

How a drug dealer’s IP was found out by package tracking - r721
http://arstechnica.com/tech-policy/2015/05/how-the-usps-targeted-a-drug-dealer-via-his-ip-address/

======
fsk
You still don't know that's the reason he got caught. The real reason could be
something else, and this is just "parallel reconstruction".

"Parallel reconstruction" means that you catch someone using an "illegal"
information source. You then monitor him, wait for him to make a mistake, and
then that's the "official" excuse for how you caught him.

The police who testify in the case aren't even lying, because they only have
the "parallel reconstucted" evidence and not the illegal evidence that was the
original lead.

~~~
LLWM
Why does it matter if this is really why he was caught? The facts are that he
was caught, and there was a legal way for him to have been caught. That's why
parallel reconstruction is acceptable in the first place.

~~~
smtddr
_> >That's why parallel reconstruction is acceptable in the first place._

That's news to me. Does anyone find parallel reconstruction acceptable in any
situation whatsoever? HN gave me the impression that it's never good and a
strong indicator of corruption and/or lying. Am I wrong?

~~~
wtallis
All the rules of evidence ultimately stem from two goals: to discourage law
enforcement officers from harassing members of the public by violating their
freedoms and privacy, and to discourage law enforcement officers from unfairly
or prematurely narrowing the field of suspects by focusing on the first piece
of suspicious evidence they can get their hands on. (More generally: don't
punish wrong guy, and do punish right guy.) But once the deterrent has failed
and the evidence has been collected, you end up with a known criminal you are
unable to prosecute and that's a bitter pill to swallow, especially if the
criminal is very dangerous and the cops' mistake was minor. The deterrence
will never be 100% effective no matter how we blindly cling to that tactic.

The ideal course of action would probably be to admit all the evidence and
then prosecute both the suspect and the bad cops for their respective crimes,
but that's cost-prohibitive and for minor offenses even being prosecuted in
the first place is often too much punishment. So as usual we end up with the
courts accruing increasingly complex justifications to strike a compromise
where one is needed, but the compromise the courts manage to justify isn't
always a good or sensible compromise.

~~~
fsk
The problem in our system is that, when the police break the rules and get
caught, the only penalty is that the evidence is excluded. "Parallel
reconstruction" lets police evade even that tiny penalty for breaking the
rules of evidence.

Really, there should be some personal liability for the police when they do
something illegal to catch a criminal. That change isn't going to happen.

Also, "Making and selling certain chemicals." is something that shouldn't be
illegal in the first place.

------
rwmj
Legalize them already. Buying and selling drugs on the "dark net" has improved
the safety and quality of drugs, and reduced the violence of (street)
dealing[1]. We should be encouraging more of this.

[1] Source:
[http://www.economist.com/news/international/21629417-busines...](http://www.economist.com/news/international/21629417-business-
thriving-anonymous-internet-despite-efforts-law-enforcers)

~~~
gragas
Perhaps the "dark net" has improved the safety of drugs by removing the
violence of street dealing, but exchanging drugs without government regulation
is still dangerous; most people rarely, if ever, test the drugs they receive
from China and elsewhere.

When drugs are trading under names like "acid", "molly", and "ecstasy", it's
almost impossible for typical users to pinpoint exactly which chemical they
are about to ingest. All of the 2C's, NBOMe's, and of course LSD are typically
sold under the name "acid". And when people are dosing what they assume is
LSD, they might accidentally ingest 10–100 times the regular dose of another
psychedelic, sold to them as "acid". While it doesn't lead to many deaths each
year, safe drugs still kill people because they are unregulated and illegal.

"On May 7, 2011, in the United States, two young adults died after overdosing
on Bromo-DragonFLY, which they thought was 2C-E, and several others were
hospitalized during the same incident. Because they took a dosage appropriate
for 2C-E, those who took the drug received, in some cases, 100x the normal
dose. Both deaths followed seizures, vomiting blood, and terrifying
hallucinations. Several surviving victims are reportedly still suffering from
its physical effects." [http://en.wikipedia.org/wiki/Bromo-
DragonFLY](http://en.wikipedia.org/wiki/Bromo-DragonFLY)

I believe that government regulation and legalization could solve this
enormous public health issue.

~~~
nilved
> Perhaps the "dark net" has improved the safety of drugs by removing the
> violence of street dealing, but exchanging drugs without government
> regulation is still dangerous; most people rarely, if ever, test the drugs
> they receive from China and elsewhere. > When drugs are trading under names
> like "acid", "molly", and "ecstasy", it's almost impossible for typical
> users to pinpoint exactly which chemical they are about to ingest.

Of course, the obvious solution to this is to increase education and
availability of testing kits.

