Silk road shut down (allegedly)

returnNull

Mark Twain wrote: »

It's a relatively trivial task for law enforcement agencies to control many of the exit nodes on the Tor network. It was an interesting concept that has been found to be insecure.

its not trivial.It wouldnt be used by whistleblowers,dissedents in countries that wouldnt have the same freedoms we have,drug dealers,murders,child porn websites or Islamic terrorists.

A lot of the people that get caught are done so either by their own stupidity elsewhere on the web,getting informed on or the agencies hacking the servers.

Khannie

wexie wrote: »

When you say trivial do you mean technically not too complex or actually trivial? I'd imagine there would still be quite a bit of hardware involved no?

Yeah, technically non-trivial and relatively costly (though not costly on NSA budget type scale).

johnr1

Dean0088 wrote: »

Stay afraid! Stay very afraid.

It's worth noting that in an illegal, unregulated system, every crazy does have unregulated access to guns, ammunition, drugs, explosives etc... Either by making them themselves or by buying them from people who don't care about what they do with them.

Where as a legal regulated system minimizes the chances of this by having checks and regulated vendors. Unregulated/blackmarket types are pushed out of business because their prices are too high due to the costs involved in running a gun smuggling/drug trafficking business. Logic, eh?

It's easier for a 15 y/o to buy weed than it is for them to buy drink.

And the Silk Road had a zero tolerance for guns or weapons.

You just keep on watching FOX.

Thanks for your condescending comment at the end, but if you mean Fox News or tv, I don't watch either. Also lol at your naivety if you think that a guy who hired hitmen had scruples about selling guns. If it wasn't allowed on that site, then clearly that was a business decision.


But carry on, in your utopia everything is legal, and you all sit around off your heads singing 'kom bye ah'
Thankfully others including law makers feel differently.

Seachmall

Mark Twain wrote: »

It's a relatively trivial task for law enforcement agencies to control many of the exit nodes on the Tor network. It was an interesting concept that has been found to be insecure.

Many, if not most, of Tor's exit nodes are in the U.S. so it is technically trivial for them to monitor them.

However, you need more than an exit node to identify where the data originated from.

That's the whole point of Tor.

Khannie

returnNull wrote: »

A lot of the people that get caught are done so either by their own stupidity elsewhere on the web,getting informed on or the agencies hacking the servers.

This about sums it up, but the way they nailed that child porn lad was very slick. Hats off to them tbh.

Jonny7

spurious wrote: »

I don't understand what this thread is about. At all, at all.

I'm no expert but..

The internet "site" in question sold all sorts of illegal things.. needful things.. in the darkest recesses of the internet

It was a marketplace for, among other things, hard drugs - bit like ordering from Amazon with feedback and the lot (I'm told)

Obviously normal currency leaves a trail.. so the currency of choice was/is.. Bitcoin. Think of an internet currency for conspiracy theorists - that has actual value* but is pretty damn untraceable

*value may fluctuate wildly

One of the head honcho's what apparently ran this site, bless his heart, has been nicked by the fuzz

So the whole thing is compromised.

Or so it appears. Much of the "illegal" internet is like a hydra, cut off one head.. and you know..

Again, I'm no expert on all this so perhaps someone else can do the ELI5 stuff

Khannie

Jonny7 wrote: »

Think of an internet currency for conspiracy theorists - that has actual value* but is pretty damn untraceable

It's not untraceable at all tbh. I bought bitcoin once, waited a while, then sold it. It would be trivial for a law enforcement agency to trace the bitcoin to me. To properly use bitcoin anonymously you would need to be technically savvy and purchase the coins with cash and / or mine them yourself.

Every transaction ever made with bitcoin is public. (edit: in that the transfer from wallet to wallet is publicly visible)

returnNull

wexie wrote: »

When you say trivial do you mean technically not too complex or actually trivial? I'd imagine there would still be quite a bit of hardware involved no?

you'd need a stupid amount of exit nodes to make sure you got enough packets to trace the IP of the person your tracking.Then you'd also have to break the encrption on those packets that TOR puts on them and again the information in those IP packets could of been encrpted before they were sent over the TOR network.

