"Forensic analysis" of Silk Road server(s) or where Ulbricht's defence attorney refute FBI's "Leaky Captcha" theory.

Declaration of JOSHUA J. HOROWITZ, defense attorney:

http://antilop.cc/sr/files/2014_10_01_Declaration_of_Josh_Horowitz_defense_attorney.pdf


Comments


[7 Points] adam2222:

This is great work by the defense, but will the 65 year old judge have any idea what this is talking about? My guess is he will not understand a word of it, the government will say "I promise, it happened line this" and it will continue to trial


[6 Points] timepad:

HackerNews discussion: https://news.ycombinator.com/item?id=8401627

Also, I feel it's worth it to repost a really good comment from over there, by PeterWhittaker, which summarizes the affidavit:

Quite an interesting read. Summary? Silk Road used a pair of nginx servers, one as front-end, one as back-end. The server images (captured forensically) show that the then-in-place configuration made it impossible for the FBI agent to do what he claims, that is, connect to the back-end by using the server's IP address (the allow/deny settings forbade this). The log files on the servers lack entries to support FBI claims.

Furthermore, FBI agents describe using other techniques to obtain information, e.g., fuzzing and packet sniffing. Not only do server logs NOT contain any evidence of this, but the agents did not preserve any evidence of their packet sniffing activities, despite having training in forensic investigation techniques and claiming expertise in these areas.

While it is possible that there were bugs in either the Ubuntu 12.04 hosts or the nginx servers themselves that would have allowed these activities to occur, unlogged, I suspect it would now be up to the prosecution to establish reasonable grounds for believing this to be the case. Likewise, while it is possible that the handful of lines of log pertaining to FBI activities might have been removed from the several million (yes, you read that correctly) lines of log later captured in forensic image, that does strain credulity; again I suspect the prosecution would have to establish that, somehow.

I've no particular interest in this case or in Silk Road, but I cannot help but conclude that the lawyer filing this brief just seriously schooled the FBI.


[5 Points] presari0:

This is going to play out, and Im excited to see how it does.. Sheit

Ive thought about that too- having a judge that has only a vague understanding about what the defense is talking about, and just kinda going -well if the guvvvment says its true, must be true.. Flim flammin kids and their internets. Got em all hopped up on goofballs.
Hope for Ross this isnt the case though.


[3 Points] None:

Damn, I can't wait to see how this all plays out


[1 Points] call7076170003:

Wow, pretty nice! I can't wait for this to play out.


[1 Points] My-drugs-account:

Damn I can't wait for this to play out.


[1 Points] samwhiskey:

Shit, I can't wait for this to play out!


[1 Points] CannibalCarl:

Sick, I can't wait for this to play out!


[1 Points] 666fun:

I don't ge why so many people around here think the FBI obtained the servers IP address through nefarious means when there were plenty of people here on reddit who had inadvertently stumbled acrozz the servers IP address due to his own misconfiguration. If random redditirs could happen upon its IP address without resorting to shady methods, then why is it such a leap to think the FBI could do the same?


[1 Points] dzorror:

can't wait for this to play out....


[1 Points] ciphersexual:

Happy not at all coincidental Reddit cake day lamoustache. Thanks for always posting these links for us.


[1 Points] sharpshooter789:

Thanks this is a very interesting development.


[1 Points] ChipsAt5am:

SR was hosted in Iceland? :O


[0 Points] Agalol:

This would make a sick play!