[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Silk Road taken down by FBI



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/03/2013 01:49 PM, Ahmed Hassan wrote:
> One question is still remain unanswered. How did they locate
> Silkroad server before locating him? They had full image of the
> server before his arrest.

Not sure.  One hypothesis (and that's all it is - a hypothesis) is
this: The Silk Road may have been running on the same machine as a Tor
router and not a client.  Finding the set of all Tor routers is
trivial.  So, hammer on the hidden service while watching for
bandwidth utilization to go up on the Tor routers that you can surveil
to see which ones seem to respond appropriately.  Pick away the
rendezvous nodes because they don't originate tunnels (they're not
clients).  If the Tor router is running on a server or in a VM hosted
at a provider that could be subpoena'd or strongarmed, forensic images
of same could be acquired.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

Activate interlock! Dynotherms connected! Infracells up! Megathrusters
are go!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlJNxKMACgkQO9j/K4B7F8FDXgCePij/M/LQr/aMNsSVoErs+5pr
q0oAn0g18pYM16DhB+8h6CWS/clYcakF
=WLmf
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk