
FBI raids alleged online drug market Silk Road, arrests owner - RockyMcNuts
http://www.reuters.com/article/2013/10/02/crime-silkroad-raid-idUSL1N0HS12C20131002
======
mikeyouse
Wow, what a complete shitbag (DPR = Dread Pirate Roberts):

    
    
        DPR sent a message to "redandwhite" stating that "FriendlyChemist"
        is "Causing me problems" and adding: "I would like to put a bounty on
        his head if it's not too much trouble for you. What would be an
        adequate amount to motivate you to find him?" 
    

And then

    
    
        Later that same day, redandwhite sent DPR a message quoting him a
        price of $150,000 or $300,000 "depending on how you want it done" -
        "clean" or "non-clean" 
    
        DPR responded: "Don't want to be a pain here, but the price seems high.
        Not long ago, I had a clean hit done for $80k. Are the prices you
        quoted the best you can do? I would like this done ASAP as he is
        talking about releasing the info on Monday. 
    
        DPR and redandwhite agreed upon a price of 1,670 Bitcoins - approximately
        $150k - for the job. In DPR's message confirming the deal, DPR included
        a transacation record reflecting the transfer of 1,670 Bitcoins to a
        certain Bitcoin address.
    

Made $80mm in commissions running a drug trafficking network, paying hundreds
of thousands to have people executed, mail fraud, money laundering,
conspiracy.... He's looking at cartel level prison time.

~~~
b6
If DPR actually paid to have someone killed, it would surprise everyone who
knew anything about him. He's thought to be a libertarian and totally against
the use of force.

~~~
Technophobe
Why did you include in the fact that he's a libertarian? Libertarians are not
against the use of force (unless it's through the state).

~~~
_delirium
A lot of libertarian writing on force starts from a more general "non-
aggression principle", and derives the wrongness of state violence as just one
special case.

~~~
nhaehnle
The "non-aggression principle" is basically a propaganda con by libertarians,
though.

The way this works is that they take their own favorite definition of personal
property, and then re-define the word "aggression" as: "anything that violates
my definition of personal property, and nothing else".

So, when a land owner shoots somebody who mis-stepped onto his land without
warning, that is not aggression according to libertarians - if you really take
them seriously.

Obviously, when you point that out to a libertarian, an endless game of
shifting definition starts, much like how many discussions about the existence
of god go with theists.

If you're interested in a well-argued and entertainingly written outsiders'
perspective on this, I recommend Matt Bruenig. Here's a starting point:
[http://www.demos.org/blog/8/21/13/fun-times-
libertarianism](http://www.demos.org/blog/8/21/13/fun-times-libertarianism)

~~~
hansjorg
I think you're talking about anarcho-capitalists, not necessarily
libertarians.

I agree that it's a baffling world view though.

~~~
nhaehnle
You're probably right, there's definitely a spectrum of libertarianism.

And it's not as if libertarians are entirely crazy. It's healthy to have some
baseline skepticism towards authority. But it's _also_ healthy to have some
baseline skepticism towards market solutions. As usual, the best answer(s) are
somewhere in compromise and in the middle.

I guess that ideas like the "non-aggression principle" are so alluring to some
because they have a sort of superficial "intellectual purity" which that kind
of compromising answer lacks.

------
davmre
Apparently the FBI managed to track down the actual server running the site:

    
    
      During the course of this investigation, the FBI has located a
      number of computer servers, both in the United States and in
      multiple foreign countries, associated with the operation of Silk
      Road. In particular, the FBI has located in a certain foreign
      country the server used to host Silk Road's website (the "Silk
      Road Web Server"). Pursuant to a Mutual Legal Assistance Treaty
      Request, an image of the Silk Road Web Server was made on or
      about July 23, 2013 and produced thereafter to the FBI.
    

This server image seems to have been the source of a lot of the evidence
leading to the arrest warrant: the IP logs that matched his location, an
account name that matched his StackOverflow account, and of course all the
private messages and chat logs regarding his personal location (messages
indicating Pacific time), operation of the site (payments to other admins),
and the extortion attempt/attempted hit.

What the complaint doesn't specify is how the FBI managed to locate the Silk
Road server. It's possible that they already had some suspicion of DPR's
identity, and managed to bug his computers or otherwise track his activity
well enough to figure out what systems he was logging into. But given how coy
the complaint is about this, I wonder if in fact this is the result of a
sophisticated analysis of Tor network traffic (possibly in collaboration with
the NSA?). If that's the case, it betrays a level of capability that ought to
be frightening for the operators of other anonymous Tor services. Anyone with
more Tor expertise want to comment on how likely this is?

Edit: the excerpt quoted is from the (now unsealed) FBI complaint, first
linked elsewhere in this thread: [http://krebsonsecurity.com/wp-
content/uploads/2013/10/Ulbric...](http://krebsonsecurity.com/wp-
content/uploads/2013/10/UlbrichtCriminalComplaint.pdf). The whole thing is
pretty interesting reading.

~~~
hannibal5
If the FBI has been tracking down SilkRoad for years, I find it completely
reasonable that they finally find the location of the server just based on
traffic analysis. I'm sure that FBI or NSA runs number of exit and
intermediate nodes to collect statistical correlations from traffic and track
down hidden services given enough time (there is even public research that
shows how it can be done: [http://epub.uni-
regensburg.de/11919/1/authorsversion-ccsw09....](http://epub.uni-
regensburg.de/11919/1/authorsversion-ccsw09.pdf)).

All that said, its even more likely that they found his identity other way. He
seems to have slipped from time to time. I think most people underestimate the
amount of boring and tedious chores they must do year after year if they want
to conceal their identity from FBI who is actively searching them online. It
seems that the main theme in revealed identities seems to be reusing usernames
or using the same email in two different contexts that link person to his
anonymous identity.

