Shared publicly  - 
 
This new paper is interesting. It suggests that the Silk Road servers could be de-anonymized for a cost of around $11,000 and they measure its popularity as being around 15,000 users per day. What's more, the attacks they discuss are difficult to block.

Onion networks are a fundamentally hard problem. If I were the operator of the Silk Road, this paper would be keeping me awake at night. Without a doubt most police forces are not capable of doing this kind of research themselves. However they are quite capable of hiring some contractors to carry out these attacks now how to do it was described in detail.
9
1
Mike Hearn's profile photoArto Bendiken's profile photoDanny Brewster's profile photoRoland Kofler's profile photo
10 comments
 
I just quickly glanced the paper, and I am not an expert on the topic. However from what I understand, they can get the IP address, but I don'ät see that as a big issue. The servers are probably rented with bitcoins from anonymous providers. The service can also probably be transferred pretty easily to another server. Also when the physical server is seized, a sane strategy would be to encrypt everything.

Of course, mistakes are still easy to do, and it might be that such a high-profile services will be busted sooner or later, whatever happens.
 
Haven't read the paper in full but it sounds awfully similar to previous papers on vulnerabilities on the TOR network through controlling a large number of rogue servers to strip the data and see where it is being routed too. Sounds like old vulnerabilities that were previously addressed.
 
Similar in concept but the details at different. Definitely fresh vulnerabilities. I think finding the underlying server would be a pretty big deal for law enforcement. I bet you that most trades on that site aren't really using pgp, so I bet you could round up a whole bunch of dealers at least. After all if just renting a server with bitcoins was enough then they wouldn't bother with tor.
 
I'm sure they use Dreamhost which is invite only (invites can be purchased) and the only breach in Dreamhost I recall is when a faction claiming to be "Anonymous" took some child porn sites offline. That attack was through DOS which caused the webserver to leak the IP address and then began to scan the actual server for vulns. (I'm going from memory here so excuse any errors) I'm sure that most things are encrypted before they hit the database on Silkroad but then again, if the keys are within the php files....
 
There were some usability studies of PGP years ago. It was an epic fail, almost none of the test users were able to correctly set up end to end encrypted communications. For example, some users accidentally e-mailed the private key instead of the public key. So I would imagine that a lot of the users on the silk road are either not bothering because they believe it is infallible or using it wrong in some way.
 
Which brings the same issues as any security related matter, a system is as only strong as the minds that created it and those that use it.
 
Users are not probably encrypting much, but I would guess the sr operator would be pretty paranoid and encrypt everything in a way that the key is stored in-memory. Of course hard to know.
 
If I was a cop then I'd prefer to pick up a lot of dealers and buyers than spend all my time chasing DPR. If silk road goes down then the punters would just move to a copycat site, it'd probably only take a few days. If you send a message that the users can't ever be sure they're safe then it'd have a much longer lasting impact.
 
After some reading DPR could and most probably has a list of trusted entry notes listed in his torrc file. That would essentially discard any entry attempts from the attackers servers.

EDIT - Read Prof7Bit theory on the reddit link to here
Add a comment...