What the hell’s going on at Silk Road?

Posted: November 16, 2012 in Drugs, Silk Road
Tags: , , , , , , , ,

For two weeks, users of online drugs marketplace Silk Road have been unable to log in to the site more often than not, reporting timeouts, missing catchpas and other technical difficulties.  Millions of dollars in Bitcoin has been inaccessible to the site’s thousands of members and trading has halted.

Where’s my Bitcoins?

The reactions of the community have run the gamut from hopeful acceptance to threats of violence against the site’s owner, admins and other random anonymous people.  Amazon has stocked up on pitchforks and tinfoil hats as speculation on the forum has reached fever pitch.

Here are five of the theories for its temporary demise, in one easily-digestible blog:

A. TECHNICAL ISSUES

The theory:Silk Road is experiencing technical issues, which need to be sorted out and stability and security tested before the site can be made available to members again.

The argument: Before the site went down, Dread Pirate Roberts posted that it was running slowly and had ‘issues’ due to ‘explosive growth’.  Other users also pointed out that the aftermath of Hurricane Sandy may be to blame, although there is no evidence that the Silk Road server was anywhere in the path.

DPR and the administrators have been posting semi-regular updates and the site has been sporadically available in the past couple of days.  Sites do go down and due to the nature of this particular beast, the less information that is provided publicly, the better.

Occam’s Razor favours this scenario.

The counter-argument:  This is by far the most boring and un-newsworthy explanation, simply not befitting of the subversive Silk Road.  Members also questioned why, a short while after making the ‘explosive growth’ announcement and knowing that the site was experiencing issues, DPR ‘went away’ for 24 hours, completely incommunicado, even from his administrators.

LIKELIHOOD:  Highly likely

B. THE MEGA-SCAM

The theory:  The site’s owner, Dread Pirate Roberts, has taken off with all the money in the accounts, which may be in the tens of millions.

The argument: Nobody believes Silk Road can last forever.  DPR has earned millions of dollars over the past year and could probably retire quite comfortably, especially if he has access to all the money sitting in escrow and vendors’ and buyers’ accounts.  Silk Road is no stranger to the mega-scam, Tony76 having taken off with thousands, maybe hundreds of thousands, of dollars of customers’ money earlier this year.

The counter-argument:Silk Road accounts for the largest single Bitcoin wallet.  Cashing out that sort of money would not only be extremely difficult without alerting the authorities, it would cause the value of the Bitcoin to nosedive.  If DPR wanted to run the scam, surely he would disable the forums as well so that members could not discuss the issue.  Furthermore, he has been making semi-regular updates and when the site was temporarily restored, several vendors reported being able to withdraw from their accounts.

LIKELIHOOD:  Very unlikely

C. LAW ENFORCEMENT INFILTRATION

The theory: Law enforcement has finally cracked Silk Road and is now setting up a massive honeypot.

The argument:Silk Road has become a high profile problem, making a mockery out of politicians and law enforcement as it not only operates, but flourishes, quite openly.  Closing down the site is not enough, as law enforcement wants to be seen to be making arrests.  Either the server or DPR has been compromised and law enforcement, acting as DPR, is attempting to reopen the site to gather intelligence for worldwide arrests. The administration accounts of many/all administrators have been disabled.  There have been some issues with DPR’s PGP signature. He posted just before the site went down saying he was making an effort to be more bland in his writing to be unidentifiable.  New vendors popped up during the blackout.

The counter-argument: While $22million per year may seem like a lot, in the context of the worldwide illicit drug trade it is miniscule.  What’s more, that amount is spread across hundreds of vendors.  Silk Road operates peacefully, without violence and actually reduces drug-related crime.  The chance of any law enforcement agency having the resources to commit to such a sting, especially a cross-border sting, seems remote. Even if they infiltrated the Road, any vendor who practices basic safety precautions will not be at risk of identification.

LIKELIHOOD:  Unlikely

D. HACK ATTACK

The theory: A malicious hacker has launched a DDOS attack on Silk Road.

The argument: An anonymous user has been posting claims of blackmail, including some ‘evidence’ (unintelligible to non-geeks like me) that he/she is responsible for hacking and/or launching a DDOS attack on Silk Road.  DPR reported receiving threats and indicated it was a possibility they were for real.

The counter-argument: There was no pre-warning from the alleged perpetrator, merely claims of responsibility after the fact.  The forum has its fair share of trolls.

LIKELIHOOD:  Very possible

E. SILK ROAD HAS BEEN SOLD

The theory: DPR has sold Silk Road as a going concern and the downtime was due to issues when migrating the server.

The argument:Silk Road is a valuable asset with no real competition and there would be no shortage of buyers for the infrastructure and goodwill of the name.  DPR’s handle suggests he always had the intention of passing the mantle on at some point. Always a loquacious chap, he recently posted saying he was sorry for sounding different but “It’s safer to make my writing style bland so it is less identifiable”.  It could take months or years before anyone realises it’s happened, so nobody – neither ripped-off site users or law enforcement – would be looking for the fugitive.

The counter-argument:  Making such a sale would invariably require some real-life dealings, which would be fraught with danger.  Why would anyone take such a risk to get rid of something so profitable?

LIKELIHOOD:  Possible

So there you have it folks. As this goes to press, the site appears to be back up and operational for now.  Only time will tell which, if any, theory is correct, but one thing is for certain: a lot of people have had a very big scare.

Comments
  1. zooko says:

    “There have been some issues with DPR’s PGP signature.”

    Can you give details about this?

    • There was one PGP signed post where the sig didn’t match, later fixed by DPR and a couple of people claimed a more recent one was incorrect, but I don’t think they were right. The line was more just one of the arguments thrown up.

      • zooko says:

        I would be interested in some of the details. I know enough tech that I might be able to understand whether certain claims make sense:

        1. Why didn’t the sig match? Was there an explanation from DPR? Has DPR ever made such a mistake before? (It is probably the sort of mistake that is easy to make if you’re doing it “by hand” but impossible to make if you’re using automation. I would assume DPR — the “original” DPR — had automation for it.)

        2. What’s the evidence claimed for a DDoS?

        Also, something that I know less about, but someone disappearing for 24 hours and then coming back reminds me of when Anonymous Sabu was arrested and turned by the FBI. Some of Sabu’s collaborators at that time thought that his 24-hour disappearance, followed by an apparent return to form was an indication that he had been turned, and they were later proven right.

        Anyway, I’m very interested in Silk Road because of my interests in security, economics, and the Bitcoin market. But, I don’t want to spend a lot of time reading all the forums, or whatever, in order to find these sorts of details.

        Regards,

        Zooko

        • Sorry, the DDOS claim is buried somewhere in a 120-page thread. DPR wrote: UPDATE (2254 UTC 11/15/2012): The site went down again and there are people claiming to be responsible for it and making threats. I don’t want to take any chances, so the site is going to come down for a bit while we investigate what is going on. Hopefully this is short lived… what drama! Next update will come before 0600 UTC.

          As I recall, there was no reason given for the sig, just fixed

        • One Sick Puppy says:

          There was no explanation as such provided for the error in the signature. However, DPR signed the message again on a “different OS”, after which it could be validated without errors.
          As far as DDoS is concerned, i highly doubt that’s possible. Someone who has set up the world’s largest online illicit drug marketplace, would definitely take the trouble to secure his server against something as common / well known as DDoS attacks.

          Common Sense..

          • Jessec says:

            Yeah, just like PayPal did… Oh that’s right, it’s impossible to prevent such a common/well known attach when it is, in fact, a DDOS – Distributed Denial of Service Attack.

  2. Sam Datta says:

    Hi Eileen,

    I’m a broadcast journalist in London putting together a piece on the Silk Road – would love to get your thoughts on a few things and maybe a Skype interview?

    Many thanks,

    Sam

    • Thanks Sam, but I’m just a journalist, certainly not an expert on the Road. Good luck with your piece.

    • RoadWarrior says:

      Don’t do that Sam. There have been enough hysterical, misinformed pieces about Silk Road, I doubt your bosses will let you run a balanced piece so it’ll just be more of the same. It doesn’t need the publicity and its users don’t want it to have any.

  3. Max Plank says:

    > zooko says:
    > November 16, 2012 at 10:25 pm
    >
    > I would be interested in some of the details. I know enough tech that I might be able to
    understand whether certain claims make sense:
    >
    > 1. Why didn’t the sig match? Was there an explanation from DPR? Has DPR ever made such a mistake before? (It is probably the sort of mistake
    > that is easy to make if you’re doing it “by hand” but impossible to make if you’re using automation. I would assume DPR — the “original” DPR — had > automation for it.)

    This isn’t the first time this has happened. DPR has caused a flap previously by not correctly signing posts. In each case, the post was promptly re-signed as soon as this mistake was pointed out.

    > 2. What’s the evidence claimed for a DDoS?
    >
    > Also, something that I know less about, but someone disappearing for 24 hours and then coming back reminds me of when Anonymous Sabu was > arrested and turned by the FBI. Some of Sabu’s collaborators at that time thought that his 24-hour disappearance, followed by an apparent return > to form was an indication that he had been turned, and they were later proven right.

    I don’t think the site was DDOSed. Rather, I think that the site’s userbase has now become so large that the userbase, in effect, DDOSes the site. When you consider that the site went literally from nothing to its current state in a little over a year, the term ‘explosive growth’ is apropos.

    Sabu was an idiot. The reason he was apprehended was that he forgot to use Tor prior to signing on to an IRC channel that was monitored by the authorities. As both Silk Road and the Silk Road Forum are hosted on .onion sites, this type of compromise is not possible.

    > Anyway, I’m very interested in Silk Road because of my interests in security, economics, and the Bitcoin market. But, I don’t want to spend a lot of > time reading all the forums, or whatever, in order to find these sorts of details.

    Where better to get the information that straight from the horse’s mouth?

    > Regards,
    >
    > Zooko

    MaxPlank

  4. DPR has confirmed he believes the site is under a DDOS attack

  5. […] What the hell's going on at Silk Road? […]

  6. qlwkejrhtg12 says:

    Can’t seem to login or register new account.. Dose this just mean the site is temporally down?
    I made my first SR account last night after 2 am EST and was able to browse and explore. Logged off and tried back 30 min later and wasn’t able to get in. Woke up this morning and tried again. Still no luck on getting back on. If someone knows what the deal is let me know. I am just hoping that it’s down and will be back up soon.

  7. james says:

    was able to log in just fine until late last night 10pm eastern time Mar10 just fine, have been member for 6 months with over 50 transactions. cant get in today. occasionally it goes dwo nfor few hours to a day. who knows why. could be overloaded w new members. if i would hazzard a guess I would imagine the Silk-road server is multiple servers spread all over the world and occasionally they bring site down to reboot from another of these server as a added security precaution. this is pure speculation on my part. sometimes it dgoes down for a while not unusual. just be patient

  8. willy says:

    dread pirate roberts a JEW

  9. […] DDoS tuvieron a Silk Road fuera de juego en varias ocasiones en Noviembre de 2012 y Mayo de 2013. Entre el 9 y el 13 de Diciembre Silk Road volvió a sufrir uno de estos ataques que […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s