Why Encryption Does Not Mean The End Of Law Enforcement
IT World wrote a piece on how the cops caught up with the now convicted founder of Silk Road, Ross Ulbricht, AKA The Dread Pirate Roberts, the man who ran the dark web marketplace for everything from drugs to murder. The author goes into a lot more detail for those geeks who are interested.
Curious note: That article ran everywhere under the title 4 technologies that betrayed Silk Road. Their article lists 5 technologies, but the page name for the article is still called 4 technologies … go figure.
Number 1: He used Bitcoins to transfer money between buyers and sellers and himself, thinking it was untraceable. Turns out while it might be hard to decrypt the bitcoin wallets themselves, it is easy to watch the transactions on the net. You can see where the traffic comes from and where it goes to.
Number 2: Ulbricht used TorChat to communicate. Like Tor, it is encrypted so you can’t just look at it. However, for some reason, he consciously turning on chat logging, which made unecncrypted logs on his hard disk. He may have thought that the logs were encrypted or he he may have thought that since his disk was encrypted, he was safe.
Number 3: Encryption makes it difficult for someone to eavesdrop on your world but stuff has to be decrypted in order to use it. In Ulbricht’s case, he apparently was using whole disk encryption (WDE), like Microsoft’s Bitlocker (but probably not Bitlocker). The problem every WDE product has is that it decrypts stuff once you login and the keys are kept in memory. What this means is that WDE offers no protection while the computer is on.
For some reason, Ulbricht used public WiFi at the library some times and the cops caught him there, while the computer was turned on and logged in and were able to grab his computer before he could shut it off. They now had access to, among other things, his private encryption key. Game over.
I have often said that public WiFi is not secure. That is certainly true if you are a crook.
Number 4: Loose lips sink ships. This is as true now as it was during World War II when the phrase was coined. Ulbricht used Facebook and cross posted information, for example, about a vacation in Thailand to both Silk Road and Facebook. Tie the FB account to a GMail account and voila.
Number 5: Automated server logins are convenient, but deadly. because human beings are lazy, Ulbricht had set up a trust relationship between his laptop and the Silk Road servers, so he did not need to enter a password to login to the servers. If you have access to the laptop, you have access to the servers.
I think most people will be able to figure out what not to do, so I don’t think I need to explain that here, but it does point out that nothing is foolproof.
The Feds – and Prime Minister David Cameron of England – feel that no communication should be private from the government. The fact that in 99% of the cases, the people who want private communications just don’t trust the government and are doing nothing wrong is not relevant to them. This case pointed out two things – First, encryption is not a silver bullet and Second, human beings make mistakes.
Maybe the next crook won’t make these five mistakes, but actually, I would not count on that. The good news for the cops is that there is pretty much an unlimited supply of mistakes for the bad guys to make and while it may be harder to catch them if they use encryption, it is, for sure, not the end of catching crooks. Ask Ross Ulbricht.
Mitch