It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Silk Road 2.0 - Are the feds operating it as an intelligence gathering hub?
page: 112
share:
So just over a month after the founder's arrest by the FBI, the infamous .onion site black market is back. My theory is that the new site is being
operated by the government for the purposes of gathering intelligence.
Silk Road made $80 million in commission fees on over $1 billion in transactions in less than 3 years. That's a lot of black market activity involving thousands of people around the globe. It's a veritable goldmine of computer literate surveillance targets that is also of course a major nexus of BTC transactions and one of, if not the most commonly accessed .onion site around.
The FBI also recently arrested the operator of the largest host of .onion sites on the planet, Freedom Hosting. The FBI has admitted that last July they took over Freedom Hosting's leased servers in France and used sites hosted on these servers for a massive deployment of malware which exploited a vulnerability in the version of Firefox in the TOR bundle to phone home users' information including IP address, NIC/Wireless adapters MAC address, Windows hostname and a serial number, probably linking the user with a specific hacked site, to a server in Virginia. Now Freedom Hosting was definitely known for hosting child pornography and that guy can rot, but the effects of this operation weren't limited to child pornographers.
As part of their massive surveillance program, the NSA is known to operate and monitor numerous TOR exit nodes. I believe there's even some information about that in some of the slides Snowden has released. What this shows is that there is a very very serious desire to de-anonymize TOR users.
To fully appreciate the potential, it's important to consider how much modern intelligence gathering relies on aggregating and correlating massive amounts of data from multiple sources. I literally can't think of a more efficient, more effective way of harvesting the data, tying it together and linking it to specific individuals than operating Silk Road 2.0.
It's late and I'm sleep deprived but if there's a lot of interest I'll compile into another post details of the methods by which information collected through Silk Road 2.0 could be used to tie together users and their sales/purchases/forum posts, BTC transactions/wallets, IP addresses and ultimately their real identities and locations.
Sources:
FBI Admits It Controlled Tor Servers Behind Mass Malware Attack - Kevin Poulsen in Wired
Almost Half of Tor sites compromised by FBI - Suriya Prakash, ehackingnews.com
Silk Road Reborn: There's a New Dread Pirate Roberts - Fran Berkman on Mashable
Silk Road 2.0 launches with goal of resurrecting web's most popular drug marketplace - Chris Welch, theverge.com
Silk Road made $80 million in commission fees on over $1 billion in transactions in less than 3 years. That's a lot of black market activity involving thousands of people around the globe. It's a veritable goldmine of computer literate surveillance targets that is also of course a major nexus of BTC transactions and one of, if not the most commonly accessed .onion site around.
The FBI also recently arrested the operator of the largest host of .onion sites on the planet, Freedom Hosting. The FBI has admitted that last July they took over Freedom Hosting's leased servers in France and used sites hosted on these servers for a massive deployment of malware which exploited a vulnerability in the version of Firefox in the TOR bundle to phone home users' information including IP address, NIC/Wireless adapters MAC address, Windows hostname and a serial number, probably linking the user with a specific hacked site, to a server in Virginia. Now Freedom Hosting was definitely known for hosting child pornography and that guy can rot, but the effects of this operation weren't limited to child pornographers.
As part of their massive surveillance program, the NSA is known to operate and monitor numerous TOR exit nodes. I believe there's even some information about that in some of the slides Snowden has released. What this shows is that there is a very very serious desire to de-anonymize TOR users.
To fully appreciate the potential, it's important to consider how much modern intelligence gathering relies on aggregating and correlating massive amounts of data from multiple sources. I literally can't think of a more efficient, more effective way of harvesting the data, tying it together and linking it to specific individuals than operating Silk Road 2.0.
It's late and I'm sleep deprived but if there's a lot of interest I'll compile into another post details of the methods by which information collected through Silk Road 2.0 could be used to tie together users and their sales/purchases/forum posts, BTC transactions/wallets, IP addresses and ultimately their real identities and locations.
Sources:
FBI Admits It Controlled Tor Servers Behind Mass Malware Attack - Kevin Poulsen in Wired
Almost Half of Tor sites compromised by FBI - Suriya Prakash, ehackingnews.com
Silk Road Reborn: There's a New Dread Pirate Roberts - Fran Berkman on Mashable
Silk Road 2.0 launches with goal of resurrecting web's most popular drug marketplace - Chris Welch, theverge.com
edit on 7-11-2013 by theantediluvian because: (no reason
given)
An interesting take on things. Yeah when this story popped up in my newsfeed today that Silkroad was back I was like 'haha shame govt. can't keep
the internet down' but now you've highlighted an interesting point in that it could well be a honey trap and what a good one too. Would make it
really easy for Interpol or whoever to find out who the players in the market are and keep tabs on them a whole lot easier. What is the story behind
its return? Is the original operator back or did it just haaappen to pop back up?
