Silk Road forums

Discussion => Silk Road discussion => Topic started by: NorthernStar on October 08, 2013, 10:39 pm

Title: Guardian Article ( with comical drawing of ross/dpr ) In The Dock
Post by: NorthernStar on October 08, 2013, 10:39 pm
Check this: who ever drew that needs shooting.  http://www.theguardian.com/technology/2013/oct/07/fbi-bitcoin-silk-road-ross-ulbricht
Title: Re: Guardian Article ( with comical drawing of ross/dpr ) In The Dock
Post by: NorthernStar on October 08, 2013, 10:45 pm
Here's another interesting theory as to how the feds cracked the location of the server:

Silk Road: suspicions grow that server was hacked ahead of arrests

How do you find a site that's hosted on the Tor system? In theory, you can't - which is why there are questions over how the FBI could image it and take it down last week
here's a new theory about how the FBI And CIA tracked down the physical location of the Silk Road servers, and it has nothing to do with the man accused of being the site's operator, Ross Ulbricht, or queries he might have made on StackExchange.

Instead, the rumour in hacker circles is that the CIA - with or without the help of the National Security Agency - accessed the server via Tor, and somehow ran an exploit on it which meant that they could locate it over the "normal" internet.

Having done that, they then got in touch with the company hosting the server itself (which may be in Iceland, as we'll explain) and then managed to take an image of the server. They may also have planted tracking systems on the server which allowed them to trace those who logged in to Silk Road - which would certainly help to explain how the British police last week arrested four men on suspicion of supplying controlled substances through Silk Road.

That was the suggestion last week from Nicholas Weaver, when the news broke.

Weaver, who is based at the International Computer Science Institute, commented on a piece about the initial arrest that

    the biggest weakness of the complaint (which is not something that really needs to be answered here, but will need to be answered in court) is how the Silk Road server was discovered.

    I would suspect that, since it was imaged without being noticed that what happened is the FBI (with a warrant) hacked the site sufficient to discover the site's IP by generating a non-Tor phone-home, and then contacted the country of the hosting provider which then got the server imaged.

    Yet since the server imaging didn't involve taking the server down or disrupting service sufficient to spook Mr DPR into taking his bitcoins and running, I suspect that this was some virtual-machine hosting provider.

Now, that's not how it was done according to the affidavit filed last week by FBI agent Christopher Tarbell. That points to Ulbricht's LinkedIn profile, his use of a real photograph in a package of fake IDs (which it is claimed led Homeland Security to Ulbricht's address), his queries on StackExchange under his own name (which he then changed) about connecting to Tor via PHP, his seeking out of courier firms, and paying someone to murder someone else.

It also describes how agents tracked back to early promotion for the Silk Road site and found messages posted on drug discussion forums and Wordpress blogs by a user called "altoid", which was found to be linked to a Gmail address, apparently registered to Ulbricht.

Ulbricht faces charges of money laundering, narcotis trafficking, computer hacking and soliciting a murder. A lawyer for Ulbricht last week said "We deny all charges".

But Tarbell's description doesn't contain the chain of evidence that one would expect for an arrest - and a breakthrough - of this magnitude. Putting together the fragments of evidence contained in the affidavits, one doesn't get a picture of someone who is self-evidently the "Dread Pirate Roberts" who operated Silk Road.

One other matter that isn't widely known: the initial affidavit doesn't have to describe how the FBI actually built its case. It only has to describe how it could have built its case, and persuade a judge to sign an arrest warrant.

That is why suspicion is growing that the Silk Road servers were actually quietly hacked, and were exploited to reveal details about their users.

Those suspicions won't have been eased by the comments of the director general of the UK's new National Crime Agency, Keith Bristow, who said of the arrest of the four Britons that "the hidden internet isn't hidden and your anonymous activity isn't anonymous. We know where you are, what you are doing and we will catch you."

Some internet sleuthing, meanwhile, suggests that the Silk Road server itself may have been hosted in Iceland: Runa Sandvik, who works on the Tor Project, notes that there's an Icelandic server at https://193.107.86.49/ which has a self-signed certificate, and redirects to silkroadvb5piz3r.onion - the Silk Road website.

