[tor-talk] Silk Road taken down by FBI
The Doctor
drwho at virtadpt.net
Thu Oct 3 19:25:23 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/03/2013 01:49 PM, Ahmed Hassan wrote:
> One question is still remain unanswered. How did they locate
> Silkroad server before locating him? They had full image of the
> server before his arrest.
Not sure. One hypothesis (and that's all it is - a hypothesis) is
this: The Silk Road may have been running on the same machine as a Tor
router and not a client. Finding the set of all Tor routers is
trivial. So, hammer on the hidden service while watching for
bandwidth utilization to go up on the Tor routers that you can surveil
to see which ones seem to respond appropriately. Pick away the
rendezvous nodes because they don't originate tunnels (they're not
clients). If the Tor router is running on a server or in a VM hosted
at a provider that could be subpoena'd or strongarmed, forensic images
of same could be acquired.
- --
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/
Activate interlock! Dynotherms connected! Infracells up! Megathrusters
are go!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlJNxKMACgkQO9j/K4B7F8FDXgCePij/M/LQr/aMNsSVoErs+5pr
q0oAn0g18pYM16DhB+8h6CWS/clYcakF
=WLmf
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list