
Ross Ulbricht’s private journal shows Silk Road’s birth - gk1
http://arstechnica.com/tech-policy/2015/01/silk-road-trial-fbi-reveals-whats-on-ross-ulbrichts-computer-in-open-court/
======
Kenji
>"On that day, a male and female agent started an argument in San Francisco's
Glen Park public library, to get Ulbricht's attention. As soon as Ulbricht was
distracted, another agent grabbed the open computer"

And that, ladies and gentlemen, is how you defeat crypto. How could you even
defend yourself against such a thing? The only thing that comes to mind is
never working in public on a computer.

~~~
shittyanalogy
Someone should invent a usb dongle that detects a nearby rfid chip that you
keep on your keychain. As soon as that keychain is out of range, say 5 feet,
the computer locks and encrypts itself. Integrate this into the computer and
you wouldn't be able to tell who has one and who doesn't. Think you're being
arrested with your computer open? Toss your keys.

~~~
saganus
_Toss your keys._

But then the LEO agent sees this, and not only does he pick up the keys, he
will then proceed to charge you with something for resisting arrest, or
obstruction of justice or any of the myriad of ways they have to make your
life a living hell.

I think this would be similar to smoking pot in a moving car, then getting a
police car to tell you to stop and then you throw the drugs out the window. I
believe that's enough of a reason to charge you with all sorts of nasty stuff.

~~~
MichaelGG
Yeah but when you "throw the drugs out the window" they don't disappear.

~~~
saganus
That's my point. If you have your laptop locked depending on whether they are
close by or not, then throwing the key away will not help you.

I was trying to say that it seems to me as an ineffective method. Just as
ineffective as trying to argue with the police that since you don't have the
drugs on you (because you just tossed them) you are not in trouble. The drugs
don't disappear just as the keys won't, so the agents would just have to get
the keys and unlock your laptop.

------
666_howitzer
I think "Do things that don't scale" applies perfectly here, the part where
Ross initially seeds the marketplace by selling magic mushrooms which he
himself grew; may be this explain why new Darknet concepts failed to take off,
not due to technological limitation or lack of market need.

[https://bitcoinmagazine.com/5285/torbroker-anonymous-
finance...](https://bitcoinmagazine.com/5285/torbroker-anonymous-finance-and-
trust/)

[http://www.forbes.com/sites/andygreenberg/2013/11/18/meet-
th...](http://www.forbes.com/sites/andygreenberg/2013/11/18/meet-the-
assassination-market-creator-whos-crowdfunding-murder-with-bitcoins/)

~~~
tomphoolery
I just want to grab this kid and shake him while screaming "WHY WOULD YOU EVER
WRITE THAT SHIT DOWN?!?"

It's like he _wanted_ to get caught...

~~~
300bps
_In a folder labeled "TorChat," Ulbricht's computer holds years' worth of chat
logs._

Felt the same way when reading this. Seriously - three years worth of chat
logs? I don't think he wanted to get caught, he just felt that a clueless
investigator could never decrypt his data, a clueless prosecutor could never
understand let alone describe his operation and a clueless jury would never
understand it.

So far we know he underestimated the investigator and the prosecutor. We'll
know soon if he misjudged his chances with a jury.

~~~
krapp
Never assume you're the lone wolf in a world full of sheep....

------
tall
These are very intimate details of his life. The entries do not read like the
entries of a psychopath, rather they paint a vivid picture of his life and the
perfect basis for a movie.

~~~
dublinben
I've never gotten the impression that Ulbricht was a psychopath or anything
similar. He always came across as a naive idealist, caught way over their head
in a conspiracy they never expected to succeed. He openly admits in his diary
that he practiced terrible OpSec, and didn't care much.

~~~
Touche
This article doesn't make him look like an idealist at all. It makes him look
like an entrepreneur that cares about success about all else. The idealism
seemed to come later, as a justification.

