And that, ladies and gentlemen, is how you defeat crypto. How could you even defend yourself against such a thing? The only thing that comes to mind is never working in public on a computer.

But just quickly, he should have compartmentalized. Zero need to have all that data decrypted while doing day-to-day admin. A throwaway machine with Tails or something would suffice for management. Then, add some physical security, such as smartcards with removal events set to destroy and then chain it to your neck. Or there's little dongles that do proximity detection.

Then get some physical security so your RAM is never exposed. The commercial phreaking devices were said to have thermite, but something explosive might look too much like terrorism. I'm not sure it'd be out of the question to wire up a short-circuit to your RAM at single click, although that would look bad, versus something less obvious.

But really, this is apparently only because he messed up his server security so badly. Otherwise, they wouldn't have been there in person in the first place, right? It's probably safe to assume that if you're being physically targeted, you're going to have a bad time living a normal life. If you have a bunker or something where you can definitively see all approaches and have many minutes in case of a raid, eh, maybe. But by that time, there's probably some sort of correlation information or real-world bug going on, right? If Ross had been super careful, eventually they'd just bug his every movement, word, etc. Get video or audio on his keyboard, even, right?

So worrying about this is the barn door question after horses have left, it feels.

Edit: Oh, also, since compulsion to reveal keys might be an issue, it's better if there's nothing around. In the US it seems to be if the prosecution can convince a judge that they really did see evidence but you since re-encrypted. I wouldn't want to rely on a judge in that case. Although at this point one is probably cooked but still.

The beneficial part is to think of every action you do, how many bits is it leaking? What persona are you, at that moment? How is that persona contained? How will the traces you are leaving at the moment look to an investigator? A judge? A super power network analysis and correlation system? For each bit you're leaking, what specific steps are reducing it and how? Are you still in persona? If your persona is from County X, is he on at the right times? If not, and he makes casual comments, so they fit in persona? Eg if on late and the World Cup is being held in his come country, did the persona reference it accurately? (And the searches you performed to find out that info, can they be correlated back?)

I'm sure this has a name but getting in the mindset and making sure you don't break character is key. I think it's probably best to minimize all statements. But, many records show people being found because they slipped up. Like one of the recent hacking groups, he told someone in chat "yeah well I was arrested for pot back in '06". Damn, you just cut your identity space from something like 2^28 to 2^20. Do that a couple more times and your toast. Hell, even picking a username from a great book you're reading might take off several bits (eg if you bought the book on Amazon, and are reading it on Kindle, a well funded adversary could correlate - there's probably many such casual " unrelated " influences that might be detectable.

Personas need to extend to hardware, too. For example, cameras might have somewhat unique noise patterns. If you use your camera to take a pic of <something> , and with the same camera take pics to post on Facebook, it's plausible an adversary could get many bits of your ID. Fingerprints are everywhere, so minimize channels used to avoid surprises.

It's probably good to try to do things in batch. Download data, manipulate on a limited offline device, then batch upload. This is easy to disguise, and could be set on timers to coincide with different personas, establishing alibis. It helps defeat simple traffic correlation, like "let's cut off access to ISP A, and see if our target chat user disconnects". If you were chatting all day on a server, such an attack could be very effective. I didn't do batch mode, because I didn't have any actual work, other than " buy btc and setup a single server hosting a single static page ". (I was thinning of a legal product (something like dropbox) aimed at privacy users and wanted to know how hard it'd be in real live... I decided the Onion service limitations would put my users at too much risk, and many users would fail to follow procedure when using the service, very high risk for them).

The body armor idea was more an overreaction (it was mostly for at home/hotel/sleeping). Once you getting paranoid, it's a spiral. And hey, if you do get raided, there's probably a small benefit to be gained by having some accidental shots not be fatal, right? But no one takes any of this stuff seriously in general, so body armor is likely to get a friend to call the psych ward. Even the BTC or darknet forums. They suggest waking into a bank to buy BTC. Or meeting a stranger in public. Two great ways to link your meatspace and BTC identities! Sigh.

Anyways I recovered by going back to axioms, or trust anchors. Stuff like, "I trust Tor will not reveal my source IP on this persona in under a month", then build from there. The product idea didn't work out, so I dropped the " experiment ". I kept smart cards, FDE, multi VM, and tamper evident seals/stickers, but otherwise went back to normal.

