Dark Web OpSec Failures

Not so sure. Don't remember the exact details but it involved a post on the shroomery website and another one on Stack Overflow and he was using the same handle on various sites. It seemed much easier to unravel than exploiting the Tor network, it was almost surprising it took them that long.

You're giving the guy a lot more credit than he deserves. Beyond the fact you don't have to use the TOR browser to access TOR, it's fairly easy to change the settings to remember passwords. Maybe he was forgetful? Maybe along with his guilty plea he gave them his credentials? Maybe he used the same username and password for everything?If they'd set up a sting involving a fake seller, it would be in their interest to publicise it. Our drug enforcement process is built around throwing the book

From the news reports I’ve read, including Ulbricht's, it's enough for law enforcement to just find out who you are.They can then set up a sting operation where the target inadvertently leaves their laptop exposed with the keys to the castle available while being arrested.

The criminal complaint says that he used the same username to publicize the site as well as on Bitcoin forums, where he listed his Gmail account and asked for help. From there, there's a whole lot of coincidences.They also got an image of his server, but no details on how they found the server are given. The complaint notes that another user warned him "an external IP is leaking", so the FBI might have found a weakness in his PHP setup. All it'd take is one command on the

He probably used tor or a vpn to hide location / ip info and that was the cincher.

They probably have/will, though we are unlikely to find out what they get unless they manage to arrest/charge/try him.Jia Tan probably used a vpn though - we know that they did for accessing IRC (source: https://boehs.org/node/everything-i-know-about-the-xz-backdo...)

No, it could be much worse than that. Law enforcement didn't immediately shut Alphabay down---they let it run compromised for several weeks, gathering evidence. If Hutchins made transactions during that period, he was at signficant risk, especially if he was under surveilance at the time---simple traffic analysis would be enough to connect him to activity on the site. It's very hard to hide the content of a conversation from one of its participants.

I'm curious how long it will be until this person is turned into an FBI informant (think Lulzsec and Sabu). The website has done some obscenely stupid things in the past, like leaving their real (non-Tor) IP address on error pages. Presumably the website is a large target, even just for it's common mention in media.

Seems similar to how Jeremy Hammond was caught: they suspected that he was a particular IRC user, and correlated his login/logout times with actual comings and goings from his residence.

This guy got arrested at least:https://www.securityfocus.com/news/126