But, Sandvik points out, the FBI affidavit says that the server was imaged (ie copied) as part of a Mutual Legal Assistance Treaty request - and Iceland doesn't appear to be a signatory to a MLAT with the US. "That leaves us with Latvia and Romania, Sandvik comments.

So we're left with uncertainty which might not be answered until the FBI brings its full charges to the courtroom. Did a US agency use an exploit - perhaps even a zero-day one (ie, not previously notified) to hack the Silk Road server, and so gain access to details about who was accessing the server - and then follow the trail back to its alleged owner and users? Or was the takedown of Silk Road the result of painstaking piece-by-piece detective work? This is a trial which will be watched with great interest.

• How can the FBI seize Bitcoins from Silk Road?
Title: Re: Guardian Article ( with comical drawing of ross/dpr ) In The Dock
Post by: IForgotMyFuckingPassword on October 09, 2013, 02:48 am
You're not looking at this realistically or practically; you're basic this on what should be, not what is. I'll explain why. I'm not attacking you personally, and this is not me siding with the Feds. I despise them, but having seen my fair of American jurisprudence, I'm going to explain to you why you're just speculating and why that's irrelevant.

Here's another interesting theory as to how the feds cracked the location of the server:

Silk Road: suspicions grow that server was hacked ahead of arrests

Instead, the rumour in hacker circles is that the CIA - with or without the help of the National Security Agency - accessed the server via Tor, and somehow ran an exploit on it which meant that they could locate it over the "normal" internet.
I beg your pardon? I'll forgive you for because I think you're British (or Aussie, Canadian, or from somewhere other than the US). The CIA, as a whole, couldn't get out of bed without tripping over their own dicks. They aren't really that good at what they do. So they exploited a zero-day in Firefox; I know people that could do that from their mom's basements. They don't need to use the CIA for that.

Having done that, they then got in touch with the company hosting the server itself (which may be in Iceland, as we'll explain) and then managed to take an image of the server.
If the servers were located in Iceland, you can stop there. Iceland is a NATO member and a US ally. The US provides most of Iceland's military defenses. The US can ask Iceland for the information; Iceland has the right to refuse.

That was the suggestion last week from Nicholas Weaver, when the news broke.

Weaver, who is based at the International Computer Science Institute, commented on a piece about the initial arrest that

    the biggest weakness of the complaint (which is not something that really needs to be answered here, but will need to be answered in court) is how the Silk Road server was discovered.

Not really. FISA, ECPA, and the Patriot Act all give the government the right to obtain information from foreign sources without a search warrant. FISA lets them eavesdrop on foriegn communications even when US citizens are involved (which is applicable here whether I agree with it or not). Courts have interpreted the ECPA to allow seizure of electronic data sans warrant (when information is stored on a server for more than 180 days, it's considered abandoned and is fair game -- if it's on the suspect's personal computer, then they need a warrant). And the Patriot Act gives them permission to obtain information from foreign governments without getting a warrant.

So no, they don't need to declare how they got the information. Actually what I should say is that, if the information is stored in another country, that's all they need to say; they can admit that they didn't have a warrant in court without having the evidence thrown out. He's a computer scientist, not a lawyer. And the server image was taken by a foreign government and handed to the US (or that's what they'll say). That's all they need to say.

    I would suspect that, since it was imaged without being noticed that what happened is the FBI (with a warrant) hacked the site sufficient to discover the site's IP by generating a non-Tor phone-home, and then contacted the country of the hosting provider which then got the server imaged.

    Yet since the server imaging didn't involve taking the server down or disrupting service sufficient to spook Mr DPR into taking his bitcoins and running, I suspect that this was some virtual-machine hosting provider.
Is it the FBI or the CIA?

Now, that's not how it was done according to the affidavit filed last week by FBI agent Christopher Tarbell. That points to Ulbricht's LinkedIn profile, his use of a real photograph in a package of fake IDs (which it is claimed led Homeland Security to Ulbricht's address), his queries on StackExchange under his own name (which he then changed) about connecting to Tor via PHP, his seeking out of courier firms, and paying someone to murder someone else.
DHS visited someone at that address who matched the picture an claimed to be Ulbricht. Look, I'm not saying that the Feds don't lie, because, in fact, they lie quite often. But why would DHS pick Ulbricht out of 300 million American citizens to frame as DPR? None of that part of the complaint (i.e. the DHS visit) suggests that Ulbricht is/was DPR.

