As the trial of alleged Silk Road drug market creator Ross Ulbricht approaches, the defense has highlighted the mystery of how law enforcement first located the main Silk Road server in an Icelandic data center, despite the computer being hidden by the formidable anonymity software Tor. Was the FBI tipped off to the server’s location by the NSA, who used a secret and possibly illegal Tor-cracking technique?
The answer, according to a new filing by the case’s prosecution, is far more mundane: The FBI claims to have found the server’s location without the NSA’s help, simply by fiddling with the Silk Road’s login page until it leaked its true location.
In a rebuttal filed Friday to a New York court Friday and accompanied by a letter from the FBI, the prosecution in Ulbricht’s case laid out an argument dismissing a series of privacy concerns Ulbricht’s lawyers had expressed in a motion submitted to a New York court last month. That earlier motion had accused the government of illegal searches in violation of the Fourth Amendment, including a warrantless search of the Silk Road server, and argued that those privacy violations could render inadmissible virtually all of the prosecution’s evidence. The defense motion also demanded that the government explain how it tracked down the Silk Road’s server, and reveal whether the NSA had participated in that hunt.
In the latest filing, however, former FBI agent Christopher Tarbell counters Ulbricht’s defense by describing just how he and another FBI agent located the Silk Road server in June of last year without any sophisticated intrusion: Instead, he says, they found a misconfiguration in an element of the Silk Road login page, which revealed its internet protocol (IP) address and thus its physical location.
As they typed “miscellaneous” strings of characters into the login page’s entry fields, Tarbell writes that they noticed an IP address associated with some data returned by the site didn’t match any known Tor “nodes,” the computers that bounce information through Tor’s anonymity network to obscure its true source. And when they entered that IP address directly into a browser, the Silk Road’s CAPTCHA prompt appeared, the garbled-letter image designed to prevent spam bots from entering the site.
“This indicated that the Subject IP Address was the IP address of the SR Server,” writes Tarbell in his letter, “and that it was ‘leaking’ from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor.”
That discovery by the FBI, the prosecuting attorneys in Ulbricht’s case argue, means that no illegal spying techniques were needed to pinpoint the world’s largest anonymous bazaar for narcotics. In fact, they write, the evidence revealing its physical location was left in plain sight.
After the initial revelation of the Silk Road server’s location in a data center in Reykjavik, Iceland, the filing explains that Reykjavik police accessed and secretly copied the server’s data. As agents of a foreign government, the prosecution argues, they weren’t required to seek a warrant from any US authority. And the prosecution writes that Ulbricht didn’t himself even own the server: He had allegedly rented it through a third-party service, which in turn rented space in the Icelandic data center. The brief goes on to quote the web host’s terms of service, which warned that “systems may be monitored for all lawful purposes, including to ensure that use is authorized.”
If the judge in Ulbricht’s case accepts the prosecution’s explanation of that breakthrough in the Silk Road investigation, it could represent a major blow to Ulbricht’s chances of beating the seven charges against him, which include conspiracy to traffic in narcotics, money laundering conspiracy, and a “kingpin” charge usually reserved for leaders of drug cartels and mafia organizations. Ulbricht’s lawyers have previously outlined a defense against those charges they refer to as the “fruit of the poisonous tree” doctrine, an argument that an initial illegal search taints the rest of the evidence resulting from that violation. On Friday, Ulbricht appeared in court to plead not guilty to new charges that included selling counterfeit IDs and directly trafficking in narcotics rather than merely leading a conspiracy to do so.