|
|
|
|
|
|
by steven2012
4531 days ago
|
|
|
I would probably try to track down the bitcoin used to purchase the URL. It might be anonymous to buy, but certainly the seller might not be as careful as the blog author. If the seller could be tracked down, then you would have a good idea of which city the person lived in. Then, if you really cared, you could set up malicious Tor nodes in hopes of getting traffic from that particular user. I only have a superficial knowledge of the Tor protocol, but I imagine if you set up a malicious first Tor node (a node that takes the initial incoming request from a Tor browser), you could track all the IP addresses, and mark any of them coming from that particular city. You wouldn't know what the person was seeing, but I imagine you could tell if there was activity on that particular IP address. From there, you could do some sort of analysis on the blog, and see if any updates correlate to traffic you see from that city based in the IP addresses that had activity at that particular time. Since the US has about 400k users in total, I would harbor a guess that maybe the top city might have 100k users max, and then if you could whittle down based on time, you should be able to narrow it down to 100 users. Then you start knocking on doors. The luxury organizations like the government have is that they can take their time and wait for you to make a mistake. |
|
|
So you can go from:
Domain seller -> "Anonymous persons bitcoin address" -> Bitcoin address of the person who sold him those BTC.
You then find that person (as i'm pretty sure they're not so focused on anonymity) and wrench-attack a description of this guy and location + time of the meet from him (and also the e-mail he sent to arrange it -- tone, etc).
CCTV camera footage of the meet/people in that area at the time, etc. Home and dry.