Slashdot Mirror
Feds Say NSA "Bogeyman" Did Not Find Silk Road's Servers
An anonymous reader writes The secret of how the FBI pinpointed the servers allegedly used by the notorious Silk Road black market website has been revealed: repeated login attempts. In a legal rebuttal, the FBI claims that repeatedly attempting to login to the marketplace revealed its host location. From the article: "As they typed 'miscellaneous' strings of characters into the login page's entry fields, Tarbell writes that they noticed an IP address associated with some data returned by the site didn't match any known Tor 'nodes,' the computers that bounce information through Tor's anonymity network to obscure its true source. And when they entered that IP address directly into a browser, the Silk Road's CAPTCHA prompt appeared, the garbled-letter image designed to prevent spam bots from entering the site. 'This indicated that the Subject IP Address was the IP address of the SR Server,' writes Tarbell in his letter, 'and that it was "leaking" from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor.'"
... as long as there is no resourceful federal agency trying to get you.
Linux is for people who don't mind RTFM.
In other words: perjury, but you can't prove it.
Could someone elaborate on how a captcha would leak an IP address? They weren't using something like re-captcha were they?
At least that is what they are saying...
I think you misunderstand something. It doesn't matter if they are lying through their teeth when they say that. Because they claim it to be true, we can use that as further justification that the NSA's mass-surveillance hasn't done squat.
Two words: parallel construction.
No, we can't. That's not what they claim NSA mass surveillance is for. This is an FBI investigation. Law enforcement, that is.
The NSA shouldn't be involved, and the claim is that they weren't.
Back in 2006 it was already out that the NSA was sharing information with the FBI among others:
http://www.washingtonpost.com/...
With multiple leaders of the U.S. intelligence apparatus having been caught lying under oath, we'll never know. One of the techniques is for the NSA to pinpoint something then the FBI look at the target and find something else they can label as the "reason" they found out about it.
At this point, because of our government's shortsighted decision's (Bush/Obama) to pursue and institute a surveillance state (ala East Germany), we'll never know what the story was here and have to take any claim from the Feds with a huge dose of skepticism.
https://www.nikcub.com/posts/a...
If you still believe that the server was discovered in the way the FBI described it - try it. I did. I setup a virtual machine with a web server running a Tor hidden server. I then accessed the hidden server over Tor and looked at the traffic. No matter how much I intentionally misconfigured the server, or included scripts from clearnet hosts, I never observed traffic from a non-Tor node or a "real" IP address.
Right, they got the data illegally, seized the servers, then examined them for a vulnerability they could have used to legally seize them and claimed that was the source.
You need the link to wikipedia so the regular folk know what youre talking about
parallel construction
But there is nothing you, the citizen, can do about it.
Recently there was this story about NSA guys leaking Tor bugs to devs and suggesting changes to "improve" Tor's design:
http://yro.slashdot.org/story/...
I vividly remember that Snowden's documents said that NSA tries to influence Tor's design, being unable to actually break it. This might be a way of doing it: they pretend to be "good guys" and suggest changes that, while removing purely theoretical vulnerabilities, actually open the doors to more serious ones.
I hope Tor developers aren't so foolish to follow those "suggestions".
Comment removed based on user account deletion
Parallel construction is a farce and has no place in a legal system. The defendant is being intentionally lied to and thus unable to defend themselves. If you can not say how you got the info they should not be able to use it. Same goes for confidential informants. The people the NSA should be spying on are supposed to be dealt with via the CIA aka outside of the country assassinations.
No sir I dont like it.
Stick a php_info in your code or something equivalent. I don't believe the FBI was claiming that they received traffic from a non-tor IP, but rather that they received an IP address somewhere in the data sent over tor.
Nothing in tor prevents you from sending your name, address, and social security number in the html of a webpage that you serve. If I wanted to depend on a website remaining anonymous over tor I'd probably stick the entire thing on a private network (with private IPs) such that none of the machines ever contained identifying information (including traceable machine IDs or MACs/etc), heavily firewall it, and carefully control that nothing goes out except via tor. I'd treat every device on the network as if it were compromised and intentionally trying to communicate out every bit of data stored within, so it would be essential that none of these devices contain any information worth stealing.
Whether something is true or not matters little to the Slashdot hivemind, as long as it can feed the fires of perpetual outrage.
There is no reason whatsoever to believe this assertion. You're accepting it as fact for no reason. We call people like you a "useful idiot".
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
It's not about a server misconfiguration.
TOR connections are tunnels. You don't have to configure your webserver etc for TOR, your machine just has to behind a firewall etc that doesn't allow the traffic out (or really, a router that just doesn't NAT it in). The only way to access the webserver would be through the tunnel, so no TOR=no access.
I find it a bit hard to believe that a guy who is able to get one of the largest black-market enterprises running on a server/farm connected to an anonymous/decentralized network isn't smart enough to *not* give it a public IP and/or put the equivalent to a home internet router in front of it.
Tor makes you a target.
Stop spreading FUD. Documents leaked by Snowden confirmed that the NSA cannot break Tor, let alone the FBI. They can only rely on users' mistakes, like leaving javascript enabled for example.
If a defense attorney taught a jury about PC, then it would put the prosecution on the hotseat to prove his folks did not use it.
This seems an impossible task, unless folks trust the cops.
It would be unfortunate if PC backfires and results in releasing the bad guys it was intended to catch.
Which is why it was a dumb idea to break the rules in the first place.
> I find it a bit hard to believe that a guy who is able to get one of the largest black-market enterprises running on a server
Do you find it hardto believe that Paypal's engineers make significantly more obvious mistakes? They do, of course. The thing about crime, and security, is that you can do a hundred things just right, and be taken down by the one thing you missed. It's adversarial like sports, but unlike sports 47-2 is a losing score for the team who scored 47. Those two items on which you let the authorities score put you in prison.
How many sites out there are HTTPS but deliver some data via HTTP by mistake or oversight? Looks like that applies here too. Good job tracking this down. Plain old inspecting what your receiving and digging into it.
You need the link to wikipedia so the regular folk know what youre talking about
parallel construction
But there is nothing you, the citizen, can do about it.
Jury Nullification
It would be unfortunate if PC backfires and results in releasing the bad guys it was intended to catch.
Which is why it was a dumb idea to break the rules in the first place.
Yes absolutely correct. If the cops show themselves to be untrustworthy, then the whole law enforcement chain of evidence falls apart. This is the elephant in the room for the supreme court decision earlier this year, in which they ruled that police could stop and search somebody based on an "anonymous tip". And yet the law enforcement has been proven to sanction and encourage PC (part of the FBI docs earlier, in which LEOs got access to NSA data, was a manual saying the cops should use PC so they don't have to reveal the FBI/CIA program in court).
the situation is analogous to the poor dudes in gitmo. Everybody knows they're not terrorists, yet because they were seized illegally there's no way for the justice system to process them. but the military doesn't want to just set them free, because certain parts of the country and certain news channels would flip out. So they just sit in jail and wait, while becoming terrorists. wouldn't you?
The examples from the wiki describe situations where the initial source was legal, but protected. E.g., placing a sting in the path of a suspect on the word of a protected informant, then omiting the reason for their 'luck' in finding the suspect. Or e.g., withholding NSA wiretaps from DEA until the citizen or geography of the source is determined to be foreign (unethical, but not illegal).
In this case, they would be seizing servers (illegally), then searching them for a weakness to cover their asses, then lying to the judge about it(illegal), and hoping the logs agree with their probes (possibly revealing their lies), or altering them to match (illegal).
I might be naive, but I think the discovery of the IP source through the weakness in the captcha is totally plausible. I also think that Joe law enforcement officer doesn't want to end his career in disgrace over something like this.
So then why does anyone care if the FBI is lying about how they busted them? I mean, these same sort of illegal procedures are practiced at all levels of law enforcement, and yet when Tyrone gets busted for allegedly selling crack-cocain (conspiracy charges) no one cares.
