Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

The Dread Pirate Roberts 2.0 “The Return Of Silk Road”

leave a comment »

Screenshot from 2013-10-31 11:34:51

BPRDPRDGIUGIUGIUGIUGIUGIUGIUGIUGIUGIUGIUGIUGIUGIUGIUGIU!

DPR 2.0

You just can’t keep a good pirate down it seems and as the movie/book “Princess Bride” set the precedent for the “Dread Pirate” so too has the Darknet. Just days after the first “Dread Pirate Roberts” (DPR) was nabbed in San Francisco a new one, someone who claimed to have been working with DPR-1 stepped forward and put “Silk Road 2.0” on the darknet to continue the “libertarian experiment” heh. The new DPR makes claims that he has re-audited the code from the first backup version of the site and that he is in it more than for money, that there is an ethos here just like the original DPR claimed. I for one don’t really believe that this is really the case but hey, who am I to poo poo his druggy utopia huh?

In looking at the writings of this DPR, he/she lacks some of the creative flair that the first one did and has some grammatical oddities in his/her style of writing but overall seems to be technically competent. There have been some changes to the way business is going to be done and he/she claims that they are looking to hire pentesters on a regular basis to test the site to insure security.. Oddly enough though, the security of the site (to date) has not been the issue that brought DPR-1 down.. It was hubris and OPSEC failures.

OPSEC AND CODE

On the OPSEC front DPR-2 seems to lack the understanding I think of everything that DPR-1 did wrong. There has been talk of never again talking murder or actually hiring anyone to do so (ethos again) but overall I have not seen anything out of the new DPR that tells me he or she understands how OPSEC no matter how well put together or intentioned CAN and WILL fail eventually. You basically have to go into this endeavour knowing that at some point the jig will be up and it will be time to flee whatever country you are in and go off the grid.

One of the most BASIC problems with the OPSEC issues around this type of operation is that you are not in it alone. You HAVE to have admins and helpers who will eventually turn on you. This is one of the bigger issues, the other is that you will slip up and either cause some sort of technical vulnerability if not a logical one. (i.e. giving too much information away as to who you are unintentionally) Either way, eventually, you will get into trouble so DPR-2.0 you better have a hell of an escape plan. I mean it seems that DPR-1 did not have one really and you know how that all went for him (i.e. federal prison)

One last word here though for me is the boat load of technical vulnerabilities that will exist even in the “darknets” DPR-2.0, buddy, have you not read the news lately? I mean the NSA is all over this shit! While they have not worked out ALL of the kinks yet, they are really getting closer and closer to de-anonymizing people so i would watch out for that as well as your site’s code and vulns too. All in all dude, it’s a real security nightmare from every quarter… So how are you with constant stress DPR-2? I’d invest in Tums and cases of Pepto.. Maybe some sleep aids as well if you aren’t into tasting your own products from SR.

Hmm maybe that is the secret to it all?

STING ANYONE?

Lastly, but certainly not the least concern I or anyone who might decide to join and use the Silk Road Mark II should have is this: Is this a big sting? Remember that the Feds have an original copy of the server and the code! Could it be that they have decided to catch all the other fish that got away here? Personally, as a paid paranoid, I would find this to be a real issue that would make me shy away from it all. In fact some people have said much the same on the site but they are posting anyway there. I would be careful kids, this could be legit but I lean toward two outcomes here;

1) A long con that will spin up, gather followers and users, and then be rolled up for the news media and the rounds of court cases

or

2) A legit attempt by those who were on SR Mark I to “live the dream again” that will only end up falling once more to the constant and concerted HUMINT and TECHINT attacks by a NATION STATE.

Just sayin…

*Looks at the map where it says “Here there be dragons!”*

I will watch the story unfold….

Written by Krypt3ia

2013/10/31 at 18:59

Posted in DARKNET, DPR

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: