I'm not sure one way or the other, and while it's clear that Ulbright was fairly sloppy, there are a few instances of serendipity:
1. The agent randomly (?) stumbling on a LinkedIn profile which matched the timeline/description of the Silkroad project, which prompted to seek another unidentified agent which had all kinds of juicy deets on the suspect.
2. CBP intercepted a package addressed to Ulbright containing a bunch of counterfeit official documents during a "routine border search".
3. Found Tor/PHP/curl-related posts on Stackoverflow from his real name account, but also says he changed his name/email to a fake one. Did they happen to stumble on it before he changed his name? Or had some kind of access to an earlier archive? Or cooperation from Stackoverflow? Unclear.
I'll update more as I run into them. Super interesting read.
Still, it's clear that they've done a ton of research on Silkroad and DPR. The notes are thorough and accurate. A job well done.
I think that the main slip-up was the use of the same account on BitcoinTalk to both promo SR and to post his personal Gmail account to try to hire Tor experts. Everything else listed above sounded like it either came chronologically after that discovery (the CBP intercept) or it was a result of that discovery (the StackOverflow and LinkedIn accounts)
> 1. The agent randomly (?) stumbling on a LinkedIn profile which matched the timeline/description of the Silkroad project, which prompted to seek another unidentified agent which had all kinds of juicy deets on the suspect.
Sounds like parallel construction to give them a legal way to introduce evidence.
I'd imagine the NSA has crawlers that can parse LinkedIn profiles enough to make good guesses on who is likely to be involved in hacking, criminal entrepreneurship, etc., and to pull out relevant dates and other indications of ideological shifts or large secret projects. Cross-reference with banking records to show when someone is unemployed for a long time and yet still has unexplained funds... DPR was probably on a reasonably short list.
The curl part is also pretty shoddy btw. Would you really use curl to setup a server running behind TOR? I don't have adequate 'training and experience', but it seems natural that website working through TOR should use normal web server software behind some sort of reverse proxy, not curl. He, whoever, wrote that document, seems to imply that questions about curl and TOR network are necessarily connected with running a website through it. He also doesn't mention dates of the questions.
The curl code was probably for querying the latest exchange rates from Mt Gox. It's important he made sure those queries went out through TOR because otherwise they could be used to trace the Silk Road server.
1. The agent randomly (?) stumbling on a LinkedIn profile which matched the timeline/description of the Silkroad project, which prompted to seek another unidentified agent which had all kinds of juicy deets on the suspect.
2. CBP intercepted a package addressed to Ulbright containing a bunch of counterfeit official documents during a "routine border search".
3. Found Tor/PHP/curl-related posts on Stackoverflow from his real name account, but also says he changed his name/email to a fake one. Did they happen to stumble on it before he changed his name? Or had some kind of access to an earlier archive? Or cooperation from Stackoverflow? Unclear.
I'll update more as I run into them. Super interesting read.
Still, it's clear that they've done a ton of research on Silkroad and DPR. The notes are thorough and accurate. A job well done.