Wednesday, February 5, 2014

Dread Pirate Roberts 2.0: An interview with Silk Road’s new boss

New leader wants Silk Road to publish gov't secrets; calls old DPR a "fraud."

Aurich Lawson
Silk Road, the infamous and anonymous online marketplace specializing in illicit goods, sells everything from pot to black tar heroin. If you can smoke it, inject it, or snort it, there’s a good chance Silk Road has it.
Well, had it. Late last year, the FBI burst into a local branch of the San Francisco Public Library and arrested one Ross Ulbricht, the alleged kingpin who ran the site. It all happened while Ulbricht's laptop was open and he was logged into his encrypted accounts. In the days that followed, the feds dropped a host of charges on Ulbricht, including several salacious accusations that Ulbricht attempted to arrange hits on various people he thought had betrayed him or blackmailed him. The feds also arrested several people accused of being major sellers, creating anxiety for those who ever bought or sold on the site. The Silk Road was closed.
It didn’t take long to return. Just as the previous Silk Road operator had done, the new owner called himself “Dread Pirate Roberts” (DPR). The name came from a character in The Princess Bride who passes his piratical business down from one individual to the next, each of whom uses the same name to ensure continuity. So in a move that would seem to tempt fate, the new DPR built another version of Silk Road and restarted the drug marketplace.
As a consequence of law enforcement’s keen interest in the site, paranoia today hangs over Silk Road like a heavy fog. The tone of conversation on the discussion board resembles, at times, noir fiction. Recriminations fly about whether other users are law enforcement, debates rage about which software/hardware setup best conceals a user’s identity, and theories abound as to how several of the site’s old administrators were recently arrested.
Before our interview with the new enigmatic owner of the rebuilt site, we asked DPR how to prove we weren't law enforcement. The answer was simple: No need. DPR had “already done a full background search."
It was a fitting introduction into the cyber underworld known as the "dark Web."
Sites on the dark Web can’t be visited with an ordinary browser. Instead, they are designed to be accessible solely via Tor, due to Tor’s ability to render one’s Web browsing anonymous by routing it through several computers and wrapping it in layers of encryption before dumping it back onto the public Internet through some far-off "exit node." I watched as a friend of mine once tried logging into his Gmail account through Tor. Immediately, Gmail prompted him to verify his identity, telling him, “It looks like you’re signing in from an unusual location”—Germany. (At the time we were in the US.)
Silk Road also relies on the Bitcoin cryptocurrency, which can help to obscure the identities of both parties in a transaction.
The system works to a point, but as the federal takedown of the old Silk Road site showed, it can be risky to put too much trust in it. So why, in the face of that risk, would someone new step forward to rebuild the site and assume the mantle of DPR? We decided to ask.
Our interview with the new DPR took place over heavily encrypted channels. S/he uses an e-mail service that encrypts incoming and outgoing information and is known to, in the site’s own words, “actively fight any attempt to subpoena or otherwise acquire any user information or logs.” Additionally, DPR uses another layer of encryption and avoids discussing any topic that could reveal too much personal information.
What follows is a transcript of our conversation, edited for space and clarity.
Editor's note: We have done our best to verify that we were speaking with DPR, operator of the revamped Silk Road site, by communicating through the site itself, via DPR's Twitter account, and over e-mail in the course of this interview. Despite those efforts, it is impossible to know much more, including whether DPR is male or female, a single person or multiple people, or even a law enforcement plant designed to lure dealers out of the shadows. We believe the information in the interview—and the window it provides into Silk Road and its operations—makes it worth running, but as in all such interviews, caveat lector.
Ars Technica: You've said that, contrary to popular belief, your site "does not represent drugs." What does it represent?
Dread Pirate Roberts: We represent a right for the individual to choose what they would or wouldn't like to put into their own bodies. The state is no longer a protector of the people in many ways. It has chosen to limit the choice of individuals, and it feels almost compelled to "educate" people about what they think is best. Just like many institutions, the state is no better than a private corporation, and indeed there are times when you could mistake some governments for a board of directors who have nothing but power and wealth on their minds.
Even the use of legal drugs like alcohol has negative social consequences; what do you think about the distribution of more dangerous substances?
The role government plays should not be to infringe upon individual rights but to protect them. If a person was to lose control of themselves and cause harm or issue to others, then they are acting outside of their individual rights and infringing upon the rights of another—in which case there is reasonable ground to detain a person.
Did prohibition at all stop people drinking? No. Did prohibition stop people seeking help? Yes, and many people paid with their lives for it. Does prohibition take otherwise productive citizens who've done no harm to others out of society and let them sit in a jail cell to drain resources? I'll let you consider that.
Now we can say how alcohol does affect society, but we are then talking about what people do to others and not what the drug itself is doing. DoctorX [a user on the Silk Road message boards who claims to be a Spanish medical doctor specializing in cocaine, cannabis, and synthetic drugs] pointed out that if you leave a drug on the table, it will not get up and hurt you. The individual is responsible for looking after themselves and not damaging others. If they do so, then perhaps prison is a solution for the protection of society, but putting millions of people behind bars for being responsible drug users—not harming others—is a disgrace.
[Ulbricht] is the one rolling and bringing his own moderators down for a plea deal. Damn coward.
You've said, "I believe that right now, we are living in a society where our enemy is no longer foreign but domestic." Could you elaborate on this?
After 9/11, there was a vast amount of scaremongering over terrorism, and the higher echelons of society saw fit to strip the rights of everyone in the process. This is not to say that, of course, there aren't terrorists, but so many times we hear in religion, money, and nationality that we must not judge many by the actions of the few—yet we can see such hypocrisy from the US government where everyone must surrender their rights for the actions of a few. Is the government any better than the people?
You’re a libertarian. Do your views differ at all from those of the previous “Dread Pirate Roberts?"
A person can hold any school of libertarian view they would like to, but do they actually support their views through action? A person screaming their libertarian principles who then has those around him brought down with him for his own gain is not a person with any morality in them and in my view is a fraud of a genuinely good cause...
You've said, "Silk Road while under my watch will never harm a soul. If we did, then we are no better than the thugs on the street." I take it you thought it was wrong of the previous DPR to—allegedly—order multiple hits on people in the course of doing business.
I think at this time it is inappropriate for me to comment on too many specifics as there is a lot that still is not public that I hold in gross contempt. There are probably actions I have done for which the community will hold me in contempt, which will not come to light just yet or maybe ever, if I am lucky. I do not say they are as foolish as hiring an online hitman, but I cannot excuse myself for having human moments. We are all still human, and I do make mistakes. Fortunately, they are limited to simple policy issues so far.
What is more important to me is ensuring I am not a single point of failure and any mistake I do make will only compromise my own freedom without hurting others.
You've said, "With enough time and data, identifying our servers would actually be a trivial task for the NSA." How much does this worry you?
It is of course a credible threat. People like the FBI do their job in finding people through non-technical measures, such as when somebody has poor OPSEC [operational security], but the NSA wants to break the very foundations we stand on.
The NSA also has a huge budget, and anything they can do against Silk Road they can do against all Tor users, so we have to assemble some of the greatest minds in the world to defend our cause. When it comes to some kind of cyberwarfare, the NSA is undoubtedly the heavyweight, but they still have us to contend with.
Can the new Silk Road site be taken down as easily as the previous incarnation?
There is only one person in the world that knows who [my second in command] “Defcon” is—me. So unless the feds have me they can never take down the Road, because as soon as I am missing he knows to just move servers and hit the killswitch on my access. Just think how much the FBI will be squirming in their seats and red-faced again if they could arrest the Dread Pirate Roberts and the Road continues to function in their face.
How long did it take to build the new Silk Road—and did you do so from scratch or from existing code?
The initial build took several days, but testing and ensuring no security leaks are present takes weeks for every feature. No comment regarding what part of our source code comes from the original market.
You were involved in an incident involving a competitor named TorMarket, in which you managed to hack and subsequently leak TorMarket’s database code. You said later that this attack was undertaken to prove that TorMarket’s promises of “secure codebase, competent operators, and common sense” were falsehoods. Do you stand by your actions?
That began as a private affair between myself and the TorMarket leaders and raged out of control when they sought to attack the wider community. We hope this serves as a warning for those wishing to take their anger out at people who are innocent, and I stand by my actions. At the time, reddit in particular gave me a hard time for striking back at TorMarket in the way I did, but if I let them stand any longer, then more bitcoins would have been lost to TorMarket’s greed.
When it comes to cyberwarfare, the NSA is the heavyweight, but they have us to contend with.
If my actions seem unreasonable to people, then it is not because I am ignorant of the consequences or on some emotionally charged knee-jerk reaction; it is more likely that there is information the public is not aware of, as in almost every part of my work. Nobody complains to me when they know I am breathing down the neck of would-be infiltrators and have already locked down over 15 law enforcement honeypot vendors or when our team is busy fighting off an armada of hackers. I do, however, confess it was quite boring the third time law enforcement decided to use the “SuperTrips” moniker and claiming to be him as a free man, when I know just as well as ICE where he is now.
Thanks to Edward Snowden and other, leaks have been in the news quite a bit, and there’s been some discussion on Silk Road about having the site host leaks of government secrets. Is that something you’re considering?
"Government secrets" is a very broad term and one I don't want to let there be confusion over. You can say there would be government secrets to cover up human rights abuses or to protect corrupt officials, in which case I wouldn't hesitate to let the world know them at the right time. An inescapable fact is that even with my own ideology and what I represent, there must still be some secrets to protect people, and so each "government secret" must be judged upon whatever individual merit it carries—though the sale of such things will never be permitted on Silk Road. A person must release the information for the right moral reasons and not for profit or gain.
Most of your competitor sites' discussion boards are all business; yours is one of the only sites to have things like a “philosophy and politics” section. Why is that?
I hope recent events highlight why we are the only market who discusses and openly allows people to challenge our beliefs.
Some still have the audacity to call my ideology "fake" and [say] that I am here just for the profit, then support some new market that swiftly closes the door (and runs with their money). I've had the opportunity to run off with more than 10 times the annual salary of Obama, but I have returned—at my own risk, if you knew the circumstances—to give the money to the rightful owners.
Any final thoughts?
I knew the risk when I took this position, and I am never going to be a truly free man/woman now. All I now seek to ensure is that if I do go down that I don't take Silk Road down with me. Having a single point of failure is no longer acceptable simply because we believe it will protect our users from internal threats.
I have brought Silk Road back to life this time around, but the future of free markets is in the hands of those who are willing to step up after Silk Road falls. There is a revolution coming that is larger than Silk Road has been or will ever be.

No comments:

Post a Comment