Slashdot Mirror
Harvard Bomb Hoax Perpetrator Caught Despite Tor Use
Meshach writes "The FBI has caught the student who called in a bomb threat at Harvard University on December 16. The student used a temporary anonymous email account routed through Tor, but the FBI was able to trace it (PDF) because it originated from the Harvard wireless network. He could face as long as five years in prison, three years of supervised release and a $250,000 fine if convicted. He made the threat to get out of an exam."
Whenever you peel back the layers of an onion, someone is bound to cry.
Science advances one funeral at a time- Max Planck
Will be giving him his next exam.
"Whenever the cause of the people is entrusted to professors, it is lost." ~ V.I. Lenin
We can either live in a future where little jackwagons can effect a denial-of-service attack on society, or
we can spank the crap out of the idiots so that this kind of noise is minimized. Same goes for rape/hate crime hoaxes.
Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
And therefore they'll put him in rehab rather than prison.
Unless he's not affluent enough for his affluenza to be strong enough to cover this crime, after all, he called in a bomb threat, rather than killed four people in a drunk-driving incident.
Not neccessarily. His access to Tor via the campus wifi matched the timing of the emails enough to get him in a room, and then he confessed. Without the confession there'd be a lot less certainty of conviction, as the presumption of innocence would probably compel a jury, in the absence of any other compelling evidence, to find him not guilty.
Moral of the story: Don't talk to cops.
(also, don't make false bomb threats. They're stupid)
...but because he was the only one on the whole campus wifi that used Tor that day.
Lesson to learn: Keep your endpoint traffic able to be lost in the noise, or ya' stick out like a sunflower in a coal mine.
I.E. SSH somewhere *THEN* Tor.
Really?! Smart man.
Avoid exam?
Bomb threat!
Police arrive?
Immediately confess!
The evidence itself was completely circumstantial. Without a confession they surely had nothing.
They had no way to prove anything other than:
1. Guerilla Mail was accessed by Tor to send the e-mails.
2. Kim is a Harvard student that recently accessed Tor.
I read the PDF (shock).
It sounds suspiciously like they just checked the logs to see who had visited Tor related websites and then went and interviewed the handful of people who happened to visit these sites within a few days. Maybe interview those who had exams in the 4 listed buildings at the designated time?
Or, possibly, they just checked who had used Tor in the last few days on their network - can you ID a Tor packet by looking at it?
It doesn't sound like they needed to crack Tor.
They contacted the email provider, who gave up access logs for the mail accounts, which revealed that the user had come from Tor. They could correlate those records with Harvard's own records of who logged into their network and used Tor. They questioned him and he confessed; I bet the number of Tor users at Harvard at that time was small enough to brute-force. This is not an instance of the government unmasking a Tor user, this is good police work and a weak willed idiot.
In our next lesson we will learn delayed email deliver functionality. Stay tuned!
Love many, trust a few, do harm to none.
" as the presumption of innocence would probably compel a jury, in the absence of any other compelling evidence, to find him not guilty."
LOL, you believe too much what the tv tells you.
also, don't make false bomb threats. They're stupid
Don't make real ones either. They're even stupider.
... to use TOR, but then gave a full confession during an "interview", throwing his right to remain silent (and to have a lawyer present during questioning) out the window?
From the pdf
"Harvard University was able to determine that, in the several hours leading up to the
receipt of the e-mail messages described above, ELDO KIM accessed TOR using Harvardâ(TM)s
wireless network."
So Harvard keeps track of your connections. Still circumstancial but he confessed.
"KIM then stated that he authored the bomb threat e-mails described above."
It doesn't much help his case that circumstantial evidence pointed everyone more or less immediately at the Harvard campus, and thus at the first layer of the 'onion'. Tor is only minimally better (if at all) then straight SSL/TLS if the operator of hop #1 has strong reasons to be suspicious of Tor traffic within a set time period.
He made the threat to get out of an exam.
he won't have to worry about that any more
I expected more from a Harvard student.
A couple of hours of online research should have taught him to, at least, connect through a cracked wifi far from his neighborhood. Or, if he was computer illiterate, to convince someone from another country to send the mails for him.
Also, once he decided to avoid the exam in a way that could land him in prison, why use a method he didn't understand, instead of burning down the building or paying someone to send the teacher to the hospital?
However, the first question I would ask him would be if he had considered that simply approaching the teacher and explaining him that he and all his family would be killed unless the exam was postponed, carried a shorter jail time than a terrorist threat.
In conclusion, clearly in Harvard they are not teaching how to deal with real world problems pragmatically.
It's another case of "use of a tool which gives you plausable deniability makes you the most likely candidate". Compare multiple-key disk encryption. And guys with stockings over their heads.
Indeed, all they needed to do was log the initial in-the-open connection to the service that then subsequently hides everything.
Also FatPhil on SoylentNews, id 863
The wonderful thing about shows like CSI is that it convinces criminals to implement absurd technical defences when their crimes will almost certainly be dealt with by old-fashioned police work.
No kidding!!! What do you say at this point?
(also, don't make false bomb threats. They're stupid)
. . . it seems that lesson is not on the curriculum at Harvard . . .
At least the guy wasn't a law student . . . that would have been even more hilarious!
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
When I went to primary school back in the '80s, there was a bomb threat almost every year around exam time at the beginning of summer.
"We mustn't be caught by surprise by our own advancing technology" -- Aldous Huxley
In fact, NSA broke TOR and wrote this nice story so that police looks good.
Was the guy ever catched ? Nope.
Did this happen during an English class?
It doesn't sound like they needed to crack Tor.
Of course, if the NSA has easy and simple ways of cracking Tor . . . they're not going to brag about it anyway:
"Go ahead, keep using Tor . . . it's safe and we can't crack it . . ."
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
I thought Harvard students were smarter than that.
It's kind of funny; in the instance of a network that log connection with very few tor users, NOT using tor would have been more efficient at hiding is identity. Should have gone the easy route of seven proxies.
They didn't know it originated from the wireless network. They knew it came from Tor. I could have sent it, for all they know. What they did know was the time it arrived. They played a hunch that it came locally (someone who planted/discovered the bomb on campus) and checked to see who had used Tor on their network at around that time, it's plain old fashioned detective work.
Put the suspect in a room with an interrogator and extract a confession ("We have you on the Tor network the exact same time the email for the bomb hoax came through", "You were the only person using it at the time (whether that is true or not) so we know you did it", "This will go a lot easier on you if you confess now"). Will the confession stand? Did they read Miranda rights? Was he offered legal council?
This reminds me of the news the other day - there have had a few bombs going off recently in Northern Ireland - with warnings. Anyhow, on Monday the news said that a man was being treated for burns in Belfast, which was thought to be linked to sectarian violence, my first thought was "FFS, now they're setting each other on fire", quickly followed by laughter when it turned out the incendiary device he was carrying detonated - serves the stupid fucker right.
... and they are not going to use it for this kind of case.
Why do you want the best for this dipshit?
If you're *innocent*, don't talk to cops.
If you're guilty, spill the beans immediately.
You seem to want to encourage criminals to waste the whole legal system's time? (Which, like everything in the end, is paid for by honest tax-payers.)
Also FatPhil on SoylentNews, id 863
Depends on who the "you" is. The list of entry nodes is public knowledge. Telecoms/Government agencies probably keep historic lists of entry nodes. So it should be trivial to show a connection to the Tor network. The PDF implied (to me) that the FBI just crossreferenced Harvard's log with their list of entry nodes.
To technically answer your question: Tor packets don't have a unique signature, but they all are of a known size.
This is one of the best-known ways to deanonymize people using Tor: timestamping entering traffic and exiting traffic. Tor itself explains they have no theoretical way to fix that issue and still maintain a system that is low-latency (there may have been a third feature as well, where they got to pick-2-of-3).
Your ad here. Ask me how!
What he should have said is he was browsing Silk Road but didn't buy or sell anything.
Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.
Most criminals are caught because they are stupid. And most criminals are stupid or they wouldn't get into crime in the first place. On balance, crime is a very high-risk / low-reward activity, so you have to be stupid or desperate to think it's a good idea.
Every time you join their wireless network, there is a click-through stating you agree that your traffic will be stored, should you do something stupid. Not in those same words, but close enough (at least in a series of two sentences... of which any Harvard student should be able to understand..
Most of their traffic capturing was put in because of a mandate from the MPAA and RIAA back quite a few years ago. They were either going to be sued for aiding and abetting or they had to keep logs of which students were downloading which Metallica songs. They don't keep the traffic just the IP headers (actually trends, not every IP header). This was very well publicized a few years ago and shouldn't be a surprise to anybody.
Additionally, the upstream provider is required to conform to CALEA laws anyway, which would have been able to provide the same types of reports. It would have required Harvard's assistance to translate an IP to a person (I'm more than assuming they would have been willing to do this as well). CALEA does not require ISPs to notify that their traffic is being recorded, but guess what -- anything that leaves your network is out there in the open and may be open for inspection.
Precisely this. Harvard keeps flow type logs, they found someone using tor. Pigs barfed on him, he cracked and confessed. The kid's a fucking retard, mostly for cranking people.
Please, don't use Tor to harass and be an asshole.
Real freedom fighters need Tor, not you and your lulz.
See who else really needs Tor: https://www.torproject.org/
And quit being assholes.
legal council? probably not. he's a terrorism suspect after all!!
world was created 5 seconds before this post as it is.
For an exam there are other solutions to skip out.
a) Redo the exam next year. If you have a problem with exams in general, see a psychologist. If you were only lazy, learn the next time.
b) If this is your last chance to get through. You could be sick, you could go to a doctor or psychologist who provides you with proper papers to skip the test.
c) You could realize that the topic your studying is not the thing you are interested in and find something else which is interesting.
d) You could throw a butyric acid into the hall of your university. Ok this would get you into real trouble, but not into prison for 5 years.
e) You could have an accident with a car. It could also be helpful to support option (b).
f) You could really try to go to the exam. What could possible happen bad? You fail. And? Your still alive. You could still find a way through live for yourself.
It seems they are cutting ethics classes in the Ivy league these days.
Moral of the story: Don't talk to cops.
You missed the part where he didn't want to take an exam. If he hadn't confessed, he would have had to take it. So he really didn't have a choice.
Ezekiel 23:20
(also, don't make false bomb threats. They're stupid)
Does this mean real ones are smart?
Everything I write is lies, read between the lines.
Rule #9 of the American Justice System: To a jury, any doubt is reasonable; the better the case, the worse the jury; a good man is hard to find, but 12 of them, gathered together in one place, is a miracle.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
If he'd just called it in from a pay phone, they'd never have found him.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
I thought the sensible thing was
"Sensible" here being used in a wholly relative sense, I assume.
systemd is Roko's Basilisk.
The PDF says he signed a waiver of Miranda rights.
The linked article is confused... but Emerson Hall houses the philosophy department, so it was a philosophy final.
