Hacker News new | comments | show | ask | jobs | submit login
FBI raids alleged online drug market Silk Road, arrests owner (reuters.com)
1101 points by RockyMcNuts 1115 days ago | hide | past | web | 577 comments | favorite

Wow, what a complete shitbag (DPR = Dread Pirate Roberts):

    DPR sent a message to "redandwhite" stating that "FriendlyChemist"
    is "Causing me problems" and adding: "I would like to put a bounty on
    his head if it's not too much trouble for you. What would be an
    adequate amount to motivate you to find him?" 
And then

    Later that same day, redandwhite sent DPR a message quoting him a
    price of $150,000 or $300,000 "depending on how you want it done" -
    "clean" or "non-clean" 

    DPR responded: "Don't want to be a pain here, but the price seems high.
    Not long ago, I had a clean hit done for $80k. Are the prices you
    quoted the best you can do? I would like this done ASAP as he is
    talking about releasing the info on Monday. 

    DPR and redandwhite agreed upon a price of 1,670 Bitcoins - approximately
    $150k - for the job. In DPR's message confirming the deal, DPR included
    a transacation record reflecting the transfer of 1,670 Bitcoins to a
    certain Bitcoin address.
Made $80mm in commissions running a drug trafficking network, paying hundreds of thousands to have people executed, mail fraud, money laundering, conspiracy.... He's looking at cartel level prison time.

In case you are wondering why he was out for FriendlyChemist, this claims that user was extorting him for $500k by threatening to release the information of thousands of Silk Road users.

Here's the part I don't understand:

* A user friendlychemist threatens DPR.

* DPR asks friendlychemist to refer his "supplier" to DPR.

* redandwhite says he was "asked to contatct" DPR by friendlychemist and friendlychemist owes redandwhite money

* DPR asks for a hit from redandwhite on friendlychemist

That makes zero sense to me. Why would you assume those two users are not the same person or aren't at least allies?

Or may be it makes a lot of sense? May be...

* DPR was ready to pay friendlychemist upto $150K

* BUT DPR was also afraid it'd lead to more extortion

* DPR knew redandwhite was same as friendlychemist or an associate of his

Based on these assumptions, DPR's move to pay redandwhite was really DPR paying friendlychemist while also communicating the length to which he is willing to go to deal with extortionists. So by going the path he went, he paid off friendlychemist and scared him at the same time.

That's crazy. Ulbricht would have to have been the dumbest person in the world to create an electronic record of having ordered and verified the consummation of a hired killing simply to send a message. "LOL JK", he planned to tell the jury?

The guy he tried to have killed could show up and testify on his behalf and a reasonable jury might still find him guilty.


I think we can all see at this point that Ulbricht got played. But that doesn't exculpate him. (Not that it matters yet; he hasn't been charged with the attempted murder).

These underground market places are known for big talk, not calculated talk.

It wasn't just "big talk". It was big talk, a negotiation, and then a massive cash payment.

It didn't make much sense.

Toy version of the conversation.

FC: Give me money so I can pay my debts. DP: Lemme talk to your creditor. RW: I'm FC's creditor, whats up. DP: I don't owe FC money. Rather I want him dead. Can you do this. RW: Sure. $250k. DP: I normally pay 80k to kill people. Split the difference?

... uh. wtf? The whole exchange really makes no sense, unless you assume that DPR knew he was talking to the same guy all along and was working on terms that would make the guy not bother him by scaring him off.

Edit: Nevermind! Apparently the 80k "hit" wasn't just a negotiation technique: http://www.baltimoresun.com/news/maryland/crime/blog/bal-sil...

Shouldn't they be able to track the bitcoin payments?

That's eerie...

I can only imagine Ulbricht reached the point... "in for a penny, in for a pound"

Or friendlychemist creates a new account called jerkyboy and rethreatens him with extortion, this time claiming to have evidence that he took out a hit on friendlychemist from his friend redandwhite ... and just keeps the whole cycle going.

Sounds like the guy was a petty criminal who wasn't as smart as he should have been if he wanted to run an underground market for criminal activity.

On page 30 it is stated that he contacted redandwhite about some fake ids a year later..

>>>> So by going the path he went, he paid off friendlychemist and scared him at the same time.

And anybody else who thought they would try and blackmail money out him. It seems completely plausible scenario and kills two birds with one stone. No pun intended.

I assume redandwhite is a Hells Angels reference, which makes assassinations for hire a bit more plausible.

He was Canadian, red and white are the colors of their flag.


Along with five other countries.

At least 7. It doesn't mention that Georgia and England (which is it's own country) as having red and white flags.

He may have felt that taking that chance was his only option.

Or that they would simply split the money and his target would shut up (pretend to die, by disappearing off that monicker). Or if it's the same user, the money doesn't even have to be split for that. Or it's a way to send a message that he's serious.... (in a way the recipient gets).

What's even more interesting is

  Although I believe the foregoing exchange demonstrates DPR's intention to solicit
  a murder-for-hire, I have spoken with Canadian law enforcement authorities, who 
  have no record of there being any Canadian resident with the name DPR passed to 
  redandwhite as the target of the solicited murder-for-hire. Nor do they have any 
  record of a homicide occurring in White Rock, British Columbia on or about 
  March 31, 2013.

I formatted your post a bit better so it's readable on mobile devices, but I agree.

    32. Although I believe foregoing exchange demonstrates DPR's
    intention to solicit a murder-for-hire, I have spoken with
    Canadian law enforcement authorities, who have no record of
    there being any Canadian resident with the name DPR passed to
    redandwhite as the target of the solicited murder-for-hire.
    Nor do they have any record of a homicide occurring in White
    Rock, British Columbia on or about March 31, 2013"

Since the police couldn't find a record of the alleged murder victim, I'm guessing that "redandwhite" and "friendlychemist" were the same person playing a con on DPR to get some cash.

I'd venture a wild guess that DPR knew the two were the same :) He paid off friendlychemist "indirectly" but also communicated that he wouldn't mind extreme measures to make him disappear shall this occur again.

If you keep reading, the document later details that DPR contacted this "redandwhite" person, who he contracted to kill the other person, regarding false identifications. That seems to add some doubt to your hypothesis, or at least complicates things.

He may have also lied about having paid for a ht previously for $80k to bolster his bluff.

EDIT: Or he was watching too much breaking bad and beginning to assume Heisenberg's characteristics after feeling invincible for earning $80MM

It appears to fit with his persona of being a ruthless pirate, and the language also fits the big talk idea. He was paying for the problem to disappear, and he knew that, but he talked it up for fun.

However, he went too far into his fantasy, and not too smartly, and he'll pay for it.

I have been trying to fix the formatting. Sorry about that.

I just put in two spaces like the formatting guide said. But the whole thing ended being one line.

No worries, the best way I've found to do it is to manually split the lines every 10 words or so.

    So a paragraph that would run off the page and break mobile devices in normal circumstances should be broken in several places by a hard 'return' plus more spaces. 

    Is really just a collection of sentence fragments
    that all fit the same formatting. There might be 
    a better way, but I don't know it!

If you're an emacs user, prefix the line with the desired number of spaces then type M-q, copy back into your browser. That's my solution to formatting block quotes at least. Your long line prexixed with 3 spaces in emacs:

    So a paragraph that would run off the page and break mobile
    devices in normal circumstances should be broken in several
    places by a hard 'return' plus more spaces.
And your split-by-hand block quote:

    Is really just a collection of sentence fragments that all
    fit the same formatting. There might be a better way, but I
    don't know it!

Vim, FWIW: Visual mode, select the lines, hit ">"

As a Vim newb (well, ok I can use it, but I'm not well-versed in its more arcane elements), how do you select lines? C-<space> in emacs starts region selection, but I've never tried to select anything in Vim.

v starts standard visual(region selection) mode.

Shift-v starts line-by-line visual mode.

Ctrl-v starts visual column mode(which is both very cool and very useful)


set mouse=a

Or startline,endline command: 10,20d

You could include an angle bracket.

> 32. Although I believe foregoing exchange demonstrates DPR's intention to solicit a murder-for-hire, I have spoken with Canadian law enforcement authorities, who have no record of there being any Canadian resident with the name DPR passed to redandwhite as the target of the solicited murder-for-hire. Nor do they have any record of a homicide occurring in White Rock, British Columbia on or about March 31, 2013"

Or an angle bracket, with an opening and closing asterisk.

> 32. Although I believe foregoing exchange demonstrates DPR's intention to solicit a murder-for-hire, I have spoken with Canadian law enforcement authorities, who have no record of there being any Canadian resident with the name DPR passed to redandwhite as the target of the solicited murder-for-hire. Nor do they have any record of a homicide occurring in White Rock, British Columbia on or about March 31, 2013"

This means you don't need to include any line breaks.

I've added (another) comment to the HN feature requests post asking for a real quote function, so that offtopic discussions like this can come to an end.


until then feel free to take this for a spin: http://userscripts.org/scripts/show/178736

Just use fmt(1) or par(1).

If it was a 'clean' hit, why would there be record of a homicide? From what I've read, it sounds like a clean hit could/would be made to look like an accident.

What, like a Merc driving in to a tree and weirdly blowing up?

The US gov produced a document a while back about assassinating people - though for the life of my I can't find my copy so it's possible there wasn't anything novel enough in there to be worth keeping it. I believe they recommended causing someone to fall from a high place. I'd imagine by grasping their ankles and then tipping them over the edge; though the precise methodology for the tripping was redacted in the version I saw.

Well, I think I found the transaction in the blockchain. It's the right date and amount...


It's almost chilling how casual DPR is in asking for a hit. A departure from a "clean" tech-whiz and marketplace-operator into a true criminal boss.

Almost an analog for "Walter White," who also made $80mm on his calamitous journey from "honest" meth-cooker to kingpin.

It's posturing. He was trying to pay someone off while making a threat at the same time.

He asked the other account a few months later to make him a fake ID. Why would you be contacting and want to be involved with somebody who extorted you to the tune of $150k just a few months back? Not to mention he would then have to give up his physical address to have the docs sent, to someone who just a few months previous threatened to release the physical addresses of users on the site?

I agree, DPR figured they were the same person.

Payed off anyways but at the same time negotiated a discount and scared the guy into not trying it again.

This is corroborated by the fact that the FBI knew the name, date and city yet couldn't match it up to a real body.

This would also explain why he mentioned the previous hit, which I imagine would not be the type of information one offers unsolicited.

Jesus christ at the amount of posturing in this thread. I don't really even know where else to go with it...

If this story is to be believed, DPR actually did pay someone $80k to kidnap, torture and kill a victim... but apparently the hitman was an FBI agent.


There's no evidence of that. This theory just comes from the Bitcoin community's desire to make DPR into a martyr. Its not as if he was particularly sophisticated in covering his tracks in the first place (a lot of the things he did were facepalm worthy). Occam's razor -- he meant to take out a hit, and was just stupid.

"I am the one who knocks!"

I am the one who port knocks!

Yeah, 'cause it's so easy to see how he looked and what he felt as he was typing those lines... /s

If DPR actually paid to have someone killed, it would surprise everyone who knew anything about him. He's thought to be a libertarian and totally against the use of force.

That hypocrisy grabbed me too. The complaint, when talking about his background makes special note of this;

After going to Penn St for a grad degree in materials science,

    "Ulbrecht states that his 'goals' subsequently 'shifted'.  Ulbricht
    elaborates, obliquely, that he has since focused on "creating an 
    "economic simulation" designed to "give people a first-hand experience
    of what it would be like to live in a world without the systemic use of
    force" by "institutions and governments."

Seems like he found out exactly what would happen; the use of force would be wielded more readily by private actors instead.

What do you mean by "more readily"?

The monopoly on the use of force by Government agents keeps private actors (or at least it attempts to) from employing violence on their own terms. Absent that monopoly, private agents will fill the void.

You wouldn't be able to build up the necessary military force without expending massive amounts of money and drawing negative attention to yourself. Investors would not want to be involved with a company creating a PR nightmare and wasting their money on evil. Customers would boycott, the company's stock price would drop, and they wouldn't be able to carry out their plans anyway.

This is a happy supposition, but I don't think it's borne out by historical evidence.

You seem to be assuming that the allegations are true. The understanding that most people have had is that DPR is a pure freedom fighter. If you take away those allegations, all that's left are fake "crimes" that aren't really crimes at all, just things that government doesn't like.

Edit: but I'm waiting and reading with an open mind.

I think it's reasonable to believe that he started out a pure (ish) freedom fighter and got corrupted by the fact that he had made 10's of millions of dollars off his little experiment.

Where did the understanding that DPR is a pure freedom fighter come from? DPR?

PR and wishful thinking.

Typically, libertarians argue against the initiation of force. Someone who commits extortion against you has arguably thrown the first punch.

I'd guess that he might be willing to kill people in the case that there are threats to his personal security. He also had aspirations for his site to bring about a libertarian revolution and may have thought that threats to the integrity of the site were worth killing for.

Yeah well us libertarians are as prone as anybody to start rationalizing. Wouldn't surprise me.

Perhaps he is only opposed to a monopoly on the use of force. Violence for pay is just part of the market dynamic, right?

Why did you include in the fact that he's a libertarian? Libertarians are not against the use of force (unless it's through the state).

A lot of libertarian writing on force starts from a more general "non-aggression principle", and derives the wrongness of state violence as just one special case.

The "non-aggression principle" is basically a propaganda con by libertarians, though.

The way this works is that they take their own favorite definition of personal property, and then re-define the word "aggression" as: "anything that violates my definition of personal property, and nothing else".

So, when a land owner shoots somebody who mis-stepped onto his land without warning, that is not aggression according to libertarians - if you really take them seriously.

Obviously, when you point that out to a libertarian, an endless game of shifting definition starts, much like how many discussions about the existence of god go with theists.

If you're interested in a well-argued and entertainingly written outsiders' perspective on this, I recommend Matt Bruenig. Here's a starting point: http://www.demos.org/blog/8/21/13/fun-times-libertarianism

You are spreading FUD and misinformation. Shame on you. The non-aggression principle does not work like the laws of physics, so just because someone steps on your land, it does not give you the right to shoot them. You are arguing from absurdity. The non-aggression principle is about not committing force, fraud or coercion against another human being. It's really that simple. You may use force when someone is directly threatening your life. That's how it's been discussed in the forums and videos I've been exposed to. Stop holding principles regarding morality to the same standard as the laws of physics.

I certainly wouldn't endorse it, just pointing to it as an attempt to avoid the circularity of defining violence as "what the state does" and then defining "a state" as "the organization with a monopoly on violence".

I do think it nonetheless ends up pretty entangled in the ideas invented by the modern centralized state, especially the ideas of "property ownership" and "a contract", which are supposed to exist in a sort of ethereal global-variable state separate from any facts in the physical world or local interactions. The modern state enables that fiction by maintaining a central property register backed by a cadastral survey, and a set of courts that enforce the abstract idea of a contract. Minarchists are perhaps more open about this dependence than anarcho-capitalists are, by just directly asserting that the state should exist solely to operate and enforce a property register and contract law.

I think you're talking about anarcho-capitalists, not necessarily libertarians.

I agree that it's a baffling world view though.

You're probably right, there's definitely a spectrum of libertarianism.

And it's not as if libertarians are entirely crazy. It's healthy to have some baseline skepticism towards authority. But it's also healthy to have some baseline skepticism towards market solutions. As usual, the best answer(s) are somewhere in compromise and in the middle.

I guess that ideas like the "non-aggression principle" are so alluring to some because they have a sort of superficial "intellectual purity" which that kind of compromising answer lacks.

I should point out that you're conflating anarcho-libertarians with old-school statist libertarians. Most people who self-identify as libertarian believe in a state to protect property, prosecute crime, etc.

Even the self-described anarcho-capitalist libertarians of my acquaintance usually see the use of force as legitimate, as long as it's a non-governmental actor such as a private police force, mutual defense pact, enforcer of contracts, publicly traded corporation, etc. The people who take on the somewhat more difficult task of imagining a society without the organized use of force at all tend to call themselves anarchists, in my experience.

I'm not sure this proposed hit was unjustified. Threatening to do something which would end up with 1000's of people caged for years seems like a valid reason to respond with force.

It's justified to murder people for threatening to publish secret information that might get people into trouble?

And I thought the journalist that got his laptop seized at an airport was harshly treated...

Good job for Ed and Bradly that the evil government arn't libertarian then

Doesn't that reasoning also justify a reverse-hit because DPR is threatening to do something that would result in killing someone which is far worse?

I think it is an arbitrary comparison. Possibly 10,000+ years in jail and who knows how many shankings vs maybe 50 of no existence for one person. You are right that, in a basic scenario, killing is a disproportionate response to a lesser crime, but this is an active threat versus a past event and who knows what jail would bring for these hundreds of people who could be convicted.

I'm not sure of the details of this situation but just following libertarian legal reasoning there may be another way to justify it. The logically consistent libertarian position on abortion is neither pro-choice nor pro-life. Block's theory of evictionism is basically that a mother's right to remove a fetus is stronger than the fetus' right to be in the womb, yet the mother is not permitted to kill the fetus straight off exactly.

If there was developed some technology such as a pig fetus used to carry the child to term then that technology would have to be employed. Would there be some other reliably effective means to stop this snitch besides killing him?

> I think it is an arbitrary comparison. Possibly 10,000+ years in jail and who knows how many shankings vs maybe 50 of no existence for one person. You are right that, in a basic scenario, killing is a disproportionate response to a lesser crime, but this is an active threat versus a past event and who knows what jail would bring for these hundreds of people who could be convicted.

If you are simply arguing the most utilitarian point of view for the sum of the actors involved, surely paying him off is the most moral thing to do. $300K to prevent 10,000+ years of jail and shankings versus killing someone. $300k is much less than the life of one person.

You think the most moral outcome is one person who threatens a thousand with years of caging getting $300K? Are there any situations where you don't think one should be rewarded for making massive threats?...

It's more moral than killing someone over a threat based on the pure conjecture that carrying out the threat will result in a punishment by a 3rd party.

Isn't the real threat the 3rd party that would be doing the jailing? Why is freely communicating what some people did a grounds for murder? He's not the one that is doing the locking people up -- it just so happens to be more convenient to murder him then to take on the justice system. Convenience does not make it the moral course of action.

> Block's theory of evictionism is basically that a mother's right to remove a fetus is stronger than the fetus' right to be in the womb, yet the mother is not permitted to kill the fetus straight off exactly

I adore libertarians, I really do, for all the energy and earnestness they bring to their theory of government. But I can't take them very seriously, and this sort of thing is exactly why.

I know that people who cling to government and democracy mean well, but when they eschew logic and waste my time with non-arguments like this it is terribly annoying.

Uh, yes they are. The coercive basis of government power is why most libertarians are skeptical of the state.

He still made the armory.

Did I miss something in the article? Where did you get that information? Here's the complete text of the linked article:

  Oct 2 (Reuters) - U.S. law enforcement authorities raided
  an Internet site that served as a marketplace for illegal
  drugs, including heroin and cocaine, and arrested its
  owner, the Federal Bureau of Investigation said on Wednesday.

  The FBI arrested Ross William Ulbricht, known as "Dread
  Pirate Roberts," in San Francisco on Tuesday, according to 
  court filings. Federal prosecutors charged Ulbricht with 
  one count each of narcotics trafficking conspiracy, 
  computer hacking conspiracy and money laundering 
  conspiracy, according to a court filing.

All the rest of the info here has come from the criminal complaint that was posted in another comment.


There's some interesting stuff in there, page 21 is the murder for hire scenario and 24 is where the agent explains how they identified DPR.

There have been other posts and discussions about DPR here, I don't have a link for it but I recall a discussion about the alleged "hit".

Does anyone else feel that "FriendlyChemist" was just a set up/honeypot? (Whether US agency or foreign/Canadian)

1. Canadian spies set up "FriendlyChemist", hack into another vendor and get extortion material on DPR

2. "FriendlyChemist" tells "RedandWhite" (obviously the same person/agency) to contact DPR

3. "RedAndWhite" extorts American based DPR to pay for a murder that mysteriously does not happen in Canada

4. DPR then (stupidly?) pays "RedAndWhite" for fake ID documents from Canada, which mysteriously get stopped at the border

5. US agency arrests DPR on delivery of Fake ID's

6. There is no chance of entrapment since:

- Based on the Nature of TOR, we can never prove that "FriendlyChemist/RedAndWhite" are a police force (karma)

- They are most likely not a domestic force, but were working covertly with US agencies (cannot be subpoenaed). </pre>

It's not entrapment unless the police induce the crime to be committed. Nobody forced him to "order a hit." Attempting a murder-for-hire is not something you can be tricked into doing.

I think one could be entrapped into a murder-for-hire.

Certain government authorities know you're acquainted with someone who's previously been fingered for murder-for-hire but never convicted.

The "authorities" call you and threaten to murder your family; you naturally seek back-up from your erstwhile acquaintance. The police ensure they give you just enough information to track their threat back to a "person" of their construction.

Boom. You're up on a rap of "conspiracy to commit first degree murder" (or whatever it's actually called in your jurisdiction).

Doesn't seem so impossibly far-fetched does it?

It'd be a great movie plot. But yeah, still impossibly far-fetched. Besides that, the authorities have at that point gone way past entrapment.

Ish. I don't suppose it would be done but it seems it could be done.

I said this in the last DPR story (the interview): my bet is that he will go down for tax evasion. It's hard to prove murder, conspiracy, drug trafficking, etc., but it's easy to prove that this guy made a bunch of money and didn't pay taxes on it. He'll get federal prison time for it.

He'll go down for it all.

They'll stack the charges so high you a helicopter to see over 'em. He'll either plead it out and get fifty or fight it and get life. His choice.

Well he certainly won't go down for murder, seeing as how there's no evidence that the "victim" ever existed in the first place.

Conspiracy to murder is punishable with life in prison.

>He'll either plead it out and get fifty or fight it and get life. His choice.

If the federales have all of his assets, he ain't fighting nothing.

As someone who's never participated in a bounty what is the difference between a "clean" vs. "non-clean" hit?

I would imagine a 'clean hit' is one made to look like an accident and a 'non-clean' one doesn't take the same precautions?

The police couldn't find a record of the alleged murder victim, so I'm guessing that "redandwhite" and "friendlychemist" were the same person, just playing a con on DPR to get some cash.

That would be a very risky con. DPR had friendlychemist's real name and could have hired a different hitman.

Perhaps the name was fake?

That can't happen on the internet; it's against the law.

Or that he got the $300K clean for the $150k price and thus there's no trace?

If Person A has known motive to kill Person B, in a "non-clean" hit Person A will immediately come under suspicion. If the hit is "clean", anything could have happened and it's a lot harder to establish it as a murder and therefore Person A has a much lower risk of being brought into the case.

Wouldn't "non-clean" be cheaper then, if fewer precautions are being taken?

I took it to mean fast and relatively painless versus protracted suffering, i.e. "non-clean", messy.

I'm just assuming it was sloppy grammar, similar to "We have two sizes, large and small, they go for $5 or $10."

Without the 'respectively', it's ambiguous whether the clean or non-clean were the cheaper of the two alternatives.

I suspect doing a "clean" hit requires more skill and experience.

i was thinking the exact same thing ...

Non-clean example: Pull up next to their vehicle at a traffic light, put a few bullets in their head and drive off.


Clean: Traffic accident, apparent suicide, etc.

I would infer clean means no trace, where non-clean means just do it, don't worry about cleaning up.

But wouldn't the hitman want to clean up since... they did it?

Depends how they did it. Shoot someone with an unregistered or stolen rifle from long distance, capture your brass, destroy the rifle and brass. Obviously a murder, if it were done that way. Very little effort involved, and what've the cops really got then?

You'd probably create more evidence trying to make it look like an accident than you'd clear up just by doing it some easier way.

> or stolen

That would be hazardous in my opinion. Now you have two places where you can place the preparator.

It really depends on where you are. There are vast rural areas in USA, for instance, in which there are many rifles the theft of which wouldn't even be noticed for weeks. Just don't take them during the month before deer season.

My guess is that "clean" includes disposal of the body and other evidence. Like in movies where people call up the "cleaner" after a murder to make the bodies disappear (e.g., "Victor the Cleaner" in Point of No Return).

considering non-clean is twice the price of clean, I would guess non-clean includes "sending a message"/torture before the death.

"the unsocial network" .. this movie is going to be big.

I understand the psychology behind being shocked at this and everything thinking he deserves jail time, but given the War on Drugs and the way the US Justice System works with respect to drug charges, I would imagine that that one violent crime charge is likely to be a drop in the bucket in comparison to all the victimless crime charges for drugs.

However, what I am surprised by is the fact that there wasn't really any focus on his facilitation of arms trafficking. I would imagine that those activities are more likely to cause actual harm to society that we should be worried about.

Yeah, this is absolutely stunning stuff. No doubt plenty will immediately cry foul and say that he's been set up, but let's wait and see what the investigation shows.

Further proof libertarian ideals are naive bunk. Once we take all the rules away, suddenly even the gentlest nerd becomes Walter White.

Libertarian ideals don't include shutting down the police.

s/Libertarian ideals/Stereotypical Libertarian ideals in the general sense, as characterized by an emphasis on individual rights, and a decrease in power or control of the state or societal systems over individual financial or personal actions or rights./

Supposing this story is true, no one got hurt except for people who went looking for trouble. That doesn't sound so bad itself.

Reading this makes me glad I never had any dealings with this guy or his business.

Are we talking about walter white?

Made $80mm in commissions running a drug trafficking network, paying hundreds of thousands to have people executed, mail fraud, money laundering, conspiracy.... He's looking at cartel level prison time.

He paid someone to kill an extortionist that had threatened to release incriminating info on a lot of users. As far as the law goes it's the same as him killing his child's first grade teacher over a bad grade but when you extort someone operating a drug dealing network, what do you expect?

Apparently the FBI managed to track down the actual server running the site:

  During the course of this investigation, the FBI has located a
  number of computer servers, both in the United States and in
  multiple foreign countries, associated with the operation of Silk
  Road. In particular, the FBI has located in a certain foreign
  country the server used to host Silk Road's website (the "Silk
  Road Web Server"). Pursuant to a Mutual Legal Assistance Treaty
  Request, an image of the Silk Road Web Server was made on or
  about July 23, 2013 and produced thereafter to the FBI.
This server image seems to have been the source of a lot of the evidence leading to the arrest warrant: the IP logs that matched his location, an account name that matched his StackOverflow account, and of course all the private messages and chat logs regarding his personal location (messages indicating Pacific time), operation of the site (payments to other admins), and the extortion attempt/attempted hit.

What the complaint doesn't specify is how the FBI managed to locate the Silk Road server. It's possible that they already had some suspicion of DPR's identity, and managed to bug his computers or otherwise track his activity well enough to figure out what systems he was logging into. But given how coy the complaint is about this, I wonder if in fact this is the result of a sophisticated analysis of Tor network traffic (possibly in collaboration with the NSA?). If that's the case, it betrays a level of capability that ought to be frightening for the operators of other anonymous Tor services. Anyone with more Tor expertise want to comment on how likely this is?

Edit: the excerpt quoted is from the (now unsealed) FBI complaint, first linked elsewhere in this thread: http://krebsonsecurity.com/wp-content/uploads/2013/10/Ulbric.... The whole thing is pretty interesting reading.

Haven't finished the complaint yet, but it looks to me like the FBI found a security vulnerability in the Silk Road website itself. More specifically, it looks like they found a way to have the PHP source code sent as an HTTP response rather than have that PHP code executed and send its output. From page 27 of the complaint:

  Further, based on forensic analysis of the Silk Road
  Web Server, I know that the server includes computer
  code that was once used to restrict administrative
  access to the server, so that only a user logging
  into the server from a particular IP address,
  specified in the code, could access it.
The report later goes on to say that they mapped that IP address to a VPN provider whose account was set up from an internet cafe near the house of a friend of DPR.

It looks like they first started suspecting Ulbricht when one of the forum account usernames he used to market Silk Road, "altoid", posted the GMail address "rossulbricht@gmail.com" when looking for technical help. From page 26 of the complaint:

  From further reviewing the Bitcoin Talk forum,
  Agent-1 located another posting on the forum by
  "altoid," made on October 11, 2011, approximately
  eight months after his posting about Silk Road.
  In this later posting, made in a separate and
  unrelated discussion thread, "altoid" stated that
  he was looking for an "IT pro in the Bitcoin
  community" to hire in connection with "a venture
  backed Bitcoin startup company." The posting
  directed interested users to send their responses
  to "rossulbricht at gmail dot com" - indicating
  that "altoid" uses the e-mail address 
  "rossulbricht@gmail.com" (the "Ulbricht Gmail
After DPR's mistake of using the same account to market Silk Road and solicit help with an email address, the FBI seems to have used good old-fashioned legwork to subpoena records and build a case against DPR.

Super interesting read!

Where in the complaint do you see evidence of a website vulnerability? The part you quoted just reads to me as describing DPR's use of a VPN, with the "forensic analysis" part referring to analysis of the disk image after the server had already been identified and imaged.

That said, a security vulnerability in the website does seem like a really plausible conjecture: it's hard to write that much PHP code and not screw up somewhere, especially given that he was probably doing most of it himself, without anyone to do independent QA. And even if the site code itself was fine, the Silk Road is a high-enough value target that the FBI might have thought it worth using a PHP 0-day. Once they're into the site, it's probably not hard to get it to dump an IP address or other externally identifying information.

Yeah, that was a bit of a logical leap. I can see that the code analysis was probably done after getting a disk image now. I think the original lead probably came from his second bitcointalk "altoid" post, though.

Don't forget there was a glitch with SR about 8 months ago where it was briefly returning the real IP address of the server on an error page.

> the FBI seems to have used good old-fashioned legwork to subpoena records and build a case against DPR.

That may be; or maybe they just Parallel Constructed a proper looking investigative trail.

I was thinking the exact same thing. +1 to you sir.

I was told their Apache's error pages leaked "too much information", including the server's IP address. Maybe no breach was needed if this is true.

I'm not super familiar with this case or the ATT vs weev one, but I thought I read that the prosecution in the weev trial made the argument that accessing information in the open, like that of server logs is hacking? If that precedent was set, wouldn't that have an effect on when a warrant is required or no? Just curious

No. A warrant means you can do extra special stuff, like search someone's house. With a warrant, you can search for whatever you like, however you like.

Told by who?

The FBI Complaint, for one.

  ... I know that, on May 24, 2013, a Silk Road user sent
  him a private message warning him that "some sort of
  external IP address" was "leaking" from the site, and
  listed the IP address of the VPN Server.
The Footnote labeled 4, bottom of page 28.


edit and off-topic rant: I really hate searching government PDFs.

There WAS such an issue generally with PHP installed as CGI: a query arg like ?-s would be passed as a command line -s switch to the PHP interpreter spawned. http://www.php-security.net/archives/9-New-PHP-CGI-exploit-C...

Well how about that. Thanks for the link.

I remember reading an article in 2600 where someone figured out that quite a few websites took a PHP filename as a query arg to be eval'd... and some subset of those had no mechanism in place to restrict it to local files. Needless to say, they could point that arg to example.com/malicious.php and have it run on the vulnerable box.

The best part was that they constructed a Google query to find sites that would eval remote PHP code. It was something else!

That was my first lesson in validating any external input. Learned the hard way, in my first six months of building websites professionally. Happily, the hosting provider put me onto a helpful tech guy who walked me through what I'd done and how to avoid it. There was a lot less 'common knowledge' and 'everyone knows' in 2001.

...a vulnerability that affected near zero actual servers. (I know because I scanned for it shortly after the announcement) Everyone uses FastCGI or mod_php and friends.

The agent is discussing source code he inspected likely after acquiring an image of the server. The vulnerability you described isn't how they got their information.

I'm reading through it now, but it's still not 100% clarified how they originally determined the true IP and provider of the server. There are a myriad of different ways, though.

Kind of shocking though if NSA didn't use a PHP vulnerability. PHP has more leaks than Chelsea Manning.

Care to name 5?

Actually, all of the severe bugs there are fixed and/or no longer apply.

Linking to ancient bugs that were fixed a long time ago is pointless, every popular piece of server software would have bugs.

So, care to name five?

Once bitten, twice shy.

Sure, do you have $50,000?

This is why you don't do an interview with Forbes and thumb your nose at the FBI when you're running an illegal operation. When I saw that interview, I knew his days were numbered.


By the time that interview was posted in August, the FBI had already imaged the SR server (in July).

From the Forbes article: "So this was not merely a distributed denial of service attack? It was a zero day exploit? Did it gain access to any data or simply knock the site offline?

I’m not one hundred percent on this, but I don’t think it’s possible to do a DDoS over Tor, or at least it is much harder than doing it over the clear net. The effect of the attack was to block access to Silk Road. No data was leaked, in fact we’ve never had a data leak. "

Posted after the feds imaged the server. OOOPS. Hubris is dangerous.

If the guy had never talked to the press at all... you think the FBI and DEA would have just ignored a massive drug marketplace running essentially out in the open?

I think the point here is that, even though the letter agencies would not have ignored it... they surely got a lot more "incentives" internally to focus on SR when it got more mainstream attention. More analysts, more easily approved wiretapping/surveillance actions (not that they need approvals of any kind nowadays), essentially more money into it.

People slip, it's inevitable. How fast that happens probably got accelerated by SR's owner appearances and the dent it was making in the agencies' reputation.

This is like saying nana nana boo boo stick your head in doo doo. You can't run an illegal business and then vehemently flaunt it to a major news publication that gets read around the world essentially saying that your smarter than the government won't end well for anyone.

I'm going to assume the FBI (or DEA) were going after Silk Road, interview or not.

Rather, the type of person who was willing to engage in illegal activities while also doing a high-profile interview was unlikely to be the sort of person who was paranoid enough to cover their tracks (e.g., avoid re-using handles and other identifying information).

Not an expert, but I've heard a lot of people discussing how Tor can be compromised via timing analysis and owning enough exit nodes. Which is well within the capabilities of large nation-states' intelligence agencies.

It is a widely reported fact that the NSA will hand tips to the FBI/DEA/etc, which will then use "parallel construction" to reverse engineer legally admissible evidence once they have been tipped off to the guilty parties.

The silk road flew too close to the sun. As soon as they started getting in the news, and DPR started his libertarian manifesto-ing, it was just a matter of time. There are no old, bold crooks.

Silk Road is (was) a hidden service, internal to the Tor network, so controlling exit nodes wouldn't be relevant here. You'd need to actually be able to analyze traffic within the Tor network. Which still seems plausible, but maybe more difficult since the Tor network as a whole is a lot bigger than just the exit nodes, so it'd be harder to control a sizable fraction of it.

I would presume that, given that it's a persistent service, it'd be relatively straightforward to do a timing analysis, given that an FBI computer could ping the server at will, and then the server would reply from outside the network, via an exit node, which you could analyze if you had enough exit nodes.

Honestly, there might be even more exploits that I'm unaware of (still not an expert), given that the silk road server is probably doing a lot of tor traffic, which makes them an outlier, and it's tough for an outlier to blend into the background. Maybe tor can mitigate that though, don't know.

> an FBI computer could ping the server at will, and then the server would reply from outside the network, via an exit node, which you could analyze if you had enough exit nodes

Can you please explain in detail how one would do this to a hidden service?

I'm trying to determine if you just don't understand how hidden services work, or have found an actual vulnerability that needs to be addressed.

Here, a paper was written about it not too long ago: http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf

The same goes for end users: http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf

Hidden services are routed through ordinary Tor nodes. You're correct that they wouldn't have to control exit nodes explicitly, they'd just have to control the routing nodes along a specific chain that formed the connection to SR.

If you read the statements in the Freedom Hosting case you can see that the FBI managed to deanonymize the Tor network using browser tricks. Once you've got the network the rest is pretty straight forward tracking the bits I would suppose.

This also explains why the other market place shut down quickly, unlike DRP they apparently deduced it was only a matter of time before their location and identity was disclosed.

That isn't correct. The US placed a virus on the sourcecode of freedom hosting, either by seizing control of the servers, or by hacking, which exploited a vulnerability specific to version of firefox found in a popular all in one TOR access kit.

They did not compromise the network, they compromised an out of date version of firefox.

They might well be able to de-annonimize TOR, by monitoring traffic between a large enough proportion of TOR nodes. Given recent NSA/GCHQ long distance cable intercept stories, this is no longer unrealistic. But there is no direct evidence yet. It is also worth mentioning that the US has spent a lot of effort developing an attack capability, and probably hit enemies like Silk Road with attacks as sophisticated as Aurora or Stuxnet. Maybe we just don't hear about that, because of the beauty of parallel construction.

The US placed a virus on the sourcecode of freedom hosting, either by seizing control of the servers, or by hacking, which exploited a vulnerability specific to version of firefox found in a popular all in one TOR access kit.

I think we said the same thing, or at least if I interpret your statement correctly I meant the same thing. I said "browser tricks" and you said "vulnerability specific to firefox (a browser)" and I said "de-anonymized" (which was the analysis that most people pointed to as to why the FBI was collecting data from various hosts) and you described the same scenario " ... monitoring traffic between a large enough proportion of TOR nodes ..."

My interpretation of the events was, they got to Freedom hosting, they used that to exploit browsers into giving them correlating information about Tor endpoints, and using that traffic and resources in the already documented 'meta data snooping' programs that other parts of the government have and have made available, they figured out which servers were serving up the Silk Road web site, and by that (and a copy of the servers hard drives aka a server image) figured out who the guy was who was using the Dread Pirate Roberts moniker.

So is your understanding of how this went down different than that? And was that explanation different (other than detail) than my original comment which you assert was incorrect? Happy to be shown where I am wrong here, so I'm trying to figure out what what part you disagreed with.

Well, I read your comment as saying that TOR should be seen as compromised. Your comments about other market owners only seem make sense if that was what you were saying. I just pointed out that the previous attack you mentioned was a bit of a one off, and any repeat would need its own unique set of vulnerabilities. Hence so far as we know, no virus on SR.

Fair enough. Basically the attack is:

  1) Compromise a web server on Tor
  2) Buy a zero day browser exploit, create payload to expose
     data about endpoints and exits.
  3) Profit!
(Sorry the punchline is always Profit! but in this case it's probably "Seize!")

chuck, don't know whether you'll read this but in the light of subsequent tor nsa stories your comments were scarily prescient. congrats.

Let's also be clear that he solicited not one but two murders, and deposited money into bank accounts for those hits. Those transactions probably made him easier to identify as well.


Apparently not, as he used Technocash to do it. He probably used fake ID to pay a bitcoin exchanger to send the money 3rd party.

It appears he was caught because he slipped up opsec confusing real and fake identities, he was being watched by homeland security because he stupidly tried to import 9 fake IDs to his residence, and he was logging into the server with a VPN, not SSH tunneled through Tor.

AFAIK it'd take some doing but it's not outside of the realm of possibility. If you can monitor enough of the Tor network's traffic, you can begin to make correlations.

This may not even require large-scale traffic analysis; I wonder if you configure your client to use a chain of 2 or 3 "known good" nodes, teach the nodes to block other potential users, and capture the traffic, if an effective timing attack could be done that way (request SilkRoad at 0:00, get back a page with the relevant contents at 0:01, and trace those lines through the nodes). It sounds like it'd be feasible to me, but I'm another amateur.

Running this kind of service becomes infinitely more difficult if you can't hide your hidden services.

Also I wonder how they got a server image without him noticing since it is typically something you'd need to shut down the machine for. Was the whole thing running off a hosting service?

It would be pretty impressive if he physically had servers in multiple countries. Just setting them up without involving other people seems difficult.

Edit: He did use hosting services which probably used virtualization so it is easy to clone drives for. The complaint has him buying fake ids (which were confiscated in transit!) in order to rent more servers.

If by "server image" they mean image(s) of the hard disk partition(s) (that's what I suspect they mean) -- easy. If the server is using LVM or some similar technology -- you can take a snapshot while the server is still running, no problem.

You can do `cat /dev/sda` on a live server (as root) without any special stuff like LVM or a hypervisor, it just isn't guaranteed to take a clean image, as it isn't a snapshot. In most cases you'd probably just need to run fdisk to tidy it up and get 99% of the data back in one piece.

You can't make any modifications for it to be admissible in court. This includes logging into a live server to take an image, or 'fixing' errors introduced during the copy.

Professional forensic investigators have what are called 'write blockers' that prevent all writes when drives are plugged in to be imaged.

It was in another country, and the image was provided by the other country. Not sure about the law/case-law around how that works with respect to chain-of-evidence.

I think a good defense lawyer should be able to get the server image thrown out. Fat lot that will do in light of everything else though.

They can create a hernetic environment to fsck a copy to find what files are on the original, and then copy the target file content from the discovered addresses.

Otherwise I could shred say some paper evidence, and the course would reject a taped-up copy that shows my original document. Which they wouldn't, of course.

Even if you don't use a snapshot, and get an inconsistent image, it's not like fsck isn't going to get you most if not all the data anyway. (Yay journaling)

>Also I wonder how they got a server image without him noticing since it is typically something you'd need to shut down the machine for. Was the whole thing running off a hosting service?

How often does one of your servers crash? I mean, it happens. I estimate maybe once a year/server, on average, assuming a 5 year lifecycle. (well, usually it's more like 'no crashes for the first three years, several crashes a year after' - hardware ages.)

Hell, whole racks lose power at times. Doesn't happen all that often, but it happens often enough that if your provider says "We blew breaker X" well, more often than not, it's a honest problem, and not the FBI yanking power to image a drive.

Or hell... what if it's a server with a mirrored drive? It'd be easy enough to pull half the mirror (the drive 'failed' right? Hell, you can say you let the salesguy into the co-lo and he bumped the hard drive release catch, or you sent in the new kid to swap a drive and they pulled the wrong one. These things aren't common, but they are way more common than the FBI.)

Hell, a drive could have legitimately failed and been sent back to seagate/wd by the provider (assuming he was renting servers) for warranty repair. The FBI could have intercepted the drive (or gotten it from the manufacturer) and run their own analysis.

