The Technologies That Betrayed Silk Road's Anonymity 129
itwbennett writes Silk Road was based on an expectation of anonymity: Servers operated within an anonymous Tor network. Transactions between buyers and sellers were conducted in bitcoin. Everything was supposedly untraceable. Yet prosecutors presented a wealth of digital evidence to convince the jury that Ross Ulbricht was Dread Pirate Roberts, the handle used by the chief operator of the site. From Bitcoin to server logins and, yes, Facebook, here's a look at 5 technologies that tripped Ulbricht up.
Stupidity is a technology now? (Score:3, Insightful)
Looks like I might have my shot at being a multimillionaire.
Re:Stupidity is a technology now? (Score:5, Funny)
Yes, Facebook is a technology.
Re: (Score:2)
Yes, being social and open is the opposite of being private. Plenty of people are well aware of the consequences and make that choice of their own free will.
Then there are also idiots like Ulbricht who have pretty much a religion around Tor, Bitcoin, and crypto and think it can actually guarantee their privacy when they're doing stuff that they shouldn't be doing.
Re: (Score:2)
Indeed. What "betrayed" Ulbricht was his own incompetence and/or laziness. None of the technologies mentioned worked in any other way than expected by a competent individual. Plain, old-fashioned police work was quite enough to find him, and the only tricky part was getting to his laptop while it was decrypted. And even that only helped because he did not separate his data into different encrypted containers, and unlocked the disk in public, with no working dead-man switch.
I still have doubts whether everyt
Re: (Score:2)
The problem is not his particular slip-ups - it's the widespread nerd belief that Tor, Bitcoin and crypto are going to keep you safe from whoever-you're-a-thorn-in-the-side-to [xkcd.com]. The list of potential ways to accidentally leak your identity is massive; sooner or later, you're going to slip up. Just like what happens with all "perfect crimes".
Honestly, if you really want to be safe from arrest (at least for a while), move to Russia, pay off and/or befriend the right people, be a Putin supporter, and only do th
Re: (Score:3)
What you say is partially true. It is fully true if you still want convenience (and Ulbricht clearly did). If you do things right, you get a very high level of security, but it means things like having no storage in you laptop, only a tails CD, typing in long passwords yourself, and never, ever use any computer that ever has seen your real identity for any "business"-related task ever.
That said, most people cannot get to that stage, but if you ever have worked with a computer that is authorized for classifi
Re: (Score:2)
Wouldn't it work the other way around, too? Stay in the US, but only do things that are a PITA to people in places like Russia or China?
TL;DR (Score:5, Insightful)
Rusty treated OpSec as suggestions instead of law.
Re:TL;DR (Score:5, Insightful)
Rusty treated OpSec as suggestions instead of law.
Of course, he also treated the law as suggestions instead of law. I have no sympathy at all. :P
Re: (Score:2)
Rusty treated OpSec as suggestions instead of law.
Of course, he also treated the law as suggestions instead of law. I have no sympathy at all. :P
I think most people treat the law as suggestions. Have you ever gone faster than a posted speed limit?
Comment removed (Score:5, Insightful)
Re:More than a little retarded (Score:5, Insightful)
Sounds like a case of hubris. He was overconfident in his abilities and probably got more and more sloppy as time went on, convincing himself that he was too smart to get caught.
Re:More than a little retarded (Score:5, Interesting)
He was overconfident in his abilities and probably got more and more sloppy as time went on, convincing himself that he was too smart to get caught.
I think it's more convincing himself that his opponents were too dumb to catch him even if he was sloppy... but they're not complete idiots, obviously.
Re:More than a little retarded (Score:5, Insightful)
The cops don't have to be smarter than the crooks to catch them. They only have to be competent, and patient.
Re: (Score:2)
Re:More than a little retarded (Score:4, Insightful)
Re:More than a little retarded (Score:5, Insightful)
also the cops only have to 'get lucky' once. the criminal (or suspect) needs to be lucky 100% of the time. The odds are definitely in the police's favor.
Re:More than a little retarded (Score:5, Insightful)
Re: (Score:1)
"full proof"
Foolproof.
Re:More than a little retarded (Score:5, Insightful)
Posting anonymously, just because. :-)
While I am not, and have not been involved in any criminal matters, I happen to be somewhat paranoid about my privacy. If you have.. interesting private fetishes that won't get you into any legal trouble but WILL generate mockery from your co-workers, you learn that in that private world you have to simply be very careful.
Let me tell you, if you want to keep your professional and private lives separate, being 'careful' for decades is very, very difficult. You always have to resist the impulse to chat about what you do at work, lest you create a connection between the two. You have to resist posting about each side in their various communications forums.
Maintaining privacy for extended periods of time is just difficult. For a week? Sure! Constant vigilance! Wheee! After a year, you start to slack off. Maybe you start to think "fuck it." Maybe not getting caught with anything will make you lower your guard. Maybe there will be a point of time when you start to take shortcuts. You may also greatly regret the public Usenet postings you made under your real name in your early college years when you were young and dumb and thought "privacy? Who will ever care about this?" You might even think "eh, I'm tired of being in the closet. Who really cares if I'm a furry anyway? I don't even do any of that weird stuff people would associate with them."
Then you come back to your senses and get back into the closet, and keep your two lives separate! But boy, it's difficult to not accidentally leave evidence around Google, etc.
Re: (Score:3)
Haha, I knew right from your second paragraph that you must be a furry. ;)
While I don't personally get it, power to you, man. :) Rrrawr! And my sympathies for having to be in the closet about it. :(
Re:More than a little retarded (Score:5, Insightful)
This is true.
I mean, the "cybercrime" investigators that work for the FBI are not stupid and they're not incompetent. If you're running a large, well-known drug-selling site, they probably will put resources into finding you. On top of that, the deck is really stacked against you -- as a criminal, you need to avoid making any mistakes, while the investigator only need to wait for you to make a mistake. They're patient. (And "investigator" is not just people working for the police -- it's also anyone who might both have reason to dislike you and also motivation to reveal your identity to the police.) So, it may well be possible to hide indefinitely from prosecution, but it's not easy.
Re:More than a little retarded (Score:4, Interesting)
Re: (Score:3)
Re: (Score:2)
or, as evidenced by his breaking of his own rule "Don't face away from the door" when accessing network in public" (cheated, article insight), he had been overcome with the paranoia of getting caught for so long that he believed it to be inevitable. It seems there were protocols in place for multiple wallet (camouflage) transfer that he may have ignored in transferring money to his own laptop accounts.
We can agree he was not an honest boy, but he did some smart shit for a while... he just
Re: More than a little retarded (Score:2)
The lack of end game is key.
If you're making real money doing illegal things, yup I need an end game, and it needs to be a relatively soon date. Unless you're real smart, there's a practical limit to what can be spent anyway.
Re: (Score:2)
Sounds more like he was stupid from the get go, and it just took a little time for it to catch up with him.
And it points out the truth of what I've said repeatedly - security is more than encryption. Much, much more.
Re: (Score:2, Insightful)
It seems to me, that when he was just starting he didn't realize the magnitude of the enterprise he was launching; later he tried to go back & cover his tracks, but couldn't do it completely. And then he made a few slipups along the way.
Re:More than a little retarded (Score:4, Funny)
I have it on good authority one can go from "the worst pirate I ever heard of" to "that's got to be the best pirate I've ever seen" in less than *one film at the Bijou.
*It's a colloquial measurement, like football fields and olympic swimming pools.
Re: (Score:3)
Re: (Score:3)
Sounds like the FB link was used more for correlation than direct evidence -- they even included an example (the FB account had pictures from Thailand posted at approximately the same time that DPR was bragging about a trip to Thailand on some other forum.) Its unlikely he did anything like posting "come see my illegal website!" on his real-name account. (Of course they did mention that he used his own name @gmail.com for a reply address so who knows..)
Feds tipped hand (Score:1)
While the Feds were enforcing drugs laws, they tipped off about some of their methods.
Now, terrorists will now go and make sure these openings are closed; possibly messing up investigations of other Feds who want to stop terrorism.
