Silk Road forums

Discussion => Security => Topic started by: wixxer on August 10, 2012, 08:18 am

Title: Traveling the Silk Road: A measurement analysis of a large anonymous online m...
Post by: wixxer on August 10, 2012, 08:18 am
I cannot believe this


6.2 Potential intervention strategies
Given the nature of the goods sold on Silk Road, it is quite clear that various law enforcement agencies
may have a strong interest in trying to disrupt Silk Road operations. They appear, so far, to have been
unsuccessful since the site is still up and has grown in size since Sen. Schumer called on the U.S. Attorney
General and the head of the U.S. Drug Enforcement Agency to put an end to it.
We discuss four possible intervention strategies that could be considered: disrupting the network, disrupting
the financial infrastructure, disrupting the delivery model, and laissez-faire.
Attacking the network. The first possible intervention policy is to disrupt the Tor network. Indeed, without
Tor, Silk Road cannot operate. This strategy is very likely to be difficult to put in place. First, Tor has many
uses beneficial to society – Silk Road and other anonymous online marketplaces are far from representing
the majority of Tor traffic, even though this work argues that their importance is growing. Tor is routinely
used by oppressed individuals to communicate without fear of reprisal. Thus, disrupting the entire Tor
network for the purpose of taking down Silk Road would come at a potentially high collateral cost.
Furthermore, Tor has shown to be resilient to a large number of attacks, due to its open design and to the
large amount of academic research it fosters. In particular, Tor hidden services, like Silk Road, have been
the subject of considerable scrutiny [27, 29]. Øverlier and Syverson showed that timing and intersection
attacks could be used to reveal the location of hidden services. Most of these concerns have been addressed
in recent versions of Tor, e.g., through the use of “entry guards.” Murdoch described how covert channels
(specifically, clock skew) could leak information allowing to pinpoint the location of a hidden service.
Attacking the financial infrastructure. Another possible disruption strategy is to attack the financial infrastructure
supporting Silk Road. Bitcoin has shown, in the past, to be a very volatile currency. The June 2011
theft of a large number of Bitcoins from the Mt.Gox exchange [4] actually caused an abrupt collapse of the
currency. Certain users have been complaining in forums of the uncertainty on the prices they end up paying
due to the instability of Bitcoin and the various commissions they have to pay to purchase Bitcoins, and then
to purchase items on Silk Road [6].
Disrupting the Bitcoin network appears, compared to attacking the Tor network, to be a more actionable
possibility. In fact, in the aforementioned Gawker article [10] one of the Bitcoin developers argued that
Bitcoin was not providing the level of security Silk Road and other anonymous marketplace operators would
desire. More precisely, recent research [30] has shown that Bitcoin transactions are partially vulnerable to
traffic analysis. Indeed, the history of all transactions is publicly available and network analysis can allow
to map sets of public keys to individual users and transactions.
Since currency exchanges like Mt.Gox where users redeem Bitcoins for cash bind public keys to actual
identities, Bitcoin anonymity guarantees are weaker than most Silk Road users seem to assume, even though
additional intermediaries (tumblers) are in place. In particular, large Silk Road sellers withdrawing massive
amounts of Bitcoins at once may be relatively easily identified.
Attacking the delivery model. Another possible angle of action is to attack the delivery model. That is,
to reinforce controls at the post office and/or at customs to prevent illicit items from being delivered to
their destination. One interesting finding from this work is the apparent lack of worries a large number of
sellers have: Most items are marked as shipping internationally, which means that the risk of package loss or
20
destruction is viewed as minimal by the sellers. This is certainly an area that warrants further investigation.
In the United States, coordination between agencies is paramount: Customs (which can inspect mail) need
to work in concert with Drug Enforcement Agency (DEA) and/or Food and Drugs Administration (FDA),
depending on the type of item concerned. Yet, very often, packages that are seized are simply destroyed, or
returned to the sender.
Laissez-faire. Finally, a last possible intervention strategy is actually not to intervene. Politically, this is
a questionable proposition, as it may sound as an admission of weakness. There are however studies that
show that drug abuse prevention is considerably more cost-efficient than enforcing drug prohibition [9].
The relatively rapidly expanding business of online anonymous markets such as Silk Road and the logistic
difficulties in shutting down such markets may further tilt the economic balance toward prevention and
cure. As a result, laissez-faire, however untenable it might currently appear from a policy standpoint, might
become even more attractive in light of budget constraints. Although there is no public statement about it,
this could be the strategy currently adopted by law enforcement, seeing that the marketplace has not met any
significant disruption to its operations, other than transient technical issues, in the past nine months, while
at the same time sales volumes have doubled.

http://arxiv.org/pdf/1207.7139v1.pdf