Silk Road forums

Discussion => Security => Topic started by: pkn0cker on August 18, 2012, 08:19 am

Title: Info Needed on "Network Analysis Techniques" Used by "The Man"
Post by: pkn0cker on August 18, 2012, 08:19 am
Hey all. Neurotic first timer here,

I recently read an article about SR on Yahoo.ca of all places (no it wasn't the Gwark or whatever it was article), and even though they attempt to scare users away from the site by saying "authorities have ways of busting buyers by using network analysis techniques..." I'm still not convinced.

However, what are some of the ways that authorities COULD potentially track down a buyer from the web standpoint. Obviously if a suspicious package is sniffed out at the post office is one thing, but how could they track you down from the technical side? Say for example you got some bitcoins from depositing cash at your bank to a bitcoin exchange wallet, passed it around a few times to other wallets before landing on your SR wallet, and then using them to purchase something (assuming communication is encrypted between you and the vendor). Where are the loopholes there that you can see?

Just thinking out loud here, but for whatever reason if SR was shut down or the feds seized the websites information, they would potentially have public PGP keys on file in the messages that would highlight mailing addresses and what not, no? That's the only thing I can think of. Could your ISP see Tor traffic on their reports and the authorities might get suspicious of that? Anything that you can offer is greatly appreciated. Will check back after the weekend. Thanks all :)
Title: Re: Info Needed on "Network Analysis Techniques" Used by "The Man"
Post by: 010010 on August 18, 2012, 03:22 pm
I think the easiest and most effective way to catch buyers is at delivery. If you do your homework, it is almost infeasible to link the transaction to you. IMHO even if you buy BTC on MtGox via wire transfer from your bank, and pay the seller directly (without the SR tumbler), linking the transaction to you involves some paperwork and at least some technical expertise which law enforcement may or may not have. And at this point, (if you did your homework) they don’t even have a way of knowing what you ordered. And even if they did, as long as the stuff you ordered doesn’t arrive at your door (and they can prove that you have it), I don’t think that would suffice for a conviction.

Therefore, the “tracking down via the web” route is in my opinion totally infeasible especially if the target is a simple (and non completely idiotic) buyer. Catching you at delivery is just sooo much more effective!

Another scenario (IMO still more likely than “tracking down via the web”) is a data breach at one of your sellers, i.e. one of your sellers is assholey enough to store your address and orders. we all can only hope that they don’t do this.

In summary: they MIGHT do this for SELLERS, but even then, If LE has some reasonable suspicion, they will just install a keylogger on their PC and/or search their home.