reply to post by ragsntatters
Check out the Mashable link from my post above. The "new" DPR claims to be a former user of the original. Here's a relevant passage:
What's interesting is that I read that the tweet about the site being back came from DPR's own Twitter account which if true is very interesting indeed because it implies that it was somebody the original DPR trusted immensely or.. it is in fact a government agency who was given access by Twitter or by getting DPR to divulge his l/p. Another interesting bit from the mashable link:
How fishy does that sound? One of the two people vouching for this guy has disappeared and the other one is refusing to comment? I was a teenage hacker in the 90s and I am intimately familiar with how trust is established and identities are verified among groups of anonymous individuals in any underground scene. It's not hard to impersonate people when you have a lot of information about them, particularly to people who don't know them well.
It would be a simple matter for the FBI or NSA to impersonate two seemingly well-known but completely anonymous users and then use these hijacked personas to vouch for their new "DPR."
Check out the Mashable link from my post above. The "new" DPR claims to be a former user of the original. Here's a relevant passage:
"Several well known users of Silk Road who can be seen as pillars of trust are aware of my previous identity so they may conclude for themselves whether or not to trust me," DPR writes. "These are people both I and the community feel they can trust to make sound judgement on the matter."
Roberts himself is presumed to have been an active member of the original Silk Road. Based on his forum posts and our private communications, the new Roberts matches his predecessor in portraying Silk Road as a sort of libertarian utopia rather than a black market in the darkest corner of the web. He also has the same flare for symbolism.
What's interesting is that I read that the tweet about the site being back came from DPR's own Twitter account which if true is very interesting indeed because it implies that it was somebody the original DPR trusted immensely or.. it is in fact a government agency who was given access by Twitter or by getting DPR to divulge his l/p. Another interesting bit from the mashable link:
The news quickly reached many of the venues former Silk Road users frequented for information, starting with the old Silk Road's forums. "Libertas," a "global moderator" on the original Silk Road, triumphantly announced the news of the new site in a post titled "We rise again!"
In addition to Libertas, who is an employee of the new Silk Road, former Silk Road vendor "StExo," who earned the community's trust by investigating and exposing scammers, has also endorsed the new Silk Road.
Libertas declined to comment for this story, and StExo, who has since disappeared from the forums altogether, did not reply to our inquiry.
How fishy does that sound? One of the two people vouching for this guy has disappeared and the other one is refusing to comment? I was a teenage hacker in the 90s and I am intimately familiar with how trust is established and identities are verified among groups of anonymous individuals in any underground scene. It's not hard to impersonate people when you have a lot of information about them, particularly to people who don't know them well.
It would be a simple matter for the FBI or NSA to impersonate two seemingly well-known but completely anonymous users and then use these hijacked personas to vouch for their new "DPR."
considering the governments promotion of kiddy porn as an excuse to manipulate the net like they did in the old days of the boards, i wouldn't put
any cheap trick past them
It seems the obvious move doesn't it, and really they'd be idiots not to set it up themselves, having taken the first one down.
That's the very first thing I thought when I saw it pop up on the news. It does seem obvious, anyone doing business on that site should be prepared
for the worst case scenario.
How likely is it that "DPR" set the other guy up as a fall guy?
How can tor be so easily manipulated when it was created to circumvent intelligenc operations from other countries?
Can anyone articulate the problem with tor or is it all speculation?
How can tor be so easily manipulated when it was created to circumvent intelligenc operations from other countries?
Can anyone articulate the problem with tor or is it all speculation?
reply to post by onequestion
TOR creates a false sense of security for many people because they lack a fundamental understanding of network security.
TOR's primary purpose is to obfuscate the endpoints of a connection. It does this by wrapping data in layers of encryption and passing it among various relays. While on the TOR network, the data can be considered to be secure as it's passed from relay to relay in a nicely encrypted form. The real problems start to crop up at the exit node where the last layer of this encryption "onion" is peeled away.
What this means is that any non-encrypted or otherwise insecure protocol is vulnerable to sniffing or any number of MITM attacks at compromised exit nodes.
In the case of non-encrypted protocols, the exit node could be sniffing usernames/passwords and content. If that's not bad enough, consider that there are protocols, for example some P2P protocols that include the source IP in their header, completely negating any anonymity using TOR might have provided.
It's also possible to remove data, inject malicious code, hijack connections, you name it. In effect the TOR network even facilitates exploitation and surveillance as the TOR users' traffic is inherently of more interest then general traffic and it's potentially being funneled through compromised exit nodes--no need to even co-op an ISP to intercept/redirect.