So yeah. I totally believe that the FBI could get a reasonable image without DPR or anyone being the wiser.

"Hell, whole racks lose power at times. Doesn't happen all that often, but it happens often enough that if your provider says "We blew breaker X" well, more often than not, it's a honest problem, and not the FBI yanking power to image a drive."

Now you've got me wondering whether the apparent disparity between manufacturers claimed MTBF and what we see in failure rates in the real world, might plausibly be attributed to mysterious government agencies coercing data center owners into unexpected-but-plausible downtime. (four or five nines of power uptime might just mean the FBI/NSA need to batch server imaging and grab a whole bunch in a particular data center at once)

>Now you've got me wondering whether the apparent disparity between manufacturers claimed MTBF and what we see in failure rates in the real world, might plausibly be attributed to mysterious government agencies coercing data center owners into unexpected-but-plausible downtime. (four or five nines of power uptime might just mean the FBI/NSA need to batch server imaging and grab a whole bunch in a particular data center at once)

It's far more likely that people are idiots. How many hardware techs do you know who even own an ESD wrist strap? I get actively ridiculed when I pull mine out.

Next, the SLAs claimed by datacenters are usually bullshit on multiple levels.

First, the penalty is usually "we will refund you for the time you were down, if you ask." - which is fine, but a 5 minute power outage can be brutal to clean up after, while 5 minutes of your monthly bill is hardly worth asking for. I'd be happy to give people a 100% sla on those terms. I mean, obviously, the service isn't going to be up 100%, but the penalties are so low that who cares?

Then, well, even if the facility doesn't lose power, there are a hundred different ways a server or a rack can lose power.

Hell, even I let a guy into my co-lo who plugged in one of those ancient computers with a manual 110-240v switch. (everything made in the last decade auto-switches.) He plugged it into my 208v power, with the switch on 110, causing the fuses on my PDU to blow (and taking out the whole rack)

And power cords. Especially if you don't have dual power supplies, power cords get bumped. The mark of a honest sysadmin is that s/he admits it when they bump the cord[1]

So yeah, while it /could/ be the FBI, the vast majority of the time, well, someone fucked up.


(Adds lsc to the list of likely NSA collaborators…) ;-)

And yeah, you're right about hosting SLAs - I've got a hosting account which proudly advertises "100% uptime guarantee", which in the fineprint/t&cs offers "pro rata refunds for _twice_ your costs of any downtime!" – on a $48/year invoice - so if they go down for an entire _week_, they'll owe me not quite two whole dollars. Thanks...

Even the much more expensive/professional hosting I arrange for other clients always includes something like:

  Limitation of Damages

  Recovery of damages from $hostingCompany may not exceed
  the amount of fees it has collected on the account.

>(Adds lsc to the list of likely NSA collaborators…) ;-)

The interesting thing is that I haven't ever been served with a warrant. Which is weird, as I know much smaller competitors who have.

Of course, there's no reason why you should believe that statement.

The Silk Road has been notoriously unreliable. Constantly "Down for maintenance" and often just unresponsive for hours at a time. Besides the government it has also come under a number of malicious attacks from disgruntled users.

I imagine the DPR was logging in via VPN just to get some kind of consistent access to the site, even with I'm sure there were many times where the servers were unresponsive even to him.

Once the host was identified, obtaining an image of the running server is as simple as removing a disk from a RAID array and replacing it with a blank spare.

That's what I'm wondering. I would have thought someone running an operation like that would control their physical hardware.

You have to weight the pros and cons. Hosting yourself, means you have to get a proper location with power, internet connection, ect. You have to get and pay for this anonymously. You do have a greater control over it.

If it's colocated, you only have one type of payment to do, and I'm fairly sure it's easier to be anonymous. You have less control over this location, and have to worry about their logging of access and the like.

*> an image ... was made on or about July 23, 2013 ...

Perhaps a coincidence, but that's ~10 days before the guy who ran the Freedom Hosting gig was busted.

He also logged into his servers using clearnet/vpn they could trace. He had a degree in physics and a masters wtf was he doing playing gangster ordering hits and still running that site. Should have cashed out and fled to Brazil

If the FBI has been tracking down SilkRoad for years, I find it completely reasonable that they finally find the location of the server just based on traffic analysis. I'm sure that FBI or NSA runs number of exit and intermediate nodes to collect statistical correlations from traffic and track down hidden services given enough time (there is even public research that shows how it can be done: http://epub.uni-regensburg.de/11919/1/authorsversion-ccsw09....).

All that said, its even more likely that they found his identity other way. He seems to have slipped from time to time. I think most people underestimate the amount of boring and tedious chores they must do year after year if they want to conceal their identity from FBI who is actively searching them online. It seems that the main theme in revealed identities seems to be reusing usernames or using the same email in two different contexts that link person to his anonymous identity.

Starting on page 24,

1) Located the first reference to "silk road" on the internet. You can find this yourself on Google: "silk road" site:shroomery.org Date range: Jan 1,2011 - Jan 31,2011 *

2) The same username, "altoid", showed up on a bitcointalk days later.

3) Later in 2011 "altoid" made a post on bitcointalk with his email address, containing his real name, in it: https://bitcointalk.org/index.php?topic=47811.msg568744#msg5... If you search the name on Google it doesn't show up, but if you look at the user's page you can see it in his posts.

That seems like more than enough for a warrant for this individual. Everything after that should be easy.

I've used Google before to locate when a particular word or phrase first appeared. Kind of surprising someone didn't figure this one out quicker.

* Obviously this is a common word, so either adding other keywords with it would be likely.

This does seem plausible, so I almost don't think this is worth mentioning, but don't forget about "parallel construction".

Having the world believe they can't reverse Tor would clearly be more valuable than having the world believe they can. Remember that Tor explicitly doesn't protect against a global passive adversary.

1984 wasn't supposed to be a manual god damn it! (This is how the main character was caught. He believed in a 'alternative' system. Much like how we like to pretend TOR is untouchable)

this has nothing to do with 1984 -- DPR was very sloppy, this is an indication that TOR works.

I'm betting a dozen entrepreneurs are looking at this right now thinking "I can do this better" and are designing their systems as this is happening.

That's what they want you to think, so they can snare you in their FBI ran honeypot...

All joking aside, I hope you're right, and that the next few SR alternative sites figure out how to get it right, and that Tor itself isn't fundamentally broken by the FBI.

Agreed - I'd like to think both this, and the Lavabit being coerced to hand over private SSL keys news elsewhere today - indicates that TOR and SSL are still "as secure as needed" against even targeted FBI attacks.

Unfortunately that all now needs to be viewed with the suspicion of "parallel reconstruction" - I'm somewhat less convinced that if the NSA targeted someone specific that SSL and TOR would resist their efforts (and that for something like Silk Road, that the NSA wouldn't happily break and read everything DPR did over his SSL secured TOR connections, and "share" just the right tidbits with the FBI for them to go and create a plausible explanation involving google searches and old forum posts).

Welcome to the post Snowden era - where we know that our governments not only don't have our best interests in mind, but have sophisticated programs in place to lie to us about how they arrive at the evidence they present (in those annoying occasions where they have to use courts who aren't just rubber-stamping everything they're told too).

(Edit: on reflection, it's kinda sad that this might well have been good detective work by diligent, talented, and persistent FBI investigators doing exactly what he taxpayer employs them to do - but that effort is now permanently under the dark cloud of suspicion of unconstitutional dragnet surveillance and morally corrupt processes like "parallel reconstruction".)

The question is - what was the service provided by Silk Road at the end of the day, and what can be decentralized?

The trust and review system, the search engine and the communication platform can all run independently and don't need to happen on the same platform.

The web interface can be provided by an open-source turn-key package, so the next DPRs only need to figure out the hosting.

The escrow system was probably the most critical service that SR provided. Unfortunately that seems to require a centralized model.

exactly what i was thinking, the amount of work involved despite some pretty horrendous slip-ups, implies TOR + basic common sense can be a pretty powerful thing

In principle I agree with what you're saying, but I think it's harder than you realize to maintain basic common sense all the time. People do irrational things, all the time. Even the normal ones.

Also anyone talking about it here on HackerNews is already failing at it.

Meh. The FBI and DEA can investigate my Silk Road seller account all they want and they won't find anything interesting.

> Much like how we like to pretend TOR is untouchable

Who are you talking about? Everywhere I look people are saying tor is certainly broken, the NSA is watching us, etc.

We don't know that any "parallel construction" is at work here. It seems like most of the information stemmed from the discovery of the Silk Road web server, and I haven't seen how they were able to determine that. If this goes to trial, then the FBI will have to say how it got that information (assuming he has a competent defense team).

That's the thing though. We know that as of very recently the NSA is helping other alphabet agencies construct cases in parallel. If you knew the guy's name or handle or whatever information the NSA could have given the FBI then coming up with an alternate story of how they ID'd the guy (page 24 onwards in the criminal complaint) would be incredibly easy. The point is that we'll probably never know either way.

The point of parallel construction is that we don't know that it's at work.

True, and the next Silk Road owner will certainly take that point into account.

Obviously, the disappearance of such a site leaves a gaping hole on the Web:

Silk Road has proven that the demand/market is there, that people are willing to use the Web to acquire those goods, that they are willing to pay, that the whole transaction works and that this leads to a massive amount of cash.

So, make no mistake, the next Silk Road creator is certainly out there, probably technically more astute and careful, and already building.

The next Silk Road owner will call himself the "CEO" of his operation and won't do an interview with Forbes, but an AMA on Reddit. Strange times.


> Q: How do you rate yourself compared to the road?

> A: The road has more users, but our service is better (to put it bluntly).

> [...] We have automated PGP encryption of messages for the members who refuse to send their messages using PGP.


Atlantis is pretty widely known to be either a honeypot or a scam.

Black Market Reloaded is the odds-on favorite to be the new Silk Road.

Drugs are bad, mm'kay?

...the next Silk Road creator is certainly out there, probably technically more astute and careful...

And almost as certainly: more experienced in the use of serious violence. The next guy won't be hiring hitters without introductions from fellow violent criminals. (Not that undercover cops have never been vouched for in such a manner, but it raises the stakes significantly.) Yay Drug War!

If they used parallel construction, then why didn't they list how they got the information about the location/IP of the Silk Road webserver? I would assume that they would have ParallelConstruction'd a reasonable way for them to have obtained that information, no?

Why would they show their hand before they need to, and give more opportunities for poking holes in it?

Because they are legally obligated to 'show their hand' when the defendant's legal representative asks for it?

You appear to be missing the point of parallel construction. The point is that they show a true, but-not-the-whole-truth "hand" (the parallel construction) while obscuring the full truth. That is, you spy on someone, and obtain a bunch of evidence, either illegally or that is fruit of the poisonous tree. From that knowledge, you construct a (fictitious or only partially fictitious, but plausible) story about how you gathered enough evidence to incriminate your victim, without revealing that you came across this evidence illegally. See http://en.wikipedia.org/wiki/Parallel_construction.

Yes, they are legally obligated to not lie about the true means of how they came to have the evidence. But if nobody can prove you're lying, they can't call you on it.

Gee, parallel construction sounds an awful lot like money laundering except with my bytes. :|

Few cases make it to trial, especially in the federal system. He's been charged with at least two capital eligible charges. They'll offer to plead down to life in prision (or 100+ years same difference) and he'll take it. We'll never see the government's full case.

It's already known that they have attacks against Tor (i.e. Flying Pig)

From the GP: "If that's the case, it betrays a level of capability that ought to be frightening for the operators of other anonymous Tor services."

Google searches and reading some public forum threads... Staggering sophistication!

Seems likely to me that NSA found the server and imaged it. FBI's job was pretty easy after that.

Someone asking for help on the bitcointalk forum for a new venture? Happens almost daily. Someone asking a question on SO about how to access Tor? Ditto.

You don't discover who "Dread Pirate Roberts" is from this. But you do discover these types of things pretty easily AFTER the NSA tells you who DPR is.

The Google searches give a hint at DPR's identity. They don't give you the location of the actual Silk Road server.

Obviously there's lots of ways that guessing DPR's identity might allow someone with the FBI's resources to unmask the Silk Road server, though I don't know enough to know whether the forum post on its own would be considered sufficient evidence for a warrant to bug all of Ross Ulbricht's online activities. A lot of the more damning evidence for Ross Ulbricht as DPR (IP logs, the connection to the counterfeit documents, hostname of his personal machine, etc) seems to come from forensics on the captured server image. Analysis of Tor traffic doesn't seem like an implausible hypothesis, especially because that's a capability we'd be expecting the FBI/NSA to be developing anyway.

Reminds me of the recent South Park episode on the NSA/public privacy.

> 3) Later in 2011 "altoid" made a post on bitcointalk with his email address, containing his real name, in it: https://bitcointalk.org/index.php?topic=47811.msg568744#msg5.... If you search the name on Google it doesn't show up, but if you look at the user's page you can see it in his posts.

And a few post below someone says:

> I'm interested Ross

Spy film discretion here.

Umm... that reply was posted TODAY, not back in October 2011.

To be fair, someone back in October 2011 could have made that comment too, as his name was in the email address that he gave.

>And a few post below someone says: >> I'm interested Ross >Spy film discretion here.

That post was made today.

That's not enough for a warrant. No way, I don't believe it.

It is definitely enough to have CBP flag any packages crossing the border that are associated with that name, for which no warrant is required. After that, well, I'm no lawyer, but I think intercepting a package full of fake IDs is enough to justify a broader criminal investigation.

Alone, no. Read the 10 pages of corroborating evidence following these initial steps and there's definitely enough for a warrant.

A warrant for search and seizure of his computers and everything in his apartment? Probably not.

A warrant to keep "pulling the string", issuing subpoenas, and compelling production of evidence from those who might have it? Absolutely!

What is the cut off for using pseudonyms on obtaining a warrant?

I assumed bitcointalk had a small member base when "altoid" joined. A quick look at their tables show 3,694 total new registered users through January 2011.

"altoid" registered on shroomery on January 27th 2011 and the "altoid" who revealed his name publicly registered on bitcointalk on January 29th 2011.

It's definitely enough to ask Google, and possibly his bank or credit card company (to see if he bought any servers recently).


is there anyway to prove that the post in the forum occurred when alleged?