I'm puzzled by this one. Surely all the justice system needs to do is say "The U.S. Constitution binds the actions of the U.S. government even outside U.S. territory" and then admit a writ of habeas corpus?
We have discovered so many lies from various LEAs and NSA about parallel construction (they even lie to judges and prosecutors) that it is impossible to believe them without iron-clad evidence at this point.
Perhaps they'd care to show us the code? Show us the log of the exploit? Bare assertions won't do.
Fair enough, but shouldn't the source of the data have been revealed during discovery phase to the defense?
That'd be one useless network though. If your devices have no information worth stealing - than what are they doing?
That's the problem with anonymity (and security in general). To be perfect, it's got to have no value.
In a more practical case like this one, I fully expect that administrators of those servers made one small mistake (more likely simply could not check every possible bit of code for information it may leak) and that was their downfall.
I find it a bit hard to believe that a guy who is able to get one of the largest black-market enterprises running on a server/farm connected to an anonymous/decentralized network isn't smart enough to *not* give it a public IP and/or put the equivalent to a home internet router in front of it.
People make mistakes all the time. Even smart people.
You've never made a mistake? Never missed a bug? Never misconfigured a system? Ever?
Do a hundred things right, and one thing wrong, and just guess which one will get caught.
http://www.geoffreylandis.com
But they were involved. Perhaps not in this specific part (and nobody was saying they were, although they most definitely did lend information to the FBI on how to go about this). They NSA, however, participated in attacks against Tor servers. They did this in two ways: first, they wrote and handled the malware that would get installed on visitor's computers, and secondly they operated the server that successful malware installations would communicate to. The FBI and CIA were only involved in actually initiating these kinds of attacks.
this is what Tails tries to do.
Really you could just run tor on a vm and then setup all client machines on the LAN to VPN into it. then set each client's firewall to drop any traffic to any interface except tun/tap.
You could also run dansguarian+squid on that tor vm to sniff for and catch reg-ex's that look like your public IP or PII.
Jury Nullification
The reality is that this almost never happens. And it will not happen in this case, where the "defendant" is not only accused of being a drug kingpin, but also of putting out "hits" on people he didn't like. He's not going to look good to a jury. Say what you will about drug laws, but this guy "allegedly" took substantial steps to murder people.
If you want news from today, you have to come back tomorrow.
as long as it can feed the fires of perpetual outrage
Well, winter will come soon; I have to keep myself warm somehow.
Ezekiel 23:20
There is a difference between no identifying information, and no information.
Rips of DVDs, for example, would be information - but they would not contain any identification other than the program used to make them, and the DVDs in question.
We're not talking about Joe law enforcement officer. We're talking about Joe FBI agent, a likely veteran of law enforcement who may have gotten the job precisely because he knows when to talk and when not to. If the FBI is the only source of information on exactly how the FBI detected the location of SR's servers, then it'd take someone in the FBI to leak that they're lying. And so long as they can create a plausible path of detection, preferably without having to modify the evidence servers, then there's really no one's career at stake.
The only implausible part in all this is SR's servers simply having no useful information leaks. And if they did, then the FBI could be truthful on those leaks being their method of detection. So, even if the defense has experts that detect those leaks... *shrug* Sadly, when one presumes the FBI is in bed with the NSA and will contrive the investigation to fit the evidence, the only thing you've got left is wondering is how plausible it would be for the FBI to know where to look. And if one presumes there are dogged FBI agents, then it's plausible if not probable that they're being truthful even if there's an obscure information leak.
In the end, I don't think it's a matter of naivity. It's just that for one who believes in conspiracies there's a plausible parallel construction on the FBI/NSA conspiring to engage in plausible parallel constructions.
It would be unfortunate if PC backfires and results in releasing the bad guys it was intended to catch.
Parallel Construction doesn't catch criminals. It hides criminal activity by the government. It is an institutionalized form of lying which isn't acceptable in our court system.
I am becoming gerund, destroyer of verbs.
