That Bomb-Hoaxing Harvard Student Was Using Tor, But They Caught Him Anyway

Email a Friend

On Monday, Harvard University administrators received an email claiming that bombs had been placed in two buildings on campus. The emails were a hoax, and the FBI quickly identified the person behind it, a 20-year old student named Eldo Kim. Kim told the FBI he was trying to avoid taking a final exam. 

CBS Boston posted the FBI's affadavit, and it's actually a story with a privacy lesson embedded in it. (I'm assuming here that people are also taking the other, more obvious lesson, which is that you shouldn't make bomb threats.)

Kim sent the threatening emails using a Tor browser, which anonymizes your web browsing, paired with an anonymous email program called Guerilla Mail. That actually could have been enough to protect his identity, except that he did all of this on Harvard's wireless internet

If your school or your workplace offers you free wi-fi, it's worth remembering that you should severely limit your expectations of privacy while on it. That fact is somehow both very obvious and very easy to forget.

The affadavit makes it sound like in Kim's case, Tor half-worked. Harvard and the FBI likely couldn't see exactly what Kim was doing on Tor. But because he was on Harvard's network, they could tell he'd used the cloaking software at the same time the threatening emails were sent. If you assume there weren't a ton of Harvard kids using web anonymizing software between six and eight o'clock on a Monday morning, then identifying Kim would've been pretty easy. 

(h/t Peter Vogt)