A recent blog post by the Tor project team grapples with the question of how exactly law enforcement agencies managed to penetrate the network in carrying out Operation Onymous.
The operation saw the seizure of hundreds of Tor-affiliated sites and the arrest of at least 17 individuals. Silk Road 2.0 and its operator were among the targets.
Tor is a software that ensures internet anonymity by routing traffic through a worldwide volunteer network of thousands of relays.
There have also been reports of Tor servers disappearing, possibly seized during the operation. Those who have had assets seized are asked to contact the project team.
Axia Extends Market Footprint in GCC RegionGo to article >>
The post speculates of the following possibilities as contributing to the breach: SQL injection, Bitcoin transaction linking, revelation of the “guard node” (the only node which knows the others’ IP addresses), and denial of service (DoS) attacks.
The team is hoping that details will be revealed in the course of judicial proceedings:
“In liberal democracies, we should expect that when the time comes to prosecute some of the seventeen people who have been arrested, the police would have to explain to the judge how the suspects came to be suspects, and that as a side benefit of the operation of justice, Tor could learn if there are security flaws in hidden services or other critical internet-facing services.”
However, a system of perjury referred to as “parallel construction” may be employed, whereby the true causes for discovery are masked with testimony of other weaknesses authorities could have exploited.
One of the contested issues in the ongoing case against Silk Road 1.0 operator Ross Ulbricht is the disputed transparency of authorities in how they gathered evidence during their investigation, and if their actions were legally sanctioned.