[tor-talk] Harvard student used Tor to send bomb threats, gets caught by old-fashioned policework
spaceman
spaceman at antispaceman.com
Wed Dec 18 22:38:26 UTC 2013
>From what I got they simply used timings:
1. They knew when the email arrived give or take (from headers).
2. They knew who connected to Tor at that particular time (from
network logs).
Even on college campus there might be a couple of Tor users. I would
have used SSH to get to a 'unmonitored network', Tor and then mixmaster.
spaceman
On 11:12 18/12/2013, Adrian Crenshaw wrote:
> Not a lot of real details (and in case someone stumbles on this email
> outside of the list, I'm not trying to explain how he could have gotten
> away with it).
>
> I assume Harvard:
>
> 1. Either tracks folks that connect to Tor entry nodes, or Tor's download
> website.
> or
> 2. The looked at the "X-Originating-IP:" email header (Strangely, when I
> tested Guerrillamail put my IP in this header).
>
> then:
> Figured it was Tor traffic, and looked to see who was using Tor on the
> campus network, and associate the MAC address with who signed on to their
> wireless.
>
> The guy apparently confessed, but they may not have really had anything on
> him besides using Tor. The cops may have said "Tell the truth and we will
> go easy on you", which was not in his best interest.
>
>
> Adrian
>
>
> On Wed, Dec 18, 2013 at 8:38 AM, Nils Kunze <kunze.nils at gmail.com> wrote:
>
> > Hi!
> >
> > I stumbeled upon this on facebook [1] where Nicolas Kristof wrote:
> >
> > "A Harvard student has been charged with using an anonymous email address
> > and Tor to disguise his identity, and then sending a bomb threat to get out
> > of a final exam. What's remarkable to me that he was caught despite taking
> > smart steps to hide his identity. Here's the FBI affidavit explaining how
> > they caught him: [2]"
> >
> > Apparently he used Tor in the university network to send the emails via
> > Guerrilla Mail. The university was able to figure out which student used
> > Tor in their network before the emails where sent and he then confessed
> > when confronted.
> >
> > I thought this might be of interest!
> >
> > Best,
> > Nils
> >
> > [1] https://www.facebook.com/kristof/posts/10152046960187891 (attention
> > links to facebook)
> > [2] http://cbsboston.files.wordpress.com/2013/12/kimeldoharvard.pdf
> > --
> > tor-talk mailing list - tor-talk at lists.torproject.org
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
>
>
>
> --
> "The ability to quote is a serviceable substitute for wit." ~ W. Somerset
> Maugham
> "The ability to Google can be a serviceable substitute for technical
> knowledge." ~ Adrian D. Crenshaw
> --
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
>
>
!DSPAM:52b223e345274588861166!
More information about the tor-talk
mailing list