[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Harvard student used Tor to send bomb threats, gets caught by old-fashioned policework
From what I got they simply used timings:
1. They knew when the email arrived give or take (from headers).
2. They knew who connected to Tor at that particular time (from
Even on college campus there might be a couple of Tor users. I would
have used SSH to get to a 'unmonitored network', Tor and then mixmaster.
On 11:12 18/12/2013, Adrian Crenshaw wrote:
> Not a lot of real details (and in case someone stumbles on this email
> outside of the list, I'm not trying to explain how he could have gotten
> away with it).
> I assume Harvard:
> 1. Either tracks folks that connect to Tor entry nodes, or Tor's download
> 2. The looked at the "X-Originating-IP:" email header (Strangely, when I
> tested Guerrillamail put my IP in this header).
> Figured it was Tor traffic, and looked to see who was using Tor on the
> campus network, and associate the MAC address with who signed on to their
> The guy apparently confessed, but they may not have really had anything on
> him besides using Tor. The cops may have said "Tell the truth and we will
> go easy on you", which was not in his best interest.
> On Wed, Dec 18, 2013 at 8:38 AM, Nils Kunze <kunze.nils@xxxxxxxxx> wrote:
> > Hi!
> > I stumbeled upon this on facebook  where Nicolas Kristof wrote:
> > "A Harvard student has been charged with using an anonymous email address
> > and Tor to disguise his identity, and then sending a bomb threat to get out
> > of a final exam. What's remarkable to me that he was caught despite taking
> > smart steps to hide his identity. Here's the FBI affidavit explaining how
> > they caught him: "
> > Apparently he used Tor in the university network to send the emails via
> > Guerrilla Mail. The university was able to figure out which student used
> > Tor in their network before the emails where sent and he then confessed
> > when confronted.
> > I thought this might be of interest!
> > Best,
> > Nils
> >  https://www.facebook.com/kristof/posts/10152046960187891 (attention
> > links to facebook)
> >  http://cbsboston.files.wordpress.com/2013/12/kimeldoharvard.pdf
> > --
> > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> "The ability to quote is a serviceable substitute for wit." ~ W. Somerset
> "The ability to Google can be a serviceable substitute for technical
> knowledge." ~ Adrian D. Crenshaw
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to