End the Drug War. It's doing us no good.
Re: (Score:2)
They didn't tip anything. All of this is pretty obvious investigation methods. Mouse wigglers and other tools to keep laptops and desktops powered and unlocked while you move them have been around for a long time.
Re: (Score:3, Informative)
Also, this whole story probably is BS.
They used some classified NSA method (I can think of at least two major approaches) and now they spread some BS in order to cover their REAL methods.
"Parallel Construction" at work.
Re: (Score:3, Insightful)
Oh boy, that is what they want ***YOU*** to think.
Just read how Churchill ordered "recon planes" to "mysteriously" show up five minutes before the bombers dropped the ordnance on the u-boats.
He fooled Admiral Dönitz with that method.
Re: (Score:3)
Recon planes did not mysteriously show up five minutes before. Recon plane pilots were told to search in this area today, just do it and don't ask questions, and things proceeded from there.
Nor did he fool Doenitz, who suspected that his communications were being read. He went to the Germany crypto folks, and they said, "No, that's impossible, but if you insist we'll give you a special Enigma with an extra rotor". This is one reason why 1942 was a good year for Germany in the Battle of the Atlantic.
Re: (Score:3)
Re:Feds tipped hand (Score:5, Informative)
Re: (Score:3)
Re: (Score:1)
they caught him with his laptop unlocked
A band of feral FBI agents just happened to roam into the library he was at and just happened to watch the guy logging into silk road? What bad luck!
Re: (Score:2)
While I agree that the war on drugs has no positive effects and massive negative ones, any halfway competent terrorist did not need that tip-off.
Good lord, that photoshop job. (Score:5, Insightful)
Not much really needs to be said.
Re: (Score:3)
It looks to me that the biggest goof he made was using the Altoid pseudonym more than once, and on one occasion leaving an obvious connection to himself. After that it was mainly just patience on behalf of the law enforcement officers. If he had not made that crucial mistake they probably would still not have any idea who dreadpirateroberts was.
Anonymity (Score:1)
You can't be anonymous with a handle. This was a case of ego, and wanting a 'name' to associate with 'deeds'. Just because a name isn't one you are born with doesn't mean it isn't associated with you. Even if you create a false identity to represent you, you still own that identity. Even an encryption key can be an alias. Police are completely used to tracking people by alias, and linking aliases to human beings. It's their job, they have been doing it for years.
In the end, his goal was to associate a
Non-repudiation (Score:5, Insightful)
we're accepting the article as fact. (Score:2)
Problem Exists Between Chair and Keyboard (Score:5, Insightful)
I think the knee-jerk response is to say that the problem exists between the chair and keyboard. Just reading the article makes it impossible to draw another conclusion. He was nabbed in a public library before he had a chance to turn his laptop off so nothing was encrypted. Similarly, ARE YOU TAKING NOTES ON A CRIMINAL FUCKING CONSPIRACY [youtu.be]? Why would you ever keep data in plain text even if the hard drive is encrypted? I am not expecting the FBI to raid me at any time, but just out of caution, I have my computer encrypted using Bitlocker (yeah, I know) and all data at rest is stuck in a hidden TrueCrypt partition. If I want to access it, I have to sign in separately. But most hilariously, he had a stupid freaking Facebook page that linked him directly to his true identity and Silk Road.
However, this only underscores how difficult it is to have operational security for any complex business. At some point, he needs to keep track of all transactions, with reasonably easy access. It's a pain in the ass for me to repeatedly log in and access data. I can only imagine how difficult it must have been to conduct business. I guess the bottom line is that physical security is crucial.
Re: (Score:2)
I am not expecting the FBI to raid me at any time, but just out of caution, I have my computer encrypted using Bitlocker (yeah, I know) and all data at rest is stuck in a hidden TrueCrypt partition. If I want to access it, I have to sign in separately.
and if you are nabbed when you have signed in and your TrueCrypt partition is exposed?
Re: (Score:2)
Why would you ever keep data in plain text even if the hard drive is encrypted?
