Silk Road reboots: For real, or just a honeypot?
By Lisa Vaas November 12, 2013
- Relaunched site reportedly allows users to use their PGP encryption key as extra authentication measure
- Users should ask if they’re safer on new site, or if they should expect the law to show up on their doorsteps
SILK Road has reportedly reopened, though it is anybody’s guess whether the rebirth of the online drugs and weapons black market is for real, or in fact a honeypot.
What Motherboard’s Joseph Cox calls the “online-marketplace-cum-libertarian-movement” found a new home and was scheduled to reopen for business on Nov 5 at 16:20 GMT – a ‘poetic’ time on an auspicious date, notes the dark web-focused site AllThingsVice.
(As it turns out, the Silk Road relaunch, the date and time of which jazzed the drug culture cognoscenti, got pushed back 24 hours to Wednesday – a date that isn't druggishly auspicious at all.)
The AllThingsVice post was apparently written by a registered user of the original Silk Road or at least by somebody invited by a user to join the new site, given that s/he writes, registration is closed to new members unless they have an invitation from an existing member.
At any rate, according to AllThingsVice, the Silk Road that's risen from the ashes is “trying its best” to be a remake of the original, which the FBI seized in October, causing much freakout among users over lost Bitcoins, drug shipments and resulting debts to drug sellers.
You can see those themes of lamentation in Reddit comments from the r/SilkRoad subreddit, as published by Business Insider.
Within hours of the arrest of Silk Road’s alleged ringleader, Ross Ulbricht, authorities arrested eight more in the United States, the United Kingdom and Sweden.
Are more arrests in the works? And is the new site a sticky trap for luring even more drug aficionados?
That's worth pondering, and it well might continue to rain a cold shower down on the growth of the new Silk Road.
As it is, the FBI affidavit filed in connection with Ulbricht’s arrest indicated that law enforcement got its hands on multiple Silk Road servers, both within and outside of the United States, including the server that hosted the site.
The FBI (Federal Bureau of Investigation) said in the affidavit that as of July 23 2013, the server showed some 957,079 registered user accounts.
Staffers who held administrative and moderator positions on the old Silk Road might not fear that the seized servers will give them away, or they might not care, given that, as AllThingsVice reports, known and trusted former Silk Roaders have banded together to re-create the market.
They’ve reconstructed the community, s/he writes, and have come up with a new figurehead – i.e., one or more people who fill the shoes of the ‘Dread Pirate Roberts’ persona, who maintains the site’s philosophy.
The changes in the relaunched site are slight and include a new login page that parodies the seizure notice posted by the Department of Justice on the prior Silk Road’s homepage, with the notice that “This Hidden Site Has Been Seized” replaced by the declaration “This Hidden Site Has Risen Again.”
Although AllThingsVice has published the URL for the site, don't expect to find it unless you can get an invitation.
As noted, it requires new users to be invited, and like all onion sites, it also requires users to sign in via the Tor anonymising service.
Are users safer on the new site than on the old, or should they still be waiting for the law to show up on their doorsteps?
The relaunched site now reportedly has a new security feature that allows users to use their Pretty Good Privacy (PGP) encryption key as an extra authentication measure.
Would-be drug buyers and sellers should, of course, ponder whether that’s going to shield them from the law.
This FAQ on PGP tackles the question of whether the US National Security Agency (NSA), for one, managed to put a back door into MIT PGP as a prerequisite for its legal status.
Second, all the freeware versions of PGP are released with full source code to both PGP and to the RSAREF library they use (just as every other freeware version before them was). Thus, it is subject to the same peer review mentioned in the question above. If there were an intentional hole, it would probably be spotted. If you’re really paranoid, you can read the code yourself and look for holes!
As for Tor, we know from Edward Snowden's leaks of classified documents that US surveillance really, really hates it, given how maddening Tor layers are to unpeel.
Maybe users will be safer on the new site.
Then again, maybe the FBI is still identifying users from the server of the old site, and knocks on doors are in the works.
Lisa Vaas has been writing about technology, careers, science and health since 1995. She rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash and joined the freelancer economy. This article first appeared on the Sophos Naked Security blog and is reprinted with its kind permission.
The Silk Road arrests, and why users should be worried
Spy vs spy, apples vs oranges
How the PRISM surveillance scandal affects Asia
For more technology news and the latest updates, follow @dnewsasia on Twitter or Like us on Facebook.