The mystery surrounding how the FBI managed to trace the geographic location of Silk Road web servers, which were supposed to be obscured behind the anonymity service Tor, has apparently been resolved.
According to former FBI agent Christopher Tarbell, Silk Road's login page employed a CAPTCHA that pulled content from the open Internet, revealing the online black market's IP address and thus its physical location.
Tarbell said that while examining the individual packets of data being sent back from the website, he along with another member of the CY-2 squad of the FBI New York Field Office noticed that the headers of some of the packets reflected a specific IP address that was not associated with any known Tor node as the source of the packets.
When they entered that IP address directly into an ordinary (non-TOR) browser, the Silk Road’s CAPTCHA prompt appeared. "Based on my training and experience, this indicated that the Subject IP Address was the IP address of the SR Server, and that it was 'leaking' from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor", Tarbell said.
For those who aren't in the know, the Tor network disguises your identity by bouncing your traffic across different Tor servers, but as clearly stated in the Tor how-to, it protects only those applications that are properly configured to send their Internet traffic through it.
Tarbell made the revelation in response to a request for information from defense lawyers, who had accused the government of carrying out searches in violation of the Fourth Amendment, and asked the agency to reveal if the operation involved NSA wiretaps.
The revelation comes around a year after the FBI shut down the Silk Road and arrested Ross Ulbricht, alleged owner of the website, who was charged with narcotics trafficking conspiracy, computer hacking conspiracy, and money laundering conspiracy.