Because its very hard to read when its in encrypted form. That's why they had to nab him after he had everything unlocked and fast enough that he wouldn't have the opportunity to lock it again.
Just think of how many people they would have had to have just sitting around moving the mouse every couple of minutes around the clock to ensure that the laptop didn't go into screen saver mode and auto-lock itself again lol (well ok probably only long enough to copy the HDD to an unencrypted external drive.)
Re: (Score:2)
As to moving the mouse, there are devices for that. And the first thing you do is to copy-off all data and full the memory content. If you have Firewire, the second can even be done by somebody that has no computer skills at all.
Seems like the technologies didn't get him (Score:5, Interesting)
The article is more than a little sensational too. "He was done in by CHAT!" No, he was done in by keeping a goddamn log of his criminal activities. The fact that it happened to be chat is beside the point. Probably the only entry in there that deserves the headline is the Bitcoin one, only because it highlights how people misrepresent Bitcoin (It's so anonymous that every single transaction ever is recorded on the internet!). The article points out that he could have used tumblers to hide his bitcoins, but with the volume of coins Silk Road deals with that probably wasn't practical. Tumblers are really only useful for relatively small numbers of coins at a time. Put too many in and take too many out and your transactions stand out.
The article does harp a lot on how this information was only available because Ulbrict was dumb and let his laptop be snatched out of his hands while he was logged in. It is somewhat frightening to consider how poor the government's case might be if he had simply been facing the other direction.
Re: (Score:1)
Well if he was facing the other direction the government wouldn't be bringing the case to trial yet - the cops didn't just stumble into him and luck out, they were monitoring him looking for an opportune moment to strike.
Re: (Score:2)
Indeed. Or if he was using a honey-pot himself (working with a completely clean computer and ssh in to some completely clean servers to have the feds think he was doing something bad), when in reality he was giving then an "easy" way to get at his data. Good security includes traps for the attackers...
Re: (Score:2)
How do we know this is not parallel construction? (Score:5, Insightful)
Re: (Score:3, Informative)
You don't need parallel construction when they seized his lap top.
All of this is based on the seizure of his lap top.
The bit coins, the chat logs, the encryption keys, the SSH logins.
If they didn't seize the lap top in tact, they would have had a much more difficult time with this. It would have been he said/she said buried in tech gobbledygook.
But they did get his lap top, in tact, in plain text. I imagine getting the lap top was primary goal of his arrest. They'd probably have let him run and catch him la
Re: (Score:3)
Parallel construction could be considered though 'Fruit of the Poisonous Tree' http://en.wikipedia.org/wiki/F... [wikipedia.org]
If they only found him by ?illegal NSA wiretapping? the laptop would inadmissible. My understanding is that most parallel construction (supposedly) isn't for the sake of using illegally obtained evidence but simply to protect the method or person by which the evidence was obtained. Which also could be the case here. Maybe they actually got him using a sophisticated and warranted attack that th
Re: (Score:3)
My understanding is that most parallel construction (supposedly) isn't for the sake of using illegally obtained evidence but simply to protect the method or person by which the evidence was obtained.
May I inquire as to why you think this? Do you have any interesting evidence or even anecdotes that lead you to this conclusion or is this just what the nice man from the DOJ told you?
Additionally I can see virtue in protecting the persons evidence was obtained from in *some* cases, but the methods? In a free society with an adversarial justice system based on the presumption of innocence, what legitimate goals are furthered by secrecy around evidence gathering methods?
Re: (Score:3)
In a free society with an adversarial justice system based on the presumption of innocence, what legitimate goals are furthered by secrecy around evidence gathering methods?
It would be nice if we had one of those but are you joking? Cover up the methods to stop people defending against it. it's not fucking rocket science.
Re: (Score:2)
Cover up the methods to stop people defending against it.
That's my point thought defendants have right to defend themselves. When does covering up evidence gathering methods serve a legitimate judicial use? Why would hiding the methods used to gather evidence be necessary unless for example the government did something illegal?
Conducted a search without cause, hacked a system in violation of the CFAA, inserted a mole acting as an agent of the state who induced you to commit the crime which would make it entrapment; etc.
