On 2013-10-05 04:49, Andy Isaacson wrote:
On Fri, Oct 04, 2013 at 08:16:48PM +1000, James A. Donald wrote:
Two security failures: The feds were able to find the Tor hidden web server, and, having found it, there was information on the web server that should not have been there.
Note that this thread has meandered around, discussed several different security failures, and you seem to be returning to the Silk Road one.
My understanding is that they found a bunch of Tor machines,
I don't see any evidence or claim that the investigation touched, investigated, or influenced any Tor relays in the published documents about the Silk Road arrest. Do you have any basis for this understanding?
(BTW, it's *very* easy to "find a bunch of Tor machines", most of the Tor relays' IPs are listed in the public "consensus".)
installed malware by means of rubber hoses,
Again, I see no published claim that any malware was used in this investigation, nor that the investigators had to lean on anyone (much less torture them, as the phrase "rubber hose" indicates) to install malware.
Freedom hosting was forced to install malware on servers, which attacked the browsers used by tor clients. This attack did not itself directly expose Silk Road, but Silk Road was successfully attacked at about the same time, so, possibly part of the same operation. Silk Road was directly attacked by malware - they issued numerous complaints about this, and were repeatedly taken down by malware. This happened at about the same time as the Freedom Hosting malware, though there is no direct evidence of a direct connection, other than timing and modus operandi. Simply generating huge amounts of spam and firing it off at Silk Road from time to time would enable a correlation attack. We know, however, that Silk Road was attacked both by huge amounts of spam, and malware.