Silk Road reboots: for real, or just a honeypot?

library
crime | hacking | security

Silk Road has reportedly reopened, though it’s anybody’s guess whether the rebirth of the online drugs and weapons black market is for real, or in fact a honeypot.

What Motherboard’s Joseph Cox calls the “online-marketplace-cum-libertarian-movement” found a new home and was scheduled to reopen for business on Tuesday 5 November at 16:20 GMT – a “poetic” time on an auspicious date, notes the dark web-focused site AllThingsVice.

(As it turns out, the Silk Road relaunch, the date and time of which jazzed the drug culture cognoscenti, got pushed back 24 hours to Wednesday – a date that isn’t druggishly auspicious at all.)

The AllThingsVice post was apparently written by a registered user of the original Silk Road or at least by somebody invited by a user to join the new site, given that s/he writes, registration is closed to new members unless they have an invitation from an existing member.

At any rate, according to AllThingsVice, the Silk Road that’s risen from the ashes is “trying its best” to be a remake of the original, which the FBI seized in October, causing much freakout among users over lost Bitcoins, drug shipments and resulting debts to drug sellers.

You can see those themes of lamentation in Reddit comments from the r/SilkRoad subreddit, as published by Business Insider.

Within hours of the arrest of Silk Road’s alleged ringleader, Ross Ulbricht, authorities arrested eight more in the US, the UK and Sweden.

Are more arrests in the works? And is the new site a sticky trap for luring even more drug aficionados?

That’s worth pondering, and it well might continue to rain a cold shower down on the growth of the new Silk Road.

As it is, the FBI affidavit filed in connection with Ulbricht’s arrest indicated that law enforcement got its hands on multiple Silk Road servers, both within and outside of the US, including the server that hosted the site.

The FBI said in the affidavit that as of 23 July 2013, the server showed some 957,079 registered user accounts.

Staffers who held administrative and moderator positions on the old Silk Road might not fear that the seized servers will give them away, or they might not care, given that, as AllThingsVice reports, known and trusted former Silk Roaders have banded together to recreate the market.

They’ve reconstructed the community, s/he writes, and have come up with a new figurehead – i.e., one or more people who fill the shoes of the “Dread Pirate Roberts” persona, who maintains the site’s philosophy.

The changes in the relaunched site are slight and include a new login page that parodies the seizure notice posted by the Department of Justice on the prior Silk Road’s homepage, with the notice that “This Hidden Site Has Been Seized” replaced by the declaration “This Hidden Site Has Risen Again.”

Although AllThingsVice has published the URL for the site, don’t expect to find it unless you can get an invitation.

As noted, it requires new users to be invited, and like all onion sites, it also requires users to sign in via the Tor anonymizing service.

Are users safer on the new site than on the old, or should they still be waiting for the law to show up on their doorsteps?

The relaunched site is now reportedly featuring a new security feature that allows users to use their Pretty Good Privacy (PGP) encryption key as an extra authentication measure.

Would-be drug buyers and sellers should, of course, ponder whether that’s going to shield them from the law.

This FAQ on PGP tackles the question of whether the US National Security Agency (NSA), for one, managed to put a back door into MIT PGP as a prerequisite for its legal status.

The response:

First of all, the NSA had nothing to do with PGP becoming “legal”. The legality problems solved by MIT PGP had to do with the alleged patent on the RSA algorithm used in PGP.

Second, all the freeware versions of PGP are released with full source code to both PGP and to the RSAREF library they use (just as every other freeware version before them was). Thus, it is subject to the same peer review mentioned in the question above. If there were an intentional hole, it would probably be spotted. If you’re really paranoid, you can read the code yourself and look for holes!

As for Tor, we know from Edward Snowden’s leaks of classified documents that US surveillance really, really hates it, given how maddening Tor layers are to unpeel.

Maybe users will be safer on the new site.

Then again, maybe the FBI is still identifying users from the server of the old site, and knocks on doors are in the works.