All it takes is just once. I saw a reddit comment that documented how one user determined the real-life identity of another user who was attempting to stay anonymous. The slip up? Two photos posted by the user under two different accounts shared the same background, and the user posted using both accounts in the same comment thread.

I dox'd a guy once knowing only the day that he earned his pilot license and the state he lived in. (FAA publishes a database that contains that info).

For me it was a first name (unusual) and two schools attended (this in the days when universities were much more liberal with posting their student directories.

Let's face it, at most one if your identities can be tied to your actual real-world activities. Otherwise people can find enough correlations to out you. Witness JK Rowling's new book.

JK Rowling's dox was a result of a member of the publishing house's solicitors telling his wife, who then told a close friend who provided the initial leak on twitter, which gave the newspaper breaking the story enough to go on to start drawing those conclusions.

Found the BBC story about this, if you're interested. http://www.bbc.co.uk/news/entertainment-arts-23366660

Meh, you lot will never figure out my real world identity!

If only I knew your phone number ...

I would have gotten away with it, if it weren't for you meddling kids!

The internet is full of smart individuals with an eye for detail.

Lesson learned, if trying to stay anonymous only use cat photos as profile pictures found on google images.

The lesson is that your ability to remain anonymous drops in almost direct proportion to the quantity of content you make available.

A careful user might have a more-shallow slope; they might be able to post more photos, if they're carefully scrubbing EXIF and being mindful of spillage (unintentional details in the frame). But every single posted photo is still inexorably eating away at their potential to remain anonymous.

After publishing the first picture, you might have to throw away the camera... You never know how much unique is the fingerprint of the camera. Might be very useful to crawl profiles to map photos and screen names.

You wouldn't have to throw it away, just label it with the identity that posts photos from it.

...and not use that camera for anything other than posts made with that identity.

I happen to know where the bad pixels are in one of my digital cameras. Not sure of the other.

Even when I take photos of interesting stuff, I'll find an alternate source rather than post mine.

Different cat photos!

Unless we all standardize on the same cat photo. officialcatavatar.com anyone?

Limecat. Been around for ages, ready for battle.

... from the most generic search term you can imagine.

Damnit, you're on to me, aren't you.

ahh yes, the creepy gone wild stalker story

What's the full story?

It's funny, i so rarely browse reddit, but i somehow happened upon this story this week - i guess it came up in some kind of mega "what are you most ashamed of" thread or somesuch. Ultimately it was as GP described; a redditor researched one of 'gone wild' big 'stars', poured through her history ,ultimately found another reddit account of a selfie shot that had the same background as the 'gone wild' shot so concluded they were the same or friends, researched back that history and ultimately found her real identity.

>>>> I think most people underestimate the amount of boring and tedious chores they must do year after year if they want to conceal their identity from FBI who is actively searching them online.

Most people don't realize the government can have an army of people working 24/7 to track you down while you're busy trying to cover your tracks. The odds are never in your favor.

Also, having an active social media presence doesn't help either. lol

This should be common sense, but as you stated, people seem to forget. We have supposedly spent a trillion dollars on the war on drugs, it seems silly for this guy to think he didn't warrant at least a multi-million dollar investigation.

From the time the silk road sold it's first product, it was only a matter of time before it's owner went to prison. If he were as smart as he thought he was, he would have gotten out of the business and the country shortly after he became a millionaire.

> If he were as smart as he thought he was, he would have gotten out of the business and the country shortly after he became a millionaire.

I believe this guy is the second owner. If I recall correctly, the first guy did pretty much exactly what you said.

The current owner stated this was the case in an interview he gave after the FBI had already found and imaged the server hosting Silk Road.

Given the information released today this claim seems to be false in every way.

Seriously? "I am not the first Dread Pirate Roberts" ?

If the FBI systematically performed traffic confirmation on the Tor network, this would be a rather sloppy sources and methods cover, as they would eventually be forced to disclose the existence of the traffic confirmation system.

If the servers' IPs were obtained as a result of a passive traffic confirmation system that breaks Tor's anonymity, I would expect a detailed parallel construction to demonstrate an alternate explanation for how they unmasked the servers.

Any defense attorney worth his salt is going to request the evidence relating to the method of de-anonymization of the Silk Road servers. If a traffic confirmation system was used, the prosecution would be forced to disclose that to the defense, which could very well raise a solid argument that it violated the defendant's Fourth Amendment rights.

My guess is that the FBI used the gmail account information and early public silk road advertisements to obtain a warrant from a friendly judge to remotely monitor DPR's computer, and waited until he connected to the server. It's also possible that they exploited the web server, as was the case with FreedomHost.

The server image was made July 23, his fake IDs were intercepted July 10.

I guess the investigation stemming from the IDs was probably where it started to come together.

Even after they rumbled his name, I wonder if he could have avoided direct culpability by keeping his net connection three hops away from the source systems, and using forged identity docs for anything official (mobile wifi connection and visa debit card)?

Found this in one of the recent HN submissions:

http://krebsonsecurity.com/wp-content/uploads/2013/10/Ulbric... / Mirror: http://www.scribd.com/doc/172773407/Ulbricht-Criminal-Compla...

According to the filing, they found him through a combination of posting his personal @gmail.com address on the bitcointalk forum from the same account used to market Silkroad. Further, they found that his LinkedIn account somewhat corroborated the timeline/interest in what Silkroad is. Page 24 for the juicy details of how they identified him.

Also there is a section about murder-for-hire in Canada. Pretty wild stuff.

Update: Also he posted on Stackoverflow asking questions about Tor with his real name, then later changed his name. Supremely conspicuous.

"All told, the site has generated sales revenue totaling over 9.5 million Bitcoins and collected commissions from these sales totaling over 600,000 Bitcoins. Although the value of Bitcoins has varied significantly during the site's lifetime, these figures are roughly equivalent today to approximately $1.2 billion in sales and approximately $80 million in commissions."

Incidentally exactly how much Walter White made... That's a strange coincidence, or perhaps one of the clerks that gets paid to make up statistics for drug related criminal complaints is a breaking bad fan...

So this means the FBI now owns 600,000 bitcoins (5% of all bitcoins)? Probably more, since they also control the (presumably large number of) bitcoin stored in accounts on Silk road.

Seems like this could lead either to the legitimation or deligitimation of bitcoin as the FBI must assess their worth. It also gives the FBI the ability to mess with bitcoin markets if they choose, by flooding supply.

These numbers are over the lifetime of the site. I bet many of the bitcoins earned were sold/exchanged. It also includes revenue numbers which was paid out to sellers.

If it's the same person, there's a Ross Ulbricht who has a BS in Physics from UT, and would be 29. Best friends with this guy[1], who lives in SF (from Austin), and declares himself as best friends.



I have emails from both of these individuals in my inbox from a few years ago.

I think you should flag this as breaking bad spoilers - not everyone has finished watching the show

That's a year and a half old info. It can't be a spoiler forever.

The anti-spoiler crowd are pretty demanding. A large and vocal group fought hard to introduce prominent spoiler warnings on Wikipedia. There was a time when every other literary work there had a warning that the article might be discussing the subject at hand.

It's a strange phenomena, and I'm not entirely convinced that it doesn't imply poor quality entertainment. Good quality entertainment is eminently re-watchable. How many times have I seen "Groundhog Day", or read "Lord of the Rings"? The fact that I know exactly what happens doesn't seem to diminish my enjoyment at all. In fact, it seems like with every re-experience I pick up some new detail or insight.

OTOH I can totally understand spoiler alerts with respect to sport and sporting-type events (like politics). It usually does seem to diminish the pleasure of watching a game when you know the outcome.

I don't think that the actual amount was mentioned until the last run of episodes. Prior to that I only remember it being a huge pile of cash that they had "stopped counting."

I don't think that an amount of money constitutes a spoiler, unless that very specific amount has something to do with a specific plot point. ("Ouch, my cancer! If only I had $80,000,001 exactly!")

I always err on the side of "it's a spoiler". If it's not in the show's trailer, I treat it like a spoiler.

I know that I'm personally much more sensitive to spoilers than a lot of other people, so it always annoys me how somebody says something thinking they're not spoiling anything without fully thinking through the implications of what it is they're saying. It's almost arrogance, really, to simply assume that you know what will and will not spoil some given experience for another person.

Have you seen Titanic? It sinks.

Seen JFK? He dies.

WHAT???? More spoilers!!

Jesus dies.

The Zebra did it.

> revenue totaling over 9.5 million Bitcoins

According to this that's close to the current total supply of all bitcoins:


The graph shows the supply in 2013 at around 9.5 million, same number as what the article claims.

At the moment:

    "total_amount" : 11784364.79571183
Though some of that is lost forever, of course.

It's worth remembering that the "Revenue" number would count bitcoins twice if they were used in two transactions. If bitcoins used to buy something on the site were then used by the seller to buy something else, the revenue would be twice the total bitcoins used.

That's a real page-turner. I found this particular item funny on page 30:

  "Based on my training and experience, I know that criminals 
  seeking to hide their identity online will often use 
  pseudonymous usernames to conceal their identity."


> Today, those specific, articulable facts take the form of sweeping generalizations that officers assure us are based on their “training and experience.” This phrase comes from the Evidence Code section stating the sources an expert can use to form their “expert opinion” in court. Today, police are taught to repeat this phrase on the witness stand when they want the court to take their bullshit speculations and generalizations as actual evidence.

Well, I read the PDF and every statement of something based on "training and experience" seemed completely reasonable. What it means is "this is so obvious I shouldn't need to prove it". Maybe this is abused at times, but not here.

"Based on my training and experience" seems like boilerplate for whenever a supposition is introduced.

Does your training and experience inform you thusly?

So, Agent-1, based on your training and experience, can you conclude, Agent-1, that simply because someone uses a pseudonymous username to conceal their identity, Agent-1, that they are a criminal?

That statement is much less absurd in context.

He posted a question about connecting to a Tor hidden service with PHP on Stack Overflow. He didn't realize it puts your full name next to the question (and he had signed up with his real name), so literally 1 minute after posting the question, he changed his full name to a "pseudonymous username". He then changed his SO registration information from firstname.lastname@gmail to a fake name at a fake server.

> …so literally 1 minute after posting the question, he changed his full name to a "pseudonymous username".

If this is true then how did they catch it? Does SO keep records of all name changes? Did they give that info to the FBI? Do the FBI scrape SO and save all versions of the data? Was this data collected from PRISM?

I assume the FBI subpoenaed all information related to the account from SO, which would likely include a full history of changes.

The exact question I had ... though I guess if they're tracking all network data, then they could have just gone back and looked up the history of the SO post.

>he had signed up with his real name //


Like "hey guys I'm starting a server for the illegal trade in drugs, but it's on Tor so nobody will know who I am, sincerely I M Anidiot".

Oh and just in case my names not distinctive enough here's my Gmail account so you can trace back all my IP connections and verify when I'm online and such.

Fantastic find and read!

Interestingly, the FBI agent that wrote that document and requested his arrest warrant is the same one cited as tracking down Sabu of LulzSec: http://nymag.com/news/features/lulzsec-sabu-2012-6/index3.ht...

Thank you for that. Why do the US legal system still use typewriters in 2013 ?

They probably literally just scanned-in a printout of it. Likely they do this to avoid the issues of improper PDF redactions that got famous a few years ago. Do the redaction on real paper (or not) and just always scan it in, and it's nearly foolproof. And trust me, we get a lot of fools in the government. ;)

Is there some evidence that this was produced using a typewriter?

The font is obviously "American Typewriter".

Is that the one Dan Rather's source used?

Thank you!

General rule of thumb if you're doing something illegal: shut up.

So… don't talk about Fight Club?

This gets very scary on around page 21.

EDIT: But interestingly looks like canadian police can't confirm.

Very interesting to know how the government agents worked on this case and some of the steps to identify DPR

I just read through it. They introduce a lot of evidence from their forensic analysis of the Silk Road servers, but they don't seem to explain how they got access to the servers. Did anyone find that in there?

Very interesting. Start on page 24 for the technical details.

Link to that pdf is down, anybody got a copy of it?

I thought the name Ross Ulbricht sounded familiar... turns out I had lunch with him a few years ago when he was working on a startup selling books online. I had some experience in the area, and he reached out to me after getting my contact details through a friend. He emailed me from rossulbricht@gmail.com, we made arrangements, had lunch and discussed selling books. That was the only time we met, and I've never heard from or of him since.

It's known that the FBI and DEA get help from the NSA on high profile investigations, and they sometimes look at people 2 or 3 degrees of separation from their main person of interest.

Given what we've learned in the last few months about the government's intelligence apparatus, it seems I can reasonably assume that my emails, texts, phone call history etc. have all been scrutinized because I was in this guys email history. And it's not unreasonable to wonder if the same can be said of anybody I've ever emailed, or chatted with on facebook etc. because that's only 2 degrees of separation.

While I don't think the government will be scooping me up in a black van or kicking my doors in over this, I wouldn't be remotely surprised if I get special attention from the TSA next time I'm going through an airport because now I'm on some list.

I guess this is what it means to live in a surveillance state. Having to be afraid of what this might mean for myself, and for my friends and family, because I once exchanged a couple of emails with a guy who years later got into some very shady things.

Most of the US tech industry is probably 2 or 3 degrees from each other on linkedin. I'm a 3rd degree connection to this guy I've never met. I'm probably a 3rd degree connection to Bill Gates, Barak Obama and Marissa Mayer too.

The TSA is not scary compared to US customs although.

For anyone that's going to the SR URL -


1. The SilkRoad Camel image in the background.


These are not standard parts to the image, based on previous seizures. (though I'll admit those all were clear-web seizures that just took over the DNS and resolved back to a gov controlled IP hosting a image - here the image is hosted on-site).

So there is a chance that this is DPR's "dead-man" script running after DPR was not able to communicate with the site for X hours.

It's hard to tell if the actual site (with it's data) has been taken over or compromised.

There is also the possibility it's only the onion domain-name that has been taken, though I'm not sure how TOR/ONION works (if that's possible without access to the server).

In any way, I hope that none of you used a plain-text (vs a PGP'ed one) home address for your recent orders, nor have any tracking #s lingering in messages from the vendors in your accounts. If I recall correctly, messages are deleted after 30 days. But who knows what type of backups where maintained.