They cared enough to use Tor but not enough to configure their firewall?
I'm puzzled by this one. Surely all the justice system needs to do is say "The U.S. Constitution binds the actions of the U.S. government even outside U.S. territory" and then admit a writ of habeas corpus?
well, that's the rub. there's no way to transfer the prisoners from gitmo to a regular prison, because if the justice department brought these people to a civilian court, the judges would laugh them out of court, give the defendants a condolence basket, and buy them a free ticket home. it's really hard to send them abroad, because all other countries have refused to take them and have responsibility for them. And Obama doesn't want to cut them loose - not in an election year! so these poor people, who everybody agrees are innocent, are stuck in in a military prison. Oh yeah, they also have restricted access to lawyers so it's hard for them to even defend themselves. way to go Obama.
all this being said, I never understood what a "writ of habeas corpus" meant.
Well, in their case they are running a storefront. That has a few components.
1. You need a searchable catalog of stuff that you are selling, and the ability to put together orders. That isn't too sensitive up until you checkout since your goal is to advertise the catalog anyway.
2. You need to be able to collect info on where to ship the goods. This is sensitive information if you don't want people figuring out who your customers are. You can't avoid collecting this info from your customers, but you could control storage of it. The first time somebody sets up an account you could collect info from them, but then you could take that data off the network and just reference their account number inside the network. As long as the customer sticks with the same delivery address and doesn't care that the order doesn't show it, then their info could be safe from compromise a few days after their first order.
3. You need to handle payment. Since they traded in Bitcoin this also could be done in a way that doesn't eliminate the risk of problems, but it does greatly mitigate it. For each transaction create a bitcoin account, and the tor-connected network can provide those details to the client so that they can make payment. At that point you can remove that data from the tor-connected network and move it elsewhere. That means that if somebody gets onto the network they can only get your bitcoin credentials for a few days worth of transactions, and future transactions going forward. Money would be moved out of those accounts into another set of accounts whose credentials were never at risk as soon as it was received, so if there were an attempt to seize funds it would be limited to accounts that only received funds recently.
All the order fulfilment can happen off of the tor-connected network. Getting data between the networks could involve sneakernet, or maybe even manual printing of paper orders. An operation like Silk Road is no doubt very high-margin, and I can't imagine that they can operate at high volume without risk of detection. So, a manual process where tor tells you ship 2kg of product A to customer 123 just means punching 2, A, and 123 into another application which prints out the shipping label - that system doesn't need to be attached to the internet. Dealing with bitcoin account numbers and credentials might be more of a pain, since they are long numbers.
You asshat troll. Juries DO THINK THIS WAY which is why they are "shown the proof and if there is proof then the jury considers him not looking good."
Now TOR (or whom ever) can fix it.
"If any question why we died, Tell them because our fathers lied."
Now put some flash on your website. something that does network connectivity and test again. there are plenty of stupid things to do with a web site. or have mole put these in a web site on purpose. please re-read what you need to disable to keep you anonymity. -shrugs-
You apparently also don't know that it was Bush and his lying cronies who put those people there in the first place, and it is those same lying cronies and their paid for shills that manufactured outrage and actually made it illegal for Obama to correct this situation that ignorant people now blame him for.
All of this to keep members of the Bush Administration out of jail themselves. Now, Obama's failed in a great many things. Refusing to prosecute the crimes of the fake terror warrior chickenhawks is one of the worst of them. Funny how we never hear that one listed though.
My understanding of TOR is that the server never sees the client's real IP address. That's the whole idea, right? Then how the hell can a misconfigured server send anything directly to an IP address it doesn't have?
I call BULLSHIT!
No, jury selection (which should be illegal) makes sure that juries do not think this way.
The only selection of a jury should be by means of an RNG. Preferably a low-tech one, like a bingo-ball cage. And audit the shit out of that thing on a regular basis. We don't want biased juries.
Lawyers. Queering the deal since... forever.
It was also congress that insists that they stay.
Honestly this whole blame the president is getting tiresome, this is a failure of the US government and all branches should be held accountable...our government is a embarrassment and there is no one side that is more embarrassing then the other..they are all corrupt cronies without a ounce of humanity to them.
Oh, I wouldn't just worry about flash. I'd assume that somebody I don't like is going to find an exploit in my webserver, and run arbitrary code on that host, and every other host it can reach via the network. All of this stuff has to run in a DMZ that contains no identifying information at all. That is certainly a challenge to do in practice.
For every lie NSA gets printed on the news...
The thing about writing the website or configuring the system to tunnel data through any kind of proxy/tor is that for every packet or http request or whatever you work with you have to EXACTLY specify what happens as in what comes in and what goes out, the lie is just too retarded.
I've made like a dozen network backends for different kinds of applications and progarms. I know.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
dude, chillax on this bush vs. Obama stuff. Obama has been leader of the free world for 6 years now. on day one he promised to close gitmo. we can criticize Obama for his failures, without caveating that with the failures from prior adminsitrations. history will judge GWB.
So is your theory that they first asked the NSA to locate the server, seized it by international cooperation by law enforcement, looked through the code for vulnerabilities and only then did they have some guys go to the site and try the login form?
Why would the NSA risk exposing this amazing intelligence tool to get a domestic drug dealer arrested?
In what world is that a simpler explanation than "the guy who asked Stack Overflow how to set up a Tor service using his real name, and who already exposed his server IP to users multiple times by misconfiguring the server, made another security blunder, and some IT guys from the FBI found it when investigating the site."
(I'm making an assumption that you're talking about illegal NSA surveilance, since that seems to be what is making people so eager to shout parallel construction that they'll do it even when it doesn't make sense.)
Where a group of FBI boffins are cheering, hooting and hollering about the find, and a group of NSA boffins, rolling their eyes and being coy, "Awe! Look at them, you'd think they just broke codes!".
The NSA and the feds are well known to do "parallel contruction", and you can be sure they won't tell you how they really did it if they have in their possesion an unknown secret security flaw. Why even consider trusting anything they say after it has come to light that they do "parallel-construction". We can't trust them anymore, whatever they say.
Silk road != Tor servers
I don't believe that the long-term op of Silk Road would be stupid enough to send his identifying information in the html of a wepage. They probably had other ways to do it and are leading everbody on as usual.
It's like you have no clue how jury selection works; and have only seen the movie Runaway Jury. Juries can vary in size, anywhere between 6-12 plus backups totaling about 15-30. Attorneys can only challenge the selection a set number of times. Most cases this is 3. So in a majority of cases at least one juror is completely untouchable by the attorneys (if you exclude the backup set).
"An operation like Silk Road is no doubt very high-margin, and I can't imagine that they can operate at high volume without risk of detection."
This sounds like someone thinks Silk Road is more like Amazon when in fact it is more like eBay than Amazon. So the volume of "Silk Road" depends on the number of sellers and the volume of each seller to the buyers. SR was (is) just a web site to connect buyers with sellers and it in itself does not do order fulfillment.
(And no, I haven't used it to buy or sell ever).
Check out https://openbazaar.org/ for a more decentralized version of eBay (or SR for that matter).
Obama has been leader of the free world for 6 years now.
And of America, too!
Is that like Plausible BS -- or am I using a too technical word here?
I always figured that the "illegally gained intelligence" whether it be to get rid of a politician or someone affecting the status quo, would be an "anonymous tip" or "via great sleuthing."
This great sleuthing never occurs if it's a bank or someone politically connected -- strange.
>>"ad space available -- low rates!!!"
The intelligence agency has done this before to help the DEA and domestic law enforcement. Parallel construction has been proven for other investigations. It's unlikely any of them will give it up until they are forced to do so. https://www.muckrock.com/news/... http://www.reuters.com/article...
Trouble is, you as a juror will never get to know that parallel construction was used in a given case (that is the purpose of this 'tool').
