On Friday, September 5th, the FBI finally released how they were able to hack the Silk Road website, the notorious black market trading site that used Bitcoin as a currency. According to the FBI, they took advantage of an improperly configured captcha service, to identify the real IP address of the Silk Road servers. The Silk Road servers were running anonymously as a hidden service on the Tor network, but this exploit supposedly allowed the FBI to see their true identity.



However, on Sunday, September 7th, security researcher Nik Cubrilovic released an analysis claiming that the FBI isn't being honest about their tactics.



"The idea that the CAPTCHA was being served from a live IP is unreasonable. Were this the case, it would have been noticed not only by me – but the many other people who were also scrutinizing the Silk Road website. Silk Road was one of the most scrutinized sites on the web, for white hats because it was an interesting challenge and for black hats since it hosted so many bitcoin (with little legal implication if you managed to steal them)." -Nik Cubrilovic



He then continued on why this revelation is important...



"The FBI have good reason to not mention any bugs or forcing the server to do anything, and to pretend that they simply picked up the IP address from the wire, since such actions would raise concerns about how lawful their actions in uncovering the IP address were. What we do know is that their description of “packet sniffing” for the IP through a “leak” is impossible." -Nik Cubrilovic