Deep Web, the riveting documentary airing on EPIX at the end of May, has nuggets like this one from Nicholas Weaver, of the International Computer Science Institute:
“The Tarbell declaration, to put it politely, seems vaguely disconnected from the truth. Depending on which security expert you ask, you will get: ‘it’s vaguely disconnected to the truth,’ to ‘it is a massive pile of bovine excrement.’
What Tarbell’s story was is:
He was typing away at his computer, visiting the Silk Road website and the CAPTCHA was transmitted in the clear, and he somehow saw the IP packets go directly to the server. And so he then connects to that server and gets the CAPTCHA. Game over; they found the backend server.
Unfortunately, this was playing fast and loose with the truth. Because the logs provided to the defense show that what Tarbell found was not the CAPTCHA image, but instead a PHP my admin page. The server was running some stuff over the clear, but not the CAPTCHA. So Tarbell’s story doesn’t mesh with the FBI’s own evidence.”