Into the dark web
Exploring the virtual bazaar of the World Wide Web—where anything goes
Climbing the wooden steps of a rundown triplex somewhere on the outskirts of the Sacramento grid, I wiped the sweat from my eyes with a sticky T-shirt that felt pasted to my chest. July was bleeding into August and it was hot. The flesh around my eyes sagged and my corneas felt like they were sprinkled with sawdust, strained by a staring contest my ceiling and I had been having since the night my AC went out. I was really in no condition to be doing any work that day, but I was flat broke, behind on rent and out of cigarettes.
So there I was, chasing a ghost.
The door opened before I was halfway up the steps. Drug dealers in my experience have always demonstrated exceptional environmental awareness, so I wasn’t shocked that he knew I was there. I was shocked, however, at his appearance.
He looked like a kid, the type who could be seen on any high school campus. What he didn’t look like was what he was—a drug-smuggling cocaine dealer on the run.
His name was Jim, which is to say his name probably wasn’t Jim. I don’t know his real name.
Jim made his living in a corner of the World Wide Web called the “dark web,” something that came along after I retired from that life in 2012, meaning I was unfamiliar with it. But I knew that life. I knew it well. I fought a vicious opiate and benzo addiction for 17 years, before I finally let the compassion and love of others seep in. In December 2012, I said enough was enough. It had been long enough to drift into Jim’s world comfortably, but not so long that it was unrecognizable.
Using easy-to-get encryption software, Jim orders his illicit product from nearly untraceable web pages, then has it shipped through the U.S. Postal Service, which screens only a fraction of its packages.
“This is the next generation of drug dealer, these dark web guys,” said William Ruzzamenti, director of the Central Valley High-Intensity Drug Trafficking Area, which is a division of the Office of National Drug Control Policy. “Thanks to them, the United States Postal Service is now the largest drug courier on the planet.”
Shaking my hand, Jim welcomed me inside his hideout, where I sat down on a black futon covered with a gray comforter that looked like it had been used recently.
“I know,” he said as he carried a laptop over to where I was sitting, placing it in front of me on the coffee table. “I look young.”
That’s when he said he was 19 years old.
Anatomy of an online drug trafficker
Also known as the “dark net,” the dark web is an expanding virtual space where anything goes. Think of it like eBay designed by Caligula, where digital currency can purchase any vice or horror man has dreamed up—drugs, stolen IDs, assassins, even webcam access to child dungeons.
And all of it virtually untraceable.
Both Ruzzamenti, who works alongside state and federal agencies as part of a narcotics task force out of the Sacramento County Sheriff’s Department, and DEA Special Agent Casey Rettig suspect the dark web played a role in the mysterious fentanyl overdoses that scourged 14 lives in the Sacramento region last year. Only one person has been tangentially connected to the conspiracy. Authorities still can’t say why counterfeit Norco tablets containing the much stronger synthetic opioid fentanyl were made and distributed, or who was behind it.
It sounded like science fiction to me. I knew the old-school drug game. Late-night drives with two hands on the wheel, praying the tail lights were functioning. I was used to sundown hand-to-hands. Jim was used to coffee roasters and street fairs.
Before his current troubles, Jim spent his days soaking up the south Florida sunshine, buying uncut cocaine with Bitcoin from a seller off the dark web. Jim would spend his nights flipping the product at retail prices to college kids, spring breakers, professional athletes, businessmen and tourists, who he claimed spent “stupid money” on the drug.
“Everybody wants to get high when they vacation down there, including people who’d never sniff coke back home,” he said.
Less than a month before, Jim says, the feds kicked in the unlocked doors of his home just before sun-up. Drugs were seized, the occupants’ hands were zip-tied and the apprehended were counted: The suspects were all there except for one.
Two days before the raid, a neighbor told Jim he’d seen some guys that looked like cops trying hard not to look like cops going through his trash. He had a feeling something was about to go down. He broke the neighbor off a gram to say “thank you,” then caught the first flight to Sacramento, where he had a friend in a shabby triplex with rickety steps.
I tracked down Jim through a matrix of online message boards where people discuss the type of things people discuss when they think nobody’s looking: sex, drugs, money laundering, credit card fraud, financial scams. Needless to say, popping in with, “Hey, I’m a writer doing a story on the dark web, would you be willing to talk?” wasn’t received with warmth. Jim was understandably hesitant at first, but eventually warmed to the idea of talking after skimming a few pieces I’d written.
