- ‘Weathering With You’ blends fantasy and realism in a magical love story Saturday 6:18 PM
- Kidnapped teen used Snapchat to get rescued Saturday 4:35 PM
- What fans do and don’t want to see in future ‘Far Cry’ installments Saturday 4:26 PM
- Aaron Carter accused of stealing lion art for merch Saturday 3:10 PM
- Instagram’s hidden like counts were inspired by a ‘Black Mirror’ episode Saturday 2:06 PM
- Student says they were expelled for tricking teacher into making inappropriate TikTok Saturday 12:26 PM
- Space Force uniforms relentlessly mocked, memed Saturday 10:52 AM
- Man flamed after admitting he called police on Target employee over a toothbrush Saturday 9:10 AM
- Netflix’s ‘Vivir Dos Veces’ searches for a last chance at first love Saturday 8:00 AM
- Camila Cabello must do more about her racist history Saturday 6:00 AM
- Instagram and Facebook are reportedly blocking queer ads Friday 8:58 PM
- Review: Tyler Perry’s ‘A Fall From Grace’ is both nonsensical and utterly predictable Friday 6:48 PM
- Is Hulu censoring the Iran episode of Anthony Bourdain’s ‘Parts Unknown’? Friday 6:05 PM
- Trump admin celebrates Michelle Obama’s birthday by proposing rollback of her signature initiative Friday 4:01 PM
- TSA apologizes after agent grabs indigenous woman’s braids, says ‘giddyup’ Friday 3:28 PM
The FBI finally reveals how it found Silk Road’s server
Ever since the fall of Silk Road, there have been questions about whether the FBI’s investigative techniques were entirely legal.
The question of just how the FBI located and penetrated Silk Road’s servers has long been left unanswered, leaving many, including Ulbricht’s defense team, to wonder if the government used illegal methods to gain access.
At the FBI’s New York field office in June 2013, agents on the Silk Road website noticed data being returned from an IP address outside of the Tor network. When they directed their browser to that IP, the Silk Road login page appeared.
“This indicated that the Subject IP Address was the IP address of the SR Server,” FBI special agent Christopher Tarbell wrote, “and that it was ‘leaking’ from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor.”
That’s when they knew Silk Road’s servers, which the FBI said hosted by far the largest website on Tor at the time, were rented from a third party in Iceland. They were able to contact Reykjavik police to silently access and make a copy of the server.
If this account is true, it’s the result of extraordinarily poor decisions from Ulbricht. Instead of allowing only traffic from Tor exit nodes—and thus preventing this leak—Ulbricht’s oversight gave away the goldmine.
Many observers will remain unconvinced. Accusations of parallel construction have plagued not only the FBI but all federal law enforcement agencies. Last year, Snowden leaks revealed that the NSA shared secret intelligence with the Drug Enforcement Agency, who then disseminated them further to help investigations as deemed necessary. The NSA’s assistance could allow investigators to circumvent civil rights laws in an effort to make an arrest.
Ever since the October 2013 fall of Silk Road, questions have arisen about whether the FBI’s investigative techniques were entirely legal. In fact, Tarbell’s new explanation comes in response to allegations of illegal spying and demands from Ulbricht’s team to unveil the methods behind the investigation.
“Ulbricht offers no evidence of any governmental misconduct to support this sweeping claim,” prosecutors wrote. “Instead, Ulbricht conjures up a bogeyman—the National Security Agency (“NSA”)—which Ulbricht suspects, without any proof whatsoever, was responsible for locating the Silk Road server, in a manner that he simply assumes somehow violated the Fourth Amendment.”
It remains to be seen whether or not the judge will accept Tarbell’s explanation. Information security experts looking at the case are still deciding on plausibility but are in agreement that, if true, it’s a hell of a disappointment.
After all this time, learning the FBI essentially used “view-source” to decloak Silk Road is like learning the The Force is midi-chlorians
— Kevin Poulsen (@kpoulsen) September 5, 2014
running the silk road’s http daemon in a VM and giving it an RFC1918 address was apparently too hard for the DPR guy. Very awkwardsies…
— __builtinonuy_ (@0x0acebabe) September 6, 2014
With how SilkRoad’s hidden service was configured, anyone scanning the internet with zmap could have found it. *Anyone at all*
— Griffin Boyce (@abditum) September 6, 2014
What’s amazing about this is that the FBI didn’t actually need to hack SilkRoad to determine location. It could have just scanned netblocks.
— Griffin Boyce (@abditum) September 6, 2014
— K.M. Gallagher (@ageis) September 6, 2014
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.