Which is incredibly ironic, since those are generally a matter of opinion or history, which means he could likely have passed it in any case, given that he was a psychology major with a minor in Japanese, so it was kind of a pass/fail class for him anyway. I wonder if any of the news organizations have talked to Professor Gary King (Kim was his research assistant).
(also, don't make false bomb threats. They're stupid)
. . . it seems that lesson is not on the curriculum at Harvard . . .
At least the guy wasn't a law student . . . that would have been even more hilarious!
Was he a Comp Sci student?
That's one of the major reasons Tor users encourage others to use Tor too. Same with encryption.
Unfortunately, tor is so damn slow that it is virtually unusable for anything that doesn't absolutely have to be hidden.
Result: only people who have a very good reason to do so will use tor...
Or has it become faster in the recent years?
that would be a big red flag because, you know...Silk Road is shut down.
never bring a twinkie to a food fight.
Remember the days when this story wouldn't even have made the local paper? Seriously, 25 years ago your average school saw one of these every few years. It headlined the school paper, the local cops investigated, but the FBI? National news? Heck no.
Who needs terrorists when we now pay large corporations and government agencies to spread panic? Quit terrorizing the nation to protect your job security and let me know when something actually blows up.
And in lesson three, we'll learn the age old trick of going down to the local busy Starbucks with a fresh install of *OS and then use the Tor. This might extend the time it takes the feds to knock on your door to over 24 hours!
What other people think of me is none of my business
maybe he was told that better to confess since they "know" it is him.
wouldn't be the first time, you know.
world was created 5 seconds before this post as it is.
(also, don't make false bomb threats. They're stupid)
I work at a University. You can always tell when the exam periods have started by the fact that you are constantly seeing fire engines on campus.
Students do the most stupid things to get out of doing an exam they have not prepared for.
I have also seen fake student IDs so someone else can sit the exam and other dodgey dealings. It sucks for the staff (I have lost count of the amount of times I have had to evacuate the data centre/office due to a fire alarm) and also screws over the other students since they often need to resit the exam. It also costs the university money since they get charged for every fire department response.
You missed the part where he didn't want to take an exam.
He didn't want to take an exam that day (probably because he had started studying way too late). He wouldn't probably object taking it 1 week later (or whatever date it would have been postponed too).
If he hadn't confessed, he would have had to take it. So he really didn't have a choice.
Even that is no guarantee. Maybe the cops will "allow" him to take the exam from prison?
Just study, it's easier.
Moron. I don't care how innocent or guilty you are.
Don't talk
Demand a lawyer (only time you can talk)
Don't sign anything
Don't fucking talk!
Did I mention not talking?
By the time your lawyer arrives you should need a glass of water because your lips will be stuck together from all the not talking you were doing.
Or, and I'm just spitballing here, don't do any of that. Instead, use persuasive arguments to convince people to follow your will instead of trying to impose it via violence or threat of violence. Or even, if what you want people do do is legal to pay people to do, try that.
Can you be Even More Awesome?!
Considering that if it is a real threat (i.e. there's a real device planted) then yes, a real bomb threat is smart, in that it gives time for people to be evacuated.
Now actually *planting* a device in the first place is stupid.
... and they are not going to use it for this kind of case.
Bomb threat from unknown source? Boston? Possible foreign connections? The NSA is allegedly supposed to be involved in investigation of terror threats. It's the other stuff they're doing that's got people upset.
Any lawyer worth a Harvard education would bring up MAC spoofing.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
They will if the target is one of their political opponents :-)
I'm surprised he did it from his dorm (if, indeed, he actually did it). I thought the sensible thing was to go down to the local public library and/or coffee shop (without cameras) and do your shit from there.
Well, assuming that there aren't cameras in the local public library or coffee ship, the challenge is in getting there without showing up on any intermediary cameras.
That, after all, was one of the first things they scoured after the Marathon bombing.
"The student used a temporary anonymous email account routed through Tor, but the FBI was able to trace it"
It would seem that the Harvard wireless network is bugged.
True enough. Never let it be said that amphetamines are a perfect substitute for sleep.
Wrong, the moral is to study hard and stop attempting to make excuses for your failures.
Real freedom fighters need people to use Tor so they have some anonymity.
The ultimate irony is that even if Mr. Kim had taken the exam, and failed it, he still would have earned an 'A-' in the class.
Now he will suffer the ultimate punishment for a Harvard student: he'll get a 'B'.
Is that more or less work than actually studying for the exam?
Didn't you know it's back up and running for all those who don't understand about honey traps.
Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.
It's better than it used to be but it's still not going to win any speed awards. Does allow access to sites my arsehole government have blocked though.
Will only get worse now the great firewall is active (with auto opt-in for new customers), which btw doesn't just censor porn but also 'extreme political speech', I'd like to know who the fuck gets to determine what's extreme politics I can't view or not, personally I think it should be me, the government think otherwise.
Seven was good enough for Serenity. Oh, and Voldemort.
Defending IP by destroying access to it? That makes sense, RIAA/MPAA. Go to the corner until you can play nice!
So, that spelling's better then?
"When information is power, privacy is freedom" - Jah-Wren Ryel
No normal person calls in a bomb threat to get out of a final that will at most just end being delayed.
That YOU were (and are) an idiot doesn't mean everyone is. If your moronic logic was true, then the phone at your average school would never stop ringing. This guy (and since you clearly identify with him, you) is an asshole who thought nothing of creating a major nuisance for teachers and students because he wanted to get out of an exam. Ten to one you and him are the type who then later grow up... grow older and at the slightest provocation threaten to sue anyone and everyone for any delay or inconvenience.
It is the eternal excuse of the asshole: Everyone does it.
