Silk Road forums

Discussion => Security => Topic started by: airforced on November 10, 2011, 07:16 pm

Title: Questions about anonymizing the money trail of bitcoins - first timer
Post by: airforced on November 10, 2011, 07:16 pm
So after investigating TOR, BTC, GPG, and looking at various other things for the past week, I think I'm ready to dive in.

I do have one question about purchasing BTC and trying to mask the money trail as much as possible. I've come to two possible methods and I wanted to see if anyone could provide feedback.

Method 1: Buy pre-paid debit card with cash > send debit card to get-bitcoin.com to purchase BTC > send those BTC to an instawallet.org > send the BTC again through a few other instawallets in various denominations and let them tumble > send all BTC back to one instawallet > send BTC to SR > happy times

This seems like there is no way for anyone to track the money side of the equation (unless I'm missing something) and doing this all through TOR makes no way to trace an IP back to me, but it also seems like overkill for what will likely be ~$200 with of kit.

Method 2: Buy BTC via get-bitcoin.com or MT.Gox > send BTC to wallet on desktop > send BTC to various instawallets and pass them through a few more times and let them tumble as well > send all BTC to one instawallet > send BTC to SR > happy times

This payment method seemingly could be traced back to me through a lot of hard work, but with police budgets getting hit just like everything else of late in gov't, seems like appropriate enough steps to cover the money side of the equation.

Method 1 seems like overkill and I'm tempted to just go with method 2, as if I am going to get pinched it is not because of the money trail (though I'm taking what seems like good precautions). It will be because the seller fucked up and/or there is inherent danger of having something delivered to a location where you have to pick them up.

Any thoughts from more experienced buyers is appreciated.  :)
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: mr arcarnum on November 10, 2011, 07:28 pm
depending on your location with the world, you can sign up to some bitcoin sites that also take cash deposits into there bank accounts, at first I was not thrilled by the idea but in all honesty from being told that its a good option and me actually thinking about it, I think this would be good, depending if its accepting in your country, in the UK intersango accept payment into there lloyds account. I intend to do this when I get paid at the end of the month as im flat broke at the moment :( maybe when you buy your bitcoins you can do me a loan =p (jk)
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: airforced on November 10, 2011, 08:11 pm
Any of those types of services in the states? (though I can see why you might have thought I was in the UK  ;) ). Haven't really run across any of those sites in my research.

I'm still leaning towards get-bitcoin as they seem reputable and easy to deal with.
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: Tommyhawk on November 10, 2011, 09:38 pm
I don't really see all those extra transfers of the BTC nessisary.

If anything, when I order bitcoins, from get-bitcoin.com(btw it's easiest if you just deposit it into their bank of america account). Go through the drive through to do it and there's no record of who you are. You might actually have to go in to get special deposit slips, but you dont need to prove id unless depositing several thousands.

Silk Road tumbles all out going bitcoins that go through it so that right there makes it relatively hard to track.

Here's something you didn't think about I can bet you.

Sending bitcoins between addresses can take some time, sometimes a few hours.
Meaning, you might buy $280 worth of bitcoins, all the time it takes you to transfer them around manually, the price of bitcoin could easily change and make your value go down to $200. Or even up to $300+. It's all varying.

When I buy bitcoins and recieve them, I use them right away on the item I wanted to buy so there's minimal chance of them dropping in value and me having to buy like $10 extra bitcoins, doing all that driving around and shit, just because I waited.
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: airforced on November 10, 2011, 10:54 pm
After posting, I realized you could just deposit cash straight up at BoA for get-bitcoins. Other than perhaps being on a surveillance camera, this seems like a good route.

I don't really see all those extra transfers of the BTC nessisary.

Here's something you didn't think about I can bet you.


You are correct! That hadn't occurred to me. I was so worried about covering my tracks that I forgot about basic economics. Thanks, Tommy!

So my current plan is to send the BTC I buy from get-bitcoin to an instawallet accessed through Tor (creating a level of anonymity) then onto SR.
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: Glaiveadder on November 11, 2011, 03:29 am
Actually, I just used get-bitcoins Bank of America payment option myself.  However, I used their online payment center method.  You know, the one where Bank of America sends two small test deposit amounts to your actual bank account to verify it?  Then the BoA account charges your real bank for the amount you specified on get-bitcoin.
Now, is it just me, or is this pretty easily traceable?  I mean the BoA account even had my real name and address attached to it.  Has anyone else heard of/tried this method?  Are my BTC salvageable through some wallet transfers, or is it a lost cause?
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: CrunchyFrog on November 11, 2011, 05:01 am
...Go through the drive through to do it and there's no record of who you are....
Except for the exterior surveillance tapes that have your face and license plate number on them.  ;)

It's hard to know if any "interested parties" have asked banks to let them know about deposits made to "certain accounts", but it's possible.  Parking a distance away and walking the money into the branch still puts your face on camera, but at least they'll have to spend some resources to put a name to the face.

If you've not been booked by the police before it's probably more effort than they'd be willing to invest on a relatively small transaction.  (Although facial recognition software is probably going to change that. [ www.eff.org/deeplinks/2011/10/fbi-ramps-its-next-generation-identification-roll-out-winter-will-your-image-end ] ).
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: CrunchyFrog on November 11, 2011, 05:57 am
Quote from: Glaiveadde
...the BoA account charges your real bank for the amount you specified on get-bitcoin.  Now, is it just me, or is this pretty easily traceable?
In all likelihood those coins are traceable to you, strictly speaking.  How easily and for how long is an open question.

BofA will almost certainly retain the transaction for years and would probably divulge with no more than a written request from the right "interested party".  We don't know as much about GB's data retention and whether they would want an actual warrant or subpoena.  As with most situations like this, the probability of anyone becoming "interested" increases with the amount of the transaction; under a hundred BTC might be trivial, whereas over a thousand BTC could arouse suspicion, for instance.

Quote from: Glaiveadde
Are my BTC salvageable through some wallet transfers, or is it a lost cause?
Salvageable; simply run them through something that will mix your coins with those of others before sending on to SR.  Depositing them to an online wallet -- such as instawallet [ instawallet.org ] -- for a day should do the trick, I would think.  You can repeat that with additional online wallets (or tumbling services) for an extra measure of reassurance if you like.
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: phubaiblues on November 11, 2011, 07:51 am
Yeah, thro split it up in a couple of instawallets, it'll be fine...as far as any kind of surveillance and all, this a common question, but of course, the truth is, no one knows...except, of course, for the truly paranoid...I'm sure if they really really wanted somebody bad on here, and had unlimited funds, and hired a couple of hardcase hackers, they could follow anybody...but who, here is that important?  Most people aren't even buying anything...like me, they just like hanging out on the forums ;) 

So we all go to different lengths to protect ourselves...I use Tails, I don't like anything on my computer, so that's what they make online storage sites for...and I like linux live distros, if not Tails, then privatix...or liberte linux is nice...but I figure anybody who gets busted, it will be driving under the influence, or bragging in a bar that they are moving dope, or something like that...

So common sense should prevail, and a little self-knowledge, u know, how much uncertainty you are comfortable with....cuz on here, there aren't a lot of answers...who's out there?  Answer: we don't know.
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: Glaiveadder on November 11, 2011, 08:03 am
Thanks for the answer ChruncyFrog.  I think this online BoA method with get-bitcoin is very easy to use.  With instawallet it sounds like I'll be in really good shape! Highly recommend using it. 

Thanks again!
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: airforced on November 11, 2011, 02:18 pm
Thanks everyone for the help! It's greatly appreciated.

On a slightly related topic, what is everyone's thought on using an instawallet as the initial place to send BTC from get-bitcoin.com? I know there are the issues of keeping the url safe, and by using instawallet I'm trusting that they will be around and not steal  my coins, but the paranoid side of me doesn't like the idea of running a wallet locally. By depositing cash at BoA for get-bitcoin > instawallet > SR seems like a solid way to conceal the money trail of using BTC. Only way to identify me is through a bank's CCTV, and in my semi-large city, LE doesn't seem to be able to catch bank robbers with those things.
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: plow3971 on November 11, 2011, 03:00 pm
I would venture to say that, unless you're buying/distributing pounds of Heroin or something (judging by your other posts, I don't think that's the case), the pOlice aren't going to go so far as to subpoena cctv videos :P

Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: phubaiblues on November 11, 2011, 10:00 pm
Thanks everyone for the help! It's greatly appreciated.

On a slightly related topic, what is everyone's thought on using an instawallet as the initial place to send BTC from get-bitcoin.com? I know there are the issues of keeping the url safe, and by using instawallet I'm trusting that they will be around and not steal  my coins, but the paranoid side of me doesn't like the idea of running a wallet locally. By depositing cash at BoA for get-bitcoin > instawallet > SR seems like a solid way to conceal the money trail of using BTC. Only way to identify me is through a bank's CCTV, and in my semi-large city, LE doesn't seem to be able to catch bank robbers with those things.

Yep: the downside is probably if your btc get lost, then having your own wallet.dat means it's easier to track down...all transactions are part of the file..but trying to keep an updated wallet.dat stashed in an online storage is just too much hassle, and then it's all over my pc...

So, me, I use instawallet.org. That's as close as I need btc to get to my own personal electrons ;)
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: airforced on November 12, 2011, 01:06 am
Thanks, phubaiblues! Nice to hear my ideas have been used successfully by others.  :D

On a side note, the SR forum community is extremely nice (which I'm grateful for). I thought it would be a little more difficult to get a straight answer and there'd be more dickishness here, but everyone has been very helpful. I guess needing both the technical skills and patient to do this weeds out the assholes? It has been a pleasant surprise.
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: sandycheeks on November 12, 2011, 06:15 am
maybe im missing something (or a lot), but SR uses a bult-in tumbler, does it not? doesn't this mean that in between the transfer from my wallet to my SR BTC address, all the BTC goes through a system that splits up the BTC, distributes it to wallets i have no access to, and then to my SR BTC address? doesn't that eliminate actual proof that i personally sent BTC from wallet A to wallet B and then to Vendor? because i didn't, right? i sent BTC to x number of addresses, which then transferred BTC to one address, which you can't prove I ever had access to.

does it work like this?: (copied from some wiki)
_________________________

-Set up two Bitcoin installations.
-Put some amount of BTC in installation B. This is the maximum amount of BTC you can deal with at once (for all customers).
-Customers send BTC to installation A. You send them an equal number of coins (or minus a fee) from installation B. Send as 10-50 BTC increments.
-Send all coins from A to B when all orders are satisfied. You can't send coins from A to B if you have any orders that have not been satisfied from B.
-This can be automated, or you can do everything manually.



either way, how could anyone prove I controlled the wallet after the dummy transactions? isn't that the point of the tumbler?

obviously you have to trust that the people that programmed the tumbler did it right, or that there is actually one in place at all.. but shit, there's fuckload more trust involved in giving your name and address to some stranger in germany to ship you products, amirite?

please convince me I'm wrong, because this hasn't been the easiest thing to wrap my mind around...

Thanks!
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: sandycheeks on November 12, 2011, 07:08 am
as an afterthought, I guess proving that the same person that transferred some BTC to the tumbler also received a package to the address they sent (via encrypted message) to unsuspected LEO posing as a vendor, thus defeating the 'plausible deniability' defense of 'my client didn't request x package to be delievered to their house'.

example:

real ID --> get-bitcoin.com --> wallet.dat --> tumbler --> anonymous SR account --> Vendor SR address (with attached mailing address matching original Real ID)

 ^                                                                                                                                                                                                ^
 |-----------------------------------------------------------------------------------------------------------------------------------------------------------|
                                                                                              |
these two are compared, and if matched, can be prove you are the same person controlling the 'anonymous' SR account

obviously there are a lot of assumptions here:

A. vendor is LE
B. LE has resources to track all the BTC transactions to match physical address to original identification
C. LE gives that much of a fuck, and has set up and mailed drugs to multiple people in an effort to bust a couple of people that used their real ID to get BTC and send striaght to SR

and I'm sure there is a way to look at this from the seller's side, but that's really beyond my concern, I'm sure sellers take a few more precautions than buyers for obvious reasons.

sorry this is so long, just trying to figure all this out

Also, this: http://fogcore5n3ov3tui.onion/   which is bitcoin fog, tho i have no idea how legit it is, probably should search the forums..
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: psychedelicinsight on November 12, 2011, 08:57 pm
Hey guys, where is instawallet? I'm just beginning to buy bitcoins, anyone have the url to instawallet?
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: dothisthing on November 12, 2011, 09:06 pm
Hey guys, where is instawallet? I'm just beginning to buy bitcoins, anyone have the url to instawallet?

Instawallet.org
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: airforced on November 16, 2011, 07:31 pm
Figured I'd follow up. Bought the coins with cash via get-bitcoin, sent them to an instawallet (accessed through TOR) > split up to other instawallets > sent from those instawallets to different SR wallets each time and accessed each instawallet via different exit nodes > made my purchase(s) > waiting and sweating. I think I made the money trail as anonymous as I could have hoped.

And TommyHawk was right about being wary of falling BTC. I basically lost 15% due to the selloff at the beginning of the week :( . Live and learn I guess.

Now just to wait and be paranoid as fuck until my package arrives.  ;D
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: reich on November 16, 2011, 08:36 pm
Why are people assuming SR actually transfers BTC from account to account during transactions? MTgox doesn't because doing so would make massive transaction fees, the 'BTC' you see in your accounts most likely goes into the site and then is never directly related to you instead virtual sums are thrown between accounts until someone withdraws them.

That seems the most likely answer to this.
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: phubaiblues on November 16, 2011, 09:21 pm
Imagine trying to explain *any* of this to a jury.  That's why--to me--main concern should always be the most boring areas: my mailbox and my mouth.  I doubt seriously any of us are important enough that any LE agency will spend the kind of money needed to track one, and then try to dummy it down enough to convince a typical jury that these weird funds have been used...I have trouble understanding btc my own self, and explaining them to a non-tech savvy person is just about impossible.

LE correctly would probably bank more on some terrified youngster who just got a package blabbing their brains out and copping a plea, with some disgruntled ex providing corroborating testimony.  People talk, and under pressure, after sitting in a crowded jail cell a few hours, they talk a lot.  But fortunately, they have nothing they can give up, unless some vendor is stupid enough to give out information, which they aren't.

I love fucking with my live linux distros, and my online dispersal of btc...all fun, but I"ve a notion this isn't the area I should most be worried about.  No one knows, of course.  My guess is they'll find a way to make btc illegal, eventually.  At least in most western countries, which is obviously where most *buyers* are.
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: airforced on November 16, 2011, 10:34 pm
You very well could be right, reich. But I'm with phubaiblues on it being sorta fun doing all this. The way LE is going to catch/convict anyone on SR is through slip ups in the packaging/delivery, or a seller talking to LE (or being LE). I still think it's smart to take these precautions, but there's no way any prosecutor would delve in the ins and outs of btc for a few hundred dollars worth of drugs. If we were dealing with serious quantities then maybe, but as a fairly technical person, trying to explain btc to anyone is daunting.

Also I totally agree with phubaiblues that governments will try to make btc illegal (or at least having a company that sells them be illegal). I'm certain that the US government is currently manipulating the btc markets to make them seem more volatile, and to dissuade people from using it as a currency. I'm not an economist but I'm guessing it wouldn't be super difficult to do, and it's probably legal (not that being illegal has stopped the US before).

Taking these precautions helps to ease that paranoid part of my brain, which is justification enough for me.
 
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: CaptainSensible on November 17, 2011, 01:42 am
I think it's a serious mistake to believe that the law won't be interested in your case just because it involves a few hundred dollars worth of drugs.  As long as some ambitious district attorney can use you to build up his "tough on drugs" resume, then you're a target.  Always be careful & never assume you're too small to notice.
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: airforced on November 17, 2011, 03:07 am
Captain, I was referring more to the act of trying to convict someone using btc as key evidence. Rereading what I wrote I realized I sounded kinda dumb in not making that point. Sorry about that.

I have no doubt that if anyone on here gets pinched, LE and the judicial system will take them down hard, especially if they know we are from SR as this place is hot news at the moment. There will be big bragging rights for LEOs/ADs who are able to nab SR buyers or sellers.

My point was that if people from SR are arrested, they will be prosecuted through more traditional means (i.e. you talked to your co-workers about SR or btc, setting up buy/busts, you were sloppy with non-encrypted data, etc). BTC are too complicated to bring into a courtroom and would only confuse the hell out of any potential jury.
Title: Re: Questions about anonymizing the money trail of bitcoins - first timer
Post by: phubaiblues on November 17, 2011, 04:36 am
Captain, I was referring more to the act of trying to convict someone using btc as key evidence. Rereading what I wrote I realized I sounded kinda dumb in not making that point. Sorry about that.

I have no doubt that if anyone on here gets pinched, LE and the judicial system will take them down hard, especially if they know we are from SR as this place is hot news at the moment. There will be big bragging rights for LEOs/ADs who are able to nab SR buyers or sellers.

My point was that if people from SR are arrested, they will be prosecuted through more traditional means (i.e. you talked to your co-workers about SR or btc, setting up buy/busts, you were sloppy with non-encrypted data, etc). BTC are too complicated to bring into a courtroom and would only confuse the hell out of any potential jury.

Exactly.  And the other thing is, of course, that we don't know...it's all going to be speculation at this point.  So for me, it's not good to get too confident, or too paranoid.  Same as any other transaction of this nature.  On the streets, even after all the movies and forensic cop shows, I still don't hear of dopefiends getting caught because of dna or even fingerprints...right?  And I see bitcoins and their movement as forensics of an even more extreme nature.  So yeah, move bitcoins around a bit, but worry more about letting your pals or pissed off ex know about when your mail shows up...and where.  It's not that we're too small, it's just experience tells me this won't be a big part of any case, any more than forensics are part of other small cases.  Only if they catch the big kahuna, maybe, but still, if I'd love to see this one in court...we'll see.