Earlier this week, Adrian Chen wrote [a great exclusive](http://gawker.com/5805928/the-underground-website-where-you-can-buy-any-drug-imaginable) for Gawker about the online market for illicit drugs Silk Road. I strongly commend the piece to you. The site is only accessible via the [anonymizing router network TOR](http://en.wikipedia.org/wiki/Tor_(anonymity_network)), although it is [viewable using tor2web](https://ianxz6zefk72ulzz.tor2web.org/). Transactions are made using bitcoins, the virtual digital currency I’ve [previously](http://techland.time.com/2011/04/16/online-cash-bitcoin-could-challenge-governments/) [written](http://techliberation.com/2011/04/16/bitcoin-imagine-a-net-without-intermediaries/) about, and which I explain in a [new video for Reason.tv](http://www.youtube.com/watch?v=yYTqvYqXRbY&feature=youtu.be&t=16s) (below), also out this week.

After his piece was published, Chen added the following addendum:

>**Update:** Jeff Garzik, a member of the Bitcoin core development team, says in an email that bitcoin is not as anonymous as the denizens of Silk Road would like to believe. He explains that because all Bitcoin transactions are [recorded](http://en.wikipedia.org/wiki/Bitcoin#Transactions) in a public log, though the identities of all the parties are anonymous, law enforcement could use sophisticated network analysis techniques to parse the transaction flow and track down individual Bitcoin users.

>”Attempting major illicit transactions with bitcoin, given existing statistical analysis techniques deployed in the field by law enforcement, is pretty damned dumb,” he says.

I’ve been [asked](https://twitter.com/#!/elidourado/status/76088980852064257) by several folks about this: just how anonymous is bitcoin? My answer is that we don’t exactly know yet. Yes, all transactions are recorded in the public ledger that is the bitcoin network, but all that means is that you can see how many bitcoins were transferred from one account on the network to another account. This tells you nothing about the identity of the persons behind the accounts. Theoretically, you could identify just one person on the network and ask them (or coerce them) to identify the persons from whom they received payments, then go to those persons in turn and ask them who they accepted payment from, etc., until you’ve identified everyone, or just a person of interest. But you can imagine all the reasons this is impractical. More likely, a bitcoin user will be revealed through [identifying information inadvertently revealed](http://forum.bitcoin.org/index.php?topic=8.msg10621#msg10621) in the course of a transaction.

That all said, it seems that this week has also brought us a “natural experiment” that might settle the issue. LulzSec, the hacker group responsible for the [recent PBS hack](http://www.nytimes.com/2011/05/31/technology/31pbs.html), this week [announced](http://www.informationweek.com/news/security/attacks/229900111) that it has compromised the personal information of over a million Sony user accounts and has released a batch of 150,000. Here’s the thing: LulzSec is [accepting donations via Bitcoin](https://twitter.com/#!/LulzSec/status/76388576832651265) and [say they have received](https://twitter.com/#!/LulzSec/status/76667674947633152) over $100 so far. The group’s bitcoin receiving address is 176LRX4WRWD5LWDMbhr94ptb2MW9varCZP. Also, while in control of PBS.org, the group [offered vanity subdomains](https://twitter.com/#!/LulzSec/status/75159378801598464) (e.g. techliberation.pbs.org) for 2 BTC each.

So, here’s a high-profile group the FBI and Secret Service are no doubt itching to get their hands on. A bitcoin receiving address for them is public. I guess we’ll find out how anonymous it is.

SHARE: 25 comments