Nope.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Also, don’t make REAL bomb threats either. And don’t set off bombs to kill innocent people.
I think that’s good advice too.
Please, don't use Tor to harass and be an asshole. Real freedom fighters need Tor, not you and your lulz.
Almost everyone needs anonymity, at least some of the time. The more people use Tor (without cheating), the more robust is the network, so your uppity attitude is completely out of place. Tor is for lulz as much as it is for freedom fighting.
If well deserves some kind of punishment, i wonder how much punishment gets people that do real damage and actual consequences, like drunk drivers (that may have killed several people), rapists, or even people that beat others leaving them maybe permanently injured (and lets not touch the consequences of lying to the congress or stealing trillons). What used to be a practical joke it seem to worth more than things with real life consequences in the actual society.
(Third feature is minimizing bandwidth)
You can easily design a system with good anonymity and low-latency: arrange your network like a daisy chain. Timing and statistical attacks are useless when SNR is that low.
-- I was raised on the command line, bitch
Moral of the story: Don't do stupid shit like bomb threats. Really I can't believe anyone is idiot enough to do that shit above middle school age. To get out of a fucking exam? He deserves jail just for being an idiot.
College students are allergic to studying. It gives them hives and agida.
Common mistake for people speaking English as a second language. I doubt the AC can speak more than one language, because if he did, he would probably know this ;)
Except he didn't actually send the bomb threat! He only confessed to that lesser crime because what he was REALLY doing was seeding a pirated release of Gravity, and he knew if the police continued their investigation they might find out and he'd end up in jail for 10 years and have to pay $3 million in fines.
If you weren't ready to make that post, you could've called in a bomb threat.
#DeleteChrome
I think it is also worth noting that this is coming from Harvard. Not to say that other schools don't have similar issues but my point is that this is a very high end, private, and expensive university. And that that most of the people there are expected, and that is probably putting it lightly, to excel.
My point is that the higher the stakes the more people tend to be willing to do. Whatever those stakes may be. Be it some personal drive, parental urgings, or whatever. (And I'm talking about people that would otherwise be rational.)
Really, I know what I'm doing...Ohhhh, look at the shiny buttons!
I knew I should have added the joke tag. Damn.
Ezekiel 23:20
As a general rule, people resort to violence or threats of violence when their options for working within simple arguments do not work. There are very few nice ways to deal with a much more powerful foe who has no interest in compromise or capitulation.
One of the things I love about english is it has so much error correction built in that, even if one is going to be snarky about such mistakes, readers still know exactly what the person intended.
Actually, the Silk Road is back.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
More work of course, since it has real life applications, not like the mumbo jumbo you study in school.
Love many, trust a few, do harm to none.
Logging what? Just knowing that a MAC address attached to a particular access point doesn't get you from the MAC address to an actual human identity. Did they log what sites he connected to? Even that wouldn't get you all the way there. Log the actual content of packets?
Or is Harvard's WiFi network one those where you have to "log on" with an actual username/password, similar to what you see in hotels?
What's the matter, grandmothers don't die any more?
You are welcome on my lawn.
Is that more or less work than actually studying for the exam?
Ever met a truly lazy person?
You'd be amazed at the amount of work they're willing to do to get out of the work they're supposed to be doing.
An enigma, wrapped in a riddle, shrouded in bacon and cheese
Was the guy ever catched ? Nope.
Did this happen during an English class?
In OP's defense, he did already admit to being French.
Oh, wait - I guess that's not really a defense, is it?
An enigma, wrapped in a riddle, shrouded in bacon and cheese
One would expect he is kicked out of the university now. No more exam for him!
Not sure if this should be troll or insightful. I mean in all seriousness, people who make bomb threats tend to not be the ones capable of carrying out the crime. If you are going to commit a crime, you just do it, you dont go around bragging about it or making threats.
have you seen my sig? there are many others like it but none that are the same
I'm against true bomb threats, too. Just sayin'
sadly you are right. Fake or real, this is in fact the kind of threat the NSA is supposed to be following up on. But then they would have to do some actual work
have you seen my sig? there are many others like it but none that are the same
I don't think this guy should do jail time but I DO think he should be kicked out of Harvard (and given an automatic F for the class he was trying to avoid finals for. The incident should also be on his record but no fine or time. Being kicked out of Harvard and a felony on his record should be enough to ruin his future and indicate what kind of scumbag he is.
I miss the Karma Whores.
Harvard, sociopath, criminal. That is some megacorporation's new CEO.
The only thing worse than a Democrat is a Republican.
TOR is not an entity and even if they managed to get hold of the exit node there is no logs left there to point back to the previous node and so on.
All you really needed to do was pull a fire alarm just before the exam. By threatening with a bomb you not only escalated the level of involvement by "the authorities" when you got your butt caught -- don't you think that campus police would have been a better bunch of folks to have to deal with than the FBI -- but you'll likely never be allowed to set foot on a commercial flight for the rest of your life even after you've served your time. (In today's climate, one never really pays their debt to society. You're punished forever.)
CUR ALLOC 20195.....5804M
Lesson 4, avoiding video surveillance in the Starbucks. The cops could certainly question the handful of people using a computer after figuring out who they are from the pictures. They'd probably want to focus on the person seen using a CD or USB stick with that live distro.
So do it from outside the store --- but that looks even more odd and there are cameras everywhere.
