[tor-talk] Harvard student used Tor to send bomb threats, gets caught by old-fashioned policework
tor at bitmessage.ch
tor at bitmessage.ch
Thu Jan 2 19:36:48 UTC 2014
This student did some really stupid things and in many ways is a "bad
example" of Tor use, but when Harvard students--even the ones who seem to
have come unhinged and clearly made reprehensible decisions--don't realize
that their university (or other institution's network administration)
probably can and does retain DHCP and/or other information, it's hard not
think that a significant user education and communication opportunity
exists for other Tor users.
I'm not defending this person or what they did in any way, but it does
seem like an example of why offerring more conspicuous, detailed warnings
and feedback to users could help prevent
activists/whistleblowers/journalists/people using Tor to do positive
things from being de-anonymized through similar means. Tor has made huge
strides in this respect (e.g. better update notifications in TBB) over the
past six months, but perhaps there are still some further improvements
that could be made.
In the spirit of Jake's 29c3 talk, I think we can decide as a community
not to brush off high-profile attacks against people using Tor with
arguments like "oh, it was an old Firefox vulnerability and some users
weren't running the latest available code" or "oh, obviously universities,
companies, and maybe ISPs retain enough data to make 'standard police
work' enough to de-anonymize someone using Tor." Instead of these kinds of
"not my department" arguments, we can *instead* conclude that at least in
some cases, making information more visible, accessible, and
understandable to users in more and different ways might still ultimately
be better for Tor users.
A community as innovative as this one can probably figure out ways to
present useful information to users in ways that don't interfere with
their autonomy, too. I realize that media portrayals--especially this past
year--have mischaracterized Tor and its community unfairly, but in
addition to making it clear whether Tor "still works" on technical
grounds, I think we can also choose to be constructive and up our game so
that especially for all the people using Tor who *aren't* jerks, Tor users
will have to be even more thoughtless in order to be de-anonymized through
similar means in the future.
> DeveloperChris:
>> I haven't been following this conversation so please excuse me if I am
>> covering old stuff here, but this situation is something I have been
>> very concerned about since the silk road was busted. I found the excuses
>> given as to how the silk road was busted as far far too flimsy.
>
> they aren't flimy at all. read the filed criminal complaints that came
> out of maryland and new york. just as in the harvard case, standard
> police work led to the arrests of people. if you are using tor, but
> happen to give your home address to a law enforcement agent, and you
> also happen to know the physical location of a server, or servers,
> connected to acriminl enterprise, tor won't do you any good. if people
> who you work with connect to those servers without using tor, tor does
> them no good.
>
> in the harvard incident, if you use an email provider that appends a
> personal ip address as an x-header in the outgoing message, which can be
> easily distinguished as a tor exit node by using a common search engine,
> if you fit a common investigatory profile that would have a motive to
> issue a bomb threat (which students and employees would certainly fall
> into), it is hardly surprising that anyone who identifiably connected to
> the tor network on the harvard campus would be interviewed.
>
> this really should not be spun as bad pr for tor. rather, it proves that
> tor, in and of itself, is not something that can absolutely shield
> criminals from discovery and prosecution. the people opposed to tor
> constantly state the opposite, that tor makes it impossible for law
> enforcement to catch criminals. yet, we now have multiple very public
> examples of how good and standard detective work can prevail.
>
> --
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
More information about the tor-talk
mailing list