~~~
AJ007
Starting on page 24,

1) Located the first reference to "silk road" on the internet. You can find
this yourself on Google: "silk road" site:shroomery.org Date range: Jan 1,2011
- Jan 31,2011 __*

2) The same username, "altoid", showed up on a bitcointalk days later.

3) Later in 2011 "altoid" made a post on bitcointalk with his email address,
containing his real name, in it:
[https://bitcointalk.org/index.php?topic=47811.msg568744#msg5...](https://bitcointalk.org/index.php?topic=47811.msg568744#msg568744)
If you search the name on Google it doesn't show up, but if you look at the
user's page you can see it in his posts.

That seems like more than enough for a warrant for this individual. Everything
after that should be easy.

I've used Google before to locate when a particular word or phrase first
appeared. Kind of surprising someone didn't figure this one out quicker.

 __* Obviously this is a common word, so either adding other keywords with it
would be likely.

~~~
leokun
That's not enough for a warrant. No way, I don't believe it.

~~~
rollo_tommasi
It is definitely enough to have CBP flag any packages crossing the border that
are associated with that name, for which no warrant is required. After that,
well, I'm no lawyer, but I think intercepting a package full of fake IDs is
enough to justify a broader criminal investigation.

------
shazow
Found this in one of the recent HN submissions:

[http://krebsonsecurity.com/wp-
content/uploads/2013/10/Ulbric...](http://krebsonsecurity.com/wp-
content/uploads/2013/10/UlbrichtCriminalComplaint.pdf) / Mirror:
[http://www.scribd.com/doc/172773407/Ulbricht-Criminal-
Compla...](http://www.scribd.com/doc/172773407/Ulbricht-Criminal-Complaint-
Silk-Road)

According to the filing, they found him through a combination of posting his
personal @gmail.com address on the bitcointalk forum from the same account
used to market Silkroad. Further, they found that his LinkedIn account
somewhat corroborated the timeline/interest in what Silkroad is. Page 24 for
the juicy details of how they identified him.

Also there is a section about murder-for-hire in Canada. Pretty wild stuff.

Update: Also he posted on Stackoverflow asking questions about Tor with his
real name, then later changed his name. Supremely conspicuous.

~~~
dave_sullivan
_" All told, the site has generated sales revenue totaling over 9.5 million
Bitcoins and collected commissions from these sales totaling over 600,000
Bitcoins. Although the value of Bitcoins has varied significantly during the
site's lifetime, these figures are roughly equivalent today to approximately
$1.2 billion in sales and approximately $80 million in commissions."_

Incidentally exactly how much Walter White made... That's a strange
coincidence, or perhaps one of the clerks that gets paid to make up statistics
for drug related criminal complaints is a breaking bad fan...

~~~
grbalaffa
> revenue totaling over 9.5 million Bitcoins

According to this that's close to the current total supply of _all_ bitcoins:

[http://en.wikipedia.org/wiki/File:Total_bitcoins_over_time.p...](http://en.wikipedia.org/wiki/File:Total_bitcoins_over_time.png)

The graph shows the supply in 2013 at around 9.5 million, same number as what
the article claims.

~~~
nullc
At the moment:

    
    
        "total_amount" : 11784364.79571183
    

Though some of that is lost forever, of course.

------
mkv138
I thought the name Ross Ulbricht sounded familiar... turns out I had lunch
with him a few years ago when he was working on a startup selling books
online. I had some experience in the area, and he reached out to me after
getting my contact details through a friend. He emailed me from
rossulbricht@gmail.com, we made arrangements, had lunch and discussed selling
books. That was the only time we met, and I've never heard from or of him
since.

It's known that the FBI and DEA get help from the NSA on high profile
investigations, and they sometimes look at people 2 or 3 degrees of separation
from their main person of interest.

Given what we've learned in the last few months about the government's
intelligence apparatus, it seems I can reasonably assume that my emails,
texts, phone call history etc. have all been scrutinized because I was in this
guys email history. And it's not unreasonable to wonder if the same can be
said of anybody I've ever emailed, or chatted with on facebook etc. because
that's only 2 degrees of separation.

While I don't think the government will be scooping me up in a black van or
kicking my doors in over this, I wouldn't be remotely surprised if I get
special attention from the TSA next time I'm going through an airport because
now I'm on some list.

I guess this is what it means to live in a surveillance state. Having to be
afraid of what this might mean for myself, and for my friends and family,
because I once exchanged a couple of emails with a guy who years later got
into some very shady things.

~~~
mahyarm
Most of the US tech industry is probably 2 or 3 degrees from each other on
linkedin. I'm a 3rd degree connection to this guy I've never met. I'm probably
a 3rd degree connection to Bill Gates, Barak Obama and Marissa Mayer too.

The TSA is not scary compared to US customs although.

------
powertower
For anyone that's going to the SR URL -

Notice:

1\. The SilkRoad Camel image in the background.

2\. "THIS HIDDEN SITE HAS BEEN SEIZED" text.

These are not standard parts to the image, based on previous seizures. (though
I'll admit those all were clear-web seizures that just took over the DNS and
resolved back to a gov controlled IP hosting a image - here the image is
hosted on-site).

So there is a chance that this is DPR's "dead-man" script running after DPR
was not able to communicate with the site for X hours.

It's hard to tell if the actual site (with it's data) has been taken over or
compromised.

There is also the possibility it's only the onion domain-name that has been
taken, though I'm not sure how TOR/ONION works (if that's possible without
access to the server).

In any way, I hope that none of you used a plain-text (vs a PGP'ed one) home
address for your recent orders, nor have any tracking #s lingering in messages
from the vendors in your accounts. If I recall correctly, messages are deleted
after 30 days. But who knows what type of backups where maintained.

It will be intresting to see if -

1\. There are admins that have access to the data + site that can get it back
up and operational.

2\. The forums (which are still working) will produce another site.

3\. BMR (BlackMarketReloaded) and another one I'm not familiar with called
Sheeps Market will continue to operate and/or pick up the majority of SR's
business.

...and also if the DEA and FBI will go after the users (and not just the
vendors) that they can find enough "conspiracy to commit" evidence on to make
a point.

~~~
yk
Tor .onion addresses work by signing a message to a gateway with your RSA-1024
private key, while the actual address is the first half of SHA-1 of the public
key. [0] So you have to brute force 80 bit to find a collision for a specific
hidden service and you need to break RSA-1024 to actually impersonate a .onion
hidden service. In the light of recent news, both seems to be borderline
possible. But as far as I understand, brute forcing a SHA collision would lead
to strange error messages or some people who can see the original and some who
see the FBI version. Since no one reported anything like this, they would need
to brute force the RSA key pair for SR in order to hijack the domain.

For the other two possibilities, why would DPR's dead man switch pretend to be
a FBI note instead of a 'dead man warning,' especially since a hoax FBI
message would immediately destroy SR? So I would assume that the FBI managed
to get the actual hardware.

[0]
[https://trac.torproject.org/projects/tor/wiki/doc/HiddenServ...](https://trac.torproject.org/projects/tor/wiki/doc/HiddenServiceNames)

Edit: Slight clarification

~~~
IceyEC
While that would let you 'impersonate' a hidden service, you would have to
hope the actual hidden service goes down because otherwise the HSDir servers
will point requests to the proper host and requests will be encrypted to their
key

~~~
yk
AFAIR there is nothing in TOR that prevents races between two servers trying
to get a specific .onion address. So my understanding is, that a collision (
or a broken RSA private key) would put the HSDir into a inconsistent state.
And in this case, some people would get the real server and some people would
get the impersonated server. ( Additionally TOR hopefully warns if the public
key of a hidden server suddenly changes.)

------
llamataboot
His linkedin page is pretty transparent if you know anything about him

"Now, my goals have shifted. I want to use economic theory as a means to
abolish the use of coercion and agression amongst mankind. Just as slavery has
been abolished most everywhere, I believe violence, coercion and all forms of
force by one person over another can come to an end. The most widespread and
systemic use of force is amongst institutions and governments, so this is my
current point of effort. The best way to change a government is to change the
minds of the governed, however. To that end, I am creating an economic
simulation to give people a first-hand experience of what it would be like to
live in a world without the systemic use of force."

~~~
defen
And yet, he appears to have paid to put a hit out on somebody...

~~~
njharman
Systematic force means laws, government, and the like. Hiring hitman is the
libertarian free market at its best.

~~~
jerf
No, that would be anarchism. Part of what distinguishes libertarianism from
anarchism is that it _does_ acknowledge the utility of a government, and very
few libertarians would deny one of its primary, legitimate duties is public
safety.

Do not mistake believing that our current government (which is, might I add,
the single largest entity in the history of man; sorry, it isn't _that_
bizarre to think that it might just be a teensy bit too large, despite
people's best efforts to somehow cast this as a crazy idea) is too large with
thinking that the correct amount of government is zero.

~~~
ceol
Wait, are you talking large as in amount of land, amount of people, or amount
of GDP? Because I don't believe the US is the largest in any of those.

~~~
tgcordell
I think we can all agree that he's referring to the qualitative idea of
'influence'

------
ianstallings
What baffles me is why the FBI would shut it down and let this information out
when they could have just sat there and collected information on crime after
crime. Was the impetus because of the violence alluded to in communications? I
know that if they are watching the mafia and they intercept a message about a
homicide they have, in the past, notified the intended target.

Either way, intriguing story. If it's true he's really up shit's creek. And I
have no problem with that, if it's true. An old 'hood motto: _I 'm not the
law, break it, I don't care. But when you get caught, remember that I don't
care._

~~~
moeadham
How are you sure this has not already happened?

~~~
ianstallings
I'm not but usually in a case where a bunch of suspects are rounded up they
will announce the sting operation publicly to make sure everyone knows they
are on the job. I assumed they didn't because the FBI was built on publicity
and it's part of their institution. But you might be right, they may be doing
this to just shake the tree or they've already moved on people.

------
duiker101
I really don't understand, why stay in the US doing that stuff when it's the
most controlled place ever? even if he was pretty well hidden just leaving the
US would have made his life a lot easier...

~~~
andrewfong
Perhaps he really likes In and Out burgers.

~~~
cstavish
Thank you Donny.

------
patmcguire
I wonder if the timing on this is deliberate. The office that handles FOIA
requests is part of the government shutdown, but the three-letter agencies
aren't. So the only information that's going to come out on this for the time
being is whatever the people running the investigation want to come out...

Maybe it's not deliberate, but keep that in mind. There's going to only one
source on this story for a long time.

------
rdl
As I've said for the past few years, he essentially fucked himself.

1) using a low latency onion routing network, rather than a mixnet like an
anonymous remailer or other 1990s blacknet, was a big problem. You could maybe
get away with throwaway front end nodes as a web interface, stateless, to
package up transactions, run by third parties, but for long running anonymity
vs traffic analysis or server compromise, low latency bidirectional
connections are impossible.

