The Silk Road to Perdition
added: 10.03.2013, by Mike Spinney
When Andy Greenberg’s article in Forbes on the FBI’s arrest of Ross William Ulbricht broke yesterday, my Twitter feed lit up. A significant number of the folks I follow are privacy and infosec types, and Greenberg’s a solid source of excellent reportage in that milieu, so I not only saw his post, but a steady stream of follow-on information as the impact rippled across the Internet.
Ross William Ulbricht, according to the FBI, is the identity of notorious online drug kingpin known as Dread Pirate Roberts who operates the online narcotics marketplace Silk Road. Silk Road is one of a number of virtual black markets where merchants operate in anonymity and deal in illicit goods and bitcoin.
For more information on the Silk Road, check out this account of Brian Krebs’ experience with some hackers who sent him a gift of heroin purchased there.
But this blog isn’t about the Silk Road, it’s about how sloppy online habits tripped up Mr. Ulbricht, a guy who – given his alleged line of business – should have known better.
According to Forbes, despite his extensive knowledge of and access to tools and techniques designed to protect information and anonymity, Ulbricht left a digital trail that led them to San Francisco, where he was arrested in a public library.
“He made a simple mistake and we were able to identify him,” Greenberg’s source at the FBI said.
The lesson for those of us who may not be as adept at digital navigation as a dread pirate, or have access to a black marketeer’s tools of the trade is simple: carelessness with our valuable data has consequences.
Have you ever made a decision to do something online you knew was less than secure? Maybe you visited a web site you weren’t certain about, clicked on an interesting (but suspect) link in a moment of curiosity, or attached a document and hit “reply all” to an email without checking all the recipients?
Sure you have. We all have. It doesn’t mean you’re a bad person, it means you’re human. And it means you’re likely to do it again.
But if you are aware of the risks (and of your humanity), you’ll be less likely to make those mistakes. There are many resources that exist to help you better educate yourself and guard against the numerous threats to your digital identity, intellectual property, and other valuable data. Here are some of my favorites: