1/12/2024 0 Comments Fbi slik road![]() ![]() And that early May date matches up with a footnote in the FBI's statement that mentions an earlier "leak" of the Silk Road's IP address. Just a month earlier, Cubrilovic points out, a Reddit user had posted that he or she had found a vulnerability that would allow a similar attack in the Silk Road's login page. "There's definitely something missing here." "The way describe how they found the real IP address doesn’t make sense to anyone who knows a lot about Tor and how web application security works," Sandvik says. If some element of the site were accessible through a direct connection, that would represent a significant flaw in Tor itself-a well-funded and frequently audited piece of open source software-not a mere misconfiguration in the Silk Road. And that would mean all of it was accessible only through Tor's network of obfuscating bounced connections. She says the Silk Road's CAPTCHA was hosted on the same server as the rest of the Silk Road. Instead, they say that a software misconfiguration meant the CAPTCHA data was coming directly from a data center in Iceland, the true location of the server hosting the Silk Road.īut that account of the discovery alone doesn't add up, says Runa Sandvik, a privacy researcher who has closely followed the Silk Road and worked for the Tor project at the time of the FBI's discovery. According to Tarbell's somewhat cryptic account, the two agents entered "miscellaneous" data into its login page and found that its CAPTCHA-the garbled collection of letters and numbers used to filter out spam bots-was loading from an address not connected to any Tor "node," the computers that bounce data through the anonymity software's network to hide its source. Then on Friday, the prosecution fired back with a memo claiming that the FBI's investigation had been entirely legal, accompanied by an FBI statement explaining how the server was found.Īs bureau agent Christopher Tarbell describes it, he and another agent discovered the Silk Road's IP address in June of 2013. In a motion filed last month, the defense argued that discovery may have represented a search without a warrant and an illegal violation of Ulbricht's privacy. They read the FBI's statement differently: as a carefully worded admission that it didn't knock on the Silk Road's door so much as hack its way in.Īs the trial of alleged Silk Road creator Ross Ulbricht approaches, his defense has focused on how the government initially discovered the Silk Road's server in Iceland, in spite of the site using the anonymity software Tor to hide its physical location. The bureau's latest court filing in the case describes how the hidden site accidentally revealed its location to anyone who visited its login page, thanks to a software misconfiguration.īut the technical side of the security community, who have long tracked the dark web's experiments in evading law enforcement, don't buy that simple story. To hear the FBI tell it, tracking down the secret server behind the billion-dollar drug market known as the Silk Road was as easy as knocking on a door. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |