[tor-talk] Harvard student used Tor to send bomb threats, gets caught by old-fashioned policework

Greg Norcie greg at norcie.com
Fri Jan 3 01:22:38 UTC 2014


Was this failure technical though?

Unless I'm misunderstanding the situation, If the kid had invoked his
right to stay silent, I'm under the impression all they could prove is
that he used Tor - not that he sent a particular email.

Beyond a reasonable doubt is a high hurdle to clear.

However, less scrupulous governments might not have as high of hurdles -
especially ones where simply communicating anonymously is in itself, a
thoughtcrime.

- Greg

On 1/2/14, 7:11 PM, C B wrote:
> I agree that we need to make Tor so simple and so bulletproof that it is not possible to use something like timing to make deductions. The fact that only one student may have used Tor introduces another vulnerability that needs to be removed in some manner. We do need to use examples of people using Tor for evil purposes to learn how to make it useful for people who use it for good purposes. We can not distinguish between the two, but we will never know if we have succeeded unless we have examples of failures.
>  
> --
> Christopher Booth
> 
> 
> 
> On Thursday, January 2, 2014 6:41 PM, Tempest <tempest at bitmessage.ch> wrote:
>  
> tor at bitmessage.ch:
>>
>> In the spirit of Jake's 29c3 talk, I think we can decide as a community
>> not to brush off high-profile attacks against people using Tor with
>> arguments like "oh, it was an old Firefox vulnerability and some users
>> weren't running the latest available code" or "oh, obviously universities,
>> companies, and maybe ISPs retain enough data to make 'standard police
>> work' enough to de-anonymize someone using Tor." 
> 
> "rtfm" applies since info on torproject.org, in addition to other
> sources, mentions the threats you are concerned about in regards to
> identity correlation. some people will read it. some won't. it should
> not take a genius to understand that signing in to any service with
> identifying credentials for the purpose of net connectivity is not the
> smartest of methods if your networking activity could result in you
> being prosecuted. i'm not implying i'm against any steps to make the
> process more user friendly. but, in this example of the alleged bomber,
> it just doesn't really apply. this is someone who acted in haste without
> taking the time to rtfm. as hard as you may try, you cannot protect
> against that.
> 
> 


More information about the tor-talk mailing list