Payments Security

How to crack anonymous: The Silk Road story

How to crack anonymous: The Silk Road story. Image: Freepik
Written by Chris Skinner

The story of the capture of Silk Road founder Ross Ulbricht is explained by Chris Skinner, who considers its impact on digital wallet security and bitcoin.

For the past two months, Wired has published a detailed account of how the FBI, DEA and other US authorities tracked and traced Ross Ulbricht, the libertarian founder and owner of Silk Road. For those who haven’t heard of it, Silk Road was the notorious website that exploited the Darknet to sell illegal goods and services. Primarily a site for ordering drugs, the preferred payment method was bitcoin and the preferred modus operandi was torrent. It’s a fascinating story and demonstrates the libertarian versus statist standoff.

Ross Ulbricht, founder of Silk Road. Image: Liam Murphee, Flickr Creative Commons

Ross Ulbricht. Photo: Liam Murphee CC

The libertarian versus statist movement is an active one and, again, for those who haven’t encountered it, is led by many bitcoin activists. The bitcoin activists claim they have invented money without government, and believe that society should be free to operate as it wants. If people want to exchange drugs, paedophilia or organize terrorist activities, this is a lifestyle choice and people should be allowed to do just that. The view being that if these activities are viewed by the collective as inappropriate, the collective will choose to shut it down rather than the government.

Obviously, some of us would see this as an extreme view, as the very fact of allowing terrorist funding, child pornography or drugs to be freely traded through the net is undesirable for many. Nevertheless, the libertarians have a view.

Ross Ulbricht was a libertarian. This is illustrated often in the Wired article:

He’d come to see taxation and government as a form of coercion, enforced by the state’s monopoly on violence. His thinking was heavily influenced by Austrian economist Ludwig von Mises, a totem of the modern American libertarian orthodoxy. According to von Mises, a citizen must have economic freedom to be politically or morally free.

Therefore, Silk Road was created as a service unconstrained by statist intervention and was completely impervious to interference, because it was totally anonymous. Or so he thought. This is the really interesting aspect of the article. It traces the investigation to find Ulbricht, and what’s most interesting are the developments along the way.

 Warning – spoilers ahead! If you want to read the article without knowing the headlines, click here now.

The law of the Silk Road

There were two key factors in these developments that led to Ulbricht’s arrest: perseverance and arrogance. Perseverance is best illustrated by the DEA special agent Carl Mark Force IV, who spent more than a year socially engineering access to Ulbricht through the torrent chat rooms. The weirdest part of this is that Ulbricht eventually asked Force to execute one of his employees, who had been arrested by US authorities.

DPR (Ross Ulbricht) had momentarily wrestled with his decision. He had talked to Inigo about how he just wishes the best for people, and loves them in the libertarian spirit, but ultimately concluded that his AWOL employee had become too much of a liability. And so, DPR’s principled, technological stand against the war on drugs slid into murder. Like so many revolutionaries before him, the idealist became an ideologue, willing to kill for his beloved vision. This action wasn’t revenge – it was justice; a new justice, according to the law of the Silk Road. It’s interesting to see how fast libertarians can fall from being drug providers (pushers?) into murderers.

The second aspect of the article that was intriguing is the arrogance of Ulbricht.

A user posted a warning that Silk Road’s IP address was ‘leaking’, and was visible to other computers. Ross had been alerted to the problem by a user, but ignored the warning. Silk Road’s success was making Ulbricht arrogant. He had let down his guard, confidently telling colleagues that the site would never be found.

It was the leaky IP address that gave the DEA their big break. From that IP address, they found the server and from that server, all the communications across the Silk Road community. If they hadn’t found the server, the case would have been thwarted. And there’s the rub: If Ulbricht had been a more professional programmer and had less arrogance, Silk Road would probably still be running today. Tor technologies are completely anonymous, and bitcoin payments cannot be traced easily.

Tor may be near-anonymous, but bitcoins aren’t

Just to clarify on these two points: Tor (The Onion Router) was developed by the US Navy in the 1990s with the aim of protecting US intelligence communications online. After its release and subsequent enhancements since 2002, it’s become the preferred network for drugs, fraud and other illicit activities, as it allows users to browse the web almost completely anonymously. Tor achieves this by directing internet traffic through a free, worldwide, volunteer network consisting of more than 6,000 relays to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis. This is the basis of the Silk Road, and was the reason why Ulbricht believed his anonymity was bulletproof. And it would have been had he patched the leak of the IP address, as advised by his user.

Because users have to reveal their identity in order to receive goods and services, bitcoin addresses cannot remain fully anonymous
Equally, Tor may be near-anonymous, but bitcoins aren’t. All bitcoin transactions are public, traceable, and permanently stored in the bitcoin network. Bitcoin addresses are the only information used to define where bitcoins are allocated and where they’re sent. These addresses are created privately by each user’s wallet. However, once addresses are used, they are then associated with the history of all of the transactions they’re involved with, so anyone can see the balance and the transactions of any address, and as users usually have to reveal their identity in order to receive goods and services, bitcoin addresses cannot remain fully anonymous. For these reasons, bitcoin addresses should only be used once, and users must be careful not to disclose their addresses by, for example, using multiple wallets for different purposes. Doing so allows the user to isolate each of their transactions in such a way that it’s not possible to associate them all together. People who send you money cannot see what other bitcoin addresses you own and what you do with them.

Nevertheless, having covered the two points above, what should concern the FBI, DEA, authorities, you and me is that if someone copied the example of the Silk Road and wasn’t arrogant, plugged the holes that the amateur Ulbricht used, employed professional programmers, then the Darknet libertarian dream of ‘money without government’ and ‘exchange without controls’ could be realized.

This article is reproduced with kind permission. Some minor changes have been made to reflect BankNXT style considerations. You can read the original article here.

About the author

Chris Skinner

Chris Skinner is an independent commentator on the financial markets through the Finanser, and chair of the European networking forum the Financial Services Club, which he founded in 2004. He is an author of numerous books covering everything from European regulations in banking through to the credit crisis, to the future of banking.

Leave a Comment