Jim says he never ventured into the darker side of the dark web because it scared him, but he has plenty of acquaintances who did. He claims it changed them. He couldn’t say how, exactly, but it just did.
“So the first thing you wanna do,” Jim began, immediately absorbed by his computer, “is get a VPN. It’s a ‘virtual private network.’ It’s like a condom for your phone or computer. Everyone needs to use one of these, even if you’re just using the surface web.”
How the dark net works
The “surface web” Jim was referring to is the internet that most of us use day-to-day. The terms “deep” and “surface” were cemented in a 2001 white paper written by Michael K. Bergman for the Journal of Electronic Publishing, which explained that the surface web is the portion of the internet that can be found by search engines like Google, Bing or Yahoo. Any link that pops up in a search is considered part of the surface web.
According to Bergman, the vast majority of the World Wide Web resides below the surface, where pages and URLs are not found by search engines. These sites are part of the “deep web.” For example, your bank’s homepage is on the surface web. However, the intranet used by bank employees to communicate with each other is the deep web. There’s no way for someone to find those pages using a search engine.
These are the internet’s two neighborhoods—surface and deep. The surface is accessible to anyone, the deep is more exclusive.
But that exclusive neighborhood—the deep web—has a red light district. A dirty, shady, libertarian utopia where the black market adheres strictly to free market principles, absent of any government regulation. This is the dark web.
Media outlets often conflate the two terms, colloquially using “deep web” and “dark web” synonymously. They are not, however, the same.
To gain entry to the dark web, Jim explained, you need to download Tor, which is tech shorthand for “the onion router.” According to the book WikiLeaks: Inside Julian Assange’s War on Secrecy, Tor was originally developed in the mid ’90s by the U.S. Naval Research Laboratory with the goal of facilitating communication between members of the U.S. intelligence community. The Naval Research Laboratory released the open-source code for Tor to the public in 2004, and it’s been maintained by the nonprofit The Tor Project since 2006.
“Tor is a mask that hides your identity,” Jim explained. “You have to be wearing the mask to get to the good shit. No mask, no entry.”
With Tor and a VPN masking your IP address, you can then access what’s called the onion network. Here, instead of a site’s URL ending in .com, .gov or .edu, it ends in .onion.
According to Sarah Jamie Lewis, an independent privacy and anonymity researcher and dark web expert, data coming across the onion network is encapsulated by multiple layers of encryption, similar to layers of an onion.
When using the surface web without Tor, she explains, a computer requests data from a server directly from its IP, or “internet protocol,” which refers to a set of networking guidelines that allow two or more computers to communicate. This IP leaves a trace, meaning anything that’s sent or received leaves behind a device’s fingerprint, which can be traced back to the person.
Tor makes tracing someone’s movements on the dark web almost impossible, Lewis said in an email. Tor renders the user anonymous as it routes encrypted data requests through three different servers, positioned anywhere on the globe where internet access is available.
“The Tor [makes] three hops, [or in] the case of a hidden service connection, six stops—three from the user making the request, and three from the service responding to the request,” she wrote. “Each hop introduces a new layer of encryption.”
Not even the servers know what the requests passing through them are. They’re simply conduits of encrypted data. Were law enforcement able to somehow intercept the transfer of data between servers, they would still need to decode the encryption. Even then, there’d be no way of determining who made the request, since the Tor masks one’s identity and location.
In her email, Lewis called it a “robust” scheme.
Jim put it more succinctly. “It’s total privacy, total anonymity,” he said.
Preying on human error
Authorities have claimed a couple of big dark net victories, but they’re the exceptions that prove the rule.
Last July, one month before I found Jim, Attorney General Jeff Sessions took a victory lap for shutting down a group of dark web marketplaces, the biggest of which was a site called AlphaBay. These sites sold drugs, guns, child pornography and offered services ranging from hacking someone’s Facebook to ordering a hitman. The investigation involved the FBI, Drug Enforcement Administration, Dutch National Police and Europol.
Sessions praised law enforcement for what he called good, old-fashioned police work. But according to Phil Muncaster, an information technology journalist for the MIT Technology Review, traditional police work is only a factor once human error has occurred.