Our Supreme Court is fascist. I fully expect them to uphold the "we got an anonymous tip" and provide a hole a truck can drive through with all this "NSA metafile information that won't ever be used against you..."
And off the record, we see here you visited a certain bunny ranch in Vegas, we'd like to see a larger number on next years budget in the appropriations committee.
The threat posed by the Silk Road is orders of magnitude less than "anonymous" evidence in FBI court cases. This is the morning before we wake up to a boot on our neck --- and I don't that's hyperbole.
>>"ad space available -- low rates!!!"
It doesn't matter if they are lying through their teeth when they say that. Because they claim it to be true, we can use that as further justification that the NSA's mass-surveillance hasn't done squat.
Because they're busy using that surveillance spying on political and business opponents. Come on, citizen, you don't want to take resources away from that to put then to unimportant stuff like catching criminals and preventing terrorism, do you? Heck, if we caught terrorists before they strike, the terror would be gone and this would risk pulling resources away public support from the surveillance!
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
Because you're a cunt. You personally. Is the answer to all of your questions.
I'm making an assumption that you're talking about illegal NSA surveilance
And you think that's the only way to gather intelligence illegally? I still might guess parallel construction, but my mind didn't jump to the NSA. There are plenty of other options out there.
That would only make sense if the criminal didn't deserve to be prosecuted. You can't fix the problem post-hoc.
No - anyone who knows anything about subject matter involved in a trial (computers, forensics, medicine, etc.) will be excluded from the jury during the selection process with the attorney's. You're supposed to have people who will only listen to the "expert witness" and not use your own knowledge. It's a certain guarantee that this skews the jury pool toward people a little dumber than you'd want.
I posted this reply to the wrong place the first time. So here I go again:
No - anyone who knows anything about subject matter involved in a trial (computers, forensics, medicine, etc.) will be excluded from the jury during the selection process with the attorney's. You're supposed to have people who will only listen to the "expert witness" and not use your own knowledge. It's a certain guarantee that this skews the jury pool toward people a little dumber than you'd want.
The examples from the wiki describe situations where the initial source was legal, but protected. E.g., placing a sting in the path of a suspect on the word of a protected informant, then omiting the reason for their 'luck' in finding the suspect. Or e.g., withholding NSA wiretaps from DEA until the citizen or geography of the source is determined to be foreign (unethical, but not illegal).
Yes, but in this case, mass analysis of Tor traffic by the NSA could have thrown up a suggestion to the FBI "if you want to find the real source of the servers, all you need to do is exploit the CAPTCHA servers". The activities of the NSA don't have to be illegal for the FBI to obfuscate how they got to the final result. I doubt the FBI spent load of time just hacking around. The Government started with the problem "how do we reveal the true source of the Tor anonymized traffic" and fitted the solution to identifying it to some fully legal and totally unnefarious. It is in the Government's best interest to make criminals think they are incompetent.
D.O.U.O.S.V.A.V.V.M.
I've been thinking about this over the last few days, ever since the story popped up in wired.
If they exceed the captcha's rate limit, the captcha -might- leak information in its rate-limiting error message. The message would be something like "your server at IP has exceeded its request limit."
This is likely because if you exceed the rate limit you'd kind of want to know which one of your front-ends was be the bad one.
Nobody really would test that sort of thing either.
Ah, in this case it is even easier to anonymize then, assuming you don't care about the buyers or the sellers. Just store all the data on the servers with nothing identifying, and the only thing you have to deal with is getting the listing fees off the site.
I'll confess I don't know a great deal about the Silk Road, as I've never visited the site.
true story, bro: a couple years ago a candidate for NZ prime minister dropped out at the last moment because emails were anonymously leaked to reporters that he was having an affair. how much do you want to bet that he had some anti police state views, and the security apparatus leaked the emails.
My example was contrived. The point is that tor doesn't prevent you from leaking identifying info. There are LOTS of ways this can happen, including:
1. Some application happens to embed a non-private IP in the data stream (maybe in a header or something). This is a classic problem if you try to run bittorrent over tor.
