Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Takedown of Silk Road’s Dread Pirate Roberts Not About Internet Privacy

    By
    Sean Michael Kerner
    -
    October 4, 2013
    Share
    Facebook
    Twitter
    Linkedin

      The Dread Pirate Roberts isn’t just the fictional name of a movie character from the classic 1987 film The Princess Bride; it’s also the alias for an alleged criminal mastermind who has now been arrested for operating the illegal goods Silk Road Website.

      While the Silk Road site was hidden in the bowels of the Internet under the cloak of anonymity provided by the Tor onion router project, the shutdown spearheaded by the U.S Federal Bureau of Investigation (FBI) did not involve a technology breach of Tor.

      According to the FBI’s criminal complaint, Silk Road operated from January 2011 until September 2013, with Ross Ulbricht, also known as “Dread Pirate Roberts,” allegedly violating U.S narcotics laws selling drugs and other banned substances. The FBI also alleges that Silk Road provided a platform for selling “illicit goods and services, including malicious software designed for computer hacking, such as password stealers, keyloggers and remote access tools.”

      Tor

      The way that “Dread Pirate Roberts” was able to stay hidden from the law with Silk Road was by way of what the FBI complaint calls an “online criminal marketplace outside the reach of law enforcement or governmental regulation.” The way Silk Road did that was by operating on the Tor onion router network. Tor provides a system by which traffic can be anonymized by going through multiple “onion” routers, with each layer providing an additional layer of abstraction. According the FBI complaint, the use of Tor made it “practically impossible” to physically identify where Silk Road actually was located.

      Going a step further, Silk Road uses bitcoins as its currency for transactions. Bitcoins are a form of peer-to-peer currency that is generated online and is difficult to trace.

      “In order to access the Silk Road website, a user need only download Tor browser software onto his computer and then type in Silk Road’s .onion address in the user’s Tor browser,” the FBI complaint stated.

      Kevin O’Brien, enterprise solution architect at CloudLock, told eWEEK that the FBI’s description of the Tor piece of Silk Road isn’t quite accurate.

      “The .onion address is a descriptor, which allows a Tor client to connect to a service such as the Silk Road Website indirectly via the Tor network, without ever knowing the actual IP address of the service itself,” O’Brien said. “There are some additional components involved, but in essence, Tor is about indirection, and .onion addresses are the mechanisms of indirect routing used to provide this functionality.”

      The takedown of Silk Road is also not a reflection of any particular flaws in the privacy that Tor aims to provide.

      “While we’ve seen no evidence that this case involved breaking into the webserver behind the hidden service, we should take this opportunity to emphasize that Tor’s hidden service feature (a way to publish and access content anonymously) won’t keep someone anonymous when paired with unsafe software or unsafe behavior,” the Tor Project wrote in a blog post. “It is up to the publisher to choose and configure server software that is resistant to attacks.”

      O’Brien noted that the mechanism through which the FBI traced the Silk Road network back to its maintainer is fairly prosaic: It ordered illegal goods, gathered a chain of information about both the physical vendors shipping those goods as well as the systems that were involved in the payment processing, and then obtained access to those systems for further forensics.

      “The weakest link was in the physical goods being transmitted,” O’Brien noted. “By tracing shipments from those vendors, a particular shipment to Ulbricht was tagged and traced, and the forged identification papers being used to obtain more servers allowed the rest of the activity to be unraveled.”

      Ulbricht (“Dread Pirate Roberts”) also had posted various pieces of information publicly that led investigators to his front door. In O’Brien’s view, simply using Tor for connectivity appears to still be fairly “safe” from the perspective of avoiding tracing.

      “However, merging real-world activities, like having goods sent to a physical address with Tor activity, allows an interested authority or third-party to, over time, triangulate a pattern of behavior and a specific user,” O’Brien said. “What cracked the Silk Road case for the FBI was essentially traditional detective work, rather than a fundamental security flaw in Tor.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×