~~~
RottenHuman
Being an idealist and entrepreneur who wants to be successful are not mutually
exclusive at all.

~~~
Touche
Who said it was?

------
hurin
It all seems more amateurish with every additional piece of news coverage -
why a single decryption key or even your day-to-day laptop as storage for that
multitude of evidence! Surely you don't need 4 years of chat logs to run a
site on a day to day basis.

------
oroup
The snatching of the computer before you have a chance to lock it issue seems
like something that could be solved with software. I'm imagining a "swatd"
service that listens for loud noises (gunfire, flashbangs, shouting, etc) or
observes the camera for sudden motion and locks the machine. I'm sure there'd
be some false positives from movies and the like, but for guys like this,
better safe than sorry.

~~~
kryptiskt
If the target manages to lock the computer, the next thing to do is to freeze
the RAM sticks and try to get the encryption key from there:
[http://citpsite.s3-website-us-
east-1.amazonaws.com/oldsite-h...](http://citpsite.s3-website-us-
east-1.amazonaws.com/oldsite-htdocs/pub/coldboot.pdf)

"We also confirmed that decay rates vary dramatically with temperature. We
obtained surface temperatures of approximately −50C with a simple cooling
technique: discharging inverted cans of “canned air” duster spray directly
onto the chips. At these temperatures, we typically found that fewer than 1%
of bits decayed even after 10 minutes without power. To test the limits of
this effect, we submerged DRAM modules in liquid nitrogen (ca. −196C) and saw
decay of only 0.17% after 60 minutes out of the computer."

~~~
runeks
Ulbricht's Samsung 700Z laptop used DDR3 RAM. These guys couldn't reproduce
the "cold boot"/"RAM freeze" attack using DDR3 RAM:
[http://www1.cs.fau.de/filepool/projects/coldboot/fares_coldb...](http://www1.cs.fau.de/filepool/projects/coldboot/fares_coldboot.pdf)

But I don't see why they would need to freeze anything. I would think the feds
should be able to make a device that plugs onto the DRAM connectors of chips
and reads the content, although I'm not sure.

------
ianamartin
Those journal entries don't really read like journal entries to me. The longer
entries seem more like prepared and considered stories--stuff written for an
audience other than yourself. I wonder if he was keeping those as notes for a
book.

~~~
creeble
A book he could never publish. Unless he got caught.

~~~
k-mcgrady
Write it and have it published when you die I suppose is the other solution.

~~~
paulhebert
Or after the statute of limitations runs out, but I'm not sure how long that
would be for the crimes he's accused of.

------
fdsary
Reading this, and other recent events, gives me the realisation that we need
the successor of UNIX. Nowadays, everything runs UNIX. My iPhone, Android, my
Mac, my Ubuntu laptop, my Debian or BSD server, even my e-reader runs some
Linux.

On recent systems like iOS & Android applications run pretty isolated. You
can't read and write the whole file system (afaik), and you need to have the
user tap "yes" to use many system API's (like microphone, camera, etc).

Using UNIX for a desktop computer, you don't really utilise the user system.
Everything I run is either as my own user, or as root (when adding/remove
packages or doing system updates). Otherwise, it's a singe user system. So any
program I run can read all permanent data stored by other programs in my home
directory. In effect, all programs have 100% access (except for changing
system settings, but why would they care when there is only one user to own?

When I encrypt my drive, I encrypt it all but also unlock it all when logging
in. It's inherent to the system that my whole home dir is open when using
(except for things I encrypt manually, like GPG mail or other user land
things). Defaults matter. That's why Ross's documents were readable to the
American government.

I think we need a new OS to take over after UNIX. One that is built up of
sandboxed modules. Where each program gets it's own file system, where they
can do whatever they want. That file system is, if I wish, encrypted until I
chose to open it. It could be encrypted with a public key system, so I can
have many FS's opened with one key, or derive keys from a master key.

These small systems could even be virtual machines, I can't say anything about
the eventual overhead that would bring.

