Yesterday, we reported that that
the FBI had taken down UT Grad Ross Ulbricht and his enormous online
marketplace for just about all illegal products and illegal services. The federal government has filed a criminal
complaint against him, and in the papers, revealed the stupid – I mean really
stupid – mistakes that caused the downfall of his “onion routing” system.
Ulbricht doesn't seem so smart after all |
By now, we all know that the
feds, and particularly the NSA monitor computer traffic. The FBI and portions of the Postal Inspector
Service monitor online message boards for kiddie porn. What most people
probably didn’t know, and Ross Ulbricht seemingly didn’t know, was that the FBI
was monitoring Stack Overflow, an online programmer web-board where programmers
help each other with thorny questions.
In March 2012, Ulbricht got on
Stack Overflow and asked two questions. As reported by Slate: According to the criminal complaint against Ross William Ulbricht, the
man who allegedly ran the vast online drug marketplace from his San Francisco
apartment, he ventured humbly onto the site in March 2012 to ask a couple of
friendly questions. The first one, it seems, was relatively innocuous, if a bit unorthodox. But a second
query struck FBI investigators as rather incriminating, in retrospect: “How can I connect to a Tor hidden service using curl in php?”
the user asked. Silk Road is, of course, a Tor
hidden service—perhaps the world’s most famous one at that.
What’s dumber is that Ulbrigcht
used his real name in the query. Then,
perhaps after a facepalm and much cursing, changed his username to “frosty.” Dumber still is that the encryption key on
the Silk Road server ended with the substring frosty@frosty.
The FBI then did what it does,
sat back and saw what was going on, who was doing what and very likely built
cases against lots and lots of other people and organizations, perhaps putting
pressure on other programmers associated with Silk Road to explain the onion
routing tor system (which they understood when they were able to locate
Ulbricht when the arrested him) until they were ready to take Ulbricht down.
So, two stupid mistakes, a year
and a half later and Ulbricht likely thought he was in the clear, and all the
while, the feds were building cases against him and others.
See full story at Slate: http://www.slate.com/blogs/future_tense/2013/10/02/silk_road_s_dread_pirate_ross_ulbricht_asked_stack_overflow_question_under.html
No comments:
Post a Comment