Slashdot Mirror

← Back to Stories (view on slashdot.org)

Silk Road Journal Found On Ulbricht's Laptop: "Everyone Knows Too Much"

Posted by timothy on from the that's-not-my-bag-baby-honestly dept.

sarahnaomi writes On Wednesday, prosecutors in the Silk Road trial began to lay out the wealth of evidence found on the laptop taken from accused kingpin Ross Ulbricht in a San Francisco library in October 2013. The evidence presented by prosecutor Timothy Howard was the most comprehensive and damning thus far, including more than a thousand pages of chats between the site's pseudonymous operator Dread Pirate Roberts and Silk Road administrators. Also entered into evidence was a journal that dates back to at least 2010 describing the creation and operation of the site. FBI computer scientist Thomas Kiernan, the second witness in the trial, testified about the day Ulbricht was arrested and the evidence gathered from his laptop.

8 of 180 comments (clear)

  1. Re:Mental note: by slew · · Score: 4, Interesting

    Mental note: When establishing a questionably legal site for definitely illegal transactions to be made through, don't keep any logs about it, nor your conversations regarding it.

    Observation: if you have a big enough ego to think you can create such a questionable site and get away with it, you have probably can't stop yourself from feeling invincible in whatever you do and dismiss any possibility that your logs will get compromised *ever*. Conversely, if have enough doubt about the eventual security of your logs in the event you might eventually get caught, you probably don't have the balls to go through with it in the first place...

  2. Re:What an idiot by grnbrg · · Score: 4, Interesting

    Apparently he was arrested (in public) at a library, and the techs who got the laptop knew what they were doing...

    It was logged in, and they spend several hours copying data without letting it sleep or lock.

    Full disk encryption is great, but assumes that you won't have unlocked it for the attacker.

  3. Re:What an idiot by Anonymous Coward · · Score: 5, Interesting

    There's actually some neat forensic gear out there designed for this kind of situation. It's basically a battery with a fast UPS style switchover mechanism and various bits for tapping into the power line connected to a computer. Basically they wire this thing in, pull the plug, and the battery keeps the machine running and unlocked while they cart it away/image it/etc. They've also got devices called "jigglers" that simulate mouse movement to keep the screen from locking.

    Obviously this turns into a cat and mouse thought experiment with a variety of rube goldberg type countermeasures and counter-countermeasures, but against the average guy this kinda thing probably works quite well.

  4. Re:What an idiot by CaptBubba · · Score: 5, Interesting

    Yeah they had two agents get into a fight right behind him and when he jumped up to see what was going on (just like anyone would do) another agent snatched the laptop and started the task of getting evidence off it and mirroring the drive's contents.

    The FBI is often really fucking good at what they do.

  5. Missing the point. by B5_geek · · Score: 3, Interesting

    While a lot of people are jumping on the "..it wasn't encrypted.." "..FBI grabbed it while he was logged in.."
    You are missing the point.
    Step 1) NEVER carry incriminating evidence with you. Encrypted or not.
    2) use a VPN/SSH Tunnel/etc (and/or both) to connect to the server where your data is. (make sure that server is located in a non-extraditing country, and filtered from you by a few shell companies)
    3) keep an absurdly low 'idle-timeout' on your ssh sessions
    4) use a dead-mans switch on that servers encrypted data
    (i.e. run command "I_am_not_in_jail_yet.sh" every 15minutes.) {be more vague then this*}
    5) ALWAYS assume that your local system is compromised. (boot/run from a read-only media)
    6) don't brag about it! If more then 1 person knows; then your secret is not safe.

    --
    "The price good men pay for indifference to public affairs is to be ruled by evil men." ~Plato (427-347 BC)
  6. Re:What an idiot by kylemonger · · Score: 5, Interesting

    The simplest strategy would have been to have already moved to a non-extradition country. He'd already racked up tens of millions of dollars in profits! What was he waiting for?

  7. Re:What an idiot by Dan+East · · Score: 4, Interesting

    A skilled hacker / engineer could create a system for under $40 that would circumvent this.

    Use two microcontrollers (a raspberry pi would be overkill - I'd use a $10 STM32 Nucleo board), one hidden somewhere in your house that has a small coil around a power line which introduces a signal into the power wires, and another in the case of the PC that monitors the signal generated by the first microcontroller. As soon as the device inside the PC detected loss of the signal it could then shut the PC down. Or trip a relay connected to a servo that allows acid to flow into the HDD. It could also have light sensors (covering the largest spectrum possible) to detect the case opening, which would also trigger the destruct mechanism. It would be powered by 4 AA batteries when external power is removed. I would also add a trivial voltage divider circuit to an ADC line on the microcontroller to monitor battery power, and if it got down close to 5V it would destroy the device.

    There are dozens of things you could do along those lines. Place a magnet in whatever the PC is setting on and then have a magnetometer sensor in the buttom of the case connected to the microcontroller. If the PC is moved then it destroys the media. Etc, etc.

    --
    Better known as 318230.
  8. Re:What an idiot by citizenr · · Score: 3, Interesting

    https://www.youtube.com/watch?...

    there are rfid rings/bracelets that do this already

    --
    Who logs in to gdm? Not I, said the duck.