Thinking things through this way will quickly clue one into the notion that it is much more important to pick a good adversary than to pick good defenses. I strongly recommend not picking the USFG, or any other nation, as an adversary. You will not win. The price of your identity is not measured in aircraft carriers. Their budget is.

I do concur though. Basically my analysis came to that any customers that really wanted or needed the level of service I was considering would probably not be around long, even if I stayed hidden (purely to avoid getting subpoenas to expose them - my plans were totally legal). And if they didn't really need that level of safety, then they would not use my product, because the limitations and costs would not be worth it.

On the flip side, look how long SR operated, and how " easy " a job LE had. If Ross would have been content to have a dozen million dollars and move on early, he probably could have gotten away with it.

The way police thinks is like this: first they'll find someone close to you and try to flip them by exerting pressure (on them or on you). If you don't conduct business with close relationships but with strangers, they'll plant an agent. The more secretive the crowd you hang with, the higher the chances the man on the other end is an agent. If your strategy is that no one knows anything about you, you'll find that you won't be doing much business anyway, and so wouldn't become a police target anyway, and if that's the case, you've gone through a lot of trouble while simply remaining a small fish without any evasion would have been better. So the hiding technique you describe might work for a one-time crime.

The only technique that works for any significant amount of time actually relies on very strong relationships: organized crime. It is a feudal system of patronship and loyalty -- your employees depend on you and they'll be willing to go to jail for you -- combined with a the very powerful stick of physical intimidation, so that people are afraid to snitch on you.

The ideas I've outlined would work for more than one person, though I'd be very hesitant to trust others, and you would need to find such candidates in the first place.

Hiring agents should have been taken as a given. You're paying someone a few thousand bucks, and you don't think they're going to sell out if someone comes along that has far more? SR should have been robust to malicious actors. DPR can keep the root level stuff to himself, while allowing his admins to have limited tools. Periodically review stuff.

I fail to see how organized crime would be an option for someone like Ross, wanting to start SR. So while that may be an option for some (a Mafia style threat profile is not something I'd likely be happy with) it's not really that viable for a random startup. I mean, here's another way to be immune from a lot of regulations: be really rich!

Also, when I say persona, I'm referring to the currently active one that you're using at the moment. Silk Road claimed to have been run by a line of these guys. Yet there was no real evidence of that, eh? If multiple personas would have been properly used, we'd see changes on the site, the staff would know, you be wouldn't have old documents, etc. That's what I mean by fully going into a persona. You might use one disposable persona to buy an order or two of bitcoins. Another to run a server. Etc. Anywhere you need to draw a line between one act d another.

http://sockpuppet.org/blog/2014/04/30/you-dont-want-xts/

The problem isn't "crypto". The problem is the extent to which full disk encryption overpromises and way, way underdelivers. It's easy to have a cryptosystem that is at least somewhat resilient to this threat. You just can't get it with a UX that "unlocks" your whole computer to use it, and then "locks" it again when it goes idle.

Second, I can't see it working properly if you need to do something specific when you're being struck.

Closest thing I can think of:

- headphones must be plugged in to launch a certain program

- if headphones are unplugged before program is closed, lock and begin wipe

- don't, under any circumstances, let go of the headphones

At this level of paranoia you probably also need interrogation training. Ideally you'd also have your sensitive stuff on a machine that is both hidden and protected, and only access it remotely. You want to be able to deny its existence to have any chance of withstanding a torture attack.

Edit: iphone earbuds have a switch that you might be able to use in your hand/mouth as a deadman switch, but I can't see that being workable for more than a few seconds.

Also, if you're in public, they could film your monitor... so that would need to be sanitized somehow as well.

If you can come up with a plan for plausible deniability when it comes to, say, permanently deleting the keys for an encrypted drive, then that's worth way more than the deadman's switch is on its own.