In short, UNIX is bad because the file system is bound to my user, and
anything my user runs has 100% access to everything else I run. The user
system is nice, but not practical. If it was, Ross would be a free man.

~~~
styles
In theory LXC could do this. It needs to be tested more and clearly has
security issues right now.

------
alelefant
In his diary regarding selling out of (illegal) mushrooms he writes: "...but
at least now I was all digital, no physical risk anymore."

Given the revelations from the last few years, how many of you would agree
that carrying out an illegal plan like this is safer online?

------
misiti3780
I never saw the number, what was DPR net worth when this all came to a
crashing halt? I assume 10's of millions of dollars

Also - was that money recovered by the FBI or could they not find his private
keys?

~~~
mikeyouse
I think the peak number in the spreadsheet for the value of SR was $104M -- I
can't remember the source, but that figure stood out.

edit for source: [http://abcnews.go.com/Technology/wireStory/san-francisco-
man...](http://abcnews.go.com/Technology/wireStory/san-francisco-man-faces-ny-
trial-tuesday-silk-28149351)

The FBI had no problem finding his keys because he kept them in a folder
called, "Keys" \-- the kid was not an OpSec genius..

[http://motherboard.vice.com/read/journal-and-chat-logs-
from-...](http://motherboard.vice.com/read/journal-and-chat-logs-from-ross-
ulbrichts-laptop)

------
ForHackernews
I feel like this applies here:
[https://www.youtube.com/watch?v=hGo5bxWy21g#t=1m19s](https://www.youtube.com/watch?v=hGo5bxWy21g#t=1m19s)

------
dghughes
It sounds like a scene from that terrible TV show "What Would You Do?" I'd
ignore it that's what I would do.

------
samteeeee
This "diary" sounds like it was written by the FBI and planted on his
computer...

~~~
krapp
It's surprising how much effort some on HN will go through to insist the case
against Ulbricht must be completely invalid somehow. Several people in this
thread have already assumed that because the FBI has his laptop, that must
mean they stole it without a warrant. And now, if they found his diary, well,
they must have planted it.

You may have to come to terms with the possibility that the FBI actually has a
case supported by evidence obtained through legal means.

~~~
deciplex
DPR definitely broke the law, there's no question about that. A lot of us
think it's an unjust law, but whatever. He may have also put out hits on
people (though, curiously, he is not being charged for that). If that's the
case then he's also a danger to society and really does belong in prison.

But, it is immensely frustrating, even heartbreaking when you consider the
cost in human lives, that given the choice between something like Silk Road
and Mexican drug cartels, we as a society have apparently chosen Mexican drug
cartels, and all the gut-wrenching bloodshed and destabilization they bring.

I'm reserving judgement on Ulbricht the person, but what he did should not be
illegal, for reasons ideological, practical, and humanitarian.

~~~
krapp
I'm not entirely certain that black markets are the best way to facilitate a
safe drug trade, but given a choice between Silk Road and more violent
alternatives, Silk Road seems like the obvious better choice.

~~~
deciplex
Right. Aside from, or in spite of, being a black market (by necessity), Silk
Road was pretty benign compared to the alternatives. Surely Silk Road was
taking some profits away from drug cartels. Probably not much, but a legal
market would put them out of business. Now with Silk Road gone, all that trade
is back under the umbrella of the cartels again, and the profits are theirs.

------
dchuk
I'm ignorant of the law here: This article starts off saying basically that
the FBI agents distracted him long enough to steal his computer and image the
hard drive...is that legal? I thought you needed a warrant or something for
situations like this?

Or is it illegal-but-it's-ok-it's-the-FBI-shhhh?

~~~
reverend_gonzo
They already had a warrant for his arrest, as well as for the computer. They
just didn't want him to be able to turn off the computer, encrypt itself, and
have it become inaccessible to them.

~~~
heywire
Imagine if you were the agent who grabbed the laptop, and you accidentally
bumped the power button. Or if you were the forensic tech, and you
accidentally triggered a reboot of some sort. No pressure!