Protecting the identity of whiteness etc,
Re: (Score:2)
Cover up the methods to stop people defending against it.
That's my point thought defendants have right to defend themselves. When does covering up evidence gathering methods serve a legitimate judicial use? Why would hiding the methods used to gather evidence be necessary unless for example the government did something illegal?
Um that's what parallel construction is. Getting information though illegal means (usually better and quicker) and the presenting a story about how you got it legally.
Re: (Score:2)
Re: (Score:3)
Parallel construction is illegal even if there is a warrant, because the accused has a Constitutional right to face his accuser. Keeping the method of obtaining evidence secret is simply not allowed (at least, as long as the court itself is actually obeying the law).
Re: (Score:2)
The lap top was just the endgame - he'd already left enough small clues scattered about for law enforcement to figure out who was worth looking at. He made the classic security error of the n00b, he thought he had encryption and that made him safe.
Re: (Score:2, Interesting)
Never substitute a conspiracy theory when you don't need one.
Sure, I suppose the NSA could have used magical spying technology to know everything about Dread Pirate Roberts, but whether they did or not, they didn't need to. He had left enough clues about DPR's identity scattered around in public to put him on a small list of suspects.
Re: (Score:2)
Indeed. And in fact this story is good for freedom, as we can now point out that this guy was caught without dragnet surveillance, without breaking crypto and without all the other stuff the NSA does. Hence what the NSA does gets zero positive press from this, but rather their claims of what it does as being "necessary" is exposed as a lie even for catching hardened Internet drug-lords and murderers.
Re: (Score:2)
I don't intend to suggest something underhand happened, but I want to highlight what I feel is a flaw to this logic. Once you know someone has committed a crime it will be comparatively simple to find masses of evidence. Yes he might of
Re: (Score:3)
Well, Silkroad was a huge piece of evidence for criminal activity. I think it is safe to assume that the FBI tripped over that boulder first. Since it was a web-based auction site, someone must have created it and someone must maintain it. Someone with he nym Dread Pirate Roberts seems to run the show.
Standard inves
Re: (Score:2)
I also think it is likely that they caught him exactly as they said he did. That doesn't mean that they shouldn't be expected to keep records to show that is what in fact happened, and have their records audited to ensure they tell the truth. We're seeing far too many cases of things like the FBI protecting the police from having to reveal information a
Re: (Score:3)
Because on places like Slashdot they read "BitCoin is anonymous!"
Re: (Score:2)
Tumblers.
Re: (Score:2)
Bitcoin is not really completely anonymous, but it is portable, and criminals need to move millions of dollars around. With bank regulators in the West being more on top of laundering, criminals want to send their money to countries that are still soft on laundering. To do that, cash is extremely inconvenient. Bitcoin, as long as it is a feasible store of wealth which can be exchanged for currency, is perfect for moving millions out of the US to somewhere where the criminals can cash in.
And so what if a
Re: (Score:2)
Most paper money have a level of drug residue.
Re: (Score:3)
Yep. Base your operations in Russia or another country reluctant to extradite to the west, and then use bitcoin to get the money to you so it can't be readily blocked. Even if they identify you, they probably can't extradite.
Seems to be the strategy that the CryptoWall folk are using, at least.
Re: (Score:2)
Stupidity. That BitCoin is not really anonymous has been known for a long time.
Didn't they have a mole? (Score:1)
They had all that evidence because tehy had a man on the inside, duh. Sure DPR/Ulbricht wasn't the greatest at stealth to begin with, but DHS was inside building up evidence.
http://www.ibtimes.co.uk/silk-road-mole-dread-pirate-roberts-paid-me-1000-week-i-tracked-him-down-1483452
Who is Dread Pirate Roberts? (Score:3)
The true architect of Silk Road: Variety Jones (Score:3, Interesting)
Variety Jones, perhaps the true mastermind behind Silk Road [wired.com], had the perfect level of involvement. He was disconnected and impossible to track, which means he ran this empire through a patsy. This isn't meant as an insult to Ulbricht. It's too hard to do everything right at that level of involvement. Jones's mistakes only had negative ramifications for Ulbricht. You could say that his only error that might come back to him was that he didn't explicitly tell Ulbricht to keep logging disabled for his Tor
Re: (Score:2)
Is this the second coming of Kaiser Soze?