2. Somebody manages to run arbitrary code on your server via an exploit and this code has access to identifying information, such as a non-private IP, mac address, or just the ability to send packets to the internet (which can be sent to a server controlled by the attacker revealing the source IP).
Neither of these requires NSA-like capabilities to pull off, or the ability to defeat tor in general.
Our law enforcement system is a justice system. Our law enforcement officers embrace PC because they want very much to be the crime prevention everyone wants them to be. "You don't need guns, the cops are there to protect you."
Bullshit. The cops are there to figure out who was responsible for an action and in the case of an ongoing crime or hostile interaction (ie neighbors next door screaming at each other), get involved and stop it. They're not there to read minds arrest people while driving down the road because they just thought up how they might be able to score another ounce of dope if they knocked off your house. When those dudes show up to knock off your house, until the cops are *notified and arrive*, you are on your damned own.
try replying to the guy that actually said that next time.
he's useful??
When I was called for jury duty (in California), the attorneys had something like 10 peremptory challenges each. Everyone who wasn't a slack-jawed dimwit was removed. This was only for a traffic accident case - I imagine the lawful-corruption would be even worse in a more serious case.
In Centrist America, it's only a jury of your "peers" if you ride the short bus.
This is the morning before we wake up to a boot on our neck
Sorry, too late by about a decade. The old Republic was sick for a long time, and died an inglorious death in 2001. Long live the Empire!
I call that misinterpretation of events. They probably didn't pick the other jurors because they were stupid. They picked them over you, because they weren't as opinionated as you were. They're trying to select jurors that would not be biased. They don't want someone who thinks they're an expert on the law. It just so happens that stupid people aren't necessarily as opinionated on a given subject.
Yes, that's a good little Centrist - lick that boot. No one could possibly have an experience with the legal apparatus that contradicts the fairy tales you were taught in high school Civics class...
Regardless of your baseless opinion on why I was removed, the fact is at least 11 of 12 original jurors were removed. The attorneys cycled thru something like 18 of the 30-ish potential jurors by the time I was excluded. Jury selection continued after I left.
It's pretty obvious juries in my city are not juries of the defendants' peers, but rather juries of select persons favored by attorneys.
Doubts cast over FBI 'leaky CAPTCHA' Silk Road rapture - Security bod says affadavit makes no sense, omitted exploitation works
I feel like your attitude is proving my point.
No, jury selection (which should be illegal) makes sure that juries do not think this way.
Yes, I've seen the movies and TV shows. But I've also served on a jury, back in college.
It was a drug possession case, and during jury selection they asked if any of us had personal or family ties to law enforcement, friends with drug experience, and a number of other things.
I remember one guy who said he had past experience with drugs, and even a conviction. He also said he didn't trust the police and was inclined to doubt them when they accused someone of a crime.
Neither the prosecution nor defense objected to him, and he served on the jury. We found the defendant guilty.
Who would be so stupid to run a server like that without masquerading? That is not credible at all. A simple masquerading firewall before the actual server makes sure that a) no non-TOR traffic ever reaches or leaves the actual server and b) the server itself does not know the public IP it is reachable under. This is really basic protection and set up withing a few hours. It also makes sure nothing like the FBI claims can ever happen.
The only sensible explanation is that the FBI is lying through its teeth.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
It's like you have no clue how jury selection works; and have only seen the movie Runaway Jury. Juries can vary in size, anywhere between 6-12 plus backups totaling about 15-30. Attorneys can only challenge the selection a set number of times. Most cases this is 3. So in a majority of cases at least one juror is completely untouchable by the attorneys (if you exclude the backup set).
I've been through voir dire twice and in both cases (criminal assault) not only did the attorneys get their allotted strikes, but toward the end of the questioning process the judge also had notes and called certain members of the pool to the bench and further questioned them about their opinions, dismissing some of them to go home. The judge is already there as a representative of the State, so naturally his dismissals will also tend to enforce jury orthodoxy. No libertarian who believes in nullification is EVER getting on a jury unless he perjures himself.
