It was just about a month ago when the Justice Department kicked to the curb the attorneys representing the alleged Silk Road mastermind. The government said there wasn't a National Security Agency "bogeyman" needed to discover the illicit drug site's servers as the defense lawyers alleged.

Instead, the authorities said poor programming by defendant Ross Ulbricht allowed the FBI to easily discover the Icelandic servers because of a leak in the site's login CAPTCHA.

"Ulbricht conjures up a bogeyman – the National Security Agency (“NSA”) – which Ulbricht suspects, without any proof whatsoever, was responsible for locating the Silk Road server, in a manner that he simply assumes somehow violated the Fourth Amendment," Serrin Turner, the assistant US attorney in New York, had written in a September court filing.

But government documents handed over to defendant Ross Ulbricht's defense team have prompted the defense to cry foul.

Ulbricht attorney Joshua Horowitz, in a new legal filing, wrote that the "explanation of how the FBI discovered the server's IP address is implausible." [PDF]

For starters, he said, the government has maintained no record of packet logs [PDF] of the FBI actually capturing leakage from the CAPTCHA.

"Failure to preserve packet logs recorded while investigating the Silk Road servers would defy the most basic principles of forensic investigative techniques," Horowitz wrote Wednesday.

US District Judge Katherine Forrest in New York on Friday ordered [PDF] the government, if it wanted to, to respond by Monday.

Nicholas Weaver, a University of California, Berkeley computer scientist, has analyzed the documents that the government provided and said traffic logs indicate that the FBI "didn't see leakage" from the login page.

“What happened is they contacted that IP directly and got a PHPMyAdmin configuration page," Weaver said on KrebsOnSecurity.

All of which begs the question, again, of how the authorities discovered Silk Road's servers, he said.

"That’s still the $64,000 question," Weaver said. “So both the CAPTCHA couldn’t leak in that configuration, and the IP the government visited wasn’t providing the CAPTCHA, but instead a PHPMyAdmin interface. Thus, the leaky CAPTCHA story is full of holes.”

The underground drug website Silk Road was shuttered last year as part of a federal raid and was only accessible through the anonymizing tool Tor.

The government alleges that Ulbricht, as Dread Pirate Roberts, "reaped commissions worth tens of millions of dollars” through his role as the site's leader. Trial is set for next month.