Pluralistic: 15 Nov 2022 Tracers In the Dark

Today's links

The cover for the Penguin Random House edition of Andy Greenberg's 'Tracers in the Dark.'

Tracers in the Dark (permalink)

In Tracers in the Dark, Andy Greenberg traces the fascinating, horrifying, and complicated story of the battle over Bitcoin secrecy, as law enforcement agencies, tax authorities and private-sector sleuths seek to trace and attribute the cryptocurrency used in a variety of crimes, some relatively benign (selling weed online), some absolutely ghastly (selling videos of child sex abuse).

Bitcoin's early boosters touted its privacy protections as a game-changer, a way for people to exchange money with one another without anyone else being able to know about it. But the reality is a lot more complex. In a very important way, Bitcoin is the opposite of private: every transaction is indelibly inscribed upon the blockchain, linked to a pseudonymous identifier.

In theory, if you are careful about not linking a wallet address to your real identity, then your transactions are not traceable to you.

In practice, this is really, really, really hard.

There are so many ways to slip up and expose your identity, and even if you maintain perfect operational security, other people might slip up and do it for you. This is a lesson that many cryptocurrency users learned the hard way, as Greenberg documents.

The de-anonymizers who sought to expose Bitcoin transactions had a major advantage: users of Bitcoin believed the hype and really thought that the blockchain provided them with a powerful – even invulnerable – degree of anonymity. They used cryptos to buy and sell a lot of illegal things, from fentanyl to murder for hire, over long timescales. That meant that they attracted the attention of law-enforcement agencies, who were able to use the eternal, indelible blockchain to backtrack their subjects' every transaction to the very first days of cryptocurrency.

Like Greenberg's previous book, Sandworm (a history of Russian state-backed malware operations in Ukraine), Tracers uses current events to conduct a master-class in the art and science of digital forensics, laying out the tactics and countertactics of a specific kind of cyberwarfare:

Starting with the notorious Silk Road takedown, and moving through other "dark market" seizures like AlphaBay, Greenberg draws on incredible first-person accounts, digital forensics, court documents and well-placed sources to spin out a tense, exciting technothriller. We meet dirty cops, snake-eyed drug-lords, and brilliant technologists and researchers who find devilishly creative strategies to hide or uncover.

Greenberg also provides a rare and non-sensationalistic deep dive into the unthinkable world of child sexual abuse material marketplaces. These are the darkest corners of the human psyche and the digital world, and Greenberg's tick-tock depiction of the seizure of "Welcome to Video," the largest such market ever, is chilling.

In the final section of the book, Greenberg considers the geopolitics of secret money. We hear a little (too little, honestly) from people presenting the human rights case for financial privacy. This is a complex issue and I'm deeply ambivalent about it myself, but it's a subject worthy of its own book. This cursory treatment of human rights and finance is an inevitable artifact of the book's structure: if you chronicle the adventures of cops hunting criminals, you won't encounter the stories of oppressed people hiding from authoritarians.

But when it comes to other geopolitical questions – like the role of crypto in fueling state-backed ransomware from North Korea – Greenberg has a front-row seat, and his account of this aspect is top-notch.

Greenberg also gives some space to the claims of developers of more privacy-focused cryptocurrencies like Monero and Zcash, airing credible accounts of how these might correct the defects in Bitcoin's privacy model – and credible critiques arguing that they, too, will fall before forensic investigators' creative tactics.

Above all, this is a book about the attacker's advantage, the idea that defenders win by making no mistakes, while attackers need only find one single exploitable lapse to attain victory. Greenberg's account of the move/countermove dynamic of criminals and investigators are perfect illustrations of this phenomenon. The attackers – feds of various description – have many advantages, but above all, they are blessed not having to be perfect. They make all kinds of errors, and it doesn't matter, because no one is hunting them. Meanwhile, their quarry – largely unsympathetic criminals destroying their victims' lives without a shred of empathy – are haunted by minuscule errors in the distant past.

The attacker's advantage, combined with the blockchain's eternal and indelible memory, constitute a powerful argument against the possibility of using blockchains to attain financial privacy. We all slip up. The reason the feds catch their prey isn't that they're smarter – it's that they don't have to be. The feds don't permanently inscribe their every error on an indelible public ledger. The defenders have chosen a defense that involves this tactic. They have, in other words, chosen a system of privacy for the infallible – a category that effectively doesn't exist.

This makes for a pretty devastating critique of public ledgers as a tool of privacy. And also, you know, a cracking technothriller.

Hey look at this (permalink)

This day in history (permalink)

#20yrsago Alan Moore’s alternate history of the DC universe

#15yrsago Daily Show writer explains writers’ strike — if digital content isn’t worth anything, how come Viacom is suing YouTube for $1 billion?

#10yrsago Cufflinks that open hand-cuffs

#5yrsago Congress’s spending proves the GOP believes life begins at conception and ends at birth

#5yrsago Motherboard’s excellent, accessible guide to internet security

#5yrsago Senate Democrat is about to take the brakes off predatory payday lenders

#5yrsago Teardown of a consumer voice/location cellular spying device that fits in the tip of a USB cable

#5yrsago Social media’s “engagement”-based algorithms are intrinsically hospitable to conspiracies and fake news

#5yrsago Consumer groups’ labs advise parents not to buy connected toys, claim risk of strangers listening and talking to kids over the internet

#5yrsago 65 out of the top 100 most-cited scientific papers are behind a paywall, with a weighted average cost of $32.33/each

#5yrsago P2P downloaders spend more than non-downloaders on music, but pollster can’t do math

Colophon (permalink)

Currently writing:

  • The Bezzle, a Martin Hench noir thriller novel about the prison-tech industry. Yesterday's progress: 526 words (61019 words total)

  • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. (92849 words total) – ON PAUSE

  • A Little Brother short story about DIY insulin PLANNING

  • The Internet Con: How to Seize the Means of Computation, a nonfiction book about interoperability for Verso. FIRST DRAFT COMPLETE, WAITING FOR EDITORIAL REVIEW

  • Vigilant, Little Brother short story about remote invigilation. FIRST DRAFT COMPLETE, WAITING FOR EXPERT REVIEW

  • Moral Hazard, a short story for MIT Tech Review's 12 Tomorrows. FIRST DRAFT COMPLETE, ACCEPTED FOR PUBLICATION

  • Spill, a Little Brother short story about pipeline protests. FINAL DRAFT COMPLETE

  • A post-GND utopian novel, "The Lost Cause." FINISHED

  • A cyberpunk noir thriller novel, "Red Team Blues." FINISHED

Currently reading: Analogia by George Dyson.

Latest podcast: Sound Money

Upcoming appearances:

Recent appearances:

Latest books:

Upcoming books:

  • Red Team Blues: "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books, April 2023

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Newsletter (no ads, tracking, or data-collection):

Mastodon (no ads, tracking, or data-collection):

Medium (no ads, paywalled):

(Latest Medium column: "They Want to Kill Libraries"

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla