Every time you log onto the Internet, you leave evidence of who you are, where you went and what you downloaded. The way that Ross Ulbricht of the Silk Road got busted provides a good lesson in how you can keep yourself safer online.
Connections Are Not Hard to Make
When a well-known, illegal site gets taken down by investigators, it’s pretty natural to assume that some sort of technical wizardry was involved in the bust. Sometimes, illegal sites and even entire networks are taken down using mostly technical means. The botnet-busting tool that Microsoft created is a good example of one of the resources that law enforcement and ISPs might use.
There are plenty of other tools that law enforcement, or even malicious identity thieves, can use to figure out who someone is online, even if that certain someone is trying to stay anonymous. Ulbricht’s case provides a good lesson in how both technology and habits can be used to protect one’s identity, and how ignoring one or the other can lead to getting busted or exploited.
Small Mistakes, Big Consequences
Ulbricht and his infamous site, the Silk Road, were not taken down by technical means alone. One of the law enforcement professionals most responsible for figuring out Ulbricht’s identity was an IRS investigator. Pouring through Google searches for information, he made connections between Ulbricht, his old aliases and the Silk Road that were enough to let investigators know that Ulbricht was their man.
What the IRS investigator did was basic police work. Even though his colleagues didn’t seem inclined to employ such procedures, the IRS investigator, Gary Alford, kept looking for connections; a trail that would eventually lead him to the true identity of the man behind the Silk Road, known only to investigators as Dread Pirate Roberts at the time.
Alford found a chat room posting by a user named altoid, made just before the Silk Road launched, that mentioned the site by name. He then started investigating altoid and, after some searching, found a post where altoid gave his email address, firstname.lastname@example.org.
Further connections, including a fake ID shipment to Ulbricht in San Francisco, political similarities between posts made by Ulbricht and Dread Pirate Roberts, and other information eventually led investigators to conclude that Ulbricht was their man.
While technology was certainly at the heart of the Ulbricht investigation and integral to how he got busted, that trail of breadcrumbs that Ulbricht left certainly played no small part in the downfall of the Silk Road.
Understanding how not to leave a trail that investigators can follow is integral to maintaining anonymity. We’re not endorsing criminal schemes here. Keep in mind that, in some nations, what’s considered illegal and potentially cause for imprisonment or persecution might be as simple as speaking out against the ruling regime. If you don’t want to get caught, making sure you’re not leaving a trail of evidence that points right to you starts with your habits.
Posting Under Your Real Name
An alias can be used to conceal your identity, but it only works up to the point that there’s one piece of information out there that links your real identity to your alias.
As soon as one piece of connecting information is created, the alias should no longer be considered safe to use. Ulbricht’s “altoid” alias is a good example of how a single connection between an alias and one’s real name can be found and exploited by someone smart enough to do the police work.
Posting Your Politics Can Also Be Risky
Many of the people seeking to conceal their real identities from law enforcement are likely political dissidents, journalists, whistleblowers and others who have legitimate reason to fear unfair retaliation from government or corporate entities.
It’s important to remember that what you say under the guise of an alias can be used to link that alias to your real name, if you’re repeating many of the same things under your real name that you also post under an alias.
Ulbricht was a fan of radical free-market ideology and wasn’t shy about saying so. His political posts, the politicians and political thinkers he admired and other information was used to verify the connection between the Dread Pirate Roberts alias and Robert Ulbricht.
If you are a dissident of some sort, or a journalist or anyone else who might find themselves in danger due to speaking truth to power, remember that what you say can be used to connect an alias to your real identity.
If possible, never use your real name to post anything that could get you in hot water. For instance, if you’re launching a hidden service on Tor, as Ulbricht did, don’t ask for technical assistance using an email address with your real name in it. Not too clever, there.
Hide Your Digital Tracks
Protecting your anonymity using technology is actually a bit easier than maintaining clean aliases and watching what you post.
When investigators started to suspect that Ulbricht was Dread Pirate Roberts, they found no shortage of evidence to confirm their suspicions. For instance, according to the Times, Dread Pirate Roberts had been tracked logging into the Silk Road from a café within easy walking distance of Ulbricht’s address.
They also found that Ulbricht had sought out programmers using an alias that matched the name of the computer he used to log onto the Silk Road website.
There are ways that such connections can be obscured.
First and foremost, aliases should not be recycled or obviously connected. Think of them like passwords. Make each one unique and be sure that it’s not just a variation on one that you’ve used already.
Using a VPN can prevent people who might be monitoring you from determining where you’re located when logging into any given resource. Even if you are using Tor, it’s possible for investigators to see that you’re logging into the service, even if they can’t see exactly where you’re surfing once you’re on the Tor network. Of course, if they’re monitoring a Tor site, they can just wait for you to show up, see where you’re located and add that to their pool of evidence.
Using a VPN can obscure your tracks enough that figuring out where you’re actually located can be virtually impossible. Between shared IPs, privacy-friendly jurisdictions, anonymous payment methods and services that don’t keep logs, you can make it nearly impossible for anyone to track you.
Secure Your System
If your computer is already compromised, a VPN cannot protect you as it should.
If you need to stay incognito, consider using a separate computer, or at least booting into a different OS, for sensitive work. Remember that Ulbricht’s computer name, also used as an alias, was part of the evidence investigators used to catch him.
There are any number of means you can employ to make yourself a harder target in this regard. Consider using Linux, for instance, as an alternative to Windows or Mac OSX. Don’t store any identifying information on the Linux computer and always use your VPN when you’re online.
While using a Wi-Fi connection at a coffee shop or other location can make it harder for investigators to figure out who you really are, alone it’s not enough. Using a VPN, a public connection, aliases that cannot be tracked back to you and being very careful about what you say are all good policies for protecting your privacy.
Just keep in mind that staying anonymous requires that you use the right technology combined with sensible security habits.