Now the NSA have deals done with IBM to create special chips for breaking encrption.Some american professor reckons they can decrypt the data packets used by TOR users in a few hours on an older version of TOR which has a different type of encrption to the latest version.A fairly high % of TOR users are running the older version.

Fukuyama

johnr1 wrote: »

Thanks for your condescending comment at the end, but if you mean Fox News or tv, I don't watch either. Also lol at your naivety if you think that a guy who hired hitmen had scruples about selling guns. If it wasn't allowed on that site, then clearly that was a business decision.


But carry on, in your utopia everything is legal, and you all sit around off your heads singing 'kom bye ah'
Thankfully others including law makers feel differently.

There's nothing inherently wrong about selling guns. There's also nothing inherently wrong about selling drugs.

They give money and receive a product. They can take drugs if they want which, in and of itself, isn't an illegal thing to do.

This argument has been played out here and elsewhere a million times before. We're not going to agree. You think the government keep you nice and safe with their laws.

I believe laws act as a deterrent. But when there's as much money as there is in the black market, unregulated human nature takes over and what laws there are are forgotten. No amount of law enforcement is going to stop human nature or quell the drugs/guns/etc markets.

Regulated markets would undercut the black market and could be easily monitored.

Your utopia of illegal drugs and illegal firearms isn't exactly working out as you'd like, either.

You do seem fearful of drugs/guns/explosives etc... I can't understand why.

Mark Twain

wexie wrote: »

When you say trivial do you mean technically not too complex or actually trivial? I'd imagine there would still be quite a bit of hardware involved no?

Then again I suppose it wouldn't be too hard for them to get some cooperation from the likes of Microsoft who literally have 100's of thousands of servers worldwide (quite a few of them in Dublin actually).

Technically easy. The number of users of TOR is small. It isn't a huge technical undertaking to control many of the exit nodes. Or to spoof exit nodes.

returnNull

Khannie wrote: »

This about sums it up, but the way they nailed that child porn lad was very slick. Hats off to them tbh.

Its a very good example of where your glad a hosting company didnt update their server software!

Seachmall

Khannie wrote: »

It's not untraceable at all tbh. I bought bitcoin once, waited a while, then sold it. It would be trivial for a law enforcement agency to trace the bitcoin to me. To properly use bitcoin anonymously you would need to be technically savvy and purchase the coins with cash and / or mine them yourself.

Every transaction ever made with bitcoin is public.

You could send the bitcoin in small segments through dozens, even hundreds, of addresses to disguise who originally purchased them.

It's not perfect but it creates enough of a gap between the original purchase of the bitcoin and the spending of the bitcoin to allow for plausible deniability.

It's essentially the same idea as more traditional money laundering.


Once upon a time there was a site that allowed you to purchase by credit/debit card. If they were still active it'd be much easier to stay relatively anonymous (via prepaid cards for example).

returnNull

Mark Twain wrote: »

Technically easy. The number of users of TOR is small. It isn't a huge technical undertaking to control many of the exit nodes. Or to spoof exit nodes.

approx 500,000

Fukuyama

returnNull wrote: »

you'd need a stupid amount of exit nodes to make sure you got enough packets to trace the IP of the person your tracking.Then you'd also have to break the encrption on those packets that TOR puts on them and again the information in those IP packets could of been encrpted before they were sent over the TOR network.

Now the NSA have deals done with IBM to create special chips for breaking encrption.Some american professor reckons they can decrypt the data packets used by TOR users in a few hours on an older version of TOR which has a different type of encrption to the latest version.A fairly high % of TOR users are running the older version.

Tor was developed by the US Navy. Let's not forget that.

They've multiple reports of both 1st gen and 2nd gen Tor being broken by brute force and by mapping and tracking nodes.

