1. This website uses cookies to improve service and provide a tailored user experience. By using this site, you agree to this use. See our Cookie Policy.
    Dismiss Notice

The FBI Finally Says How It 'Legally' Pinpointed Silk Road's Server

Discussion in 'BlackHat Lounge' started by The Scarlet Pimp, Sep 11, 2014.

  1. The Scarlet Pimp

    The Scarlet Pimp Senior Member

    Apr 2, 2008
    Likes Received:
    Chair moistener.
    even tor can't be trusted... this would be a great time to get into the 'net security biz! :cool:

    As the trial of alleged Silk Road drug market creator Ross Ulbricht approaches, the defense has highlighted the mystery of how law enforcement first located the main Silk Road server in an Icelandic data center, despite the computer being hidden by the formidable anonymity software TOR.

    Was the FBI tipped off to the server's location by the NSA, who used a secret and possibly illegal TOR-cracking technique?

    The answer, according to a new filing by the case's prosecution, is far more mundane: The FBI claims to have found the server's location without the NSA's help, simply by fiddling with the Silk Road's login page until it leaked its true location.

    In a rebuttal filed Friday to a New York court Friday and accompanied by a letter from the FBI, the prosecution in Ulbricht's case laid out an argument dismissing a series of privacy concerns Ulbricht's lawyers had expressed in a motion submitted to a New York court last month.

    That earlier motion had accused the government of illegal searches in violation of the Fourth Amendment, including a warrantless search of the Silk Road server, and argued that those privacy violations could render inadmissible virtually all of the prosecution's evidence. The defense motion also demanded that the government explain how it tracked down the Silk Road's server, and reveal whether the NSA had participated in that hunt.

    If the judge accepts the prosecution?s explanation, it could represent a major blow to Ulbricht?s chances of beating the seven charges against him.

    • Thanks Thanks x 3
  2. Trepanated

    Trepanated Supreme Member

    Sep 18, 2010
    Likes Received:
    My understanding was that the guy had installed a Captcha on the site and that was leaking the server's real IP address.
  3. pxoxrxn

    pxoxrxn Supreme Member

    Dec 21, 2011
    Likes Received:
    Sounds like a load of BS. NSA has been caught providing dodgy advice before, purposely placing big dirty holes in security protocols like SSL. It seems a bit too easy to just find an element that was mis-configured. Having said that, there are several HTML elements that will leak your real IP on the TOR network.