------
foz
_> Bates was arrested and taken to the Rockland Police Department, where he
was interviewed. He waived his Miranda Rights ..._

 _> ... He also consented to a search of his laptop and iPhone and gave
officers the passwords to his e-mail and Skype accounts._

Poor guy. I think he should have talked to a lawyer first before doing all of
that.

~~~
andrewchambers
Never give any info to the police you don't need to if you are under any sort
of investigation. They will always use it against you, it is their job.

~~~
krapp
Especially if you're actually guilty.

~~~
andrewchambers
I watch a bunch of shows where a camera man follows the police, and see people
confess all the time as soon as the officer asks "Are these your drugs under
the car seat?" etc.

One time I saw someone who didn't confess, they were released the next day
with no charges because they couldn't prove the owner of the drugs. Another
case was someone who didn't pay for petrol at the gas station. The police
caught them red handed, but they just kept saying it was an innocent mistake
(obviously wasn't). Police had to let them go after they paid.

Unless of course, you really are guilty and want to be punished, don't do it.

~~~
scintill76
> people confess all the time as soon as the officer asks "Are these your
> drugs under the car seat?" etc.

Not that I intend to ever be in this situation, but what's the proper answer?
Can't lying add another charge? So, do you lie, say nothing, "plead the
fifth", demand a lawyer, or something else?

~~~
andrewchambers
I think in America I think you have the option of saying nothing. It is hard
to keep your mouth closed because of the huge weight of social pressure
telling you to respect the police authority.

I haven't been in this situation myself, but I imagine doing this would
irritate the officers and cause you to be taken back to the police station and
need to stay there at least overnight.

~~~
karlshea
You can definitely say nothing, or just keep saying "I'd like to see a
lawyer". An overnight stay at the police station is not a big deal compared to
saying something stupid that you'll have to deal with for a lot longer.

Also something to keep in mind is that it's not illegal for cops to lie to
you.

~~~
indians_pro
Woah, are you serious? So could they do something like 'Yes sir, I know you
have Miranda rights, but since they passed <bs law> on <bs date>, if you are
caught with possession of <some drug>, you no longer have the right to remain
silent, and if you do, it can add up to <ridiculous amount> dollars to your
charges.'

What if the guy confesses something there and then later finds out the cop was
lying? Can he do something about it?

~~~
zaroth
This is actually their standard line, almost verbatim. Replace XYZ law with
'lying to me is illegal' and 'if you make this hard it will much worse for you
and I won't be able to help you...' It is a long and well established right
for the police to use deception to gain confessions. They will Mirandize you
and then convince and cajole you into waiving your rights. They do it every
day, and in almost every case.

------
ChuckMcM
Makes for an interesting metadata privacy case. Presumably you keep click'n
ship data forever, you find a 'bad' package, and back track the IP that was
checking on it, and then every other package that IP tracked. It looks like
they covered their bases with the possibility of a dynamic IP issue.

The weird thing is the temporal 'big data' thing. like keeping face id
fingerprints over time at various places, and when a person's face is
identified as one of interest then going back in time to see where their face
appeared. Or their license plate, or their cell phone IMEI, or any number of
random bread crumbs which are now dirt cheap to store for ever and ever.

------
eli
> methylone (also known as "molly")

I don't think that is generally true.

~~~
rythmshifter
its not. MDMA is molly. methylone is MDMC

------
mhuffman
How the hell are these people using the Dark Net to buy drugs, then not using
Tor or a vpn when checking websites to track their drugs?

~~~
rbobby
I would expect a tracking check from a TOR exit node to be a "clue". Might
even be grounds for reasonable suspicion (would need a judge/case law to know
for sure). Which is enough to isolate a package for a drug sniff. Though for
international shipments I don't think the postal service/border folks need to
meet a reasonable suspicion standard for a sniff.

I guess the take away is... never check your parcel's tracking details.

------
miander
It struck me from this article how thoroughly the USPS and investigators
practiced due diligence and did their homework during the course of the
investigation. They went through the proper procedures for opening the package
and made sure their Comcast records checked out. If you must use techniques
like data mining to look for suspicious activity this is how it should be
done.

------
paulhauggis
If you are going to buy or sell drugs online, at least figure out how to cover
your tracks.

------
clsec
This is just plain old bad opsec.

------
NKCSS
> Once they located Bates’ IP address, they may have checked to see if it had
> been used to search for other packages. But in the affidavit, United States
> Postal inspector Stephen Dowd seems to imply that this link happened in a
> more automated fashion. As he wrote, "The USPS database reflected that an
> individual using a computer or other device with IP address 75.67.6.214
> accessed the USPS Track 'n Confirm website to track the progress of both the
> Florida Parcel and Bates Parcel #1."

Is it just me, or does this just sound like a simple query in a relational
database? Don't see anything special here...

------
kmfrk
Deliveries is pretty good ... [http://junecloud.com/](http://junecloud.com/)

~~~
tlrobinson
Deliveries still contacts the USPS's website...