Hollywood, Television, has become the dream machine. We need to take that back; each of us is a Dream Machine
Ahhh... so you believe only subjects with a credulous & servile attitude should be included on a jury?
Did the Feds have a warrant for searching this particular server? Quote the 4th Amendment:
... and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Did they have a warrant specifically describing the place to be searched, and the persons or things to be seized?
If not, they were violating the CSRA, by accessing a server without authorization, which is exactly what they tried to charge Aaron Schwarz with.
It is not permissible to break the law in order to enforce the law. This is a principle older than the United States itself.
Paypal engineers do not go to prison for an extended period of time when they are caught. Paypal engineers are also the cheapest possible that can just about get the job done.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
My personal take is that this was much more likely some Bitcoin-based attack where they were able to identify him via some Bitcoin they gave him and that he spent afterwards. The claimed scenario would require terminal stupidity on the side of the server set-up and also that nobody of the countless people trying to attack these servers ever getting lucky. Not credible at all.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
I might be naive, but I think the discovery of the IP source through the weakness in the captcha is totally plausible.
I concur, this is totally plausible. Unfortunately that doesn't prove this isn't a case of parallel construction.
> Paypal engineers do not go to prison for an extended period of time when they are caught.
Neither does the script monkey that Ulbricht hired to set up the captcha.
He had a huge criminal enterprise to run, tons of money to launder, murders to order, and hopefully he'd make some time to enjoy his ill-gotten gains before he eventually made a mistake and got busted. If he was wasting his time setting up a captcha, that was pretty stupid. The smart thing would be for him to have someone eho understands banking and finance take care if the banking and finance, someone who understands programming take care of the programming, someone who understands high-capacity server infrastructure take care of the server infrastructure, ehile he ran the whole operation and spent some time on his boat. Actually, not really. He was successful before silk road,so the smart thing to do would have been to continue to make money legally. That has the advantage of not ending with a prison sentence.
Nice anecdote. Did I tell you about the time my Uncle Marvin went a bit bonkers?
pretty sure AC repeats post - and is +5 insightful, while original post is 0? WTF? view at -1 to see this post...
Yes Obama promised he would close Gitmo. But one of the first things Congress did after he became was to pass laws or a law that severely limited his ability to do so. Remember when he traded 5 Gitmo prisoners for the one US soldier a few months back. Some people were howling that he had no legal authority to do that, that it violated a legal procedure required before he could do that.
While on the subject, I asked myself and other people, how did Obama move from a close Gitmo promise, to a scale back the surveillance state and war on terror, (which have become one and same), etc. etc. He did get the US largely out of Iraq and Afghanistan.
The thoughts I have are:
1. He's a politician. He said what he needed to say that the poll results showed would get him elected. Score points for plausible, and probably true of every modern president to a degree.
2. Once elected, he was briefed by the military and Security entities, and once shown classified evidence he realized that, although he may hate the course we're on, it's not nearly as bad as what he hoped and wanted to do. Score points for plausible, and as evidence how most presidents seem to age 5 years the first year they are in office.
3. "Gee Mr. President, we are quite willing to follow your orders. But, um, we really would not like to have to boil your daughters in acid, would we." Score points for paranoid. Score points for not paranoid enough.
Loaded question says what?
I'll take that as a "yes".
The IP will probably be revealed as being 127.0.0.1.
The judge will accept it as evidence, and the jury will convict because we are still living in a society of imbeciles trying to impose on how everyone should live under the premise that they know better as a collective decider.
We are destroying basic human rights and severely punishing people simply so we can "show them a better path" in life.
It's absurd. Why can't we just close all these ineffective branches of government fighting pseudo crimes already?
Given it is a criminal enterprise it makes no sense for him to go out hiring people to do programming, infrastructure, banking, finance etc as the more people he has to deal with the more people that can be compromised or just blab. The is a saying along the lines of "if you don't want anyone to find out your secrets then don't tell anyone". Master of your own destiny and all that.
You can take it however you like. I'm not intolerant. But don't put quotes around it.