Silk Road fell due to a catalogue of errors by owner Ross Ulbricht

(@dannybradbury) | Published on October 3, 2013 at 13:15 BST

At 3:15 in the afternoon on Tuesday, FBI agents walked into the San Francisco public library in Glen Park, and quietly plucked Ross William Ulbricht into custody. The FBI also seized the files making up the underground black market Silk Road website, which it says he ran under the pseudonym Dread Pirate Roberts, and pocketed 26,000 bitcoins.

The operation had been mounting for at least two years. Agents had been making undercover purchases on the site since 2011, conducting over 100 transactions, said a civil forfeiture complaint document seized by the FBI.

Ulbricht seems to be an inconsistent character. On the one hand, he was extremely paranoid. He stopped talking to a Forbes reporter for a month because she had asked him for a personal meeting. But the FBI criminal complaint suggests that he was caught thanks to some basic, forehead-slapping errors. Here's how it went down.

Firstly, he was foolish with his email address and online identities while promoting the site, getting technical advice and hiring help, alleges the FBI. He used the same online handle (altoid) on several forum sites to make users aware that Silk Road was active in early 2011. He then used 'altoid' again to hire developers for a "venture-backed bitcoin startup company". But this time, he asked people to send their [email protected]

FBI investigators obtained the records for this email address from Google and cross-referenced it to Ulbricht's Google+ account. This included a photo that matched the picture on Ulbricht's LinkedIn account.

Ulbricht used the same email address - and his real name - when posting on Stack Overflow, a popular community site for programming advice. He asked how to connect to Tor using the PHP web programming language. Agents later found code on the Silk Road servers identical to the code that Stack Overflow members showed him.

He subsequently changed his user ID to ‘frosty’ and the email on the site [email protected], but instead of leading investigators away, it led them closer. This email address (which isn't valid) later showed up in the SSH certificate stored on the Silk Road server that allows the administrator to gain access without typing in a password.

There were other coincidences in Ulbricht's online activities and the activities of Dread Pirate Roberts. Agents noticed links in Ulbricht's Google accounts to The Mises Institute, an organization advocating Austrian economics (a popular theory among libertarians and some bitcoin supporters).

Once again, a profile named "Ross Ulbricht" on the Mises site had a photo matching Ulbricht's LinkedIn and Google+ profiles, the FBI said. The organization was also mentioned in several posts by Dread Pirate Roberts on the Silk Road forum.

The FBI traced Ulbricht via an IP address in San Francisco.
The FBI traced Ulbricht via an IP address in San Francisco.

But where was he? Agents apparently tracked Ulbricht down by asking Google for the IP addresses used to log into [email protected] address. It showed a Comcast address in San Francisco, registered to a friend of Ulbricht's, the affidavit said.

Then, evidence against Ulbricht emerged via another agency. US Customs and Border Protection intercepted a parcel containing fake IDs that had been shipped from Canada to an address in San Francisco. When investigators from the Department of Homeland Security visited the house, they found Ulbricht. All of the photos on the fake IDs (which each had different names) were his.

The photos also matched his Texas driving license, which the DHS investigators asked to see. All of this happened around the same time that Dread Pirate Roberts was discussing obtaining fake IDs on Silk Road, the FBI affidavit said.

The FBI put the final piece of the puzzle in place by pulling Ulbricht's Texas driving license and comparing it with the license that Ulbricht showed the DHS. The numbers matched. At this point, it must have considered that it had enough evidence.

There were other pointers indicating that the administrator for Silk Road was in San Francisco. Until late July, Silk Road was administered via a hosted VPN server. That server was deleted after a flaw caused its IP address, and the IP address of the Silk Road server itself, to be displayed publicly on the site (here are some ideas about how that happened).

Once the agents seized the Silk Road website files, they could read the IP address for that VPN server. The hosting provider gave up the access records for the VPN server to the FBI, which showed that it had been accessed from an address at a coffee shop near where Ulbricht was staying.

Hackers like to fly under the radar. Good ones have a common term known as OPSEC, or operational security. It contains several key tenets. Not using your real email address would be one of them. If the allegations in the FBI affidavit are true, then Ulbricht's OPSEC was poor.

But Ulbricht has not been convicted of running Silk Road, and all the criminal charges that implies, meaning that he is still innocent in the eyes of the law.

In any case, the site is down now. Just how big was Silk Road? The affidavit shows that it processed sales worth around 9.5m bitcoins between February 2011 and July this year, but bitcoin experts put that in perspective.

"That incorrectly understands BTC and its use," says Patrick Murck, general counsel at the Bitcoin Foundation. "1 BTC could change hands 9.5m times and generate ‘sales revenue’. In addition, many people don’t realize that, for the majority of Silk Road’s existence, the value of 1 BTC was less than $7 USD. It is only as recently as March 2013 that the value has risen over $100 USD."

silk-road-marketplace-seized
The notice that currently appears on Silk Road.

Silk Road existed for around 930 days. That equates to an average trading volume of around 10,215 each day, or about 4% of the daily traded bitcoin volume using recent network transaction volumes. That said, it’s worth considering that transaction volumes probably increased on Silk Road over time, and that transactions as a proportion of the network may have risen towards the end.

Nevertheless, the site yielded total commissions of 614,305, which is not inconsiderable, even at $10 prices. And of course, it hasn't been that low for a while. Regular commissions were paid into Ulbricht's bitcoin wallet, according to the affidavit, amounting to around $20,000 each day in some cases. His addresses held the equivalent of $3.4m in July, the FBI said.

What will the fallout from Silk Road do to bitcoin's value and reputation? Murck makes the best of it.

"The interesting aspects of the story are that the FBI acknowledges that bitcoins ‘are not illegal in and of themselves and have known legitimate uses' (Section 21, v)," he says. "The FBI did not have to issue that statement, but they did. Additionally, it shows that bitcoin as a store of value and medium of exchange doesn’t pose any insurmountable challenges to the law enforcement community, which should settle some minds."

“Bitcoin's quest to become mainstream persists through thick and thin,” said Erik Vorhees, a bitcoin advocate and founder of SatoshiDice, the wildly successful bitcoin gambling site that was sold earlier this year. “It is a tremendous tool that grows and expands while the world gossips about it. It's a technology in the pure sense - and technologies don't tend to care about individual events that occur in their orbit.”

Bitcoin’s quest to become mainstream persists through thick and thin

That didn't stop the price dropping like a lead balloon. When the FBI published the news, the price of bitcoin plummeted to $82 from $125, according to CoinDesk's Bitcoin Price Index.

This is mostly panic selling, argues bitcoin expert and advocate Roger Ver. "The price drop today was definitely caused by the Silk Road news, but the sell off was by users who still don't understand bitcoin, and its myriad of uses beyond the Silk Road," he argued. "I suspect that within a month, the bitcoin price will be higher than it was yesterday before the Silk Road news."

What isn't clear is what happens to the suppliers, and possibly the users. Many users (including Ulbricht, allegedly) used their home addresses for delivery of illicit goods. They must have given those addresses to someone. If delivered in a message via Silk Road, would they have been stored, and will the FBI be paying customers a visit?

“The users who used PGP to encrypt their communications are in no danger at all,” says Ver. “Those who sent their messages in plain text may be at some risk depending on Silk Road's back-end security practices. This should be a wakeup call for everyone to start using services like PGP/ GPG, Crypto.cat, and bitmessage.org to encrypt their communications.”

This isn’t the only site dealing in illicit goods for bitcoins. Atlantis, another site, shut down two weeks ago due to ‘security concerns’ – however, the owners of that site were far less paranoid than Dread Pirate Roberts. They even had their own Facebook page.

Another, Black Market Reloaded, is still going strong. And Vorhees compares the Silk Road shut down to Napster, in the early days of illicit music file sharing. When it was quashed, many sprung up in its place.

“There will be many sites, operating in many countries,” he concludes.

Feature image: LinkedIn

Silk Road

There is 1 comment. Press to view.