2) repeatedly sticking his dick into the hornet nest by provoking the FBI in
the press

3) remaining in the USA while doing all of this

Acting in ways which make him a less sympathetic defendant (connection to
assassinations? Really?) doesn't help

~~~
dwaltrip
Using his real email address/non-anonymous usernames while mentioning silk
road related activities and later ordering fake IDs to his home address were
by far the most enormous of fucks ups.

------
lizzard
Somewhat amusing list of YouTube videos recently liked by this guy: "How to
Get Away with Stealing" and "Privacy: A PostMortem" are right on top.
[http://www.youtube.com/user/ohyeaross](http://www.youtube.com/user/ohyeaross)

~~~
pkfrank
Good find. He (or this account) even lists a personal phone number on a video
uploaded two years ago:
[http://www.youtube.com/watch?v=3D16fm5NgsA](http://www.youtube.com/watch?v=3D16fm5NgsA)

------
Aloisius
Interesting. He apparently lived in San Francisco in the Mission and rented a
room for $1000/month. For someone who should have had $80 million in profit,
that seems a bit strange. I suppose cashing out $80 million in bitcoin and
then laundering must be incredibly difficult.

~~~
datalus
It helps to provide cover. He's just another 20-something in the bay area. One
of the smarter moves he made, some of the others not so much.

------
moepstar
Just in case the PDF is down for anyone else, here's a link to CoralCDN:

[http://krebsonsecurity.com.nyud.net/wp-
content/uploads/2013/...](http://krebsonsecurity.com.nyud.net/wp-
content/uploads/2013/10/UlbrichtCriminalComplaint.pdf)

------
nether
Not totally surprising since SR was mentioned before Congress over a year ago,
and some leaked documents mentioned ongoing investigation. I've been telling
people it's just a matter of time before it's shut down and that you should
stockpile _now_ before it's too late.

Let's hope SR hasn't been keeping any real identifying transaction records, or
I bet we'll see a spate of high-profile arrests from tech companies.

------
Pxtl
Now the question is who will step in to fill his shoes. How much of Silk
Road's infrastructure is open and reusable? The market has been created, the
users exist - they'll be looking for a replacement.

Of course, after this I think most would-be entrepreneurs might be having
second thoughts.

~~~
dsl
Atlantis Market was spun up not to long ago, including a full length animated
commercial for the site. Many believe it was just an elaborate honey pot ran
by law enforcement to entrap users, and it failed to gain any adoption.

Black Market Reloaded is where most of the SR users will go.

~~~
josephagoss
Atlantis was a scam, read the posts of all the people that could not withdraw
their Litecoins and Bitcoins in that week they said they were going to stay
open for withdrawals.

Then the site went dark and took everything.

------
mindcrime
Damn, and I was _this_ close to ordering some LSD from SR a few weeks ago.
I've never tried it and was thinking about giving it a shot. Guess it's a good
thing work sent me out of town, and I decided to wait, then got distracted and
never got around to it.

Still, this is disappointing. As a libertarian / ancap / voluntaryist /
whatever-you-want-to-call-me, I totally support the Silk Road and other
unregulated marketplaces.

~~~
noname123
Bro, you got lucky. FBI's got a daily snapshot of SR server. So be glad your
name and address is not in that database somewhere in FBI/DEA.

~~~
gwern
That'd only be a problem if he had been stupid enough to send his LSD vendor
his name & address in the clear. The _whole point_ of buyers encrypting their
info to the seller's key was to avoid problems if LE attacked the server.

~~~
mindcrime
Yeah, I definitely would not be sending _anything_ like that in the clear. Not
knowingly, anyway! Funny thing though, I held off due to random shit that came
up, not even anything to do with all the NSA/Snowden/Intelligence/Whatever
stuff. And during those couple of weeks, is when all the FBI/Tor stuff broke,
and that did serve to give me a little bit of pause. But I still probably
would have made an order, except I got busy doing stuff and just never got
around to it.

I'd be tempted to try one of the alternatives, but now I'm worried that one or
more of them might be LE honeypots or something.

Damnit, what's a hacker to do, who just wants to try acid once before he dies?
Sheesh. :-(

~~~
dreamdu5t
You should start going to music festivals, raves, and you'll meet people who
have access to it. It's much easier to find in real life than online IMHO.

~~~
erichocean
Your profile made me laugh; thanks.

------
topbanana
OK so he put out a hit on someone.

Bizarrely I'm actually more annoyed that he didn't accept an answer on
StackOverflow: [http://stackoverflow.com/questions/15445285/how-can-i-
connec...](http://stackoverflow.com/questions/15445285/how-can-i-connect-to-a-
tor-hidden-service-using-curl-in-php)

------
ssharp
A fascinating read.

The traditional method of catching drug kingpins has been to flip the lower-
levels of the organization until you can finally stick something on the
leader. Here, the feds were able to go straight to the source.

I'd expect more prosecutions of SR's larger vendors as part of the fallout. If
I were one of those vendors, I'd be ordering dust filter for my Hoover
MaxExtract PressurePro model 60.

I think the pseudo-anonymity that Tor, Bitcoin, and computers in general can
provide gave DPR too much confidence. But like every other ringleader who has
been caught, a new one will take over and play the game smarter.

------
thekevan
Is anyone else surprised that it took this long to shut it down? With all the
surveillance that has been in the news, I assumed Silk Road was entirely
operated in a foreign country which didn't have good information exchange
relations with the US.

No matter what the precautions someone takes, my bet is that they will
eventually get caught if they engage in illegal activity online.

------
aaronbrethorst
Here's his LinkedIn profile:
[http://www.linkedin.com/in/rossulbricht](http://www.linkedin.com/in/rossulbricht)

(browse logged-out to see the full thing. If you're logged in and not
connected to him, you won't see anything.)

~~~
Nicholas_C
Why does LinkedIn do this? It seems so stupid and such a waste of time. Anyone
know?

