Was the Cyber-Sleuthing FBI Used to Track Down Silk Road’s Servers Legal?
Until recently, the FBI was vague about the investigation’s details.
The downfall of the multibillion-dollar online drug market known as Silk Road was due to a simple programming error that allowed the FBI to glean the whereabouts of its servers. That’s according to a document filed last week by the FBI in the case against Ross Ulbricht, the suspected creator of the multibillion-dollar online drug market. Ulbricht was arrested in October in a San Francisco public library, accused of being the man behind the online nom de guerre Dread Pirate Roberts, Silk Road’s founder and operator.
Until recently, the FBI was vague about the investigation’s details. Here’s what we knew: agents somehow traced the Silk Road to its home on a rented server in a datacenter in Reykjavik, Iceland. They requested, and received, the computer’s data from the Reykjavik police. The data led the FBI to a backup server in a Pennsylvania datacenter, and the agency got warrants to search this server. The last search took place Oct. 1, the day before Ulbricht’s arrest.
The question is whether the FBI’s discovery and subsequent search of Silk Road’s servers was legal. In a pretrial motion filed in August, Ulbricht’s lawyers argued that searches performed throughout the investigation violated his Fourth Amendment rights prohibiting unreasonable searches and seizures.
Silk Road was accessible only at a special web address reachable via theTor browser, which is designed to preserve the anonymity of its users by redirecting network requests all around the world, making them difficult to trace. Tor is used by political dissidents, whistleblowers, and privacy-conscious individuals wary of internet surveillance. It also is a haven for illicit web services like Silk Road.
Ulbricht has accused the FBI of using illegal, secret NSA tools to break Tor. To many, the claim seems plausible: documents released by Edward Snowden revealed that the National Security Agency has investigated whether the anonymity provided by Tor could be cracked open, though at the time the agency concluded it was impossible in most cases.
The FBI’s court filing rebuffs Ulbricht’s contention, saying his calls for an examination of the NSA’s alleged involvement “amount to a pointless fishing expedition aimed at vindicating [Ulbricht's] misguided conjecture about the NSA being the shadowy hand behind the Government’s investigation.”
According to the FBI, Ulbricht revealed his identity by accident: under certain conditions, Silk Road leaked its real, non-anonymous IP in the data that passed through the Tor network. Investigators coaxed out the data using a process called “fuzzing,” which involves feeding unexpected input to a website with the hope that it trips and coughs up information.
Ulbricht’s best shot at a successful defense might be to fight against the fuzzing—some believe that the technique is akin to hacking, and could be deemed illegal. But if all the evidence against Ulbricht, however it was compiled, is allowed to stand, he faces an uphill battle. Ulbricht’s trial is scheduled to begin Nov. 3 in federal court in New York.
Reprinted with permission from Quartz. The original story can be found here.