It will be intresting to see if -

1. There are admins that have access to the data + site that can get it back up and operational.

2. The forums (which are still working) will produce another site.

3. BMR (BlackMarketReloaded) and another one I'm not familiar with called Sheeps Market will continue to operate and/or pick up the majority of SR's business.

...and also if the DEA and FBI will go after the users (and not just the vendors) that they can find enough "conspiracy to commit" evidence on to make a point.

Tor .onion addresses work by signing a message to a gateway with your RSA-1024 private key, while the actual address is the first half of SHA-1 of the public key. [0] So you have to brute force 80 bit to find a collision for a specific hidden service and you need to break RSA-1024 to actually impersonate a .onion hidden service. In the light of recent news, both seems to be borderline possible. But as far as I understand, brute forcing a SHA collision would lead to strange error messages or some people who can see the original and some who see the FBI version. Since no one reported anything like this, they would need to brute force the RSA key pair for SR in order to hijack the domain.

For the other two possibilities, why would DPR's dead man switch pretend to be a FBI note instead of a 'dead man warning,' especially since a hoax FBI message would immediately destroy SR? So I would assume that the FBI managed to get the actual hardware.

[0] https://trac.torproject.org/projects/tor/wiki/doc/HiddenServ...

Edit: Slight clarification

While that would let you 'impersonate' a hidden service, you would have to hope the actual hidden service goes down because otherwise the HSDir servers will point requests to the proper host and requests will be encrypted to their key

AFAIR there is nothing in TOR that prevents races between two servers trying to get a specific .onion address. So my understanding is, that a collision ( or a broken RSA private key) would put the HSDir into a inconsistent state. And in this case, some people would get the real server and some people would get the impersonated server. ( Additionally TOR hopefully warns if the public key of a hidden server suddenly changes.)

If I recall correctly, it's basically a case of last server to update the dir servers wins, so impersonating hidden services shouldn't be too hard unless the actual service goes down and is restarted.

Didn't SilkRoad transfer ownership some time ago?

The guy that got busted was the first one. So the second guy could still be out there, who would be able to post that image.

I wouldn't bet on how many guys there are. Big incentive to spread misinformation. Wait for the court case, and then the jail book.

In the document they released they made it clear that the server had been located and compromised. An image of the server from July 2013 was part of the evidence in the indictment.

While I hope a dead man switched was flipped it doesn't look good for the integrity of the site. Hopefully everyone involved was smart enough to encrypt.

I have not read it yet, but from what others have quoted, it looks like a disk image was made and handed over in July. Nothing else.

The disk image would of course contain the heavily encrypted data of SR (wallets, transactions, messages).

So unless the private key was on the server right next to the public key (AKA the Linode Incident), or the site did not encrypt that data (which goes against what we have seen so far), the disk image would not compromise that much.

Reading it, they have some pretty precise metrics on user accounts, and insights into his messages, so I'm going with "it was all unencrypted".

Messages between buyers and sellers are generally encrypted end to end using PGP by the users so that information, which includes shipping addresses, is likely safe.

Depends on where you live. Over here in Holland (were drugs are less of an issue), most of the messages are not encrypted.

His linkedin page is pretty transparent if you know anything about him

"Now, my goals have shifted. I want to use economic theory as a means to abolish the use of coercion and agression amongst mankind. Just as slavery has been abolished most everywhere, I believe violence, coercion and all forms of force by one person over another can come to an end. The most widespread and systemic use of force is amongst institutions and governments, so this is my current point of effort. The best way to change a government is to change the minds of the governed, however. To that end, I am creating an economic simulation to give people a first-hand experience of what it would be like to live in a world without the systemic use of force."

And yet, he appears to have paid to put a hit out on somebody...

Systematic force means laws, government, and the like. Hiring hitman is the libertarian free market at its best.

No, that would be anarchism. Part of what distinguishes libertarianism from anarchism is that it does acknowledge the utility of a government, and very few libertarians would deny one of its primary, legitimate duties is public safety.

Do not mistake believing that our current government (which is, might I add, the single largest entity in the history of man; sorry, it isn't that bizarre to think that it might just be a teensy bit too large, despite people's best efforts to somehow cast this as a crazy idea) is too large with thinking that the correct amount of government is zero.

Anarchism does not necessarily mean that and is not incompatible with libertarianism. Anarchism simply means "no ruler" -- everyone has the same rights. A libertarian anarchist condemns coercion and the initiation of force for all. Small government libertarians condemn the use of force and coercion for private individuals (e.g. robbery), but see no problem when the state commits the same acts (e.g. taxation).

Sure, an anarchist society could determine everyone has the right to murder/rob/etc., but our problems are bad enough when it's only the government robbing and murdering people (legitimately). I can't imagine why a society would decide it's OK for everyone!

>> art of what distinguishes libertarianism from anarchism is that it does acknowledge the utility of a government, and very few libertarians would deny one of its primary, legitimate duties is public safety.

No true libertarian...

Public safety to me means guaranteed housing, education, healthcare, and sustenance.

Arguably stretching "safety" I would also include prevention of the concentration of power (i.e. wealth) and exploitation by capitalists (i.e. those significant portion of the real assets of the world).

Everyone wants public safety, even Anarchists. It is a nothing statement. Beliefs vary in how to achieve it. Most libertarians* would want public safety to be outsourced to private sector so it supposedly would be ruled by a free market.

*To be clear, I refer to the people (mostly from USA) who call them selves libertarians. Whose beliefs have only superficial similarity with historically Libertarianism.

Wait, are you talking large as in amount of land, amount of people, or amount of GDP? Because I don't believe the US is the largest in any of those.

I think we can all agree that he's referring to the qualitative idea of 'influence'

Systemic (not systematic) means "of or related to a system". This is not, strictly, governments. It can be any system from the ad hoc (Occupy movement) to the deliberately constructed (governments, corporations). It can be social systems, economic systems, anything.

Systemic use of force, then, is a situation where the use of force against some parties is inherently part of the system. Whether it be physical, legal with threat of physical, emotional force or violence.

If the particular economic sphere he's running in relies on violence (based on my experience in Las Vegas in the 90s, I'd say the drug world is one such system), then this isn't libertarian free market at its best, it's just the systemic use of force typical of the illicit drug industry.

But he mentions "institutions" specifically in his diatribe, alongside governments. Surely he believes that a corporation or organization can be just as evil and dangerous as a government actor?

It sounds like he corrupted himself through his own institution, if the allegations are true.

Sounds like someone needs to create a straw man to justify their own views...

Not really. Libertarianism is typically based on the "Non-Aggression Principle," which is not exclusively applied to governments.

That's more the anarcho-capitalist wing of libertarianism. Overall libertarian is a pretty broad term. It can range from states-rights folks, to people that just want a smaller federal government, to people that want virtually no government at all. The NAP is not at all a common thread in that group. The primary thing that seems to bind them is a generally strict interpretation of the US Constitution, and where they differ is on how they interpret various sections. Some are almost like Christian fundamentalists, they just want the strict text of the Constitution. Others are more like conservative Roman Catholics, the strict text along with the other writings contemporary to its development (to frame the interpretation).

No hiring a hitman is the only choice when gov't forces you and your business underground.

If thousands of people were threatened to be violently seized from their homes to be locked up in cages, do they not have a right to self-defense?

Who are these thousands of people the US gov't is about to seize and lockup?

Maybe the victims of the tens of thousands of paramilitary police assaults that occur each year in this country? Do you think that those soldiers are just going to let their targets walk free?

We have the world's largest prison population for a reason: we imprison large numbers of people each year.

I agree that that's a problem, one that I want to see get more play in the popular press so people will stop ignoring it. And I do, primarily via voting for candidates that never seem to win (I have few options in this region), try to do something regarding the prison system and would like to see many activities decriminalized. smokeyj's post, however, is somewhat hyperbolic in its tone and I wondered if they had anything else in mind. Reminds me too much of my "The South will rise again!" coworkers.

Not if its illegal.

I'm sure if you extorted a multi-millionaire Republican or Democrat or whatever with something they couldn't go to the police for, nothing at all bad would happen to you.

So he's a hypocrite and/or got corrupted by money and fear...not saying he is a good person, just that in retrospect his linkedin page is pretty transparent to confirm who he is and what he's doing based on his market anarchist writings posted under the DPR name, etc

You can write anything online and you can read many things into things people write. You can easily create personas only and lie and invent people.

If you're running a private criminal enterprise bringing in millions of dollars, why would you risk drawing attention to yourself by putting you manifesto on LinkedIn allowing them to xref your crazy with your lack of unemployment?

Ego, perhaps.

Idealism, maybe. His discourse is pretty self-consistent, he may actually believe it.

Well, once you know, then it's 'obvious', just like a good murder mystery is obvious in retrospect. But that's hindsight bias talking. If you don't know that he's DPR, he just comes off as another libertard, of which there must be hundreds of thousands online.

Reminds of how criminals wear religious symbols like golden crosses. I think the biggest and perhaps only believer in his anarchost theories was himself.

What baffles me is why the FBI would shut it down and let this information out when they could have just sat there and collected information on crime after crime. Was the impetus because of the violence alluded to in communications? I know that if they are watching the mafia and they intercept a message about a homicide they have, in the past, notified the intended target.

Either way, intriguing story. If it's true he's really up shit's creek. And I have no problem with that, if it's true. An old 'hood motto: I'm not the law, break it, I don't care. But when you get caught, remember that I don't care.

The FBI's paymasters are ultimately elected by the public, who mostly prefer the FBI to pursue one high profile kingpin reportedly linked with violent crime rather than all of their neighbours who made the mistake of experimenting with online drug orders.

'tis the season to justify wire-snooping. Congress closes session in a month or so.

They want the big fish, not the little fishes that school around him. Is there a bigger fish in the Silk Road story than DPR?

How are you sure this has not already happened?

I'm not but usually in a case where a bunch of suspects are rounded up they will announce the sting operation publicly to make sure everyone knows they are on the job. I assumed they didn't because the FBI was built on publicity and it's part of their institution. But you might be right, they may be doing this to just shake the tree or they've already moved on people.

I really don't understand, why stay in the US doing that stuff when it's the most controlled place ever? even if he was pretty well hidden just leaving the US would have made his life a lot easier...

Perhaps he really likes In and Out burgers.

Thank you Donny.

His actions were so sloppy (according to the evidence listed) that even if was living somewhere else, they would have found him. And places that'd make it really hard for the USG to prosecure are not places that you'd want to live in the first place.

He should have operated as if he lived on the DEA's front lawn.

That was my first question. It'd be pretty funny if we were to find out during the trial that the guy caught wasn't the real DPR.

In previous postings DPR has indicated he inherited the site from the original owner, it would be funny if he knew they were closing in and sent the phony papers to the first DPR in an effort to give himself some time to escape.

I wonder if the timing on this is deliberate. The office that handles FOIA requests is part of the government shutdown, but the three-letter agencies aren't. So the only information that's going to come out on this for the time being is whatever the people running the investigation want to come out...

Maybe it's not deliberate, but keep that in mind. There's going to only one source on this story for a long time.

As I've said for the past few years, he essentially fucked himself.

1) using a low latency onion routing network, rather than a mixnet like an anonymous remailer or other 1990s blacknet, was a big problem. You could maybe get away with throwaway front end nodes as a web interface, stateless, to package up transactions, run by third parties, but for long running anonymity vs traffic analysis or server compromise, low latency bidirectional connections are impossible.

2) repeatedly sticking his dick into the hornet nest by provoking the FBI in the press

3) remaining in the USA while doing all of this

Acting in ways which make him a less sympathetic defendant (connection to assassinations? Really?) doesn't help

Using his real email address/non-anonymous usernames while mentioning silk road related activities and later ordering fake IDs to his home address were by far the most enormous of fucks ups.

Being in San Francisco is er kind of stupid...

you left out sitting in a public library and logging into your online cartel that anybody could watch and get the IP you ssh into

Somewhat amusing list of YouTube videos recently liked by this guy: "How to Get Away with Stealing" and "Privacy: A PostMortem" are right on top. http://www.youtube.com/user/ohyeaross

Good find. He (or this account) even lists a personal phone number on a video uploaded two years ago: http://www.youtube.com/watch?v=3D16fm5NgsA

he has (had) a sweet truck too:


Interesting. He apparently lived in San Francisco in the Mission and rented a room for $1000/month. For someone who should have had $80 million in profit, that seems a bit strange. I suppose cashing out $80 million in bitcoin and then laundering must be incredibly difficult.

It helps to provide cover. He's just another 20-something in the bay area. One of the smarter moves he made, some of the others not so much.

Walking around buying houses in cash might raise some red flags, however, maybe he just liked where he was living?

Just in case the PDF is down for anyone else, here's a link to CoralCDN:


Not totally surprising since SR was mentioned before Congress over a year ago, and some leaked documents mentioned ongoing investigation. I've been telling people it's just a matter of time before it's shut down and that you should stockpile now before it's too late.

Let's hope SR hasn't been keeping any real identifying transaction records, or I bet we'll see a spate of high-profile arrests from tech companies.

Now the question is who will step in to fill his shoes. How much of Silk Road's infrastructure is open and reusable? The market has been created, the users exist - they'll be looking for a replacement.

Of course, after this I think most would-be entrepreneurs might be having second thoughts.

Atlantis Market was spun up not to long ago, including a full length animated commercial for the site. Many believe it was just an elaborate honey pot ran by law enforcement to entrap users, and it failed to gain any adoption.

Black Market Reloaded is where most of the SR users will go.

Atlantis was a scam, read the posts of all the people that could not withdraw their Litecoins and Bitcoins in that week they said they were going to stay open for withdrawals.

Then the site went dark and took everything.

We released code for a Bitcoin market yesterday, opened it up to the community. The code is good, tested, and is now OS. So have at it. I think that Bitcoin has had enough press in recent months that there is enough traction for a few more companies to really make legitimate marketplaces if they can build the infrastructure. Hopefully the Coinpost project provides them with that. https://github.com/brighton36/CoinPost

Damn, and I was this close to ordering some LSD from SR a few weeks ago. I've never tried it and was thinking about giving it a shot. Guess it's a good thing work sent me out of town, and I decided to wait, then got distracted and never got around to it.