That's just the weaknesses of TOR. A compromised site is of course a much more serious problem because even if the network is secure and the exit node is not compromised, all the content that you produce, any site-based communication like PMs or email are completely visible to the server's operators. Also remember that SR/SR2 operates as an escrow agent for BTC transactions. Users deposit BTC into their account and SR/SR2 is wholly responsible for anonymizing the transaction to protect the wallet addresses for the involved parties.
TOR creates a false sense of security for many people because they lack a fundamental understanding of network security.
TOR's primary purpose is to obfuscate the endpoints of a connection. It does this by wrapping data in layers of encryption and passing it among various relays. While on the TOR network, the data can be considered to be secure as it's passed from relay to relay in a nicely encrypted form. The real problems start to crop up at the exit node where the last layer of this encryption "onion" is peeled away.
What this means is that any non-encrypted or otherwise insecure protocol is vulnerable to sniffing or any number of MITM attacks at compromised exit nodes.
In the case of non-encrypted protocols, the exit node could be sniffing usernames/passwords and content. If that's not bad enough, consider that there are protocols, for example some P2P protocols that include the source IP in their header, completely negating any anonymity using TOR might have provided.
It's also possible to remove data, inject malicious code, hijack connections, you name it. In effect the TOR network even facilitates exploitation and surveillance as the TOR users' traffic is inherently of more interest then general traffic and it's potentially being funneled through compromised exit nodes--no need to even co-op an ISP to intercept/redirect.
That's just the weaknesses of TOR. A compromised site is of course a much more serious problem because even if the network is secure and the exit node is not compromised, all the content that you produce, any site-based communication like PMs or email are completely visible to the server's operators. Also remember that SR/SR2 operates as an escrow agent for BTC transactions. Users deposit BTC into their account and SR/SR2 is wholly responsible for anonymizing the transaction to protect the wallet addresses for the involved parties.
edit on 7-11-2013 by theantediluvian because: (no reason given)
I'm sorry, but ordering illegal items off the internet (even through TOR) is just dumb and asking for trouble. I like my freedom a bit to much to
touch TOR with a ten foot pole. TOR is painfully slow anyway.
And yes, absolutely the FBI has numerous "honey pots" to catch people ... and it wouldn't surprise me at all if they were behind this latest development. People are generally really stupid and have a very short memory.
"Oh look, it's back up! Sign me back up for that!" *eye roll*
And yes, absolutely the FBI has numerous "honey pots" to catch people ... and it wouldn't surprise me at all if they were behind this latest development. People are generally really stupid and have a very short memory.
"Oh look, it's back up! Sign me back up for that!" *eye roll*
MystikMushroom
I'm sorry, but ordering illegal items off the internet (even through TOR) is just dumb and asking for trouble. I like my freedom a bit to much to touch TOR with a ten foot pole. TOR is painfully slow anyway.
And yes, absolutely the FBI has numerous "honey pots" to catch people ... and it wouldn't surprise me at all if they were behind this latest development. People are generally really stupid and have a very short memory.
"Oh look, it's back up! Sign me back up for that!" *eye roll*
Exactly. Even if the communication was secure and the site operators were honest, you still face the problem of anonymous vendors to whom you'll have to at least provide an address to receive your purchase. An interested agency wouldn't even need to conduct an undercover operation, they could just make up a vendor, complete a number of successful transactions to build up community trust (think gun walking) and then let people blindly provide the information leading to their own arrests. There's a reason traditional black markets aren't anonymous.
Even looking at how they caught silk roads, it all came down to one thing.
Stupidity, the man used his real name and frequented the same cafe to access it.
And like all stupid criminals he got caught.
So for all the Feds bluster about this case and how clever they where at catching him, the truth as with most criminals is he let himself be caught through stupid actions.
I'm not advocating anything, just saying it wasn't as clever of a bust as they let on.
Eta: unsecured wifi + foreclosed housing address + dedicated tor device(only used for tor)
Those three things and this man would of never been caught.
Site might of been taken but he could of been free.
Stupidity, the man used his real name and frequented the same cafe to access it.
And like all stupid criminals he got caught.
So for all the Feds bluster about this case and how clever they where at catching him, the truth as with most criminals is he let himself be caught through stupid actions.
I'm not advocating anything, just saying it wasn't as clever of a bust as they let on.
Eta: unsecured wifi + foreclosed housing address + dedicated tor device(only used for tor)
Those three things and this man would of never been caught.
Site might of been taken but he could of been free.
edit on 7-11-2013 by benrl because: (no reason given)
reply to post by benrl
Never know man, did you read his credentials?
Hes obviously smart, but that doesnt translate to criminal behavior. I think he could have been smart enough to make someone else a patsy.
I mean 150 mill right now?
Never know man, did you read his credentials?
Hes obviously smart, but that doesnt translate to criminal behavior. I think he could have been smart enough to make someone else a patsy.
I mean 150 mill right now?
onequestion
reply to post by benrl
Never know man, did you read his credentials?
Hes obviously smart, but that doesnt translate to criminal behavior. I think he could have been smart enough to make someone else a patsy.
I mean 150 mill right now?
Ive certainly thought of that as well...
From reading how he got caught, it would seem too easy.
Im sure I could pay someone to take a device to one spot every few weeks, use remote desktop and do what I needed...
I could easily see something like that working.
reply to post by benrl
I read in more than one story that he was tracked down from this question at Stack Overflow which seemed really fishy to me. Here's the the FBI complaint and from what I'm reading, they were searching for the earliest talk about Silk Road on the various bitcoin/cryptocurrency forums and the earliest mentions looked like spam posts from a new user account "altoid" intended to drum up interest in the site. From here, they just searched through "altoids" posts until they found one expressing interesting in hiring devs for a new .onion site that would taking BTC.
Take a look at item #38 of the complaint, this is what I think was what caused them to first turn their attention to Ross Ulbricht.
From there they found his linkedin, Google+, etc. The Stack Overflow is referenced far later in the part of the investigation summary detailing the confirmation of his identity as DPR. My guess? Some (or maybe all) of this evidence was collected after they'd zeroed in on their suspect and they are omitting aspects of the intelligence gathering to protect either a source or a means of data collection that they don't want to burn.
I read in more than one story that he was tracked down from this question at Stack Overflow which seemed really fishy to me. Here's the the FBI complaint and from what I'm reading, they were searching for the earliest talk about Silk Road on the various bitcoin/cryptocurrency forums and the earliest mentions looked like spam posts from a new user account "altoid" intended to drum up interest in the site. From here, they just searched through "altoids" posts until they found one expressing interesting in hiring devs for a new .onion site that would taking BTC.
Take a look at item #38 of the complaint, this is what I think was what caused them to first turn their attention to Ross Ulbricht.
The posting directed interested users to send their response to "rossulbricht at gmail dot com" - indicating that "altoid" uses the e-mail adddress "[email protected]" (the "Ulbricht Gmail Account").
From there they found his linkedin, Google+, etc. The Stack Overflow is referenced far later in the part of the investigation summary detailing the confirmation of his identity as DPR. My guess? Some (or maybe all) of this evidence was collected after they'd zeroed in on their suspect and they are omitting aspects of the intelligence gathering to protect either a source or a means of data collection that they don't want to burn.
I did read about silkroad.com being shut down and the owner being arrested. But what surprised me was how this site existed in he first place. Didn't
even know it existed. Selling whatever drug in existence online? How?
Now i see these things about TOR, and .onion. I have no idea what these things are. I'm computer competent, and that's it.
But this silkroad.com popping right back up is an obvious trap. And this trap will be set off alot.
Buying drugs off the internet. Wow...
Now i see these things about TOR, and .onion. I have no idea what these things are. I'm computer competent, and that's it.
But this silkroad.com popping right back up is an obvious trap. And this trap will be set off alot.
Buying drugs off the internet. Wow...
Of course not. That would be like saying ATS is solely for disinfo, cointel, and cognitive infiltration.
new topics
-
What is the white pill?
Philosophy and Metaphysics: 52 minutes ago -
Mike Pinder The Moody Blues R.I.P.
Music: 1 hours ago -
Putin, Russia and the Great Architects of the Universe
ATS Skunk Works: 4 hours ago -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order: 9 hours ago
top topics
-
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 14 hours ago, 33 flags -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order: 9 hours ago, 18 flags -
Is AI Better Than the Hollywood Elite?
Movies: 16 hours ago, 4 flags -
Mike Pinder The Moody Blues R.I.P.
Music: 1 hours ago, 4 flags -
What is the white pill?
Philosophy and Metaphysics: 52 minutes ago, 3 flags -
Putin, Russia and the Great Architects of the Universe
ATS Skunk Works: 4 hours ago, 2 flags -
Maestro Benedetto
Literature: 16 hours ago, 1 flags
active topics
-
Mood Music Part VI
Music • 3109 • : TheWoker -
Candidate TRUMP Now Has Crazy Judge JUAN MERCHAN After Him - The Stormy Daniels Hush-Money Case.
Political Conspiracies • 791 • : matafuchs -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News • 22 • : xuenchen -
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies • 28 • : TzarChasm -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues • 64 • : DBCowboy -
So this is what Hamas considers 'freedom fighting' ...
War On Terrorism • 263 • : ToneD -
What is the white pill?
Philosophy and Metaphysics • 1 • : Astyanax -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order • 21 • : MetalThunder -
Truth Social goes public, be careful not to lose your money
Mainstream News • 133 • : Astyanax -
New whistleblower Jason Sands speaks on Twitter Spaces last night.
Aliens and UFOs • 70 • : baablacksheep1
12