Tor: Still Probably a Honey Pot

At the moment there is a popular narrative surrounding the arrest and prosecution of the Silk Road's operator Ross Ulbricht that begins with sloppy OpSec and ends with lulzy High School murder for hire drama. between him and Federal Agents. I've covered the Silk Road Closing before.

Today in the Guardian Bruce Schneier has an article on how thoroughly the NSA has the Tor network owned. It goes all of the way to the Tor Foundation's "Official Browser Bundle."1 When put together with the reports from August that the DEA will coordinate with other law enforcement agencies to recreate investigations with the appearance of legal legitimacy using intelligence collected by the NSA and other agencies in the name of "National Security."

It looks like Ulbricht's biggest operational security mistake was in trusting the Tor network to work as advertised. As always kids, remember to secure your message as the channel it is travelling through is probably hostile.

  1. Not linked because I try not to link to malware  

4 thoughts on “Tor: Still Probably a Honey Pot

  1. The conclusion is probably correct. While the DEA indictment unsealed in response to that one BitBet is well written, probably factual and likely to sink the guy, the earlier FBI indictment was an atrocious laughingstock clearly penned out of goose hairs and horse feathers. The "rookie goofs" are in all likelihood either fictitious or in any case discovered after the fact. The actual meat of the investigation was probably provided, secretly, by the NSA through its officially denied but otherwise certain access to all Tor data.

    • Yeah. From what I've been reading it seems the big challenges the NSA has would involve people needing to find those rookie goof. I imagine FBI detective work could have probably found and identified some like the stack exchange post, but that wouldn't be enough for warrants and building a case. Even the Ars Technica article noticed vague "leaps" in the case going through the official narrative.

      I'm rather interested in seeing what "No Such lAbs" can create.

  2. Pingback: On the Difficulty of Securing Channels | Bingo Blog

  3. Pingback: Bloomberg and Bitcoins | Bingo Blog

Leave a Reply

Your email address will not be published. Required fields are marked *