Tuan C. Nguyen writes in Inside the secret online marketplace for illegal weapons that:
With just a few clicks, anyone with an internet connection can obtain some of the deadliest weapons known to man, an investigation by tech blog Gizmodo has revealed.
These include AK-47s, Bushmaster military rifles and even grenades — all of which can be sold, bought, sent and delivered on the Armory, a hidden website that functions as an online black market for illegal firearms. It’s there that Gizmodo writer Sam Biddle, who went undercover as an anonymous buyer, discovered a transaction process that uses an elaborate scheme that involves identity-concealing data encryption, an alternative electronic currency and a delivery method that allows both buyers and sellers to bypass the authorities without raising even the hint of suspicion.
Concerns over the ease of obtaining guns and other lethal weapons has gripped the nation in the aftermath of one of the deadliest massacre’s in recent memory when a heavily-armed lone gunman killed 12 people and injured 58 during a midnight movie screening just outside Denver. Shortly after, a paper trail revealed that the suspect built his arsenal through purchases made via a host of unregulated web sites, the Associated press reports. The existence of such portals is alarming in that not only can they arm a single deranged individual with enough ballistics to carry out a massacre, but also supply a group of terrorist rebels with enough artillery to lay siege to embassies and government offices, according to the report.
The post goes on to make much of the use of TOR (The Onion Router), which was developed by the U.S. Navy.
The TOR site relates in its overview:
Using Tor protects you against a common form of Internet surveillance known as “traffic analysis.” Traffic analysis can be used to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic allows others to track your behavior and interests. This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin. It can even threaten your job and physical safety by revealing who and where you are. For example, if you’re travelling abroad and you connect to your employer’s computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted.
I recommend that you take a look at the TOR site and its documentation. Quite a clever piece of work.
Taun see this in part as a “big data” problem. Sure, given all the network traffic that is being exchanged at one time, TOR can easily defeat any “traffic analysis” process. (Or at least let’s take that as a given for purposes of this discussion. Users are assuming there are no “backdoors” built into the encryption but that’s another story.)
What if we look at this as a “big data” being reduced to “small data” problem?
Assume local law enforcement has access to the local Internet “connection.” (It is more complicated than this but I am trying to illustrate something, not write a manual for it.)
My first step is to filter encrypted traffic from non-encrypted traffic, passing my current location. Since locations are fed by routers, I can just walk the chain of routers, filtering non-encrypted traffic as I go. I don’t have to worry about the content or even tracking the IP addresses of the sender. Eventually I have tracked the senders of encrypted messages down to the nearest router to the origin of the traffic.
My second step is to start using a topic map to combine other information known to the local police about an area and its residents. A person or group ordering heavy weapons, explosives, etc., is going to have other “tells” besides encrypted Internet traffic.
A topic map can help combine all those “tells” into a map of probable locations and actors, using a variety of information sources, TOR or other technologies not withstanding.
Rather than a “big data,” you now have a “small data” problem and one that can be addressed by the local police.