“Law enforcement has been able to capitalize on basic mistakes made by some of the perps,” Muncaster wrote in an email. “[I]f they all used Tor and anonymizing services correctly, police would stand no chance.”
The first and most infamous dark web marketplace was Silk Road, launched in 2011. Wired magazine called it the “Amazon of contraband,” but investigators were able to track down the site’s founder only after the real IP address, unmasked without Tor, was accidentally broadcast. Investigators were tipped off by a Reddit thread attempting to alert users of the breach.
AlphaBay founder Alexandre Cazes was discovered after password resets for the site were sent directly from his hotmail account, email@example.com.” That email was connected to his LinkedIn account for a computer repair service in Canada, leading investigators to his real identity and, eventually, his residence in Bangkok, Thailand. Cazes was found last July hanging in his jail cell, dead from an apparent suicide.
“We should remember that it still takes some skill to turn those rookie mistakes … into a concrete conviction,” Muncaster said.
Law enforcement has reacted by getting creative, which both the American Civil Liberties Union and the Electronic Frontier Foundation claim raises constitutional concerns.
In February 2015, a dark website that hosted child pornography called Playpen inadvertently revealed its IP address, giving the FBI the physical location of its server. According to the FBI’s website, the agency said it used “court-approved investigative techniques” for a joint investigation named “Operation Pacifier.”
But some government watchdogs believe the feds may have gone too far.
Court records show that the FBI hijacked the Playpen server and ran the site for two weeks, distributing child pornography but using a custom malware that exploited a hole in the Firefox browser, allowing the FBI to infect the computers and identify those who were downloading their illegal bait.
U.S. Judge Robert Bryan, a federal magistrate in Tacoma, Wash., ruled that Jay Michaud, one of the defendants caught in the Operation Pacifier sting, had a right to see the malware code that infected his computer as part of the case’s discovery. Federal prosecutors in Seattle chose instead to drop the charges and protect the code’s secrecy.
Annette Hayes, a federal prosecutor for the Western District of Washington, wrote in a motion following the judge’s decision that, “Disclosure is not currently an option.”
Light amid the dark
Despite being a professor of computer science at Sacramento State University, June Dai said the dark web is a place he chooses not to visit.
Dai, also the director for the Center of Information Assurance and Security, did point out, however, that the dark web is also used by political dissidents to organize in countries with strict censorship, and where real-world political activism risks a prison sentence.
“The dark web anonymity can be used for things other than bad things,” he said. “It is also used for protecting rights and speaking out against governments in places where such things are not permitted.”
Cindy Cohn, executive director of the Electronic Frontier Foundation, told The Guardian in August, “We see Tor use go up whenever a dictatorship takes over or a coup occurs. Tibetans, United Arab Emirates, Tunisia, Egypt. The list goes on and on.”
The journal Survival: Global Politics and Strategy published a study last year that found 40 percent of the dark web was used for illicit purposes. Cohn points out that, therefore, 60 percent is not.
Many newspapers, including USA Today, The New York Times and The Guardian, have launched their own secure drop servers for whistleblowers to upload documents using Tor and the dark web. The Panama Papers and recent FIFA scandals both came to light thanks to whistleblowers utilizing these tools to protect their identities. SecureDrop is an open-source submission system used by media outlets to gather information from sources whose identities cannot be revealed, protecting both the source and the journalist.
Jim doesn’t concern himself much with political activism, but he does think the dark web has its public safety benefits.
Retrieving a package from the closet with markings indicating it was shipped via the U.S. Postal Service to a P.O. box, he sits down and peels it open. Inside the cardboard envelope is a paper envelope, and inside that paper envelope are two vacuum-sealed packages: one containing white powder, the other containing a dozen pink pills.
“These were freebies,” he said, pointing to the pills. “My coke guy hooks me up. Once you make reliable connects on here, they start giving you better deals and sending you free shit. It’s like Yelp. They need a good rating to survive.”
He pulled up the site where he placed the order for the cocaine. Vendors indicate everything from purity of the drug to the methods they use for shipping. Most state they’re willing to walk first-time buyers through the process to mitigate the risks of shipping. When a vendor says their cocaine is uncut, previous buyers leave reviews either confirming or disputing the claim of purity. It’s easy to see from the outset which vendors deliver on the product they promise, and which do not.