What changed under Obama? Nothing Good
Say what? Why not just buy a cheap USB wireless stick (paying cash, of course) and send the message from a car parked outside of Panera Bread (or any other unsecured wireless network) and then throw the stick into the nearest storm drain? The only thing you have to do is use a MAC address not already registered in Harvard's DHCP tables to the student. While a proper geek would then edit the internal logs of the laptop -- a REAL geek on their LINUX (or possibly Mac) laptop where the logs are in straight ASCII and bone simple to edit -- to remove all trace of the DHCP connection and the MAC address of the stick. But even if they didn't do this, the trail ends at Panera, assuming that the student didn't go inside and get his face captured on the store video or the like. They would have to examine the logs of every laptop on campus to find the perp otherwise, and of course they'd never get a judge to agree to that.
I'm tempted to joke around about how multiply stupid this Harvard kid was compared to Duke kids -- not only failing a course but too stupid to even send in an anonymized bomb threat by email in an untraceable way -- but sadly to my direct experience there are Duke students who are (or have been in the past) just as criminally dumb and this is a real tragedy and not really something to joke over. The poor kid is probably sitting around in a daze trying to figure out how what happened, how he went from being a struggling (but probably really pretty bright) student at one of the best universities in the world to being a plea-bargained felon working off a hundred-thousand dollar fine selling coffee and cleaning toilets at Starbucks with no hope of ever attending anything better than a community college for the rest of his or her life.
Even when the experts all agree, they may well be mistaken. --- Bertrand Russell.
You DID remember to spoof your MAC address, right?
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
Congratulations the reward for correctly calling it was $1 million. Your reward will be split equally with everyone else who called it so you get $0.01 which you can claim at any time. Just send a self addressed stamped envelope to the Boston PD and they will mail you your penny.
-AndrewBuck
"TOR, which is also available free of charge on the Internet and which automatically assigns an anonymous Internet Protocol (“IP”) address that can be used for a limited period of time."
Considering that's not really how it works, I'm surprised this expert agent was able to track him down at all, lol. Although...
"KIM explained that he sent all of the bomb-threat e-mails from his MacBook Pro Laptop"
Now that narrows it down a bit in the access logs. I still can't figure out how they can detect the difference between TOR traffic and normal encrypted traffic like HTTPS-related traffic on their network. There had to have been 100 people on Facebook whose traffic looked exactly like Tor traffic. Is there some sort of initial identifying burst when Tor first launches that identifies the traffic?
Although I think the potential sentence is somewhat harsh, he did more than just a bad prank. He essentially threatened everyone in the building and the people concerned weren't to know that the threat was a hoax. Never mind the cost and disruption involved with bomb threats.
You're a temporary arrangement of matter sliding towards oblivion in a cold, uncaring universe
Now, THAT is something I can get behind.
Scenario A: I actually want to kill a bunch of people. WTF do I want to call it in for? Am I hoping that I'll get MORE people after they have evacuated the building?
Scenario B: I just want to get out of a test. Isn't it simpler just to start a fire in a trash can, and pull the fire alarm? You might get caught, but I imagine the penalty is less for a simple case of arson, than calling in a bomb threat.
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
You spent a lot of effort on this post, but you need to study tor a bit more. It's a collection of services and protocols. You might as well as talk about sending a subpoena to email. There is no email entity -- it's a collection of services and protocols. There are developers who write the programs that people can use either themselves or more commonly through a third party provider of email services (that third party is not "email" in an entity sense however). When you connect and use such services, it leaves obvious traces on the network. But you can't drive up to email's corporate offices -- they don't exist.
That's what happened to this guy, he used tor on the Harvard network, and the FBI probably just went and interviewed everyone who was using tor around the time of the emails. He was given a Miranda warning, ignored it, and then he caved. Case closed.
I think the main takeaway here is that sometimes, being anonymous makes you stick out like a sore thumb.
What changed under Obama? Nothing Good
... and they are not going to use it for this kind of case.
Bomb threat from unknown source? Boston? Possible foreign connections? The NSA is allegedly supposed to be involved in investigation of terror threats. It's the other stuff they're doing that's got people upset.
Why would the NSA crack TOR to spy on terrorists and such like they're supposed to when they can be stalking potential love interests and making sure their Significant Others are faithful?
On many campuses (mine included) you have to register your mac address with the IT department before you are allowed on the net. Until you register they redirect all your traffic to a registration page where you put in your univeristy username and password that you use for your univerity email and whatnot. You can of course do mac spoofing but they just take that to be a second machine and redirect you to the registration page again, so unless you steal someone else's name/password to register it to them they have you.
I am not sure how I feel about having such a system in place but that is how it works. Note that I am not from harvard but I assume they have some similar kind of thing in place. Someone above said you have to click a EULA type agreement everytime you log on to their network so it is not unreasonable to assume they are doing mac registration as well.
-AndrewBuck
Not only the feds sent a warrant to TOR, they also sent one to TCP/IP!
I stand corrected.
Even when the experts all agree, they may well be mistaken. --- Bertrand Russell.
I have absolutely no doubt what you say applies to this case, and also as you say, to many others.
Also FatPhil on SoylentNews, id 863
Except he sent the email 30 minutes before the exam, because he was desperate at the last minute.
Also, news at 10pm: Desperation makes teenager do stupid stuff.
I'd be very surprised if you could access the wireless network without logging on, WPA Radius would be my suspicion. I guess you could claim someone had stolen your password but still doesn't sound too 1337 to me.
If you think someone isn't free to have a different definition of "freedom" you may be a tyrant.
I once told a student "If instead of computing what you needed on the final to get an A to three significant figures, you put that time into learning physics, you'd be more likely to get an A."