~~~
aaronbrethorst
I assume it's because they want the SEO juice and Google frowns on showing
different content to the Googlebot vs a human being, but they also want their
users to make more connections. So, they sometimes show more content to
logged-out visitors.

~~~
corin_
Not just because of SEO, although that's one reason. Logged in users are
already sold on LinkedIn, so LinkedIn wants to encourage them to make more
connections. The aim for guest visitors is to get them to sign-up, so showing
them a more useful page is a better way of showing what value LinkedIn can
offer them.

------
RockyMcNuts
Criminal complaint -

[http://krebsonsecurity.com/wp-
content/uploads/2013/10/Ulbric...](http://krebsonsecurity.com/wp-
content/uploads/2013/10/UlbrichtCriminalComplaint.pdf)

------
yarou
Rather than simply have a "looking for hitman" service, DPR would have been
wise to have an Assassination Market
([http://en.wikipedia.org/wiki/Assassination_market](http://en.wikipedia.org/wiki/Assassination_market)).
It's much harder to assign criminal liability in these types of prediction
markets, and given that transactions in SR were denominated in bitcoins, it
may have been an interesting way to cover his tracks.

------
mscarborough
Meanwhile, down the street from my work it's pretty easy for people to
buy/sell in person across the street from the State Capitol in Denver, CO. In
a park in broad daylight.

Way to go, feds. Go justify that budget with scare tactics while we have open-
air drug markets all over the US that you can't even shut down.

~~~
ktd
Roleplaying time! You've just been appointed to head the FBI--
congratulations, Director! Which of the following things do you want to send
your agents after?

* An international marketplace doing millions of dollars of business in drugs, weapons, and fake IDs

* A few drug dealers in a public park in a city where you might not even have jurisdiction

If there are drug dealers in the parks, that's a shame-- but that's really not
the type of issue that the FBI is supposed to handle. Take it up with your
local police department.

------
adamnemecek
This post from Ulbricht's Google Plus profile is pretty priceless.

[https://plus.google.com/101844174649242995101/posts/bbhPuSJH...](https://plus.google.com/101844174649242995101/posts/bbhPuSJHSCF)

(screenshot in case it's removed
[http://i.imgur.com/GjqdYDe.png](http://i.imgur.com/GjqdYDe.png))

It's hilarious that his tagline is "spunky, funky, not so chunky".

------
trevorcreech
Summary of how he got caught:
[https://medium.com/p/d48995e8eb5a](https://medium.com/p/d48995e8eb5a)

------
malandrew
So question:

If you were running a massive online black market that can be set up and
operated from anywhere in the world and making 80mm in commissions, wouldn't
it make sense to not only set up the servers outside the US but also fly out
of the US to a country with no extradition treaty with the US and low law
enforcement cooperation with the US. By doing so, they have committed all
crimes outside US jurisdiction. Near as I can tell this means that no crime
they are charged with should stick, however IANAL.

Can anyone elaborate if it is possible to manage a site like this in a way
where all actions associated with its operation never constitute crimes
prosecutable in the US?

~~~
rayiner
Unless you take measures to make sure American customers can't use your site,
the U.S. would have jurisdiction.

~~~
malandrew
Would blocking all US IP ranges be sufficient even though it is served over
TOR. Seems like that would meet the same bullshit requirement the NSA is using
when it retains all traffic from outside the country.

------
manicbovine
Did anyone think this could go on? It's not just about narcotics, this is
about the government's ability to regulate and tax. The US government has
refined its ability to tax so well that, if you make a large amount of money
illegally, you still need to pay taxes on it (e.g. laundering). This has been
the case since _before_ computers enabled massive surveillance. That's
incredible!

I can imagine that, had the Silk Road specialized in consumer goods and
threatened to become popular, then it'd have been brought down much, much
faster.

------
patrickg_zill
Not surprised. The CIA hates to have competitors?

------
calvintennant
In other news: [http://imgur.com/6XRxpkk](http://imgur.com/6XRxpkk)

~~~
ihsw
Looks like any other day to me.

~~~
calvintennant
It continues: [http://imgur.com/6XRxpkk](http://imgur.com/6XRxpkk)

------
llamataboot
Also posted to Stack Overflow using his personal name and email address about
Tor questions generally

------
MrJagil
A reddit user[1] suggests
[http://sheepmarketplace.com/](http://sheepmarketplace.com/) as an
alternative. Is anyone familiar with it?

[1][http://www.reddit.com/r/SilkRoad/comments/1nl8hz/lets_talk_a...](http://www.reddit.com/r/SilkRoad/comments/1nl8hz/lets_talk_alternatives/ccjljtk)

------
piratebroadcast
Heres the complaint- Notable that, on page 30, it seems the fBI was able to
partially deduce his identity based in part by his stack overflow questions.
[http://krebsonsecurity.com/wp-
content/uploads/2013/10/Ulbric...](http://krebsonsecurity.com/wp-
content/uploads/2013/10/UlbrichtCriminalComplaint.pdf)

~~~
nattaggart
Yeah really interesting.

My takeaways:

When operating an underground network 1) don't post to SO questions regarding
Tor 2) keep distinct login names for everything

~~~
GuiA
3) Don't live in the US

------
cloudgeek
Isn't the federal government supposed to be shut down right now?

~~~
mpyne
The government still exists, but there's no legal authority for many (but not
all) of the federal employees to do work for the government, since there is no
appropriation in force to pay for that work.

Those who are working are essentially working for the promise of payment at
some indefinite time in the future (except for the military, who apparently
really _are_ a sacred cow...).

~~~
rprospero
Government employee here. Many of us aren't working on the promise of payment
- we've already been paid. My salary was already "paid" two years ago.
Congress passed a bill, the president signed it, and the DOE gave us the
money. Now, if the government shutdown lasts until May, we'll probably be out
of that money then I'd stop receiving paychecks. Of course, I hope to have a
new job by that point, anyway.

~~~
mpyne
Are you a government employee, or a contractor? I know that there are some
persons paid for by multi-year appropriation bills, but those are
comparatively rare. Most expenditures are handled via a single-FY
appropriation (and my understanding is that this covers all APF employees).

If you're a contractor, on the other hand, then you're not a government
employee (legally), so the whole discussion doesn't apply to you directly.

------
josephagoss
Well my Bitcoin investment is about to vanish...

~~~
yk
In much the same way online piracy vanished when Napster was shut down...

~~~
untog
Not really the same. If you had bitcoins stored with SR, presumably they are
long gone.

~~~
josephagoss
I've never used the road, but rather I fear it was central to the high value
of Bitcoins. I would love to be wrong but I can see my investment dropping and
I don't have the guts to sell back into fiat.

~~~
JohnTHaller
Dropped from 140 to 114 in just the few hours since the story broke.

~~~
shubb
I'm buying tomorrow, after the non-tech world has a chance to digest the
morning papers.

------
bdr
Silk Road discussion forums are still up (and buzzing):
[http://dkn255hz262ypmii.onion/](http://dkn255hz262ypmii.onion/)

~~~
computer
Clickable link without tor:
[https://dkn255hz262ypmii.onion.to/](https://dkn255hz262ypmii.onion.to/)

~~~
dmerrick
Neat, how does this work? It seems to violate the idea of the internal Tor
web.

~~~
computer
The servers are still hidden, it's simply proxy software that trades user
anonimity for convenience (and speed I believe, since the tor2web software
uses fewer tor relays in its circuits, not trying to be anonymous)

See [http://tor2web.org/](http://tor2web.org/)

------
gwern
I've been archiving web pages related to the owner:
[http://www.reddit.com/r/SilkRoad/comments/1nmiyb/compiling_a...](http://www.reddit.com/r/SilkRoad/comments/1nmiyb/compiling_all_dprrelevant_pages_suggestions_needed/)

~~~
cypherpunks01
the subreddit has been closed.. are you mirroring it on your site or anywhere
else?

~~~
gwern
I think the subreddit is open again, but I do plan to put it up on my own site
once I think I've gotten everything.

------
jadeddrag
Reuters reporting seems to confirm the news
[http://www.reuters.com/article/2013/10/02/us-crime-
silkroad-...](http://www.reuters.com/article/2013/10/02/us-crime-silkroad-
raid-idUSBRE9910TR20131002)

------
untog
The weirdest part of the criminal complaint is that he tried to hire a hitman
on Silk Road. Will be interesting to see how this pans out.

~~~
skore
Hypothetical Twist: The hitman is actually the same guy he's trying to have
killed, just under a separate, anonymous account.

Hypothetical Meta Twist: DPR actually suffers from multiple personality
disorder and is also the guy he's trying to kill and thus also the hitman.

A truly anonymous system really poses some _hard_ problems, man.

~~~
mrtksn
well, actually it seems to be at least his 2nd hire if he is not using it as a
bargain chip. if he is saying the truth, he previously managed to get somebody
executed for 80k.

~~~
shawn-furyan
I read it as a clumsy bargaining strategy, especially since he wasn't at all
successful in reducing the quoted price.

------
mindcrime
OK, just for the sake of argument, let's assume the FBI (with the help of the
NSA friends, or otherwise) have "broken" Tor in some sense. Whether it's by
controlling enough nodes to do traffic analysis, or a fundamental flaw in the
software, or a backdoor or whatever.

Given that, if you were going to run a SR like site, are any of the other
anonymizing networks of various sorts (Freenet, I2P, whatever) a valid
alternative? And would any of those deals be better than Tor in any meaningful
way?

------
acron0
So The Dread Pirate Roberts == Ross Ulbricht?

Was just a matter of time. I'd be interested in knowing how they traced him,
considering how overtly cautious he was known to be.

~~~
bpicolo
Not cautious enough to not be in the US

~~~
sneak
Leaving the US is not sufficient. Snowden had to institute the help of one of
the largest countries on Earth not to get taken.

Also, leaving friends/family/network in the US behind is very, very difficult.

------
zainali
You can get t-shirts here from my new startup
[http://freedreadpirateroberts.com/](http://freedreadpirateroberts.com/)

~~~
ballard
Love it.

------
exodust
We're finally protected from the evils of cheap pills and acid, anonymously
purchased over the internet and delivered to our doors... HANG ON A SECOND!!

------
reso
It's unclear what is happening and this may be a prank. The initial reports
that the FBI had seized the domain appear to be a sarcastic "down for
maintenance" page on the part of Silk Road. I've yet to find a real source on
the alleged arrest of

[http://www.reddit.com/r/SilkRoad/comments/1nl5ne/shutdown_is...](http://www.reddit.com/r/SilkRoad/comments/1nl5ne/shutdown_is_a_joke_calm_down_proof/)

However, there also appears to be a criminal complaint out for the founder.

[http://krebsonsecurity.com/wp-
content/uploads/2013/10/Ulbric...](http://krebsonsecurity.com/wp-
content/uploads/2013/10/UlbrichtCriminalComplaint.pdf)

EDIT: Seems like this is real. Reuters reports that Ross Ulbricht, the founder
of Silk Road, was arrested in San Francisco.
[http://www.reuters.com/article/2013/10/02/us-crime-
silkroad-...](http://www.reuters.com/article/2013/10/02/us-crime-silkroad-
raid-idUSBRE9910TR20131002)

~~~
aplusbi
There is also this Reuters blurb:
[http://www.reuters.com/article/2013/10/02/us-crime-
silkroad-...](http://www.reuters.com/article/2013/10/02/us-crime-silkroad-
raid-idUSBRE9910TR20131002)

------
marincounty
1\. I've never felt TOR was secure. I think the American government knows
exactly how to track down a suspicious IP.

2\. I think they left SR alone, because they have bigger concerns-- terrorism,
foreign surveillance? They still want the world to think VPN's are private?

3\. If you can't make money in this system-- I understand. I don't think I've
every met a wealthy person who wasen't a psychopathic hypocrite--usually with
a very advanced degree. I live among these hypocrites, and it's nauseating. I
won't even start on how many parasitic people in Marin County start up
nonprofits, and no one bothers to find out how much they make--all legal.

