Last year FBI had taken down the underground black marketing site 'Silk Road' and after that two of the admin of the Silk Road forum had also been arrested. Now this is the first time that he defense has highlighted the mystery of how law enforcement first located the main Silk Road server in an Icelandic data center, despite the computer being hidden by the formidable anonymity software Tor.
The FBI claims to have found the server’s location without the NSA’s help, simply by fiddling with the Silk Road’s login page until it leaked its true location.
In the latest filing, however, former FBI agent Christopher Tarbell counters Ulbricht’s defense by describing just how he and another FBI agent located the Silk Road server in June of last year without any sophisticated intrusion: Instead, he says, they found a misconfiguration in an element of the Silk Road login page, which revealed its internet protocol (IP) address and thus its physical location.
As they typed “miscellaneous” strings of characters into the login page’s entry fields, Tarbell writes that they noticed an IP address associated with some data returned by the site didn’t match any known Tor “nodes,” the computers that bounce information through Tor’s anonymity network to obscure its true source. And when they entered that IP address directly into a browser, the Silk Road’s CAPTCHA prompt appeared, the garbled-letter image designed to prevent spam bots from entering the site.
This indicated that the Subject IP Address was the IP address of the SR Server,” writes Tarbell in his letter, “and that it was ‘leaking’ from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor.
The FBI claims to have found the server’s location without the NSA’s help, simply by fiddling with the Silk Road’s login page until it leaked its true location.
As they typed “miscellaneous” strings of characters into the login page’s entry fields, Tarbell writes that they noticed an IP address associated with some data returned by the site didn’t match any known Tor “nodes,” the computers that bounce information through Tor’s anonymity network to obscure its true source. And when they entered that IP address directly into a browser, the Silk Road’s CAPTCHA prompt appeared, the garbled-letter image designed to prevent spam bots from entering the site.
You can find the detailed explanation by the FBI on Scribd.