> Based on forensic analysis of the Silk Road Web Server, I know that the computer code ... includes a customized PHP strip based on 'curl' that is functionally very similar to the computer code described in Ulbricht's posting on Stack Overflow, and includes several lines of code that are identical to lines of code quoted in the posting.
> Oh, and the encryption key on the Silk Road server ended with the substring "frosty@frosty." Whoops.
I don't know if that encryption key was a public key, or if they found it after gaining access to the server. But if it was public, then a search for the username 'frosty' would have turned up the SO profile.
You also can't do 'forensic analysis' on HTML to figure out the PHP code, so they must have used an exploit. Or like you say, it was retrospective, after taking control of the server.
> Based on forensic analysis of the Silk Road Web Server, I know that the computer code ... includes a customized PHP strip based on 'curl' that is functionally very similar to the computer code described in Ulbricht's posting on Stack Overflow, and includes several lines of code that are identical to lines of code quoted in the posting.
> Oh, and the encryption key on the Silk Road server ended with the substring "frosty@frosty." Whoops.
I don't know if that encryption key was a public key, or if they found it after gaining access to the server. But if it was public, then a search for the username 'frosty' would have turned up the SO profile.
You also can't do 'forensic analysis' on HTML to figure out the PHP code, so they must have used an exploit. Or like you say, it was retrospective, after taking control of the server.