[pwny]

As another commenter suggested in the article, the government probably found the man because of factors external to TOR, such as the delivery address and the payment processor/information he used.

I don't believe the TOR network was compromised just yet, although I wouldn't test that assertion by buying drugs on it...

[victork2]

Not entirely true, see here:

http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29#Wea...

"security consultant, revealed that he had intercepted usernames and passwords for a large number of email accounts by operating and monitoring Tor exit nodes.[27] As Tor does not, and by design cannot, encrypt the traffic between an exit node and the target server, any exit node is in a position to capture any traffic passing through it which does not use end-to-end encryption such as TLS."

It's strongly suspected that China used that method to arrest some opponents of the regime that were talking with TOR. I don't know if Australia has the same level of organization and can drop into communications like that though.

For this story, it really looks that they just used other factors than TOR to find out this guy.

edit: apparently Silk Road is 100% TOR, so it does not work in that case! Mea culpa

[icebraining]

Exit nodes are only relevant if you're communicating with servers outside the TOR network. Silk Road runs as a Tor hidden service[1], which means you never go through an exit node, it's TORified (and therefore encrypted) end-to-end.

[1]: http://en.wikipedia.org/wiki/Tor_(anonymity_network)#Hidden_...

[sp332]

Silk Road is only available via TOR, so there is no exit node involved.

[Natsu]

One other possibility is to hack the computers running Silk Road itself. It's a rather high value target, so I'd be surprised if they didn't try. They could also order drugs from it in order to find out how they were being packaged and alert customs to any new techniques. In fact, there are quite a lot of things they could do, none of which require compromising TOR or Bitcoin.

[pwny]

Thanks for the link, this is very interesting.

Although by transmitting any personal information (email address, etc) through a supposedly anonymous network you kind of limit the benefit of said network.

[ChuckMcM]

As with most things, hard goods require moving through meat space to get from seller to buyer. Having followed the laments of law enforcement officers (LEOs) from the bad old days when we joked you couldn't legally be deported if you had the source code to RSA tattooed on your skin, to today. The lament is more about 'costs' and less about 'effectiveness.'

None of the security work that protects civil liberties makes it 'impossible' for LEO's to do their job, it just keeps it more expensive. The debate over GPS trackers, where the FBI claims they should be allowed since they could also just follow them around in a car makes this point boldly. Then just follow them around. Is the correct response, not "Here is a way to make the economics of liberty impairment work in your favor."