to safer
possible alternatives. That indicates to me that this seems like a market that
needs regulation, not prohibition.

I'm not saying meth should be legal, I'm saying the drug market can be
regulated to reduce harm. If that regulation means disallowing certain
substances that do cause excessive harm, that's a good thing too.

------
cnst
I've always been conscious of fingerprints potentially showing up in the
photos.

 _Just because you 're paranoid, doesn't mean they aren't after you._

The same thing goes about keys -- it's amazing how people willingly share
photos of their keys (with full signature and all) in full view.

~~~
EmilioMartinez
Always wondered the same. More so, it baffles me that locksmiths use physical
keys to copy new keys, propagating errors in the long run.

~~~
Dylan16807
They have the machines to cut keys to code spec but don't bother using them?

------
anewguy9000
this guy should not be in jail. if he lived a little further north he could
grow cannabis in his back yard. its wrong and its immoral but i guess the old
white dudes in capes playing judge grew up thinking cannabis makes you into a
rapist

~~~
tartoran
They charged him on multiple charges * illegal possession of firearms,
distributed a few kilos of Xanax and also lots of marijuana over 2 years or
so. If he sold pot only he'd probably get a suspended sentence as a first time
offense. I think he got a bit greedy, had he stopped short at some point and
went on a year long vacation around the world he would probably be still free
now.

~~~
anewguy9000
as i understood it the firearms were legally owned but became illegal because
of the traficking charges

~~~
tartoran
Maybe you're right and I'm sure they 'overcharged' as much as they could, did
take their time collecting a whole lot of evidence against him. But, he knew
what he was doing. If he stopped at pot he probably would be on probation or
something.

------
peter_d_sherman
>"Vendors sent the money launderer a certain amount of Bitcoin and the money
launderer mailed cash back to the vendor."

My question:

If Party A sends Party B Bitcoin, and Party B sends Party A money, and that
transaction is considered "money laundering" \-- then let's suppose Party A
sends Party B _gold_ (coins, bars, bullion, etc.), and Party B sends Party A
_money_ \-- does that transaction also count as "money laundering"?

?

------
userbinator
Legal or otherwise, I've seen plenty of sellers holding their products while
photographing, so I wonder why it's done --- personally I think it looks a bit
unprofessional to have a hand or other things showing. Putting it on a table
or otherwise featureless surface would look far better to a prospective buyer.

~~~
renewiltord
It gives the impression you didn't just stock photo it or reuse someone
else's.

------
themark
Things I learned:

Use the spell checker.

Randomly misspell different words.

~~~
SpelingBeeChamp
Check out Anonymouth:

[https://github.com/psal/anonymouth](https://github.com/psal/anonymouth)

(How do you hyperlink text here?)

------
ourmandave
There's useful links at the bottom of the page, like the Darknet Market's
Noobs Bible. =)

 _Hello and welcome to the Darknetmarkets bible for buyers.

The buyer's DNM bible aims to be a complete guide that covers all steps that
users have to take in order to buy securely from darknetmarkets._

In case you're thinking about launching your criminal career or whatever.

~~~
non-entity
In what world does purchasing from a DNM make you a career criminal? What if I
buy a completely legal item?

~~~
unnouinceput
None. Doubt you find legal items there though. Maybe you find legal items in
some parts but illegal in others, like marijuana is now in US. Better have all
papers prepared to prove you made the purchase in a legal state though.

~~~
bunfunton
Good thing that the government has to prove our guilt instead of we having to
prove our innocence.

------
antihero
What a colossal waste of time. Prosecuting someone for selling online
something that is illegal in a lot of states. Mindblowing how stupid the war
on drugs is.

~~~
aristophenes
I can partially understand that point of view for marijuana (though I think
it’s important for a functional society to obey laws, and get them changed if
they aren’t working instead of just breaking them based on personal
preference). But the guy had been selling methamphetamine too, which is life
destroying poison. Our government provides costly services for people who are
incapable of taking care of themselves, and that drug creates a bigger burden
on those programs. Unless you also advocate for the removal of social safety
nets I don’t see how you can justify thinking that the government shouldn’t
try to limit drug use.

~~~
bunfunton
Meth isn’t life destroying poison sorry to inform you. I take 10mg for ADHD a
day and it’s saved my life when all other alternatives have failed. I would
argue the bad cases you’ve seen are from people with no self control. Why
should the government be able to tell you what you can and cannot put into
your own body? Better, let people do what they want as long as they don’t hurt
anybody else and educate them.

~~~
jonquest
I challenge to do a google image search for faces of meth and come back and
say that again with a straight face. That stuff is a poison that destroys both
mind and body. If you think self control is enough to keep that stuff from
rotting your face, making your hair fall out and keep yourself from going
crazy you are foolish. Comparing it to ADHD medications is plain and simple
stupid. If you think meth is the drug you need to focus you already need
professional help because there are lots of stimulants out there, even
illegal, that have nowhere near the side effects and consequences of meth.

~~~
leadingthenet
Stop it with the hyperbole, as you clearly have no clue what you’re talking
about.

Methamphetamine is routinely prescribed for the treatment ADHD (also obesity
and narcolepsy, amongst other off-label uses), and is sold under the brand
name of Desoxyn (in the US). Meth IS medication!

On that note, maybe don’t believe everything you read about drugs online.

~~~
pitay
I may need to clear up a misconception of mine, so here goes.

Isn't it Dexamphetamine that is the routine treatment for ADHD? As far as I
understood, methamphetamine has much stronger effects than dexamphetamine,
also meth been prone to cause more adverse effects and have more neurotoxicity
than the dex counterpart?

Maybe I'm completely off base here.

~~~
Lazare
Dextroamphetamine is a common first line treatment for ADHD, but
methamphetamine is a second line treatment.

A lot of the information about methamphetamine is, bluntly, propaganda. For
example, there seems to be nothing about methamphetamine that is uniquely
harmful to teeth, but "meth mouth" is a common trope. When taken orally at
therapeutic doses it's not clear methamphetamine is any more harmful than
dextroamphetamine, but it's certainly possibly it has more scope for abuse.
It's certainly dangerous at high doses! Unfortunately it's hard to find hard
data and not drug war propaganda.

~~~
pitay
Thanks for the reply. Is second line treatment, what is heard from others may
be derived from drug war propaganda, got it. This clears things up nicely.
Thanks.

------
iseanstevens
A friend described that many in the government/military of Nazi Germany
(including Hitler) were using significant amounts of amphetamines. Which in
part lead to the atrocities of humanity that occurred. I can’t speak to the
truth of this, and have definitely seen the US War on Drugs as a way to treat
people unfairly based on race etc. I would certainly believe something similar
is going on with the Trump administration. It would at least make a bit of
sense as to why so little sense is being made. Anyways I thought it was an
interesting theory so figured I would relay it here.

~~~
lioeters
Blitzed: Drugs in Nazi Germany by Norman Ohler, Shaun Whiteside (Translator)

[https://www.goodreads.com/book/show/29429893-blitzed](https://www.goodreads.com/book/show/29429893-blitzed)