Brute force isn't an option anymore as the network is simply too large and shifting. Nodes can be tracked.

But yeah. I agree with a previous poster. The easiest way to catch these guys is likely to use good old detective work /ask around etc...

For example, a small fry hacker such as a credit card fraudster could get nabbed. Say he tells the FBI he knows a little about the Silk Road. I'm sure his case would go away pronto if he led them to a more higher up hacker. Who could flip. And so on. The average geek isn't going to be willing to do time in a fed supermax or withstand an interrogation. They'd rather go back to their ma's spare room and code.

As with more law efforts in this area, they've cut the head off the snake and instead of one network there'll be dozens tomorrow morning up and ready for business.

Seachmall

Mark Twain wrote: »

Technically easy. The number of users of TOR is small. It isn't a huge technical undertaking to control many of the exit nodes. Or to spoof exit nodes.

So lets say you have 100% of the exit nodes.

What next?

Walk me through this...




And how does one "spoof" an exit node? It's either an exit node or it's not.

Fukuyama

Seachmall wrote: »

You could send the bitcoin in small segments through dozens, even hundreds, of addresses to disguise who originally purchased them.

It's not perfect but it creates enough of a gap between the original purchase of the bitcoin and the spending of the bitcoin to allow for plausible deniability.

It's essentially the same idea as more traditional money laundering.


Once upon a time there was a site that allowed you to purchase by credit/debit card. If they were still active it'd be much easier to stay relatively anonymous (via prepaid cards for example).

You still can purchase by CC - but it'd have to be through a less than legit source. Such as by topping up a prepaid CC, paying a guy into his anon PayPal account and then him sending you Bitcoins.

But the hassle of the whole thing turns away small time users. With time, energy, transaction fees. You could have grown a farm of weed by the time you see your little bag drop through the letterbox :P

For money laundering / tax avoidance etc... bitcoin is safe in that it is HARD to trace. But your money fluctuates wildly with the Bitcoin markets. For example, anyone with a transaction in process today will be annoyed seeing as the value is plummeting.

Very interesting to read about though. The deep web is something not a lot of people know about and it makes up around 80% of the Internet.

Mark Twain

returnNull wrote: »

approx 500,000

Many of which can be spoofed. An overlay network created by various law enforcement agencies would fire that up in a couple of weeks.

returnNull

Dean0088 wrote: »

For example, a small fry hacker such as a credit card fraudster could get nabbed. Say he tells the FBI he knows a little about the Silk Road. I'm sure his case would go away pronto if he led them to a more higher up hacker. Who could flip. And so on. The average geek isn't going to be willing to do time in a fed supermax or withstand an interrogation. They'd rather go back to their ma's spare room and code.

pretty much.Remember reading a case about a child molester in the states who got caught,plea bargained with cops and gave over his password/username to a website that he used(and was apparently hard to get on to)and was a high level admin on that website.

wexie

returnNull wrote: »

you'd need a stupid amount of exit nodes to make sure you got enough packets to trace the IP of the person your tracking.Then you'd also have to break the encrption on those packets that TOR puts on them and again the information in those IP packets could of been encrpted before they were sent over the TOR network.

So just to get this clear in my head, an exit node can just be any device running TOR right? So the more devices you can control that are running TOR the more exit nodes you control?

How many do you think is a stupid amount? (I understand that might be hard to answer). I doubt 'they' would go through the trouble for something as trivial as Silk Road to use brute force but surely the facilities would be there?

This datacenter houses several 100 thousand servers and there are a few more like it worldwide, albeit maybe not quite that size. Most of which are controlled by US multinationals (MSFT, Google, Facebook etc).

(I appreciate we may well be getting into conspiracy theory territory but it's an interesting thought, wonder if 'they' monitor imagefap :eek:)

Fukuyama

Mark Twain wrote: »

Many of which can be spoofed. An overlay network created by various law enforcement agencies would fire that up in a couple of weeks.