OK, so the warrant idea was dumb and I should have taken more time to learn how TOR worked. But now that I've taken the time, consider the possibility that the TOR server one connects to belongs in fact to the NSA or FBI in the first place, or that they simply implement their monitoring and control on the upstream ISP feeding those servers. Note that the content of the message is irrelevant -- all that mattered was that a Harvard IP connected to a TOR server in the right general timeframe. It's actually interesting to see how one can attack TOR (beyond the scope of TFA) -- own enough of the toplevel servers and you quickly get an idea of who is connecting from where (and start to build a pretty good map of the intermediate nodes). Own enough of the intermediate nodes, and you begin to have enough keys to be able to decrypt intermediate traffic (the French claim that the critical number is around 1/3) and can probably identify nearly all of the exit nodes. So the really big question is -- when you hook into TOR, are you really hooking into a network of nodes contributed by freedom-loving selfless volunteers who are willing to donate substantial network bandwidth and processing time, or are you hooking into a network of nodes thoughtfully provided by the NSA through numerous plausible looking fronts, saving everybody the trouble of implementing a man in the middle attack by BEING the man in the middle?
From what I could glean, it looks like there is a very good chance that TOR has been spanned by the NSA for quite a while now. And how could one even tell if this is the case? Because there is no central authority, AFAICT anybody can contribute resources and there is no way to check on whether the resources are being contributed by people who support the concept or are seeking to subvert it. The entire model relies on the intermediate nodes being MOSTLY trustworthy, and it is almost certainly not valid if any significant fraction of those nodes are subverted. It also relies to some extent on there being "many" connections to the servers at any given time and not "few", partly because again AFAICT there are only three node hops in between, and because the nodes do not know if the traffic is a block message or keystrokes in a real-time interface they cannot institute any sort of systematic delay. Few to few connections can easily be sorted out if owns enough of the servers and/or nodes to be able to create a reasonably accurate table of all of the nodes AND are presumed to have access to the intermediate routers or the routers feeding particular services. I couldn't do it, but the NSA and by extension the FBI? Deep pockets, very smart people.
rgb
Even when the experts all agree, they may well be mistaken. --- Bertrand Russell.
Someone could have ratted him out. Its a technique that has been used since the dawn of communication.
My sig has no nature
Brilliant, sir, excellent dark humour skills and use of irony.
The old fashioned police work in this case involved the cops asking him "Did you do it?" and him going "Yes".
I read the internet for the articles.
He used TOR over wireless, yes that's easy to detect, but it appears to me his confession did him in, not that useless bit of evidence that he used TOR.
So without the confession did they have them?
I must be missing something.
"If any question why we died, Tell them because our fathers lied."
He confessed when they pushed him.
"If any question why we died, Tell them because our fathers lied."
Duke doesn't require you to authenticate your wireless device every time you connect, and I doubt most other Universities do either. It does require you to register your device MAC address (in an authenticated session). In fact, at this point Duke might require you to register wired addresses as well. Unregistered devices get kicked onto an anonymous network outside of a firewall, so visitors can get internet access without getting a "Duke" IP number. Duke controls its own outgoing PoP, of course, so it effectively logs all connections into and out of the Duke domain. As was pointed out above, this was more than likely the method used to identify the student at Harvard -- simply look for a Harvard IP that connected to a TOR server (and obviously, the toplevel TOR servers HAVE to be publicly known or nobody could connect to them) at the right time. That time AFAICT could not be delayed as some have suggested by TOR itself because TOR doesn't know what you are connecting to and has to treat all connections as though they might be real-time keystrokes. You'd need an anonymous, non-logging mail server with a delay on it on the far side to put any sort of substantial desynchronization between the connection and the mail message -- TOR itself cannot do it unless I'm still in error after reading about its architecture for a while.
Regardless, anyone even slightly 1337 would have at the very least gone to starbucks or an internet cafe and THEN used Tor, or bought a disposable USB wireless interface and used the anonymous network or (best) both. No possible way the FBI could have backtracked a cash purchased USB stick from a store with no video surveillance used from an alley next to (but not inside) a Panera Bread while wearing a wig and makeup one dons in the restroom of a giant mall connected to TOR, even if the NSA actually "volunteers" most of the toplevel TOR servers and half of the nodes and/or maintains a running map of all of the nodes (which I'm pretty sure they do regardless of how many they actually provide). I mean what's ten or twenty million dollars in hardware to the NSA, if it gives them a chance to monitor most of the traffic through a supposedly secure onion network? In the end, the Internet does not allow one anything like non-subvertable security of connections, only the data content sent over those connections. I doubt that even the NSA is likely to be able to decrypt e.g. 4096-bit key-secured traffic EXCEPT by obtaining the keys.
rgb
Even when the experts all agree, they may well be mistaken. --- Bertrand Russell.
It's really hard to know how universally safe tor is. Maybe it protects you against Chile but not the NSA. Obviously, the Feds have a lot of money and can deploy a lot of tor systems. Shifting the discussion a little bit, from anonymity to privacy, I'm basically skeptical of all technological means at maintaining privacy, for several reasons: 1) it's super easy to screw up and leak information (this bomb hoax being a prime example). 2) Encryption acts more as temporary barrier because inevitably, it is cracked or technology makes brute force trivial (and before someone says "one time pad," figure out how that's going to work for everyday stuff). 3) It leads to rampant paranoia, for example, the people behind tor are probably good privacy minded people and not some NSA pricks -- but I don't know. Not knowing whether a system is safe or not has a chilling effect on free expression. Of course, Greenwald and Snowden suggest tor, but I'm sure that's just one stage of a multilevel system.