4\. If you are going to do something that could land you in jail Don't Tell
Anyone What You Are Doing. That includes the person you bed with......

5\. Never take advantage of the poor, animals, children, or the environment.
It's pathetic I needed to make a list, but some of you repress what you are
doing.

~~~
camus
TOR IS secure , humans just made mistakes. they are indeed humans.

~~~
alan_cx
Presumably the same species programmed Tor, no? And since humans are involved,
aren't they open to normal human failures and weakness? Or were these special
people who programmed Tor?

------
noemit
They arrested Inigo, not DPR (also there's been 2 DPRs so far, it was planned
that DPR changed once a year.)

Not sure how the case will go, but I think that you can't say beyond a
reasonable doubt Ross is DPR (Because, well, he's not.)

I'm sure he'll get great lawyers that can get him out of this.

------
jl6
I wonder what the FBI will do with the seized bitcoins!

------
patmcguire
The alleged assassination transaction
[http://blockchain.info/en/tx/4a0a5b6036c0da84c3eb9c2a884b6ad...](http://blockchain.info/en/tx/4a0a5b6036c0da84c3eb9c2a884b6ad72416d1758470e19fb1d2fa2a145b5601)

~~~
wcfields
Is there a way to filter out high-value transactions?

~~~
patmcguire
This is as close as it gets [http://blockchain.info/largest-recent-
transactions](http://blockchain.info/largest-recent-transactions) I don't
think the blockchain format is designed for that in the same way it is for
recency or random access

------
Natsu
Is it just me, or the the word 'alleged' really out of place in their
headline? It should be 'arrests alleged owner'. I have yet to hear anyone deny
that Silk Road was an online drug market.

------
znowi
This is a good time to buy cheap bitcoins :)

------
gesman
Someone from Ross' close circle didn't get his proper share!

------
pcrh
Unsurprisingly, bitcoin is currently experiencing a loss of value.

~~~
w_t_payne
But maybe a longer term uptick in credibility? It will do Bitcoin no good in
the long term if people think it is just for drugs. I'd rather it developed a
more serious, legitimate reputation.

~~~
dwaltrip
The $360 billion annual drug trade figures haven't dented the image of
government currencies. Some hold the view that silk road actually provided
legitimacy to bitcoin.

Source: www.drugwardistortions.org/distortion19.html

------
MaysonL
So now the question will be: how many of the people who have _used_ SR
recently will be/have been arrestd, and how much of their bitcoin has
been/will be seized?

~~~
qq66
My guess is that they will go after the few or few dozen people who profited
most heavily from illegal activity on the site.

------
nyarlathotep
I notice it's stated that around 3.6 million USD worth of bitcoins were seized
in the arrest, taken from Silk Road's wallets. Am I correct in assuming that
because it came from SR's wallet it was the escrow fund? The FBI complaint
posted earlier states the escrow fund held around 2.2 million USD at some
earlier date (page 15). Why aren't they mentioning the ~80 million USD
generated in commisions? I can only assume because it was not seized.

------
JulianMorrison
Remember when they took down Napster, and it ended music piracy?

------
blar
I get the accusations of money laundering and narco-trafficking, but where are
the computer hacking accusations coming from? I didn't see anything in the
complaint that specifically alleged deliberate intrusions into any systems.
Does this mean Justice is going to accuse him of computer hacking because he
hired virtual servers and used them to run a criminal market place? That would
sound like a stretch of hacking laws, right? What am I missing?

------
crystaln
Any word on whether we can expect customers and sellers to be hunted down?

I had heard rumors for months that DPR he been compromised.

I know quite a few people who used Silk Road, many carelessly so.

~~~
gwern
> Any word on whether we can expect customers and sellers to be hunted down?

So far the known tally, from reading the forums & Reddit, is: a SR employee
(arrested, unknown), DPR (arrested, charged), a UK vendor (arrested, probably
won't be charged), and a WA vendor (arrested, charged). If anyone knows of
other arrests/charges/convictions, please tell me. I've been trying to
maintain a complete list at
[http://www.gwern.net/Silk%20Road#safe](http://www.gwern.net/Silk%20Road#safe)

------
CodeCube
:-O wow, I really really want to read about how they found him ... just
curious to know considering all of the self-professed safeguards he had set up
for himself

~~~
nly
The information they used to find him came from before he set those safe
guards up. Long story short, he was sloppy in the early days.

------
ballard
Lessons learned:

\- Fewer people, the better.

\- Trust is earned, especially in criminal enterprises, slowly.

\- Checks and controls are important when participants are inherently shady.

\- If you're the head of the world's largest criminal exchange, being
extremely careful to ensure actual anonymity is difficult but required. One
slip, and it's all over.

\- Tor might help, but a distributed app (vaguely like BitTorrent) might be
more "SWAT proof" than having centralized servers.

------
holmesworcester
Someone should put together a timeline from the affidavit. It looks like a lot
of pieces start coming together at the same time in June/July.

The fact that they intercepted his fake travel documents during a routine
search of mail at customs when they were already that close to him seems
unlikely.

But maybe I'm reading this wrong, or maybe they actually do intercept a high
percentage of fake passports moving across the border.

------
gcr
Here's a question: How did the FBI manage to shut down a hidden Tor site?

Did they merely sieze the server hosting the site and ask apache to serve
something else?

~~~
AmVess
My guess is they caught DPR and beat him with a wrench XKCD style until he
gave up the information about the server.

------
tudorconstantin
this might be a fruit of the fact that feds infected the tor network last
month.

------
siliconc0w
There is definitely missing information how the actual server was compromised.
Without that, a lot of the evidence wouldn't be possible. It seems likely that
eventually a SR type service cannot be stopped. The theory is there, the
market is there, just the implementation remains.