Still, this is disappointing. As a libertarian / ancap / voluntaryist / whatever-you-want-to-call-me, I totally support the Silk Road and other unregulated marketplaces.

Bro, you got lucky. FBI's got a daily snapshot of SR server. So be glad your name and address is not in that database somewhere in FBI/DEA.

That'd only be a problem if he had been stupid enough to send his LSD vendor his name & address in the clear. The whole point of buyers encrypting their info to the seller's key was to avoid problems if LE attacked the server.

Yeah, I definitely would not be sending anything like that in the clear. Not knowingly, anyway! Funny thing though, I held off due to random shit that came up, not even anything to do with all the NSA/Snowden/Intelligence/Whatever stuff. And during those couple of weeks, is when all the FBI/Tor stuff broke, and that did serve to give me a little bit of pause. But I still probably would have made an order, except I got busy doing stuff and just never got around to it.

I'd be tempted to try one of the alternatives, but now I'm worried that one or more of them might be LE honeypots or something.

Damnit, what's a hacker to do, who just wants to try acid once before he dies? Sheesh. :-(

You should start going to music festivals, raves, and you'll meet people who have access to it. It's much easier to find in real life than online IMHO.

I wouldn't even know where a rave is happening around here. I'm totally not plugged into that scene at all. Hell, I don't even know if we have a rave scene around here (Raleigh/Durham/Chapel Hill, NC).

Add in the fact that I'm so busy with this startup + consulting part-time, that I never have time to go to music events, I decided to just go the "easy way" and use SR. And then I didn't. And now it looks like it might have been a good thing that I didn't. Heh.

Your profile made me laugh; thanks.



Also, if you enjoy the idea of having a space to opt out of government regulation but want the stability of having a place you can settle down, be non-anonymous and set up infrastructure, support:



OK so he put out a hit on someone.

Bizarrely I'm actually more annoyed that he didn't accept an answer on StackOverflow: http://stackoverflow.com/questions/15445285/how-can-i-connec...

A fascinating read.

The traditional method of catching drug kingpins has been to flip the lower-levels of the organization until you can finally stick something on the leader. Here, the feds were able to go straight to the source.

I'd expect more prosecutions of SR's larger vendors as part of the fallout. If I were one of those vendors, I'd be ordering dust filter for my Hoover MaxExtract PressurePro model 60.

I think the pseudo-anonymity that Tor, Bitcoin, and computers in general can provide gave DPR too much confidence. But like every other ringleader who has been caught, a new one will take over and play the game smarter.

Is anyone else surprised that it took this long to shut it down? With all the surveillance that has been in the news, I assumed Silk Road was entirely operated in a foreign country which didn't have good information exchange relations with the US.

No matter what the precautions someone takes, my bet is that they will eventually get caught if they engage in illegal activity online.

Here's his LinkedIn profile: http://www.linkedin.com/in/rossulbricht

(browse logged-out to see the full thing. If you're logged in and not connected to him, you won't see anything.)

Why does LinkedIn do this? It seems so stupid and such a waste of time. Anyone know?

I assume it's because they want the SEO juice and Google frowns on showing different content to the Googlebot vs a human being, but they also want their users to make more connections. So, they sometimes show more content to logged-out visitors.

Not just because of SEO, although that's one reason. Logged in users are already sold on LinkedIn, so LinkedIn wants to encourage them to make more connections. The aim for guest visitors is to get them to sign-up, so showing them a more useful page is a better way of showing what value LinkedIn can offer them.

Interesting. Someone should build a browser add in that shows logged out views of LinkedIn profiles even if the user is logged in, with the ability to toggle between the two views.

I don't know, but I frequently open up incognito windows to see people on linkedin.

But a non-trivial proportion of people unfamiliar with cookies and what you can do with a combination of additional windows and google buy LinkedIn subscriptions...

They don't think people know. Or they assume you won't logout to look at somebody's page, I guess somebody forgot to tell them about Incognito browser windows.


We need to be careful that we are not linking to someone who merely has the same name. Are you sure this is him?

This is the LinkedIn profile described in released report. I had to check because we got the same major at the same university within 5 years of each other.

Incognito/Private browsing also works.

Rather than simply have a "looking for hitman" service, DPR would have been wise to have an Assassination Market (http://en.wikipedia.org/wiki/Assassination_market). It's much harder to assign criminal liability in these types of prediction markets, and given that transactions in SR were denominated in bitcoins, it may have been an interesting way to cover his tracks.

Meanwhile, down the street from my work it's pretty easy for people to buy/sell in person across the street from the State Capitol in Denver, CO. In a park in broad daylight.

Way to go, feds. Go justify that budget with scare tactics while we have open-air drug markets all over the US that you can't even shut down.

Roleplaying time! You've just been appointed to head the FBI-- congratulations, Director! Which of the following things do you want to send your agents after?

* An international marketplace doing millions of dollars of business in drugs, weapons, and fake IDs

* A few drug dealers in a public park in a city where you might not even have jurisdiction

If there are drug dealers in the parks, that's a shame-- but that's really not the type of issue that the FBI is supposed to handle. Take it up with your local police department.

This post from Ulbricht's Google Plus profile is pretty priceless.


(screenshot in case it's removed http://i.imgur.com/GjqdYDe.png)

It's hilarious that his tagline is "spunky, funky, not so chunky".

Summary of how he got caught: https://medium.com/p/d48995e8eb5a

So question:

If you were running a massive online black market that can be set up and operated from anywhere in the world and making 80mm in commissions, wouldn't it make sense to not only set up the servers outside the US but also fly out of the US to a country with no extradition treaty with the US and low law enforcement cooperation with the US. By doing so, they have committed all crimes outside US jurisdiction. Near as I can tell this means that no crime they are charged with should stick, however IANAL.

Can anyone elaborate if it is possible to manage a site like this in a way where all actions associated with its operation never constitute crimes prosecutable in the US?

If you allow US users to log in to your site the US will claim jurisdiction; see online gambling.

Unless you take measures to make sure American customers can't use your site, the U.S. would have jurisdiction.

Note that this is a one way rule. Never seen an American site owner be extradited to a foreign country for not respecting their laws.

Would blocking all US IP ranges be sufficient even though it is served over TOR. Seems like that would meet the same bullshit requirement the NSA is using when it retains all traffic from outside the country.

Did anyone think this could go on? It's not just about narcotics, this is about the government's ability to regulate and tax. The US government has refined its ability to tax so well that, if you make a large amount of money illegally, you still need to pay taxes on it (e.g. laundering). This has been the case since before computers enabled massive surveillance. That's incredible!

I can imagine that, had the Silk Road specialized in consumer goods and threatened to become popular, then it'd have been brought down much, much faster.

Not surprised. The CIA hates to have competitors?

In other news: http://imgur.com/6XRxpkk

Looks like any other day to me.

It continues: http://imgur.com/6XRxpkk

Also posted to Stack Overflow using his personal name and email address about Tor questions generally

A reddit user[1] suggests http://sheepmarketplace.com/ as an alternative. Is anyone familiar with it?


Heres the complaint- Notable that, on page 30, it seems the fBI was able to partially deduce his identity based in part by his stack overflow questions. http://krebsonsecurity.com/wp-content/uploads/2013/10/Ulbric...

Here's the relevant question: http://stackoverflow.com/questions/15445285/how-can-i-connec...

It doesn't seem like it's how they caught him, but it's some circumstantial evidence towards his guilt. He changed his username from his real name to "frosty" at some point.

Yeah really interesting.

My takeaways:

When operating an underground network 1) don't post to SO questions regarding Tor 2) keep distinct login names for everything

3) Don't live in the US

keep distinct login names for everything

It's probably best to keep distinct OS containers for everything. Don't trust the browser at all.

Isn't the federal government supposed to be shut down right now?

Only the good, useful agencies. The normal, shitty, "Fuck the Constitution" government is still open for business.

"Essential" services are kept running. Throwing people in prison for selling drugs is essential, as it turns out, as is making press releases about it.

The government still exists, but there's no legal authority for many (but not all) of the federal employees to do work for the government, since there is no appropriation in force to pay for that work.

Those who are working are essentially working for the promise of payment at some indefinite time in the future (except for the military, who apparently really are a sacred cow...).

Government employee here. Many of us aren't working on the promise of payment - we've already been paid. My salary was already "paid" two years ago. Congress passed a bill, the president signed it, and the DOE gave us the money. Now, if the government shutdown lasts until May, we'll probably be out of that money then I'd stop receiving paychecks. Of course, I hope to have a new job by that point, anyway.

Are you a government employee, or a contractor? I know that there are some persons paid for by multi-year appropriation bills, but those are comparatively rare. Most expenditures are handled via a single-FY appropriation (and my understanding is that this covers all APF employees).

If you're a contractor, on the other hand, then you're not a government employee (legally), so the whole discussion doesn't apply to you directly.

Government shutdowns are done in a way that retains a certain subset of services that are either paid for through unaffected funding mechanisms, or have been designated essential. That includes soldiers' salaries, payments to military contractors, operations of the FBI and DEA, and small to medium-sized portions of other agencies (e.g. the EPA is mostly shut down, but the Superfund and Mine Safety divisions will stay open).

Why the hell do I keep seeing this question asked? Do people really think that law enforcement will stop because of the shutdown?

Well my Bitcoin investment is about to vanish...

In much the same way online piracy vanished when Napster was shut down...

Not really the same. If you had bitcoins stored with SR, presumably they are long gone.

I've never used the road, but rather I fear it was central to the high value of Bitcoins. I would love to be wrong but I can see my investment dropping and I don't have the guts to sell back into fiat.

I guess it depends on whether you believe cryptographic currencies have significant use cases outside of criminal enterprise.

If, on the other hand, you believe that the greatest value of bitcoins comes from their use by criminals, doesn't that make your investment in them a touch morally questionable?

Unless one believes the enterprise on SR is criminal but not immoral.

Dropped from 140 to 114 in just the few hours since the story broke.

I'm buying tomorrow, after the non-tech world has a chance to digest the morning papers.

Who is to say that isn't just a temporary panic reaction to the story and the long term viability of bitcoins is just fine?

Yep. Value of Bitcoin has tanked since this announcement.

I doubt it. Most likely a good buying opportunity.

For all members x of set publicity, x.good=true

Silk Road discussion forums are still up (and buzzing): http://dkn255hz262ypmii.onion/

Clickable link without tor: https://dkn255hz262ypmii.onion.to/

Neat, how does this work? It seems to violate the idea of the internal Tor web.

The servers are still hidden, it's simply proxy software that trades user anonimity for convenience (and speed I believe, since the tor2web software uses fewer tor relays in its circuits, not trying to be anonymous)

See http://tor2web.org/

I've been archiving web pages related to the owner: http://www.reddit.com/r/SilkRoad/comments/1nmiyb/compiling_a...

the subreddit has been closed.. are you mirroring it on your site or anywhere else?

I think the subreddit is open again, but I do plan to put it up on my own site once I think I've gotten everything.

Reuters reporting seems to confirm the news http://www.reuters.com/article/2013/10/02/us-crime-silkroad-...

The weirdest part of the criminal complaint is that he tried to hire a hitman on Silk Road. Will be interesting to see how this pans out.

Hypothetical Twist: The hitman is actually the same guy he's trying to have killed, just under a separate, anonymous account.

Hypothetical Meta Twist: DPR actually suffers from multiple personality disorder and is also the guy he's trying to kill and thus also the hitman.

A truly anonymous system really poses some hard problems, man.

Right. That's enough internet for you.

That made me actually lol in the office.

well, actually it seems to be at least his 2nd hire if he is not using it as a bargain chip. if he is saying the truth, he previously managed to get somebody executed for 80k.

I read it as a clumsy bargaining strategy, especially since he wasn't at all successful in reducing the quoted price.

True, also, it seems like my first hypothetical twist might not have been that far off as I thought. Other comments[0] readily theorize it to be a likely scenario.

[0] https://news.ycombinator.com/item?id=6483382

Twist: The target and hit man are both sentient bitcoins.


Please don't start up Reddit style "Jokes about other stories on the site.", it's one of the aspects of Reddit that makes it suck.

(Or at least include a link or something.)

OK, just for the sake of argument, let's assume the FBI (with the help of the NSA friends, or otherwise) have "broken" Tor in some sense. Whether it's by controlling enough nodes to do traffic analysis, or a fundamental flaw in the software, or a backdoor or whatever.

Given that, if you were going to run a SR like site, are any of the other anonymizing networks of various sorts (Freenet, I2P, whatever) a valid alternative? And would any of those deals be better than Tor in any meaningful way?

So The Dread Pirate Roberts == Ross Ulbricht?

Was just a matter of time. I'd be interested in knowing how they traced him, considering how overtly cautious he was known to be.

Not cautious enough to not be in the US

Leaving the US is not sufficient. Snowden had to institute the help of one of the largest countries on Earth not to get taken.

Also, leaving friends/family/network in the US behind is very, very difficult.

The criminal complaint says that he used the same username to publicize the site as well as on Bitcoin forums, where he listed his Gmail account and asked for help. From there, there's a whole lot of coincidences.

They also got an image of his server, but no details on how they found the server are given. The complaint notes that another user warned him "an external IP is leaking", so the FBI might have found a weakness in his PHP setup. All it'd take is one command on the server...

The thing about the Dread Pirate Roberts is, it's the name that inspires the necessary fear.

So he probably has a successor and/or is a decoy.

He did mention somewhere that he is not the first.

You can get t-shirts here from my new startup http://freedreadpirateroberts.com/

Love it.

We're finally protected from the evils of cheap pills and acid, anonymously purchased over the internet and delivered to our doors... HANG ON A SECOND!!

It's unclear what is happening and this may be a prank. The initial reports that the FBI had seized the domain appear to be a sarcastic "down for maintenance" page on the part of Silk Road. I've yet to find a real source on the alleged arrest of


However, there also appears to be a criminal complaint out for the founder.


EDIT: Seems like this is real. Reuters reports that Ross Ulbricht, the founder of Silk Road, was arrested in San Francisco. http://www.reuters.com/article/2013/10/02/us-crime-silkroad-...