Spoofing the Tor network could be done (I guess in theory) but not for this kind of small fry. It's not like the Silk Road was THAT big of a deal. The feds and NSA are too busy elsewhere.

I think detectives just chance their arm, fire off emails to those talking the talk on message boards etc and see where they end up.

Besides, everything on Tor is randomly encrypted in different packets so it gets tricky. All you can do is find out where they originate from. Then you need to hack their PC etc...

Why not just find them the old fashioned way and get a warrant. Just about every hacker has been caught due to their ego or letting their 'empire' sprawl out of their tight control. Human error and a dash of stupidity.

Much less expensive than taking down a military grade anonymity network.

Fukuyama

wexie wrote: »

So just to get this clear in my head, an exit node can just be any device running TOR right? So the more devices you can control that are running TOR the more exit nodes you control?

How many do you think is a stupid amount? (I understand that might be hard to answer). I doubt 'they' would go through the trouble for something as trivial as Silk Road to use brute force but surely the facilities would be there?

This datacenter houses several 100 thousand servers and there are a few more like it worldwide, albeit maybe not quite that size. Most of which are controlled by US multinationals (MSFT, Google, Facebook etc).

(I appreciate we may well be getting into conspiracy theory territory but it's an interesting thought, wonder if 'they' monitor imagefap :eek:)

How much would that cost though? Who signs that cheque?!

I'd say the only time something that massive would be given the nod is if there was a nuke pointed at the White House or something.

Seachmall

returnNull wrote: »

pretty much.Remember reading a case about a child molester in the states who got caught,plea bargained with cops and gave over his password/username to a website that he used(and was apparently hard to get on to)and was a high level admin on that website.

There was a similar story about a carding* forum called "Carder Profit" or something.

The feds set it up to lure carders and after a couple of years they made arrests. One of the folk they arrested turned out to be an owner of another carding forum, more arrests were made.


*Carding is the trading of stolen credit cards.

My name is URL

returnNull wrote: »

approx 500,000

How many of them know how to use it, though? It's a cliché, but a chain is only as strong as it's weakest link.

I know dozens of people who 'use' Tor, and only about 10% of them know how to use it properly... eejits doing their everyday browsing with it, and watching flash videos and downloading PDFs believing they were being stealthy in doing so.. some may see those people as being useful idiots!

returnNull

wexie wrote: »

So just to get this clear in my head, an exit node can just be any device running TOR right? So the more devices you can control that are running TOR the more exit nodes you control?

How many do you think is a stupid amount? (I understand that might be hard to answer). I doubt 'they' would go through the trouble for something as trivial as Silk Road to use brute force but surely the facilities would be there?

This datacenter houses several 100 thousand servers and there are a few more like it worldwide, albeit maybe not quite that size. Most of which are controlled by US multinationals (MSFT, Google, Facebook etc).

(I appreciate we may well be getting into conspiracy theory territory but it's an interesting thought, wonder if 'they' monitor imagefap :eek:)

in august or september this year the number of TOR clients jumped from around the 500k to 2.5 million.At the time it happened the experts thought it was a very big botnet.But strangely all the new clients werent all that active.In the article I linked to some of the experts think possibly it could be an american law enforcement botnet.

Fukuyama

My name is URL wrote: »

How many of them know how to use it, though? It's a cliché, but a chain is only as strong as it's weakest link.

I know dozens of people who 'use' Tor, and only about 10% of them know how to use it properly... eejits doing their everyday browsing with it, and watching flash videos and downloading PDFs believing they were being stealthy in doing so.. some may see those people as being useful idiots!

It's not a chain though.

It's like a three dimensional net going in all directions with a rubics cube at each little intersection. Each intersection automatically pops up elsewhere when broken too.

Good luck!

wexie

Dean0088 wrote: »

How much would that cost though? Who signs that cheque?!

I'd say the only time something that massive would be given the nod is if there was a nuke pointed at the White House or something.

As someone already pointed out that probably wouldn't even be a blip on the NSA's budget. If TOR really only has about half a million users you could get 10% (ish) of the exit nodes with 100000 machines. NSA may well have that capacity in house.

But you're right I can't see it happening over something like silk road. They've gotten lots of publicity but it's not that big a deal in the grand scheme of things.

Seachmall

My name is URL wrote: »

How many of them know how to use it, though? It's a cliché, but a chain is only as strong as it's weakest link.

I know dozens of people who 'use' Tor, and only about 10% of them know how to use it properly... eejits doing their everyday browsing with it, and watching flash videos and downloading PDFs believing they were being stealthy in doing so.. some may see those people as being useful idiots!

There were a team of botnet operators arrested in London a couple of years back after one of them used the dedicated botnet computer (which operated through tor) to check his Facebook page.

They were making about a million pounds a month if I remember correctly and that's how they got caught.

Idiots be everywhere!



Also, people keep talking about controlling exit nodes. There's little benefit in controlling exit nodes unless the user is a moron (as described above). It's just not feasible to get from the exit node to the originator. That's the whole point of Tor.

returnNull

My name is URL wrote: »

How many of them know how to use it, though? It's a cliché, but a chain is only as strong as it's weakest link.

I know dozens of people who 'use' Tor, and only about 10% of them know how to use it properly... eejits doing their everyday browsing with it, and watching flash videos and downloading PDFs believing they were being stealthy in doing so.. some may see those people as being useful idiots!

Not very many I'd say tbh.The older version of TOR would have a weaker form of encrption that can be(or thought to be ) broken and again a high% of users havent updated to the latest version.
And as deano888(is that his name? ) says its very slow(because of the way the packets are bounced around) and then you have numpties that use it for torrenting lol.

Shout Dust

I like the way the FBI are calling it a victory, yet this apparently sloppy lone graduate eluded them for 2.5 years. Wonder will this stop the online trade in its tracks or will new sites spring up?

wexie

Seachmall wrote: »

There were a team of botnet operators arrested in London a couple of years back after one of them used the dedicated botnet computer (which operated through tor) to check his Facebook page.

I'm sure he's right popular with his mates these days

Also, people keep talking about controlling exit nodes. There's little benefit in controlling exit nodes unless the user is a moron (as described above). It's just not feasible to get from the exit node to the originator. That's the whole point of Tor.[/QUOTE]

So how would any tracking work then? Would it only work if you controlled all nodes but the originating node? Or can it just not be done?

Seachmall

wexie wrote: »

So how would any tracking work then? Would it only work if you controlled all nodes but the originating node? Or can it just not be done?

If you controlled all the nodes would be the easiest but of course then nobody would use Tor.

If you control some nodes (entrance and exit nodes) it can be done, the most recent idea being called Traffic Correlation, but there's also Timing Analysis and Tagging/Replay attacks


As far as I'm aware all of these are entirely theoretical and have yet to be used to actually break anonymity on Tor.

Much easier to use a combination of social engineering and/or a 0day exploit injected in the sites hosting server to reveal true ip.

hmmm

In this case it appears the owner was simply sloppy (see "now onto how he got caught")
http://www.reddit.com/r/SilkRoad/comments/1nl7p9/sr_shutdown_fallout_discussion/ccjlwgp

Meangadh

spurious wrote: »

I don't understand what this thread is about. At all, at all.

Same. Not a clue. Have never heard of any of the stuff these people are talking about.

oppenheimer1

Seachmall wrote: »

Tor is an anonymizing network.

99% of the time it does exactly what is says on the tin.


The biggest risk of losing anonymity on Tor is not a problem with Tor, it's a problem with those who use it.

TOR is 60% funded by the US government. You really think its that anonymous?

Seachmall

oppenheimer1 wrote: »

TOR is 60% funded by the US government. You really think its that anonymous?

Absolutely.

It's open source.

I don't need to trust the US government to trust Tor. I just need to trust that others don't trust the US government to trust Tor.

returnNull

Seachmall wrote: »

Absolutely.