I'm not advocating abandoning encryption etc., but I think that without strong legal protections which make privacy violations a serious crime, even if done by the Feds, we will never really have privacy (which is a necessary component of freedom). Instead, we'll have technological systems that people trust for a time until someone gets burned and then we'll shift to other systems. But that's not a real solution and it will suck mightily for those sacrificial lambs who get roasted.
What changed under Obama? Nothing Good
Rather than gleaning, you should simply read some more. These questions have all been answered. If you're targeted well in advance and if you make one of a number of mistakes, it is possible to track you through TOR.
Retroactively?
No, very clearly no.
You might want to google Lafayette. Without the French, their fleet, money, and other support, GB might well have been the victor in the Revolutionary War. In that light, the French jokes aren't really all that funny.
http://en.wikipedia.org/wiki/Gilbert_du_Motier,_Marquis_de_Lafayette
What changed under Obama? Nothing Good
except without French money guns and ships, there would not likely be a USA at all. Under your logic, you might as well say Washington, Jefferson, etc., are totally irrelevant to America too.
What changed under Obama? Nothing Good
You might want to google Lafayette. Without the French, their fleet, money, and other support, GB might well have been the victor in the Revolutionary War. In that light, the French jokes aren't really all that funny.
http://en.wikipedia.org/wiki/Gilbert_du_Motier,_Marquis_de_Lafayette
The surgeons called - I'm sorry to tell you this, but your sense of humor didn't make it.
I send my condolences.
An enigma, wrapped in a riddle, shrouded in bacon and cheese
except without French money guns and ships, there would not likely be a USA at all.
Speculation at best. You never know - maybe without the support of the French, the colonists would have worked harder to establish a solid relationship with the natives.
But since it didn't go down like that, all we can do is speculate. Or not, since what *might* have happened has absolutely no significance, historical or otherwise.
An enigma, wrapped in a riddle, shrouded in bacon and cheese
http://xkcd.com/538/
It gripped her hand gently. 'Regret is for humans,' it said.
I completely agree. I tend to trust high end encryption because I know something about how difficult the problem of cracking a serious cipher with a large key is -- even brute force attacks simply aren't tenable for the good ones. 4096 bits is 2^4096 approx 10^400 permutations and 100 billion years with every atom in the visible Universe a computer still aren't enough. Of course this time can be substantially reduced if one discovers mathematical weaknesses in the encryption or if people do stupid things, but I think e.g. GPG and SSH are pretty reliable when implemented with large keys provided that you can trust your source for the software. SSL is also probably fine if you can trust your key servers and software. However, what NSA does have in abundance is talented crackers and lots of resources and access to federal warrants and even the freedom to proceed without warrants. The easy way to crack my ssh encrypted channel isn't to do a brute force attack on the data stream, it is to crack any of the systems on which I store public and private keypairs. The easy way to decrypt my gpg encrypted documents no matter how large a key I specify is to crack my system and do any of a dozen things -- monitor my keystrokes and steal my keys, issue a warrant forcing me to give up my keys (so I go to jail on contempt of court to rot forever without a trial if I fail to comply). The latter is what the FBI actually told me that they do in cases where there is probable cause, e.g. kiddy porn cases where somebody has a large encrypted file suspected of containing snuff films involving small children or the like (I've attended security conferences and chatted extensively with FBI'ers attending the same sessions in the past, although I don't mess with security at this level much any more).
But the only solution to the issue of privacy is to move BACK to this state of affairs. People have to have a real right to presume that their affairs and activities are private with the narrow exception of a search warrant granted on the basis of actual evidence and probable cause, sort of like it says in the constitution and its amendments.
Of course, we have to be willing to pay the price for this. That means that yeah, criminals and terrorists will succeed in concealing their affairs a lot more often. More of the innocent will die or be hurt in other ways. We cannot insist on having our privacy preserved and then bitch when the outcome of it is that a terrorist succeeds in nuking a city in a case where ignoring the privacy laws might have prevented it.
An alternative that might almost be more palatable would be to alter the laws to completely eliminate victimless crime and almost all moral crime, and indeed provide citizens with broad rights to completely freely choose their lifestyle and activities without their ability to seek employment or education being threatened. People conceal things that might be damaging, and one of the dangers of a police state is that so many things are illegal that "everybody" commits certain crimes, such as driving over the speed limit, driving with a blood alcohol that is just over the limit, bending things a bit on tax returns, engaging in sexual acts between consenting adults that are still technically against the laws of the state in which they live, smokes pot. This makes everybody vulnerable, and hence controllable. If we could actually trust the police not to abuse their power by eliminating most of the ways they COULD abuse their power, it would be a lot simpler to think about exceptions for exceptional risks.
Best of all, do both. Strong privacy laws, eliminate moral/victimless non-crimes and indeed establish legal protections for acting as one wishes to act outside of things that directly impact their employment or damage others, and sure, a tight system of well-regulated courts to handle the edge cases expeditiously and with the ability to seal the record of all discovery outside of a narrow window. Sort of like one imagines the framers of the constitution possibly intended. But then, they were all terrorists themselves.
rgb
Even when the experts all agree, they may well be mistaken. --- Bertrand Russell.
You may not want to cause injury or death, which may turn people against you. If you can scare them and make them pressure their leaders to cease the action you disagree with, you might be able to achieve your aims more easily, particularly if your cause is somewhat sympathetic.
I'd think step 1 would be "Don't call in hoax bomb threats". Once that point of stupidity has been conceded, I think all else is just grist for the mill.
It'll stand. This is in the Affidavit.
9. Harvard University was able to determine that, in the several hours leading up to the receipt of the e-mail messages described above, ELDO KIM accessed TOR using Harvard’s wireless network.