A lawyer for Ulbricht last week said "We deny all charges".

But Tarbell's description doesn't contain the chain of evidence that one would expect for an arrest - and a breakthrough - of this magnitude. Putting together the fragments of evidence contained in the affidavits, one doesn't get a picture of someone who is self-evidently the "Dread Pirate Roberts" who operated Silk Road.
Again, I must interrupt because:
1. It's a complaint; it does not HAVE to contain every piece of material evidence that they have against him. Compliants often don't. That's what they needed to get an indictment from a grand jury. Any evidence they have is not required to be released to his attorney until the discovery process begins. As for the public, they don't have to disclose shit. If it goes to trial and that trial is open to the public, it will come out; if he agrees to accept a plea bargain, then that may never be revealed.

2. They don't really need to prove that Ulbricht is/was DPR; they just need to show he was involved in running SR. He's charged with conspiracy on all counts; if charged with conspiracy, he doesn't need to be involved in ALL aspects of every crime. Instead, under US law, all parties who engage in a group of crimes are guilty of all crimes committed, no matter who does what (e.g. I knowingly drive you to someone's house in which you shoot and kill somebody; it was your weapon, you killed him inside the house, and I didn't get out of the car. Guess what? We're both guilty of conspiracy to commit murder, which is just about the same as being convicted of murder).

3. FWIW, this is Tarbell's 2nd high profile bust, Lulzsec being the 1st. He knows how to play the game. I'm not a fan, just sayin' ...

One other matter that isn't widely known: the initial affidavit doesn't have to describe how the FBI actually built its case. It only has to describe how it could have built its case, and persuade a judge to sign an arrest warrant.
Actually, that's quite well known. Anyway, the complaint isn't where they need to show that. IF they need to show anything anywhere, it's at trial. The FBI doesn't disclose how it "builds its case" in criminal complaints. Again, if they make a plea deal, it may never be disclosed. See above.

That is why suspicion is growing that the Silk Road servers were actually quietly hacked, and were exploited to reveal details about their users.

Those suspicions won't have been eased by the comments of the director general of the UK's new National Crime Agency, Keith Bristow, who said of the arrest of the four Britons that "the hidden internet isn't hidden and your anonymous activity isn't anonymous. We know where you are, what you are doing and we will catch you."
Hacking a server in a foreign country is not illegal in a criminal investigation. Even if they did receive a warrant, that information would not be declared publicly.

Some internet sleuthing, meanwhile, suggests that the Silk Road server itself may have been hosted in Iceland: Runa Sandvik, who works on the Tor Project, notes that there's an Icelandic server at https://193.107.86.49/ which has a self-signed certificate, and redirects to silkroadvb5piz3r.onion - the Silk Road website.

But, Sandvik points out, the FBI affidavit says that the server was imaged (ie copied) as part of a Mutual Legal Assistance Treaty request - and Iceland doesn't appear to be a signatory to a MLAT with the US. "That leaves us with Latvia and Romania, Sandvik comments.
MLATs aren't required for information sharing. If it doesn't violate Icelandic law, then the US doesn't care. Even if it did, they still wouldn't care; it's not illegal in the US.

So we're left with uncertainty which might not be answered until the FBI brings its full charges to the courtroom. Did a US agency use an exploit - perhaps even a zero-day one (ie, not previously notified) to hack the Silk Road server, and so gain access to details about who was accessing the server - and then follow the trail back to its alleged owner and users? Or was the takedown of Silk Road the result of painstaking piece-by-piece detective work? This is a trial which will be watched with great interest.
You are aware that over 95% of US criminal charges are never brought to trial, no? The overwhelming majority are resolved by plea agreements. Prosecutors heap on the charges to scare people into copping a plea. And it's not just fear that drives the trend; those who are brave enough to go to trial are often found guilty by juries, including many who would appear to most ordinary people to be innocent. They end up being sentenced to LONGER prison terms than they were stipulated in the plea deal (e.g. the prosecutor offers you a deal of 10 years and the jury convicts you of a more serious offense for 30 instead). There's nothing certain about a trial, which is why lawyers advise their clients to take the plea deal.