Use of Tor helped FBI ID suspect in bomb hoax case

It's true that the Tor anonymity service helps people cover their tracks on the Internet. But when it's not used carefully, it can be the very thing that tips off the people the user wants to evade, as was demonstrated in a federal investigation earlier this week.

According to federal prosecutors, Tor played a key role in helping FBI agents identify a Harvard student suspected of e-mailing a hoax bomb threat to university officials so he wouldn't have to take a final exam. To conceal his Harvard IP address, he used Tor, but in a fatal mistake, he also used the school's Wi-Fi network to connect to the anonymity service. Investigators, according to a criminal complaint, took a hard look at everyone who used Tor at the time the threats were sent and ultimately fingered 20-year-old Eldo Kim of Cambridge, Massachusetts as the perpetrator.

"This is one of the problems of using a rare security tool," security analyst Bruce Schneier observed in a blog post published Wednesday. "The very thing that gives you plausible deniability also makes you the most likely suspect. The FBI didn't have to break Tor; they just used conventional police mechanisms to get Kim to confess."

Read 1 remaining paragraphs | Comments