I think that "lock and wipe" might be too much though, and locking only would be more practical, wouldn't constitute destruction of evidence (as far as they know), wouldn't punish mistakes so much. Right now, off the shelf, a computer will lock up on screensaver, or sleep/poweroff. For a high paranoia user, you could add headphone unplug, power cord in/out, any usb in/out, even monitor the mic for certain codewords to trigger the lock. And if it happens it isn't such a big deal, just re-authenticate.

grugq removed the PoC repo in prep for a product launch, but here's a fork of a project that's a partial solution: https://github.com/RagnarDanneskjold/darkmatter

Basically, restart an full-disk encrypted device when loss of signal or drop in temperature occurs. Have something similar on your desktop. Wear a BLE Android watch, and make sure your devices restart when they get out of reach, or when put into a Faraday bag, or when dropped in liquid nitrogen :)

Yeah, it's still possible to defeat, especially if someone knows your setup, but it's at least pretty damn close to foolproof. If you sense trouble, just run like hell and lose the signal

My idea would be more of a proximity sensor that not only does the RFID-walkaway thing, but also locks the machine up if anyone additional to yourself approaches the device.

But then the LEO agent sees this, and not only does he pick up the keys, he will then proceed to charge you with something for resisting arrest, or obstruction of justice or any of the myriad of ways they have to make your life a living hell.

I think this would be similar to smoking pot in a moving car, then getting a police car to tell you to stop and then you throw the drugs out the window. I believe that's enough of a reason to charge you with all sorts of nasty stuff.

I was trying to say that it seems to me as an ineffective method. Just as ineffective as trying to argue with the police that since you don't have the drugs on you (because you just tossed them) you are not in trouble. The drugs don't disappear just as the keys won't, so the agents would just have to get the keys and unlock your laptop.

Of course, just like the shoe bomber changed airport security forever, an rfid keyfob like you suggested becoming commonplace, would just lead to the cops immediately tazing and tackling you, and treating every single motion of your arms as an attempt to destroy evidence.

Use a laptop with a camera. Have the camera require that your face is in the picture to avoid activating the screen saver.

My cell phone already does this, so it's got to be easier with a full powered laptop.

You could probably describe what Ross Ulbricht is going through right now as an even bigger hassle.

that said i concur, the proliferation of built-in cameras should spur us to adopt biometrics such as facial recognition, but it's gotta be better than picking out a few points and doing a simple match like most CV facial recognition systems do. some sort of challenge-response maybe, like "wink your left eye" or "blow a kiss", anything that a simple, static picture couldn't defeat.

but i concur on the larger paradigm - the hardware is common enough to force us to consider biometrics as commonplace.

Cryptography is only as strong as its weakest link. That link more often than not is the human factor.

If you get further away from the machine than 5m or so when it's powered up it will melt everything. For extra kicks also wire up another detonator with a case ground wire or something, if the case is opened - it melts.

Flush crypto keys, activate screensaver, kill all active terminal sessions.

If you want to get extra special: scramble the disk keys. Without those, data's good as toast. And that can happen a lot faster than a shred, wipe, or even dd if=/dev/zero of=/dev/sda bs=1g

Something to fry your memory might not hurt.

They need to show the warrant to enter suspects house but don't need to do it when seizing suspects property in public space. That's what confused me.

https://bitcoinmagazine.com/5285/torbroker-anonymous-finance...

http://www.forbes.com/sites/andygreenberg/2013/11/18/meet-th...

It's like he wanted to get caught...

Felt the same way when reading this. Seriously - three years worth of chat logs? I don't think he wanted to get caught, he just felt that a clueless investigator could never decrypt his data, a clueless prosecutor could never understand let alone describe his operation and a clueless jury would never understand it.

So far we know he underestimated the investigator and the prosecutor. We'll know soon if he misjudged his chances with a jury.

I wince when I read of security goofs like those mentioned in the article or Poulson's book Kingpin. These are bright guys who should assume they'll eventually get raided or otherwise targeted by the law and have safeguards in place.

Makes for good reading, though. I'm ordering popcorn for this one.

Turns out, he was doing nothing of the sort!

The armchair commentators here write "just keep it all in your head", but that's just not possible.

The CEO of Google once sent someone an email which said, virtually verbatim [+], that he would appreciate them not talking about the illegal act he had just ordered over email because it would open them up to a lawsuit.

We know this. Guess why.

[+] The quote, in case anyone thinks I'm being too harsh in my summary: "I would prefer that Omid do it verbally since I don't want to create a paper trail over which we can be sued later? Not sure about this.. thanks Eric" (The antecedent was to "it" was "share with eBay and Paypal executives Google's internal anti-poaching rules as they pertained to eBay/Paypal for the purpose of eliciting their continued cooperation in the conspiracy.")