(please don't raid me NSA/FBI)

------
DonGateley
This is big news for John McAfee and his new enterprise. Once again he'll be
laughing all the way to the bank.

------
EGreg
Freenet does not have such problems as Tor. That's because the informaton is
distributed around the entire network and accessed via a DHT. So there is no
need for onion routing nor is there one host to take down. All people can be
arrested for is running the program, if it can be proven that they did.

------
eatmyshorts
With respect to the references to FriendlyChemist, why didn't the government
charge him with attempted murder on top of his other charges? I'm no lawyer,
so my understanding of criminal law is limited. Is it likely the government
will add additional charges when this goes to trial?

------
lnanek2
Pretty strange he was confident enough to live in the US, especially with
everything being revealed.

------
shocks
It'll be interesting to see how this effects the value BTC trades at...

------
runn1ng
\- Freedom Hosting is down

\- SilkRoad is down

\- the Atlantis drug store is down

...all of that leads me to believe Tor hidden services are very, very unsafe
to use, since all bigger illegal services that used them have been brought
down eventually.

------
philfreo
So how did they know that his original Stack Overflow name was changed?

~~~
dylz
SO logs all changes permanently. All message edits, name changes, email
changes.

~~~
philfreo
Where can I see his original name?

------
known
[http://www.lietaer.com/2010/03/the-worgl-
experiment/](http://www.lietaer.com/2010/03/the-worgl-experiment/)

------
mvbrasil
Was Atlantis a decoy aiming Silk Road?

[https://medium.com/i-m-h-o/4d0dd63edb6](https://medium.com/i-m-
h-o/4d0dd63edb6)

------
PhilipA
This makes up for a good movie plot. I guess he can have some money in prison,
when selling the story to Hollywood.

~~~
alexeisadeski3
Not allowed to profit from one's own criminal story, I'm afraid.

~~~
aaronem
Mitnick published an autobiography.

~~~
alexeisadeski3
[http://en.wikipedia.org/wiki/Son_of_Sam_law](http://en.wikipedia.org/wiki/Son_of_Sam_law)

~~~
undoware
Sorry to be rude, but did you read that link before posting it?

" In an 8–0 ruling on Simon & Schuster v. Crime Victims Board, the court ruled
the law unconstitutional.[5] The majority opinion was that the law was
overinclusive, and would have prevented the publication of such works as The
Autobiography of Malcolm X, Thoreau's Civil Disobedience, and even The
Confessions of Saint Augustine."

~~~
alexeisadeski3
I'll be damned.

Good catch, and you're definitely not being rude by correcting my ignorance!

Thank you :)

------
alx
naspter-like moment in internet history

------
tzury
The site:
[https://silkroadvb5piz3r.onion.lu/](https://silkroadvb5piz3r.onion.lu/)

I guess ASAC Shrader's guys were finally able to handle this case once most of
their resources became available again thanks to the Gilligan's shut down few
days ago...

------
jlgaddis
Wow, I just read through the whole indictment.

It's pretty convincing. :/

------
WhoIsSatoshi
You can't catch the Dread Pirate Roberts. Another will rise.

------
bencollier49
Interesting that the bitcoin price has slumped on this news.

------
Shivetya
and here I have a dog site named silkroad.net that I gave to my mother years
ago, needless to say her friends have been bombarding her with this story.

------
cynoclast
So who's going to be the next Dread Pirate Roberts?

------
wnevets
based on my training and experience, wow crazy read.

------
elwell
This, in the wake of the Breaking Bad finale.

------
primitive_type
I don't see what's so controversial
[http://www.joymax.com/silkroad/](http://www.joymax.com/silkroad/)

------
CurtMonash
He's somebody of no consequence.

------
kubatyszko
weren't they supposed to be "not working" during shutdown ? ;)

------
CurtMonash
Inconceivable.

------
bsullivan01
If they want to get you, they will. Reading how they got him, but I wouldn't
be surprised if NSA handed them the info informally and then the FBI had to
find another way to justify it. When you know the end results, "connecting the
dots" is much easier. Parallel construction
[http://uk.reuters.com/article/2013/08/05/us-dea-sod-
idUKBRE9...](http://uk.reuters.com/article/2013/08/05/us-dea-sod-
idUKBRE97409R20130805) and all.

~~~
shazow
I'm not sure one way or the other, and while it's clear that Ulbright was
fairly sloppy, there are a few instances of serendipity:

1\. The agent randomly (?) stumbling on a LinkedIn profile which matched the
timeline/description of the Silkroad project, which prompted to seek another
unidentified agent which had all kinds of juicy deets on the suspect.

2\. CBP intercepted a package addressed to Ulbright containing a bunch of
counterfeit official documents during a "routine border search".

3\. Found Tor/PHP/curl-related posts on Stackoverflow from his real name
account, but also says he changed his name/email to a fake one. Did they
happen to stumble on it before he changed his name? Or had some kind of access
to an earlier archive? Or cooperation from Stackoverflow? Unclear.

I'll update more as I run into them. Super interesting read.

Still, it's clear that they've done a _ton_ of research on Silkroad and DPR.
The notes are thorough and accurate. A job well done.

~~~
darkarmani
> 1\. The agent randomly (?) stumbling on a LinkedIn profile which matched the
> timeline/description of the Silkroad project, which prompted to seek another
> unidentified agent which had all kinds of juicy deets on the suspect.

Sounds like parallel construction to give them a legal way to introduce
evidence.

~~~
maxander
I'd imagine the NSA has crawlers that can parse LinkedIn profiles enough to
make good guesses on who is likely to be involved in hacking, criminal
entrepreneurship, etc., and to pull out relevant dates and other indications
of ideological shifts or large secret projects. Cross-reference with banking
records to show when someone is unemployed for a long time and yet still has
unexplained funds... DPR was probably on a reasonably short list.

