The Internet has three features making it especially difficult to control in any centralized way: 1)Having relatively few gatekeepers (ISPs) means the Internet is not well-suited for centralized surveillance and law enforcement. 2)Attempts to control Internet content requires dealing with many countries and legal environments. 3)The Internet was built without any mean of validating identity; this is further complicated by the possibility of digital payments via anonymous services, and forwarding servers deliberately configured to mask the original source of a message.
Investigators learn something each time they shut down a site - unfortunately for them, so do the criminals. Police in multiple nations are often involved - especially in cases involving child pornography. Fortunately for investigators, child pornography is one of the few online activities condemned everywhere. The 'bad news' for some (eg. film pirates) is that once Internet providers implement technology to block child pornography, it's much easier for courts to also order them to block access to film piracy sources as well. Online poker sites, some YouTube links, Wikipedia entries, fringe religions, and euthanasia sites have also been blocked - throwing free-speech die-hards into fits.
The 'Privacy on the Computer' chapter reports on hackers seeding peer-to-peer file-sharing networks like LimeWire with malware titled as popular-sounding song titles. When downloaded and opened, the recipient computers come under external control. This control cold include key-loggers, as well as software that could turn on any webcams and microphones built into the infected computers. For those less sophisticated, tool kits make it simple to infect 'slave' computers with remote access tool (RAT), with only modest technical skill. It's also possible to just pay for a list of already compromised slaves. Because many computers are on continuously, motion-detection capability that sends pictures/video only after motion is detected is also available.
Computrace is a small, stealthy piece of code that can be installed on Windows computers. When connected to the Internet, the computer pings staff at Absolute Software at regular internals, providing the current IP address. If the computer is reported as stolen, an investigator could turn the IP information over to police. However, since determining a physical address associated with the IP is sometimes too tedious for police to bother with, Absolute can also remotely install its own RAT tools. Similarly, PC rental entities often install like software on computers they rent out. And of course law enforcement agencies have their own versions, and can easily overstep legal bounds - given the latest news about NSA's flaunting court orders, this probably happens more often than we'd think.
Botnets can infect thousands or even millions of computers around the globe. Botnet controllers take these networks and pass them specific pieces of spam, along with e-mail addresses to contact - all untraceable to the actual botnet owner. The Mega-D botnet infected over 500,000 computers and was at one point estimated to account for 32% of all spam. Its owner supposedly made $500,000 during 6 months in 2007 from just one client. Blockades don't work against botnet spam because it originates from so many sources. Mega-D's owner was eventually identified and arrested for sending ads promoting fraudulent products when he left Russia and traveled to Las Vegas.
Early spammers were easy to block, but soon learned to arrange for multiple contingency-servers, switching from one to another after the unit in use was blocked. Then came real-time black-hole spam-producer lists, used by numerous subscribers. The next development was the use of 'open relays' - servers that accepted messages from any machine instead of just registered members, and forwarded them to any other server. Hundreds of thousands of IT administrators made this error and it took years to overcome the problem.
The year 2003 brought customized spam-sending 'rat-ware' that usually exploited Windows security flaws. Legal civil action against those creating the problems was too slow and expensive; even identifying the spammers was difficult - averaging 133 hours for each one in a federal effort.
A 'Do Not E-mail' registry proposal was dropped because, unlike phone calls, spam couldn't be tracked with any reliability, and most originated in nations with little interest in helping U.S. efforts to reduce spam. An estimated 86% of global e-mail in 2005 was spam, rising to 89% in 2010, wasting vast amounts of Internet capacity. In early 2012, seven of the ten largest spamming operations identified by U.K.'s SpamHaus were believed to be in Eastern Europe. Domain names identified as command-and-control servers used bogus contact information. SpamHaus estimates there are only about 100 hard-core spammers left. Microsoft and others are increasingly suppressing entire botnets by cutting off their command-and-control servers and removing malware on user computers.
Moving on to illicit products vended via Internet, author Anderson reports finding a heroin source took only 5 minutes, and involved servers in the U.S., U.K. Germany, Switzerland, and India. The 'Silk Road' site operates brazenly by accepting no cash or credit, relying instead on anonymous, encrypted digital currency (Bitcoin), telling buyers to encrypt their mailing addresses and providing links to accomplish that, and using an 'onion routing' server service - Thor. Originally Thor was developed via military funding to help investigators/spies keep their origin locations secret.