[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Silk Road taken down by FBI

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Silk Road taken down by FBI
From: Gordon Morehouse <gordon@xxxxxxxxxxxx>
Date: Fri, 04 Oct 2013 08:57:04 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 04 Oct 2013 12:12:00 -0400
In-reply-to: <20131003225403.GO31806@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1CAE0C3B-25E9-4EF7-9845-27AE78D8060F@xxxxxxxxx> <1380743370194.4712dba6@Nodemailer> <524CC9AD.2090206@xxxxxxxxxx> <20131003020700.GK31806@xxxxxxxxxxxxxx> <20131003031708.GC15487@xxxxxxxxxxxxx> <524D8A2E.40106@xxxxxxxxxxxx> <CAM=ga68YBfOJpLJoROBix8P+nroLL-JBMNaZj=UD4fQNegXwXw@xxxxxxxxxxxxxx> <CADNU9K58ob0HPAKJPQYpqdopyzv4jifE7_Pd3=+m8=TU4_wYqg@xxxxxxxxxxxxxx> <524DDA91.30008@xxxxxxxxxx> <20131003225403.GO31806@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Roger Dingledine:
> To be more concrete, their job here is to link the guy to the
> website. So if they had a pretty good idea of who the guy was, but
> not enough evidence to bust him, it makes sense to me that they
> would go find one of the servers, collect all the evidence they can
> from it, and hope to find something specific that points back at
> the guy. And who knows, maybe they did that several times before
> they found something they liked enough to build a case from it.

Bingo[1].

"The clues didn't stop there. In early March 2012 someone created an
account on StackOverflow with the username Ross Ulbricht and the
rossulbricht@xxxxxxxxx address, the criminal complaint alleged. On
March 16 at 8:39 in the morning, the account was used to post a
message titled "How can I connect to a Tor hidden service using curl
in php?" Less than one minute later, the account was updated to change
the user name from Ross Ulbricht to "frosty." Several weeks later, the
account was again updated, this time to replace the Ulbricht gmail
address with frosty@xxxxxxxxxxx In July 2013, a forensic analysis of
the hard drives used to run one of the Silk Road servers revealed a
PHP script based on curl that contained code that was identical to
that included in the Stack Overflow discussion, the complaint alleged."

>> We also knew that he was sold out by his VPN provider. Hopefully,
>> the identity of that VPN provider will come out soon.
> 
> Why? So everybody can abandon that VPN and move to a different one
> that also responds to subpoenas but hasn't been written about in a
> high-profile court case yet? :)

I *think* people are mistaking VPN for VPS here - I can't find the
source, but there was some well distributed speculation that the FBI
was easily able to obtain a server image without disrupting the site
itself by having a VPS provider (in "a country with Mutual Treaty
Assistance" or some phrase like that) image it hot.


1.
http://arstechnica.com/security/2013/10/silk-road-mastermind-unmasked-by-rookie-goofs-complaint-alleges/

Best,
- -Gordon M.


-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJSTuVMAAoJED/jpRoe7/uj9Z0H/1iEdtvsHHKppd5T0mt3I+Ly
B8TWt7wepOxkFnAvNfwpjDf+au/+/5ToTDyObvblMC1/gLChvyhPfpintcSa/cF6
nnT1GbRrK/MptTgbN4b7tGnU6IrpTHEYDvpxDQA7J3pN28peja4Z+0zFEoS1vHjr
pwu5ksB7yCbfqf7TIsh2CXyI0CTbaQ/sKt9zFEN9Y/wFIq5F4ygsOP54pou4Akan
rZxt0/A6HGV5QYAMaNj8xPEK31AqYY4Fh24lk22IBysO2KBAM40IelcpApZjcuvQ
VDdz6wNoGKk2VbQwtFh6eXoFqmlESCf6nx3AX4RPI04z+fA9XrYDsNSgUSq0dVQ=
=LdAY
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Jerzy Åogiewa
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Eugen Leitl

References:
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Jake.tarren@xxxxxxxxx
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Al Billings
- Re: [tor-talk] Silk Road taken down by FBI
  - From: mirimir
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Roger Dingledine
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Jonathan D. Proulx
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Gordon Morehouse
- Re: [tor-talk] Silk Road taken down by FBI
  - From: shadowOps07
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Ahmed Hassan
- Re: [tor-talk] Silk Road taken down by FBI
  - From: mirimir
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Roger Dingledine

Prev by Author: Re: [tor-talk] Silk Road taken down by FBI
Next by Author: Re: [tor-talk] Silk Road taken down by FBI
Previous by thread: Re: [tor-talk] Silk Road taken down by FBI
Next by thread: Re: [tor-talk] Silk Road taken down by FBI
Index(es):
- Author
- Thread