"We also confirmed that decay rates vary dramatically with temperature. We obtained surface temperatures of approximately −50C with a simple cooling technique: discharging inverted cans of “canned air” duster spray directly onto the chips. At these temperatures, we typically found that fewer than 1% of bits decayed even after 10 minutes without power. To test the limits of this effect, we submerged DRAM modules in liquid nitrogen (ca. −196C) and saw decay of only 0.17% after 60 minutes out of the computer."

But I don't see why they would need to freeze anything. I would think the feds should be able to make a device that plugs onto the DRAM connectors of chips and reads the content, although I'm not sure.

https://tails.boum.org/doc/advanced_topics/cold_boot_attacks...

Or, of course, thermite always works.

What about some sort of 5-10 minute prompt? You cant ask repeated questions due to surveillance, or you could be also requiring some hash value. Perhaps based on some permutation of the current time? It's weak but I can't think of something else you could consistently make a unique hash of using just your brain and some changing property of reality.

Another idea, a heart rate or brain wave monitor connected via bluetooth. If it's disconnected, moved, or shifted it prompts a lock. If your heart rate increases or brain patterns are it also locks. The point is that it cant be removed from yourself, but others cannot stop you from locking it as well.

I like this idea. It may or may not be practical, but it's out of the box thinking and would certainly warrant some investigation / development.

"Oh shit, he's moving his arm! It might have an rfid dongle!" bang

I'd be curious from a legal perspective if that would constitute obstruction if you always used it, by analogy to having a data destruction policy in place before the discovery phase of a lawsuit.

http://www.thinkwiki.org/wiki/Active_Protection_System

http://osxbook.com/book/bonus/chapter10/sms/

Or just take the battery out of the laptop and work with the plug. Snatching it away shuts it down.

Unfortunately, I can't recall where it was, nor can I seem to find it. Sorry.

Some of the above methods can still be broken. Requiring a face present? Why not just print a big blowup photo and quickly insert in front of camera?

There are smart people getting around security.

"I imagine that someday I may have a story written about my life, and it would be good to have a detailed account of it."

On recent systems like iOS & Android applications run pretty isolated. You can't read and write the whole file system (afaik), and you need to have the user tap "yes" to use many system API's (like microphone, camera, etc).

Using UNIX for a desktop computer, you don't really utilise the user system. Everything I run is either as my own user, or as root (when adding/remove packages or doing system updates). Otherwise, it's a singe user system. So any program I run can read all permanent data stored by other programs in my home directory. In effect, all programs have 100% access (except for changing system settings, but why would they care when there is only one user to own?

When I encrypt my drive, I encrypt it all but also unlock it all when logging in. It's inherent to the system that my whole home dir is open when using (except for things I encrypt manually, like GPG mail or other user land things). Defaults matter. That's why Ross's documents were readable to the American government.

I think we need a new OS to take over after UNIX. One that is built up of sandboxed modules. Where each program gets it's own file system, where they can do whatever they want. That file system is, if I wish, encrypted until I chose to open it. It could be encrypted with a public key system, so I can have many FS's opened with one key, or derive keys from a master key.

These small systems could even be virtual machines, I can't say anything about the eventual overhead that would bring.

In short, UNIX is bad because the file system is bound to my user, and anything my user runs has 100% access to everything else I run. The user system is nice, but not practical. If it was, Ross would be a free man.

Given the revelations from the last few years, how many of you would agree that carrying out an illegal plan like this is safer online?

Also - was that money recovered by the FBI or could they not find his private keys?

edit for source: http://abcnews.go.com/Technology/wireStory/san-francisco-man...

The FBI had no problem finding his keys because he kept them in a folder called, "Keys" -- the kid was not an OpSec genius..

http://motherboard.vice.com/read/journal-and-chat-logs-from-...

You may have to come to terms with the possibility that the FBI actually has a case supported by evidence obtained through legal means.

But, it is immensely frustrating, even heartbreaking when you consider the cost in human lives, that given the choice between something like Silk Road and Mexican drug cartels, we as a society have apparently chosen Mexican drug cartels, and all the gut-wrenching bloodshed and destabilization they bring.

I'm reserving judgement on Ulbricht the person, but what he did should not be illegal, for reasons ideological, practical, and humanitarian.

But the most reasonable explanation is that an arrogant narcissist (classic Dunning-Kruger) wrote it.

The FBI did not write it.

From what we've been told so far, this sounds like a textbook case of an allowable grab.

So he couldn't close the laptop and enact the encryption.