Ross Ulbricht, allegedly "Dread Pirate Roberts" who made a billion-dollar black market bazaar out of Silk Road (SR), is set to stand trial in a month for narcotics trafficking and related charges. His lawyers are currently duking it out with the Department of Justice in pre-trial motions about how the government found Ulbricht.
Because SR existed in the deep web and was accessible only through the anonymizing Tor browser, Ulbricht's attorneys say that in order to find SR's servers, the FBI must have hacked Ulbricht and conducted a warrantless search, thus violating the man's Fourth Amendment rights.
Assistant U.S. Attorney Serrin Turner filed a motion for the prosecution saying that if the FBI did hack – and he's not saying they did – but if they did, it was legal, because the servers were in Iceland:
In any event, even if the FBI had somehow 'hacked' into the SR Server in order to identify its IP address, such an investigative measure would not have run afoul of the Fourth Amendment. Because the SR Server was located outside the United States, the Fourth Amendment would not have required a warrant to search the server, whether for its IP address or otherwise.
Given that the SR Server was hosting a blatantly criminal website, it would have been reasonable for the FBI to 'hack' into it in order to search it, as any such 'hack' would simply have constituted a search of foreign property known to contain criminal evidence, for which a warrant was not necessary.
Turner's statements come in response to defense lawyer and tech specialist Joshua Horowitz who in a court filing last week stated that the "explanation of how the FBI discovered the server's IP address is implausible" and that their apparent "failure to preserve packet logs," or bundles of relevant data, "recorded while investigating the Silk Road servers would defy the most basic principles of forensic investigative techniques."
Wired points out that Turner doesn't "directly contest Horowitz's description of the FBI's investigation. … Instead, [he] obliquely argue that the foreign location of the site's server and its reputation as a criminal haven mean that Ulbricht's Fourth Amendment protections against unreasonable searches don't apply."
The government claims it discovered the servers' locations because of an improperly configured CAPCHTA (one of those "prove you're human" garbled typing tests). Several Internet security experts, like Brian Krebs of Krebs on Security, Nicholas Weaver of Berkeley's International Computer Science Institute, and Robert Graham of Errata Security have said that the FBI's story is full of technical holes.