10. On the evening of December 16, 2013, an FBI agent and an officer of the Harvard University Police Department interviewed ELDO KIM at the building in which he resides on the Harvard University campus. During the interview, the FBI agent advised KIM of his rights under Miranda. KIM read and signed an advice of rights waiver, stating that he understood his rights. KIM then stated that he authored the bomb threat e-mails described above. KIM stated that he acted alone. He further stated that he sent the e-mails to “five or six Harvard University e-mail addresses” that he picked at random from the university’s web page. According to KIM, he was motivated by a desire to avoid a final exam scheduled to be held on December 16, 2013.
Even if Tor works perfectly with no back door, I can think of lots of ways to get at someone's identity if I have governmental level resources and the determination to do it. Tor will not protect you. Tor will protect you from sub governmental peeking. Surf MILF pr0n freely. A Bayesian attack on timing can identify you. Colored packets can identify you. The makers of Tor will tell you that it's not designed to provide invisibility when the network it's deployed on is largely subverted or subvertible.
This is a public service announcement to our younger readers. There'a lot of lore about "dark internet" and it's exact properties and all of this. You WILL be caught doing whatever it is you thought you were going to do. So don't do it. Just. Don't.
In other words, what happened at your school is exactly what I said happened - they were not common and were taken seriously.
Go back to that school and learn some reading comprehension moron.
is ever truly anonymous on the internet. Nothing.
The Kruger Dunning explains most post on
1) Is this FUD from the FBI re:Tor trying to discourage it where they actually used other methods to find him, e.g. Harvard logging traffic and Tor did its job? 2) Don't shit where you eat. Use a public network, like a café
from 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
to 45 2F 6E 40 3C DF 10 71 4E 41 DF AA 25 7D 31 3F
When you call in a bomb threat for a bomb that doesn't exist no physical damage is done.
When you start a fire in a trash can the building may catch on fire. Even if it's not your intention to cause a real fire, that may happen.
Just pulling the fire alarm itself will probably not cause enough of a delay to get you out of the test.
Moral is: Just study. (aka, do the work)
I refuse to sign
Your public library doesn't have public logins. You will need to log in using your library card or some other account that links to you.
Can you be Even More Awesome?!
The Onion already did a great "exposé" of this...Are Tests Biased Against Students That Don't Give A...?
"Once we've identified and embraced our sickness, we'll have strength...and that's when we get dangerous." - John Waters
Please RTFA. They only traced him because he used Harvards wireless network to access TOR, and the bomb threats came an anonymous email service accessed from TOR. Had he sent the email from a cafe off-campus they would not have been able to trace him.
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
If you are capable of committing the crime, and have the antisocial tendency, how about this :
1. Give warning of crime.
2. Actually commit the crime according to the warning.
Now you not only have succeeded in committing the crime , which you wanted to do anyway, you have granted a tool in the hands of your antisocial friends who are themselves not capable of committing the crime. They will now be able to send society into a tizzy just by giving a false warning of the crime about to be committed.
Bingo Dictionary - Pragmatist, n. A myopic idealist.
You don't want anybody to talk to the cops, guilty OR innocent.
This is because if only one group talks to the cops it leads to information unraveling (i.e. innocent ppl talk -> if you shutup you admit you're guilty, so you better talk and get some better treatment or whatever.)
The only way the fifth works is if it works for everybody, otherwise it's useless.
I see what you did there, Slashdot editors. Brilliant.
If you had used an accurate headline, such as "Bomb hoax perp caught despite using the target's own network." then the "despite" part would have sounded stupid and you would have had an obviously non-story, right on the face of it. But by throwing in a random unrelated part of the story and misleadingly implying something about it, you made it sound interesting! More people need to learn this trick: lies make things interesting!
A guy puts on a mask and walks into a bank. He hands the teller a note, "My name is John Smith, and this is a robbery. Shhh. Give me $10k." Police later investigate John Smith, and confirm it was him. Headline: "robber caught despite using mask" because, clearly, masks are an important and very relevant part of the story!
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Given that your parenthetical explanation choses exactly the opposite case to the one I proposed, it's clearly not relevant.
And nothing I've suggested has in any way made the fifth amendment not work.
You're gibbering. Calm down and have a nice cup of tea or something.
Also FatPhil on SoylentNews, id 863
Clearly not a computer science major.
i propose a more modern solution, where those wishing anonymity would use some sort of object which places ink on paper manually, in a pattern which resembles a generic font and would thus be recognizable as printed words, to communicate the message. this would then be placed in some sort of opaque paper wrapper and consigned to a service which would carry it to the proposed recipient, whose physical location would be placed on the outside of the paper wrapping in a fashion analogous to the address of an email message. there could be some nominal charge for this service, like 46 cents.
Star Trek transporters are just 3d printers.
OR they did use it in this case, realized it wasn't a "real" threat and so did not pass along the information to the local police.
When I was in middle school (sometime around 1970) someone would call in a bomb threat every afternoon for about a week. They were beautiful spring afternoons spent outside horsing around with my friends.
They finally caught the guy. He always called from the same pay phone a couple of blocks from school during lunch. He wanted to get out of his french class. They gave him a good finger wagging and explained that this was actually a serious federal offense the could land him in gigantic trouble and made him go to french class. It didn't happen any more. I wonder if he continued to stay out of jail.
This is someone obsessed enough with credentials to put the entire community into mortal fear and to kill a whole day for a group of people known to get a lot done in a day.
Shame and ruin will suffice. Jail won't be the worst punishment. Being recognized in public will.
I hope Obama Administration pardons him. He is just an immature kid/student.
Casteism
Ruined his life to get out of an exam how stupid