ONce again, it'[s not anon. (Score:2)
If you can get something from a to b on the internet, people can figure it out.
It's only about increase the level of cost to figure it out.
Just like anything encrypted that needs to become human readable at some point can be figured out. Not necessarily the way you are thinking.
It's all about the laptop (Score:2)
It seems to me that if he had managed to close the lid on his laptop, the prosecuters would have been completely screwed.
Encryption is great stuff, but the IBKAC loophole can get you every time.
IBKAC = Interface Between Keyboard and Chair
Re: (Score:2)
Indeed. Just working behind two doors and/or having a dead-man-switch handy would have been enough.
Re: (Score:2, Interesting)
> Indeed. Just working behind two doors and/or having a dead-man-switch handy would have been enough.
Nobody expects the spanish inquisition, the SAS, GSG-9, S. Matkal, GIGN, GROM, SEAL-6 or Spetnaz to come through the window on fast-rope? With a Silent Hawk Laden-copter hovering above?
In fact, military-style commandos usually enter through the walls, using tube-like shaped charges to form a nice big manhole, out of concern for the possible booby-trapping of doors and windows. Or they will first infiltrat
Re: (Score:2)
That is all very impressive, but not relevant at all. The FBI clearly does not have this kind of resources. They did not even manage to bug his keyboard or eavesdrop on it, both well within the range of gifted amateurs. You seem to also forget that a good dead-man-switch will protect against all these as well. The window shatters, the wall blows, you fall of your chair or jerk your hand away from the computer and the thing is locked. You can even easily rig one to your hart-rate or breathing these days.
No,
Re: (Score:2)
They used subtlety to find out where he was going to be and patiently waited until they were in a position to quietly sneak up behind him and grab the laptop before he had a chance to do anything about it.
You are correct that Ulbricht was rather arrogant and did not take necessary precautions. I am not a "typical American" that believes brute force beats subtlety. Had they attempted to use brute force, he would have been alerted and managed to do something to prevent them from getting into his laptop.
Re: (Score:2)
Indeed. Brute force is rather ineffective if your aim is not mostly indiscriminate destruction. That is why the military is quite unsuitable for a lot of "enforcement"-type tasks. Can be seen in the current drone wars that seem to mostly help terrorist organizations make it easier to recruit followers. "Surgical" removal of a target looks different and collateral damage does win harts and minds, just unfortunately it does so for the other side.
Re: (Score:1)
IBKAC = Idiot Between Keyboard And Computer
Oh well, it almost works.
The "tech" that betrayed him was between his ears (Score:2)
It wasn't "technology" that betrayed him, it was the sort if unthinking stupidity that leads to the downfall of all sorts of criminals. In another era, he would have been boasting about his exploits at a bar or to impress a date.
The primary bug was in the Wetware, tech just moved things along.
Don't connect your alter ego to your real name! (Score:2)
The bottom line is: Don't connect your alter ego to your real name, EVER!
The list of his failures to hide evidence was long. But none of them would have mattered if they didn't learn his name.
First, he posted as 'altoid' advertizing the Silk Road.
Then he posted as 'altoid' seeking help with 'bitcoin service' and soliciting contact with a gmail address which was based on his real name.
That's what got his name on the police's radar. That's why they began to monitor him. Since then it was just a matter of time
Re: (Score:2)
The summary states that the technologies were "supposedly" untraceable and the linked article talks specifically about how LE used bitcoin to trace DPR.
Re: (Score:2)
Thing with bitcoin is, it's perfectly traceable from wallet to wallet, but the wallet locations are the big unknown. You don't know who owns the wallet until you have access to the physical machine it resides on. So, you can easily *confirm* the transaction between two individuals happened once you know what their wallet IDs are, but if you don't know who the wallet belongs to, you're unable to determine the person from the Bitcoin operations alone.