It's open source.

was just about to say that.Every line of code would be checked for bugs and also for backdoors.I'd say the NSA or whoever would have a hardtime getting a backdoor into an update.

Shout Dust

returnNull wrote: »

was just about to say that.Every line of code would be checked for bugs and also for backdoors.I'd say the NSA or whoever would have a hardtime getting a backdoor into an update.

Did they not do something like that to catch the guy hosting the child porn servers?

Seachmall

Shout Dust wrote: »

Did they not do something like that to catch the guy hosting the child porn servers?

No, they used an exploit to catch him.

Which is a lot different from releasing an update with a backdoor into an open source project.


Using an exploit is like breaking into a house through a window. Releasing an update with a backdoor into an open source project is like selling a "secure" house while trying to hide the fact it has no walls (i.e. someone is going to notice).

srsly78

Shout Dust wrote: »

Did they not do something like that to catch the guy hosting the child porn servers?

They got that guy with "spear phishing", ie targeted malware I think.

returnNull

Shout Dust wrote: »

Did they not do something like that to catch the guy hosting the child porn servers?

the porn guy hadnt got the latest software running on his server(legit software,the software developers would provide patches to protect legit servers from hackers)and as a result the american cops used a javascript hack to get access to the server.

EDIT: asnwered above cos I type really slow

Shout Dust

Shout Dust wrote: »

Did they not do something like that to catch the guy hosting the child porn servers?

Not the Tor protocol itself but they did use a JavaScript 0day exploit injected in the hosting server. It used a vulnerability in a Firefox version that the windows Tor browser bundle was based on.

It's unclear how they injected the exploit in the first place but it meant that anyone on windows using the browser bundle on default settings who went to one of the sites hosted by freedom hosting had their ip and MAC address sent to an ip in Virginia down the road from a NSA agency.

srsly78

The Tor browser used an ancient version of firefox was the issue. It was a 0day exploit alright, SIX MONTHS prior to this.

And yes, this means that they were also spying on everyone else

GreeBo

even if they know its you sending stuff, without your private key they arent going to know what you are sending and with 256 bit keys they arent going to brute force it (unless they have a quantum computer, which they dont)....so do they just arrest everyone to get it and see what everyone was sending?

The fishy thing was that the Tor project went from having JavaScript off by default to having it turned on by default a version or two prior.

Having it turned on using Tor is lunacy as well as using windows

Seachmall

GreeBo wrote: »

even if they know its you sending stuff, without your private key they arent going to know what you are sending and with 256 bit keys they arent going to brute force it (unless they have a quantum computer, which they dont)....so do they just arrest everyone to get it and see what everyone was sending?

All transactions on bitcoin are public.

You can see transactions for any address on http://blockchain.info/.

Although it wouldn't be feasible to go through transaction histories to find out who actually bought the bitcoin.

srsly78

Seachmall wrote: »

All transactions on bitcoin are public.

You can see transactions for any address on http://blockchain.info/ (or just browse through recent transactions).

Silk Road used something called a "tumbler", which shakes all the bitcoins around! Breaks them up into random chunks and mixes them all around through various accounts etc. Sure the information is public, but not so easy to follow. Consider that it's very easy to create a new wallet and just use it for 1 transaction.

Seaneh

FouxDaFaFa wrote: »

What is clear is that the value of Bitcoin is taking a hit.

Actually, removing $3.2million worth of bitcoins from circulation will push the value up, not down.

Also, there is no way in hell he only has $3.2million, he's made several times that over the last few years.

srsly78

Actually maybe the price will crash. The feds might dump all those coins onto mtgox so they can keep the government running?

Seaneh

hmmm wrote: »

In this case it appears the owner was simply sloppy (see "now onto how he got caught")
http://www.reddit.com/r/SilkRoad/comments/1nl7p9/sr_shutdown_fallout_discussion/ccjlwgp

yeah, it really seems they got comfortable and lazy and stopped taking the proper precautions.