1. I've never felt TOR was secure. I think the American government knows exactly how to track down a suspicious IP.

2. I think they left SR alone, because they have bigger concerns-- terrorism, foreign surveillance? They still want the world to think VPN's are private?

3. If you can't make money in this system-- I understand. I don't think I've every met a wealthy person who wasen't a psychopathic hypocrite--usually with a very advanced degree. I live among these hypocrites, and it's nauseating. I won't even start on how many parasitic people in Marin County start up nonprofits, and no one bothers to find out how much they make--all legal.

4. If you are going to do something that could land you in jail Don't Tell Anyone What You Are Doing. That includes the person you bed with......

5. Never take advantage of the poor, animals, children, or the environment. It's pathetic I needed to make a list, but some of you repress what you are doing.

TOR IS secure , humans just made mistakes. they are indeed humans.

Presumably the same species programmed Tor, no? And since humans are involved, aren't they open to normal human failures and weakness? Or were these special people who programmed Tor?

They arrested Inigo, not DPR (also there's been 2 DPRs so far, it was planned that DPR changed once a year.)

Not sure how the case will go, but I think that you can't say beyond a reasonable doubt Ross is DPR (Because, well, he's not.)

I'm sure he'll get great lawyers that can get him out of this.

I wonder what the FBI will do with the seized bitcoins!

Is there a way to filter out high-value transactions?

This is as close as it gets http://blockchain.info/largest-recent-transactions I don't think the blockchain format is designed for that in the same way it is for recency or random access

Is it just me, or the the word 'alleged' really out of place in their headline? It should be 'arrests alleged owner'. I have yet to hear anyone deny that Silk Road was an online drug market.

This is a good time to buy cheap bitcoins :)

Someone from Ross' close circle didn't get his proper share!

Unsurprisingly, bitcoin is currently experiencing a loss of value.

But maybe a longer term uptick in credibility? It will do Bitcoin no good in the long term if people think it is just for drugs. I'd rather it developed a more serious, legitimate reputation.

The $360 billion annual drug trade figures haven't dented the image of government currencies. Some hold the view that silk road actually provided legitimacy to bitcoin.

Source: www.drugwardistortions.org/distortion19.html

So now the question will be: how many of the people who have used SR recently will be/have been arrestd, and how much of their bitcoin has been/will be seized?

My guess is that they will go after the few or few dozen people who profited most heavily from illegal activity on the site.

I notice it's stated that around 3.6 million USD worth of bitcoins were seized in the arrest, taken from Silk Road's wallets. Am I correct in assuming that because it came from SR's wallet it was the escrow fund? The FBI complaint posted earlier states the escrow fund held around 2.2 million USD at some earlier date (page 15). Why aren't they mentioning the ~80 million USD generated in commisions? I can only assume because it was not seized.

Remember when they took down Napster, and it ended music piracy?

I get the accusations of money laundering and narco-trafficking, but where are the computer hacking accusations coming from? I didn't see anything in the complaint that specifically alleged deliberate intrusions into any systems. Does this mean Justice is going to accuse him of computer hacking because he hired virtual servers and used them to run a criminal market place? That would sound like a stretch of hacking laws, right? What am I missing?

Any word on whether we can expect customers and sellers to be hunted down?

I had heard rumors for months that DPR he been compromised.

I know quite a few people who used Silk Road, many carelessly so.

> Any word on whether we can expect customers and sellers to be hunted down?

So far the known tally, from reading the forums & Reddit, is: a SR employee (arrested, unknown), DPR (arrested, charged), a UK vendor (arrested, probably won't be charged), and a WA vendor (arrested, charged). If anyone knows of other arrests/charges/convictions, please tell me. I've been trying to maintain a complete list at http://www.gwern.net/Silk%20Road#safe

Most plausible outcome I've heard is that the Feds will only pursue high-volume users, either vendors, or buyers who intended to distribute. Buyers for personal use wouldn't be worth the trouble, though I think they could just distribute that info to local LE.

:-O wow, I really really want to read about how they found him ... just curious to know considering all of the self-professed safeguards he had set up for himself

The information they used to find him came from before he set those safe guards up. Long story short, he was sloppy in the early days.

Here's a summary of his capture, noting his activities on Stack Overflow and drug forums, summarized from the warrant: https://medium.com/p/d48995e8eb5a

Lessons learned:

- Fewer people, the better.

- Trust is earned, especially in criminal enterprises, slowly.

- Checks and controls are important when participants are inherently shady.

- If you're the head of the world's largest criminal exchange, being extremely careful to ensure actual anonymity is difficult but required. One slip, and it's all over.

- Tor might help, but a distributed app (vaguely like BitTorrent) might be more "SWAT proof" than having centralized servers.

Someone should put together a timeline from the affidavit. It looks like a lot of pieces start coming together at the same time in June/July.

The fact that they intercepted his fake travel documents during a routine search of mail at customs when they were already that close to him seems unlikely.

But maybe I'm reading this wrong, or maybe they actually do intercept a high percentage of fake passports moving across the border.

Here's a question: How did the FBI manage to shut down a hidden Tor site?

Did they merely sieze the server hosting the site and ask apache to serve something else?

My guess is they caught DPR and beat him with a wrench XKCD style until he gave up the information about the server.

this might be a fruit of the fact that feds infected the tor network last month.

There is definitely missing information how the actual server was compromised. Without that, a lot of the evidence wouldn't be possible. It seems likely that eventually a SR type service cannot be stopped. The theory is there, the market is there, just the implementation remains.

(please don't raid me NSA/FBI)

This is big news for John McAfee and his new enterprise. Once again he'll be laughing all the way to the bank.

Freenet does not have such problems as Tor. That's because the informaton is distributed around the entire network and accessed via a DHT. So there is no need for onion routing nor is there one host to take down. All people can be arrested for is running the program, if it can be proven that they did.

With respect to the references to FriendlyChemist, why didn't the government charge him with attempted murder on top of his other charges? I'm no lawyer, so my understanding of criminal law is limited. Is it likely the government will add additional charges when this goes to trial?

Pretty strange he was confident enough to live in the US, especially with everything being revealed.

It'll be interesting to see how this effects the value BTC trades at...

- Freedom Hosting is down

- SilkRoad is down

- the Atlantis drug store is down

...all of that leads me to believe Tor hidden services are very, very unsafe to use, since all bigger illegal services that used them have been brought down eventually.

So how did they know that his original Stack Overflow name was changed?

SO logs all changes permanently. All message edits, name changes, email changes.

Where can I see his original name?

Was Atlantis a decoy aiming Silk Road?


This makes up for a good movie plot. I guess he can have some money in prison, when selling the story to Hollywood.

Not allowed to profit from one's own criminal story, I'm afraid.

Mitnick published an autobiography.

Sorry to be rude, but did you read that link before posting it?

" In an 8–0 ruling on Simon & Schuster v. Crime Victims Board, the court ruled the law unconstitutional.[5] The majority opinion was that the law was overinclusive, and would have prevented the publication of such works as The Autobiography of Malcolm X, Thoreau's Civil Disobedience, and even The Confessions of Saint Augustine."

I'll be damned.

Good catch, and you're definitely not being rude by correcting my ignorance!

Thank you :)

naspter-like moment in internet history

The site: https://silkroadvb5piz3r.onion.lu/

I guess ASAC Shrader's guys were finally able to handle this case once most of their resources became available again thanks to the Gilligan's shut down few days ago...

Wow, I just read through the whole indictment.

It's pretty convincing. :/

You can't catch the Dread Pirate Roberts. Another will rise.

Interesting that the bitcoin price has slumped on this news.

and here I have a dog site named silkroad.net that I gave to my mother years ago, needless to say her friends have been bombarding her with this story.

So who's going to be the next Dread Pirate Roberts?

based on my training and experience, wow crazy read.

This, in the wake of the Breaking Bad finale.

I don't see what's so controversial http://www.joymax.com/silkroad/

He's somebody of no consequence.

weren't they supposed to be "not working" during shutdown ? ;)


If they want to get you, they will. Reading how they got him, but I wouldn't be surprised if NSA handed them the info informally and then the FBI had to find another way to justify it. When you know the end results, "connecting the dots" is much easier. Parallel construction http://uk.reuters.com/article/2013/08/05/us-dea-sod-idUKBRE9... and all.

I'm not sure one way or the other, and while it's clear that Ulbright was fairly sloppy, there are a few instances of serendipity:

1. The agent randomly (?) stumbling on a LinkedIn profile which matched the timeline/description of the Silkroad project, which prompted to seek another unidentified agent which had all kinds of juicy deets on the suspect.

2. CBP intercepted a package addressed to Ulbright containing a bunch of counterfeit official documents during a "routine border search".

3. Found Tor/PHP/curl-related posts on Stackoverflow from his real name account, but also says he changed his name/email to a fake one. Did they happen to stumble on it before he changed his name? Or had some kind of access to an earlier archive? Or cooperation from Stackoverflow? Unclear.

I'll update more as I run into them. Super interesting read.

Still, it's clear that they've done a ton of research on Silkroad and DPR. The notes are thorough and accurate. A job well done.

I think that the main slip-up was the use of the same account on BitcoinTalk to both promo SR and to post his personal Gmail account to try to hire Tor experts. Everything else listed above sounded like it either came chronologically after that discovery (the CBP intercept) or it was a result of that discovery (the StackOverflow and LinkedIn accounts)

> 1. The agent randomly (?) stumbling on a LinkedIn profile which matched the timeline/description of the Silkroad project, which prompted to seek another unidentified agent which had all kinds of juicy deets on the suspect.

Sounds like parallel construction to give them a legal way to introduce evidence.

I'd imagine the NSA has crawlers that can parse LinkedIn profiles enough to make good guesses on who is likely to be involved in hacking, criminal entrepreneurship, etc., and to pull out relevant dates and other indications of ideological shifts or large secret projects. Cross-reference with banking records to show when someone is unemployed for a long time and yet still has unexplained funds... DPR was probably on a reasonably short list.

The curl part is also pretty shoddy btw. Would you really use curl to setup a server running behind TOR? I don't have adequate 'training and experience', but it seems natural that website working through TOR should use normal web server software behind some sort of reverse proxy, not curl. He, whoever, wrote that document, seems to imply that questions about curl and TOR network are necessarily connected with running a website through it. He also doesn't mention dates of the questions.

The curl code was probably for querying the latest exchange rates from Mt Gox. It's important he made sure those queries went out through TOR because otherwise they could be used to trace the Silk Road server.

The timeline is unclear... but it seems that they've had doubts about Ulbright for a very long time.

When you know the end results, "connecting the dots" is much easier.

True, but "connecting the dots" is much easier when it's your job, and something you've spent decades practicing.

Not to say that you're wrong, but there's no evidence to back you up. We might as well assume that the NSA is behind everything, ever.

It occurs to me: a great tool of a "know everything" government is the ability to exclude dots, leaving the dots which merely need connecting. Just like the sculptor's aphorism "I just remove everything that isn't the subject, and there it is", a near-omniscient police force can address a crime by eliminating everyone it knows wasn't involved (by their near-continuous presence on metadata, cell tower triangulation, security cameras, etc.), eliminating everywhere it knows the remaining 'dots' couldn't have been, and eliminating every action it knows couldn't have been performed ... leaving a very limited "negative space" for the inferred suspects to operate in. A lot of data to mine, but given NSA-levels of awareness, NSA et al could respond (legally!) to requests for information with a vast list of who/what/where wasn't involved, leaving a conspicuous implication of the guilty.

Thats the general idea of police work, you start with everyone as a suspect and then use evidence to narrow it down.

It tends to work well from a prosecutorial POV as well because anyone who is accused by that process has little evidence to exclude them.

General idea yes, but takes on new implications & scope when operating at NSA levels of universal surveillance exceeding police work by orders of magnitude of orders of magnitude.

In this current age, its more likely that the NSA is behind it. We are at a point where we need evidence that the NSA didn't help.

We are at a point where we need evidence that the NSA didn't help.

So we now have to prove a negative or the NSA did it? Logic has officially left the building.

Ah, so the NSA's spying does have positive effects. It helped capture a drug king-pin who hires hitmen. I'd believed that dragnet capture of Internet traffic presents problems in trying to isolate relevant evidence, but you claim that this is not an issue.

This certainly bolsters the claim that the NSA's surveillance is doing society good. I'm not comfortable with that, but there it is.

Then at that point you are no better than 9/11 truthers and moon landing hoaxers.

I see what you did there, Mr NSA.

No seriously, the whole parallel construction dialogue for NSA feeding DEA tips is exactly the situation suggested here. Why do you equate published journalism with hoaxes and factually devoid crazies. It is insulting to a fairly civil discussion.

Theres no basis in reality for 9/11 truthers and moon landing hoaxers though

That's the point.

Delusions of Grandeur aren't either.

Not sure why this appears to have been downvoted. Seems like a pretty reasonable point, even if you happen not to agree with it.

Well, we know the NSA is behind some things, or else it wouldn't exist.

We also know this is an incredibly high profile case. It's in the interests of the DEA and FBI to lean on their contacts in the NSA, even.

That said, the FBI is very good at what it does, and finding this sort of thing isn't just what the FBI does, it's what any investigator does. (I have personal experience with this area that I can't disclose, but trust me, everyone knows how to link usernames between websites.)

First and foremost, I didn't state as a definite fact. The rest of your argument ...oh well.

The most interesting part was trying to decipher what was got cleanly and what was got with PRISM.

Stackoverflow is one not specifically mentioned as "obtained records from" just that those actions happened on stackoverflow. Non-public actions. Also why would stackoverflow keep a record about each username and email change, but not IP and access times? They never mentioned how he connected to SO or if he masked it. BUT they mentioned that in every other case.

I imagine they had access to his gmail account and StackOverflow emailed him when he changed his account information. I would bet that the StackOverflow information came after they identified his gmail account (which had his full name in it!).

He possibly had those actions on record in his Gmail account, in which they would have easy access to.

Had he not made some pretty amateur mistakes (like using his real email) he probably wouldn't have been caught. My guess is that email address is what lead to his downfall. Without a target the FBI wouldn't have much to investigate.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact