Author Topic: Hey New DPR, read up on operational security  (Read 968 times)

Die Antwoord

  • Newbie
  • *
  • Posts: 4
  • Karma: +2/-1
    • View Profile
    • Personal Message (Offline)
Hey New DPR, read up on operational security
« on: October 11, 2013, 03:08:25 am »
There's some things you should do.

#1
Kiebash talking about where to buy bitcoins, or where to sell them. Totally ban that chatter and tell them to go on bitcointalk.org they will thank you later when not busted. Every day some idiot on SR forums (even after it's been busted) is writing about how they recovered wallets and at what time, how much they just transferred in exact amounts that are traceable, and it's also probably why Bitinstant got served with NY state regulations because there was a thousand threads of morons 'hey brah, get ur drugs with bitinstant brah'

#2
Ban all bitcoins transactions on your SR 2.0
Most were scams anyways ,or ended terribly. This is how cops bust people.

#3
Ban all ID vendors.
Read this: http://www.wired.com/threatlevel/2013/07/open-market/
Anybody buying ID from a drug forum is retard. Let the ID guy's go make their own .onion or forums to sell on. Albert Gonzales? Busted by ID vendor. DPR? Busted by ID vendor. Gruber? countless other carders? Busted by ID vendor. See the pattern?

#4
Read the grugq's blog on opsec. Watch his videos.
Learn how to compartmentalize your organization properly so if one piece of it is compromised the whole thing doesn't go down. Do not engage anybody working with you in idle chit-chat ever. Look up Gavin talking about Satoshi. Never once did Satoshi give his views on things, or ever speculate or talk about his life. Even in private. Result: nobody knows who he is.

#5
Make one staff account, have multiple people use it to prevent writing analysis or dropping breadcrumbs for investigators.
There should be no names like 'Libertads'. That is an identity that can be linked. "Staff" cannot be linked or found in clearnet.

#6
Ban transactions in whatever country you are hosted in. For example many carding forums do not allow any fraud against CIS countries since they live there. If you're hiding out in Brazil (no extradition) making $80 million per year then don't allow transactions there.

#7
Don't talk to journalists ever. NEVERNEVER

#8
????

#9
profit



saulgood

  • Full Member
  • ***
  • Posts: 191
  • Karma: +48/-1
  • DUI? Dealing Drugs? Better Call Saul! (505) 503-4455 bettercallsaul.com
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #1 on: October 11, 2013, 03:38:54 am »
Good list of things to think about.

#6 seems like it, uh, might give some important information away? : )
The future is already here — it's just not very evenly distributed.

Mr.X

  • Sr. Member
  • ****
  • Posts: 292
  • Karma: +42/-29
  • PEASANTS!
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #2 on: October 11, 2013, 03:40:37 am »
#8 is key
Give a man a drug, and he will be high for a day. Teach a man to order drugs from the internet and he can get high for a lifetime

Great God Pan

  • Sr. Member
  • ****
  • Posts: 284
  • Karma: +35/-6
  • "... after all, she has seen the Great God Pan.”
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #3 on: October 11, 2013, 04:05:18 am »
I heartily support the advice for #4:  Read the grugq's blog on opsec. Watch his videos.
"...that 1984 may remain a warning and not become a history book."
----------------------
My VPS Tor relay donation address:
1No5YRZMCQzcMnK7ZEYNBMfJPCzZbNBVUX

SmokesHisBroccoli

  • Hero Member
  • *****
  • Posts: 563
  • Karma: +67/-23
  • I live for a living
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #4 on: October 11, 2013, 04:22:27 am »
I agree with a lot of this and def. #7.  The thing is though and it makes sense to me as someone else explained it, DPR did the interview with Frobes not out of greed or a power trip or any of that, he really did it so that the feds who he knew were trying to find him would start looking for the "new DPR."  It struck me as odd reading that interview when it came out and seeing him talk about how he purchased SR from another DPR.  It seemed irrelevant to the interview.  It's just because Ross only later realized that way back when he created SR and nobody was on it that his security was pretty lax (it didn't really improve too much either) and he used the "altoid" alias or whatever.  So that day or moment when Ross is thinking to himself shit this is getting huge and they're after me he probably realized a lot of his mistakes but at that point it was too late to do anything except try to create a new alias.  A new DPR.  It just didn't work but I don't blame him for trying.  I was really pissed at DPR at the time of the interview but looking back it all makes sense and I shouldn't have been upset had I known what I do now. 

CabinBoyNathanial

  • Newbie
  • *
  • Posts: 17
  • Karma: +0/-0
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #5 on: October 11, 2013, 04:46:53 am »
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I do agree with a lot of this for sure, but I really only came into this thread to say
ZEF SIDE

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (MingW32)

iQIcBAEBAgAGBQJSV4KAAAoJEIcwU1loxKLoZ6YP/A84wVnwot9F+yP+ZqTLmmRC
s0ltfCGxYETY/CMovv6x0WTe9NhDDGhERFk6YKuDmbd3PUyowItQY6sLNfG+9bVl
MgMUPNtfLZi0UXXzwHOpMtTUeFrY6Jwu/B0dNlDsPFuOx6MlNm5mPQqQyLb4gEW9
1A+1Hu4uoeaimqURSR/mfNABI0mDI92WZwj5S2BHr4F3eu4RT3hBp0xI9BBs7Ihs
42cHSetfs6sLB7uystmh1WizQMH53cVMt8ACBs9p6Bf8a1CNfo4vN/tixbdWxiLn
Mbfzb/KOIumMoHmOxke39UGETurCL7h3uSIK5J9DPQlbqfYXgcUhYt0ESeyZuc6K
Wkrp2V9Kf7/ARIHrpBTFbwar+KAyKB6HxI7WsavZKJ9wbpOIVIXD+v6CmbPUHUVM
YSchtH0QVvYTT/oDVf609z4LZiBlOkHAH1MWfl6WmtVBvwgKXAIyo+X8xKs3vfoi
hwuy8EMgqn8WRM9ulSYcUDPa4kNLIYaaWb7RJo0FHCPR2sWEvrWc4tIP8MTcxmo1
rML5gidB3vK87E3PxDWwsCKlKZkhnH1PnDfwRREhRbqe1+TeDCsgaaz/JWzpKOlC
pq8AcKq/RZtrAT2qeJFXST2UiSNNMH/MfREgjTyuieeXUVxpGDdr9x8XpZiGuvgn
gXHSq4nDT8ClhQQPH1E/
=Pj5R
-----END PGP SIGNATURE-----

dieAntwoord

  • Newbie
  • *
  • Posts: 38
  • Karma: +2/-0
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #6 on: October 11, 2013, 06:00:21 am »
My zef is fresh!lol. I already forget the gargantuan password I made for the first account.

Anyways, yeah that does give away where you are, but Brazil (Or Russia, Ukraine.. any non MLAT/extradition country) is a big place. If you sell everywhere, then there's nowhere you can flee because you broke laws in every single country. Something to think about, whoever new DPR is. Personally I would set up in Belarus. No taxes, girls everywhere, no extradition, banks don't give a shit about source of income either.

The grugq's critique of DPR's Opsec failures: Note, "backstopping" is intel lingo for creating a completely fake identity that has depth. More info here: http://grugq.github.io/blog/2013/10/10/silk-road-security/

The OPSEC Failures

The fundamental error is poor compartmentation. Ross Ulbricht, the real person and the online persona (Google+, LinkedIn, etc), and the Dread Pirate Roberts persona share ideological views and geographic locations. There is contamination between the two personas. Most of these seem to be due to the organic evolution of the Silk Road venture, where early naive Ulbricht makes mistakes that later smarter DPR wouldn’t. Unfortunately, the later DPR is more ideologically extreme and consequently less savvy about mainstream society.

    Poor Compartmentation
    Profiling
    Geographic Location
    Isolation

Poor Compartmentation

    Contamination: seriously fatal links created between personas
        Silk Road + altoid: Shroomery, BitcoinTalk forums
        altoid + rossulbricht@gmail.com: BitcoinTalk
        Ross Ulbricht + frosty@frosty[.com]: StackOverflow
        frosty@frosty + Silk Road: Silk Road server admin SSH key

The compartmentation failures are somewhat pervasive, in particular the ideological “Austrian School of Economics” and the mises.org site. However two particular contamination errors stand out:

    Silk Road –> altoid –> rossulbricht@gmail.com link in 2011
    Ross Ulbricht –> frosty@frosty.com –> Silk Road server link in 2013

The first of these failures happened because the altoid persona used to promoted Silk Road was poorly fleshed out (e.g. no email address). Ross did not put the plumbing in place to backstop his altoid cover. He then joined the BitcoinTalk community using this contaminated cover. His participation and search for social validation left him with his guard down. Consequently, he revealed a great deal of profiling information about his project and beliefs. Many of his posts are about Silk Road infrastructure or his mises.org influenced economic theories. After participating for 10 months he finally made the fatal OPSEC error of posting his personal email address.

The second error was poor compartmentation of his online Ross Ulbricht persona, the tech savvy San Francisco based startup guy, and “frosty” the system admin of the server hosting the Silk Road site. His poor compartmentation, likely using the same computer for both personal and business use, and his limited backstopping of the DPR/altoid/frosty persona meant that any error would be fatal.

These two errors combine to link Silk Road with Ross Ulbricht, and Ross Ulbricht with Silk Road.
“I’ll take Profiles for $300, Alex” : “Too much in common” : “What do Ulbricht and DPR share?”

    Profiling: Ross Ulbricht talks and acts like Dread Pirate Roberts
        LinkedIn profile
        Timezone leakage: private messages, forum posting times
        BitcoinTalk altoid posts about: economics (mises.org), security, programming
        Silk Road Forum Dread Pirate Roberts -> Mises + “Austrian School of Economics”
        Mises.org Ross Ulbricht account

Ross Ulbricht, the person, was an active participant in the mises.org website and the BitcoinTalk forums. In both cases he was deeply committed to the “Austrian School of Economics”, something the Dread Pirate Roberts was also a huge fan of. The altoid cover alias, linked directly to Ross Ulbricht, frequently talked about bitcoin security and PHP programming. He is, based on his posts, clearly invovled in running some sort of PHP based bitcoin using venture that requires high security. Sort of like the Silk Road site.

    Geographic Location
        Silk Road web server administered over VPN from a server
        VPN server IP stored in the Silk Road PHP source code
        VPN server accessed from a location 15240 cm (500 ft) from a location that accessed the Ross Ulbricht GMail account.

The location of the Dread Pirate Roberts was something of an open secret. It is clear that he was based in the west coast of the US. Ulbricht was located in San Francisco at the same time as DPR, as proved by his large online footprint: Google+, YouTube, GMail.
Isolation is bad, mmmkay

    Isolation without relief
        Rented room under assumed name
        No “mainstream” social circle to realign with social mores
        No peers to talk to, only Silk Road forum members and admins

After the altoid persona is retired from BitcoinTalk, Ulbricht migrates his social interaction to a more extreme community: the Silk Road forums. This appears to have been his “scene”, where he interacted with people and cultivated friends (including an impressive array of undercover law enforcement officials).

The underground life forced on Ulbricht as the Dread Pirate Roberts led to the major problem of isolation. Human beings are social animals. We require social interaction to maintain a healthy mental state. The strict security of DPR required isolation, leaving Ross Ulbricht living his social life on forums with niche ideological views, initially BitcointTalk (in 2011) and then the Silk Road forums. Isolation from mainstream society is known to lead to ideological extremism as members of the niche community self-reinforce their ideological tendencies. Consequently, they are less able to understand mainstream society’s ideas, beliefs and morals. This is dangerous. This isolation leads him to rationalize hiring online hitmen to preserve the Silk Road community is morally acceptable.

Apparently the only source of social validation and ego gratification that Ross had was a group of bitcoin libertarians, drug seekers, drug dealers and undercover cops. This is not a healthy social environment conducive to a balanced state of mental health.
What have we learned?

So, the Dread Pirate Roberts Complaint basically tells us nothing that we didn’t already know about OPSEC. There are some lessons learned which can be used to harden OPSEC practices going forward. The main things are still: strong compartmentation; use Tor all the time; avoid leaking profiling information, and it is prudent to regularly migrate to new cover personas.
« Last Edit: October 11, 2013, 06:52:04 am by dieAntwoord »

Ben Bernanke

  • Newbie
  • *
  • Posts: 5
  • Karma: +1/-0
  • Former Chairman of the US Federal Reserve
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #7 on: October 11, 2013, 07:54:56 am »
One of the most interesting techniques I've seen proposed is backstopping to the extreme. Browse a random forum, find a random person who has a large footprint and steal their persona. Ideally, you'd do this multiple times - several different highly visible staff members with corresponding clearnet "identities" hidden behind a trail that makes similar mistakes to the ones DPR made.

It is practically impossible to remove every trace of information - which is why it is much better to have a consistent and inaccurate persona as a safeguard.

flwrchlds9

  • Full Member
  • ***
  • Posts: 181
  • Karma: +33/-5
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #8 on: October 11, 2013, 08:28:51 am »
Some of his biggest OPSEC failures caused his treasure trove of information on his laptop to end up in LE hands.
** LOOSE LIPS   SINK SHIPS **

rothchild

  • Jr. Member
  • **
  • Posts: 62
  • Karma: +0/-8
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #9 on: October 11, 2013, 08:38:13 am »
The underground life forced on Ulbricht as the Dread Pirate Roberts led to the major problem of isolation. Human beings are social animals. We require social interaction to maintain a healthy mental state. The strict security of DPR required isolation, leaving Ross Ulbricht living his social life on forums with niche ideological views, initially BitcointTalk (in 2011) and then the Silk Road forums. Isolation from mainstream society is known to lead to ideological extremism as members of the niche community self-reinforce their ideological tendencies. Consequently, they are less able to understand mainstream society’s ideas, beliefs and morals. This is dangerous. This isolation leads him to rationalize hiring online hitmen to preserve the Silk Road community is morally acceptable.

Apparently the only source of social validation and ego gratification that Ross had was a group of bitcoin libertarians, drug seekers, drug dealers and undercover cops. This is not a healthy social environment conducive to a balanced state of mental health.
What have we learned?

So, the Dread Pirate Roberts Complaint basically tells us nothing that we didn’t already know about OPSEC. There are some lessons learned which can be used to harden OPSEC practices going forward. The main things are still: strong compartmentation; use Tor all the time; avoid leaking profiling information, and it is prudent to regularly migrate to new cover personas.

This guy also says that you should rent an hotel room and operate in the room, which is of course the easiest way to get you catch.
I wouldn't take advice from these guys, as they do exactly the contrary of what promulgates: they are public and gives rotten advices. I won't be surprised if these guys are being manipulated too.

The other thing is their comments about what is healthy and what is not, they are basically repeating the same shit about "being normal", but the thing is: if you are normal, what is the point of being a hacker? Note that they not only say that you should apparent being normal, they also incurs into "healthy ways of being for real", which includes not to be related with drug dealers and alike.

Clarity

  • Jr. Member
  • **
  • Posts: 59
  • Karma: +7/-2
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #10 on: October 11, 2013, 10:27:38 am »
#88

Get in a plane use planes Wi-fi

dieAntwoord

  • Newbie
  • *
  • Posts: 38
  • Karma: +2/-0
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #11 on: October 12, 2013, 02:58:35 am »
2 guy's who started this site, look up OPSEC by Rob from Toorcon 2012.
http://youtu.be/Pw5MiZcsiQM

MOST IMPORTANT PART: 17:34 "And the prime example is Tor.. if you are only using Tor you are probabilistically fucked"

Unfortunately the 2 guys who started this site both have very extensive indicators to harvest from the previous forum postings, PMs  ect. I would fully recommend you not do this unless you are living in a non extradition country because you are already screwed.

muzzhed

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-1
  • so far away im in middle earth
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #12 on: October 12, 2013, 05:12:29 am »
#7 Don't talk to journalists ever. NEVERNEVER

definately especially forbes and even that aussie chick eileen ornsby (sp?), she makes alot of money talking about SilkRoad to any media+other drug forums that will listen to her!! seen her on tv several times now discussing SR, also when DPR OG got arrested. She is just annoying lol.
*fuck the matrix and take both pills!!

Keyboard DPK

  • Newbie
  • *
  • Posts: 34
  • Karma: +0/-2
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #13 on: October 12, 2013, 06:54:39 am »
Well when you say Isolation is bad Its Not Isolation is Key If your doing this you should have some sorty of Fuck toy or Play mate instead of talking to Random Forum goers and news people why not go say hey baby come suck my dick while i make transfer this million to our Life funds

oracle

  • Full Member
  • ***
  • Posts: 203
  • Karma: +64/-36
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #14 on: October 12, 2013, 07:11:08 am »
*snipped

I thoroughly enjoyed this dieAntwoord. Excellent points.
if this account of my goes "incommunicado" - I can be reached at oracles@safe-mail.net

OzFreelancer

  • Journalist
  • Full Member
  • ***
  • Posts: 128
  • Karma: +75/-15
  • AllThingsVice.com
    • View Profile
    • Email
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #15 on: October 14, 2013, 03:19:53 am »
even that aussie chick eileen ornsby (sp?), she makes alot of money talking about SilkRoad to any media+other drug forums that will listen to her!!

"Lot of money" Oh damn, if only there was the vaguest truth in that  ;D

Quote
seen her on tv several times now discussing SR, also when DPR OG got arrested. She is just annoying lol.

I've been on tv once.  Once.  And you don't really strike me as an SBS viewer.  ;)
***
All Things Vice: Your Intelligent Guide to the Seedier Side
allthingsvice.com
BTC: 1HCdtvW4dUWkYbmJbXzbvgLFiUUTdB5GG7

oracle

  • Full Member
  • ***
  • Posts: 203
  • Karma: +64/-36
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #16 on: October 14, 2013, 03:25:54 am »
She is not annoying. She is a very well spoken, well researched, unbiased journalist who is far more versed in Silk Road then any writer/journalist/media personality that I have found who claims themselves as an "authority" on Silk Road/Dread Pirate Roberts.

I know for a *fact* that Dread Pirate Roberts was rather candid (and guarded) with her in their correspondence and I for one will be purchasing her book when it is released. From what I understand, she does not "make a lot of money talking about Silk Road" in the least.. and a lot of her research/efforts come from her own pocket. That said, I hope she does make a lot of money from her book, as she deserves to.
if this account of my goes "incommunicado" - I can be reached at oracles@safe-mail.net

Mr.X

  • Sr. Member
  • ****
  • Posts: 292
  • Karma: +42/-29
  • PEASANTS!
    • View Profile
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #17 on: October 18, 2013, 03:52:32 am »
OZ FREELANCER NICE LADY! YOU WILL QUOTE ME IN BOOK NICE LADY?
Give a man a drug, and he will be high for a day. Teach a man to order drugs from the internet and he can get high for a lifetime

OzFreelancer

  • Journalist
  • Full Member
  • ***
  • Posts: 128
  • Karma: +75/-15
  • AllThingsVice.com
    • View Profile
    • Email
    • Personal Message (Offline)
Re: Hey New DPR, read up on operational security
« Reply #18 on: October 18, 2013, 09:52:53 am »
OZ FREELANCER NICE LADY! YOU WILL QUOTE ME IN BOOK NICE LADY?

If I wasn't back to being a newbie, I'd up vote you for the larf  ;D ::)
***
All Things Vice: Your Intelligent Guide to the Seedier Side
allthingsvice.com
BTC: 1HCdtvW4dUWkYbmJbXzbvgLFiUUTdB5GG7