“His response was to fight it with the only weapons at hand—passive resistance and open displays of contempt.” ― Kurt Vonnegut, The Sirens of Titan
The Dred Pirate Roberts Case needs to be re-opened, because, clearly, it was paralell construction. Trt with Tor rouuting, and subpoena Carnegie Mllon-but don’t forget Booz Allens Kansas/ Nebraska switching hubs.
The famous “takedown” of The Dread Pirate Roberts is not so much a study in the tradecraft of computer forensics or OSINT as it is a study of the effects of hidden, secret paralell construction-the reconstruction of a case, or cases that draws upon the false narrative of “luck, and good old fashioned investigation,” after an illegal unwarranted investigation had taken place in multiple jurisdictions, with multiple agencies involved.
In other words, before DPR was arrested, multiple Constitutional rights were suspended, or eradicated by LEO’s who first broke the law to investigate the case, and him. Then, the information that was gleaned from these cases was stored in as yet to be revealed databases, and used later ( and likely is being used even now) to parallell construct other cases.
While the common sentiment of LEO’s and the propaganda purposes of specifically the FBI, the DEA, ICE and the rest is that the DPR was caught after a dedicated IRS agent found a single piece of evidence, using Google and connecting dots via open source intelligence, to connect the dots to Ross Ulbricht, case closed.
But that narrative is pure bullshit, and his case needs to be re-opened.
Here is a brief timeline of events from @thegrugq:
Counterintelligence, OPSEC and tradecraft for everyone.
ASK ME ABOUT SECURITY, TRADECRAFT, OPSEC, ETC
ARCHIVE / RSS
Silk Road investigation Timeline
xx / xx / 2010 – linkedin “change of goals” post
23 / 01 / 2011 – silkroad420.wordpress.com created
27 / 01 / 2011 – shroomery.org user: “altoid” created. user profile (screenshot)
27 / 01 / 2011 – shroomery.org advertising post, “altoid” shroomery post (screenshot)
29 / 01 / 2011 – bitcointalk user: “altoid” created user profile
29 / 01 / 2011 – bitcointalk advertising post, “altoid” bitcoin post archived
01 / 07 / 2011 – shroomery.org abandoned by “altoid”
11 / 10 / 2011 – bitcointalk job offering post, “altoid” -> firstname.lastname@example.org the job offer screenshot
05 / 03 / 2012 – stackoverflow account creation “Ross Ulbricht” -> email@example.com
13 / 03 / 2013 – start of the bizarre extortion attempt
16 / 03 / 2013 – stackoverflow question “how to curl Tor hidden services w/ PHP?” the question
16 / 03 / 2013 – stackoverflow account name change “frosty”
04 / 04 / 2013 – stackoverflow question updated: “http://kpvz7ki2v5agwt35.onion” (The Hidden Wiki)–> “http://jhiwjjlqpyawmpjx.onion” (TorMail) revisions
xx / 04 / 2013 – stackoverflow email change to “firstname.lastname@example.org”
05 / 04 / 2013 – end of the bizarre extortion episode
01 / 06 / 2013 – DPR requests chat with redandwhite
05 / 06 / 2013 – DPR asks redandwhite for update on “dummy IDs”
08 / 07 / 2013 – DPR asks “someone” for fake ID
10 / 07 / 2013 – CBP interdict forgeries
23 / 07 / 2013 – Silk Road Server forensically imaged
26 / 07 / 2013 – Homeland Security Investigations interview
02 / 10 / 2013 – Arrest of The Dread Pirate Roberts
This case, more than any other, is in fact most likely case of paralell construction-a lie that traveled the world before the truth woke up.
Here is the truth: like any hack, or reverse engineering exploit, parallel onstruction leaves a mark-distinct, dirty fingerprints. My advice? The phone nd internet records of the IRS gent ho allegedly found the link. Because if you notice in the toy-the officilly recontructed narrative-agents ‘sommehow’had a van outside his apartment, and coffee shops.
How’d that happen ? Short answer is warrantless neighborhood monitoing, Stingray deployments, and the ‘inside scoop.’
Where did they get that….? Oh, yeah- years of carefully crafted DEA narrative, mdipensed upon a willing, albeit moronic foil. And, heaping hlepings of years worth of SOD data…