Thursday, November 7, 2013

Social Media and the Illusion of Safety and Security in the Information Age

  Does this look like a man who would run guns, traffic drugs, and solicit murder?  The name of the head there is Ross William Ulbricht, a/k/a Dread Pirate Roberts, founder and CEO of the Silk Road.  For anyone living in a bubble or vaccuum, the Silk Road is, or was, the notorious criminal website that was shut down by the FBI last month.  The site purveyed just about any illegal item you could think of, and both dealers and buyers were protected from legal consequences by what even the law-enforcement involved in Ulbricht's arrest grudgingly admit was some impressively high-tech shielding.  He actually looks like someone we might be attending classes with, or working with, or be involved in any number of social situations with.  He looks like family, and is someone's.

  Ulbricht's empire is a good example of the negative extreme of social media.  This guy holds a physics degree and is a charitable donor.  He is obviously very talented at computer technology.  He is obviously very good at business.  The FBI uncovered direct statements where he admitted to hiring two murders.
  The website itself was a drug  users dream.  As you can see in the picture at left, a person could browse and choose their medicine, or whatever product they were buying, and then they would pay with Bitcoins, through an intricately devised system of "wallets" and "tumblers".
  Here are some court document excerpts compiling the notes of Special Agent Christopher Tarbell of the Federal Bureau of Investigation.  Ulbricht used a multi-layer system that protected users identities, but it seems vendors were the weak link.  This is an explanation of the Silk Road's transaction process.



Silk Road uses a so–called “tumbler” to process Bitcoin transactions in a manner designed to frustrate the tracking of individual transactions through the Blockchain. According to the Silk Road wiki, Silk Road’s tumbler “sends all payments through a complex, semi–random series of dummy transactions, . . . making it nearly impossible to link your payment with any coins leaving the site.” In other words, if a
buyer makes a payment on Silk Road, the tumbler obscures any link between the buyer’s Bitcoin address and the vendor’s Bitcoin address where the Bitcoins end up — making it fruitless to use the Blockchain to follow the money trail involved in the transaction, even if the buyer’s and vendor’s Bitcoin addresses are both known. Based on my training and experience, the only function served by such “tumblers” is to assist with the laundering of criminal proceeds.


Special Agent Tarbell acknowledges that Bitcoins are an anonymous form of electronic currency, existing only on the internet, and not in any physical form.

Every communication sent through Tor is bounced through numerous relays within the network, and wrapped in numerous layers of encryption, such that it is practically impossible to trace the communication back to its true originating IP address.

Special Agent Tarbell alleges that the Silk Road system held Bitcoin payments in escrow until the transaction was complete. There was a Silk Road bank and every user had an account.

After thus funding his account, the user can then make purchases from Silk Road vendors. When the user purchases an item on Silk Road, the Bitcoins needed for the purchase are held in escrow (in a wallet maintained by Silk Road) pending completion of the transaction.
Once the transaction is complete, the user’s Bitcoins are transferred to the Silk Road Bitcoin address of the vendor involved in the transaction. The vendor can then withdraw Bitcoins from the vendor’s Silk Road Bitcoin address, by sending them to a different Bitcoin address, outside Silk Road, such as the address of a Bitcoin exchanger who can cash out the Bitcoins for real currency.
Spc. Agent Tarbell added that the Silk Road system makes it "nearly impossible to link your payment with any coins leaving the site."  And more on Ulbricht's efforts to protect identities.

On February 27, 2012, DPR posted a message announcing “a new feature called Stealth Mode,” targeted at the
site’s “superstar vendor[s]” who consider themselves at particular “risk of becoming a target for law enforcement.” The posting explained that the listings of a vendor operating in “stealth mode” would not be visible to users searching or browsing the site. Instead, only users who already knew the specific address of the vendor’s page on Silk Road would be able to access the vendor’s listings, by traveling to the vendor’s page directly. This posting again evidences not only that DPR has been aware that the vendors on Silk Road are engaged in illicit trade, but also that he has specifically designed the site to facilitate such trade.

Then there was the murder-for-hire and the weak link at the vendor level.

For example, DPR’s private–message communications from March and April 2013 reveal at least one occasion when solicited a murder-for-hire of a certain Silk Road user, who was attempting to extort money from DPR at the time, based on a threat to release the identities of thousands of Silk Road users. Specifically, the messages reveal the following:
Beginning on March 13, 2013, a Silk Road vendor known as began sending threats to DPR through
Silk Road’s private message system. In these messages, stated that he had a long list of real names and
addresses of Silk Road vendors and customers that he had obtained from hacking into the computer of another, larger Silk Road vendor. Threatened to publish the information on the Internet unless DPR gave him $500,000, which indicated he needed to pay off his narcotics suppliers.
On March 15, 2013, provided DPR a sample of the usernames, addresses, and order information he
intended to leak. Also, as proof that he had obtained the data from the vendor whose computer he claimed to have hacked, supplied the vendor’s username and password on Silk Road so that DPR could verify it.

Dread Pirate Roberts did not care for being threatened or extorted.  One internal communication stated the general area the extortionist lived in, and added, "Let me know if it would be helpful to have his full address."
Several hours later on March 31, 2013, redandwhite wrote back: received the payment. . . . We know where he is. He’ll be grabbed tonight. I’ll update you.”
Approximately 24 hours later, redandwhite updated DPR, stating: “Your problem has been taken care of. . . . Rest easy though, because he won’t be blackmailing anyone again. Ever.”

  So, let's post our schedules and routines on Facebook and twitter endlessly about where we're at, where we're going, and what we're doing.  Yes, I am being quite pessimistic about social media.  I do not like the idea of my life being scrutinized by those I know well, let alone the general masses.
Brogan Rafferty murders 3 in Aakron, Ohio, Craigslist scam
  Google Craigslist murders.  Google Facebook scams.  Those lists are very enlightening, or maybe I should say horrifying.  Murdered attempting to buy a car.  Murdered looking at a four-wheeler.  Robbed and brutally beaten whole seeking to purchase a wedding dress, ladies.  We can't gender discriminate.   So far, I don't think my blog qualifies as a rant (Chris Whitt), does it?  I'm taking care to use verifiable points.
Murdered: Rene Balbuena was shot repeatedly in the torso by men two men in an apparent robbery attempt Saturday as his 15-year-old son watched in horror

  I'll scale it back a bit, dial it back a notch, in the shadow of the image above.  The man's son is probably back to some semblance of normality by now, after all.  He and his dad went to buy a phone.
  On this lower key, I'll mention something I've seen numerous times that just baffles me.  I'll be at a restaurant, and it seems there is always a family or a group of other people at a table, and two or more, usually all, will be engrossed in their phones to the exclusion of the outside world.  What is in the phone that is so much more important than the reality of the people and surroundings that they are in?  I know the answer.  Absolutely nothing!  It is an electronic illusion.  The second the power dies, it's all gone.  OK, now I am going to take care before I do start to rant.
  And I will gear down again, to a much different perspective.
  I must admit, social media can be fun.  I said it.  I have a Facebook account.  I don't use it much, but it's there and it's mine.  Because of the research I've done for class study, I've gotten much better at learning how to use such things, and hopefully a lot wiser about what not to do.  And really, perhaps, that's what it really all comes down to, isn't it?  What each of us chooses to do with our knowledge, and how we choose to use it.
  Like that one video clip from the web where the guy has the poster cards that say different things.  One says, "You don't have 437 friends.  You have 5."  You have 5.  Or 6, or 4, you know.  Not 531.  Not 367.   Not 992.
  We have to maintain our hold to reality.  We must exercise good ethics.  The way this blog opened, about Ulbricht, he lost his hold on reality most likely.  He absolutely lost his sense of good ethical morality. At   many points along the way he most likely could have walked away from the corrupt existence he had created and maintained some semblance of a rational reality and life.
  Human nature and the lure of easy profit lead so many to choose poorly that it should be a self-ending cycle.  What I mean by that statement is that with so many people caught for the same crimes it would seem
that people wouldn't try them over again, as widely publicized as they are.  The definition of insanity is to try the same thing repeatedly and expect different results.
  Communication is the bedrock of this culture we live in.  With that being so, we will not see the end of social media without the end of this culture.  I have witnessed first hand the paradigm shift of our time in the processing and storage of information.  From my first awareness of MS DOS, to today's operating systems and huge storage capacities, we have leaped into the cyberverse head first without looking.    OK, I'll stop philosophizing now and get back on point.
  Something very worth mentioning, the Library of Congress is in the process of cataloging and archiving every  Tweet ever twitted, I mean tweeted, since the inception of Twitter.  That's 170 billion tweets.  Called the "tower of babble" by the Chicago Tribune and "useless" by many, The Library has defended the effort with the argument that as a dominant form of communication in the paperless age, it should be preserved.  And they obviously got their way.  Check out the cultural significance of this here.  And if you do, you'll see the resources required.

http://articles.chicagotribune.com/2013-01-08/news/ct-met-huppke-twitter-0108-20130108_1_twitter-archive-tweets-library

  If you did, maybe we've lightened up enough to look at some social media facts and sort of wrap this up for now.  All the major and well known social sites state somewhere in there Terms or Policies listings that they will or may turn information they collect over to law enforcement for various reasons, i.e. subpoenas, their own discretion, etc.  So, the way I take that, don't give information you don't want known.
  What I went into earlier, about the FBI and Ulbricht, shows that if the man wants you, you're had.
  And Tor was mentioned in the court transcripts.  That is a whole subject unto its own.
  Bitcoin is another.  Governments tend not to like unregulatable currency.  A LOT.
  So this subject is BIG!
  All for now.  More later!





















No comments:

Post a Comment