[tor-talk] Silk Road taken down by FBI
mirimir at riseup.net
Thu Oct 3 23:42:25 UTC 2013
On 10/03/2013 10:54 PM, Roger Dingledine wrote:
> On Thu, Oct 03, 2013 at 08:58:57PM +0000, mirimir wrote:
>> So they did have the server before they knew who he was.
> Careful there -- while I assume they didn't lie in their affidavit, it's
> quite reasonable to assume that they investigated all sorts of things,
> all sorts of ways, and then afterwards chose to write down exactly the
> set of facts that when lined up in the correct order makes it look like
> a clean solid case.
> It's a slippery slope from there to 'parallel construction', but I think
> it's standard practice to start with some leads and use them to find
> more solid facts, and it's also standard practice to not mention all
> your leads in your affidavit.
Yes, those are good points.
> To be more concrete, their job here is to link the guy to the website.
> So if they had a pretty good idea of who the guy was, but not enough
> evidence to bust him, it makes sense to me that they would go find one
> of the servers, collect all the evidence they can from it, and hope
> to find something specific that points back at the guy. And who knows,
> maybe they did that several times before they found something they liked
> enough to build a case from it.
> Your theory that "he was sold out by one of his administrators" also
> fits fine here -- the administrators pointed to the guy but then they
> needed to build a solid-looking case.
Well, given that he was apparently plotting to kill one of them, it does
seem that employee management wasn't one of his strong suits ;)
>> We also knew
>> that he was sold out by his VPN provider. Hopefully, the identity of
>> that VPN provider will come out soon.
> Why? So everybody can abandon that VPN and move to a different one that
> also responds to subpoenas but hasn't been written about in a high-profile
> court case yet? :)
Every little bit helps in the "Who can we least trust?" department ;)
I do love the "zero knowledge" distributed-trust model in onion routing
networks. I've played at approximating that by chaining/nesting multiple
VPNs, but it's static, and route switching would be unworkably
complicated and expensive. But it's OK to nave multiple tools.
More information about the tor-talk