Silk Road Sunk By Leaky CAPTCHA


last year
http://krebsonsecurity.com/2014/09/drea ... y-captcha/

“The IP address leak we discovered came from the Silk Road user login interface. Upon examining the individual packets of data being sent back from the website, we noticed that the headers of some of the packets reflected a certain IP address not associated with any known Tor node as the source of the packets. This IP address (the “Subject IP Address”) was the only non-Tor source IP address reflected in the traffic we examined.”

“The Subject IP Address caught our attention because, if a hidden service is properly configured to work on Tor, the source IP address of traffic sent from the hidden service should appear as the IP address of a Tor node, as opposed to the true IP address of the hidden service, which Tor is designed to conceal. When I typed the Subject IP Address into an ordinary (non-Tor) web browser, a part of the Silk Road login screen (the CAPTCHA prompt) appeared. Based on my training and experience, this indicated that the Subject IP Address was the IP address of the SR Server, and that it was ‘leaking’ from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor.”

last year
And, furthermore in this very article:
Frank, September 8, 2014 at 1:32 pm:
Keep in mind this is the government reporting on how it discovered someone on an anonymity location.
The real truth is most likely that Tor is compromised and is not anonymous. The NSA isn’t going to state that, however, because they want people to keep using it so they can catch the king pins and other larger targets.

Reply

You are not logged in. Login or register to reply on this thread.