The DEA’s Rettig strongly disagrees with Jim’s assessment that these rating systems reduce harm for addicts or for the community. “You cannot apply a rating system that works in the regular world, and apply it to an illicit substance,” she said.
“A person ordering on the dark web still has no idea what they’re getting,” she added. “I don’t think reviews by a bunch of drug addicts are going to make it safer.”
Jim seemed to disagree.
“The people I order from, I know them and they know I test what they send me,” he said. “This is 10 times safer than buying something that was cut with God knows what.”
In the meantime, there may be no stopping the dark web.
When AlphaBay was shut down, it had 10 times the number of users that Silk Road had. More than 400,000 users shopped the 369,000 listings spending $800,000 per day, according to Deep Dot Web, which monitors dark web frequency. Every expert interviewed for this story agreed that shutting down the dark web is not realistic. Like it or not, they all agree, the dark web is here to stay.
“It’s not a civilized world, this underground market,” professor Dai said. “There’s no way to shut it down or regulate it.”
Asked if this was the future of the internet, he paused. “I don’t know,” he said, still considering the question. “Nobody can answer this. Maybe. Maybe not.”
Ghost of a chance
Jim had disappeared. He stopped responding to emails, and I couldn’t find his username on any message boards. I remember him saying he’d lived in eight different states since 2012. That restless trait hadn’t diminished, it seemed.
Ghosts. They never say goodbye when they go.
Summer begrudgingly yielded to fall, with winter looming on the other side of Thanksgiving. Pulling the door open at Sacramento Harm Reduction Services, I’m greeted by Executive Director Melinda Ruger.
As its name suggests, the clinic meets drug users where they are in their addiction—providing resources to those who want to get clean, and overdose prevention training, clean syringes and other harm-reducing tools to those who are not yet ready.
The place is an island in America’s rekindled drug war, which is expanding to new frontiers thanks to both Sessions and criminal innovation. Meanwhile, guys like Jim proceed to order Schedule I narcotics online the same way the rest of us order Christmas gifts for our families.
There’s a tragic disconnect here that no one seems to be acknowledging.
How do we stop a generation—my generation—from killing itself with drugs?
The Centers for Disease Control and Prevention published a report in the December 2016 National Center for Health Statistics that found, for the first time in more than two decades, American life expectancy has actually declined.
National public health and safety experts pointed to the rise in overdose deaths and suicides as the culprit. CDC maps show California has been hit particularly hard. Deaths by “drug poisoning” have increased statewide more than 50 percent since 2002, far outnumbering car accidents. Overdoses have become the leading cause of death for people below the age of 50, and the CDC report found precisely what Special Agent Rettig and Officer Ruzzamenti both told me were decimating a population of young people across the country: illicit fentanyl from China being ordered over the dark web.
Neither Ruzzamenti nor agent Rettig sounded optimistic about the nation’s outlook. Law enforcement currently sits patiently awaiting the next dark web slip up, while USPS carriers continue operating as inadvertent drug mules.
It’s a clusterfuck. People are dying, prisons are filling up, and nothing changes. More people died last year than at the height of the AIDS epidemic. More Americans died from drug overdoses in 2016 than died during the entire duration of the Vietnam War.
As I watched Ruger and her staff interact with individuals caught in the grips of the epidemic, I realized I was witnessing something that was missing until now. All the interviews of dark web and cyber security experts, and DEA agents, and law enforcement officers, and drug dealers, they were all missing what was on full display at Harm Reduction Services: Humanity.
When a homeless woman walked in, crying hysterically, because all of her belongings had been stolen, I watched three different staff members approach her, give her a hug, rub her back, and tell her it was going to be OK. Here, drug addicts were treated by staff with kindness and empathy and understanding. They were treated as equals, with dignity.
I thought back to what Jim told me in the beginning. He told me there was humanity in my writing. I didn’t understand what he meant, and I didn’t care. That was my ticket in.
I still don’t know what he meant. But humanity wasn’t just my ticket in. Seeing humanity, in the flesh, up close and personal, shown to a group so used to being shown the opposite.
Turns out, it was also my ticket out.