SoylentNews

c0lo [soylentnews.org] writes:

krebsonsecurity reports [krebsonsecurity.com] that new court documents released this week by the U.S. government in its case against "Dread Pirate Roberts" suggest that the feds may have some explaining to do.

Last month, the U.S. government released court records claiming that FBI investigators were able to divine the location of the hidden Silk Road servers because the community’s login page employed an anti-abuse CAPTCHA service that pulled content from the open Internet — thus leaking the site’s true Internet address.

But lawyers for alleged Silk Road captain Ross W. Ulbricht (a.k.a. the “Dread Pirate Roberts”) asked the court to compel prosecutors to prove their version of events. And indeed, discovery documents reluctantly released by the government this week appear to poke serious holes in the FBI's story.

The FBI claims that it found the Silk Road server by examining plain text Internet traffic to and from the Silk Road CAPTCHA, and that it visited the address using a regular browser and received the CAPTCHA page. But Weaver says the traffic logs from the Silk Road server [krebsonsecurity.com] (PDF) that also were released by the government this week tell a different story.

"The server logs which the FBI provides as evidence show that, no, what happened is the FBI didn’t see a leakage coming from that IP," he said. "What happened is they contacted that IP directly and got a PHPMyAdmin configuration page." See this PDF [krebsonsecurity.com] file for a look at that PHPMyAdmin page. Here [krebsonsecurity.com] is the PHPMyAdmin server configuration.

Bruce Schneier reckons [schneier.com] FBI's story is a botched parallel construction on hints from NSA.

---

Original Submission