BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Harvard Student Receives F For Tor Failure While Sending 'Anonymous' Bomb Threat

This article is more than 10 years old.

(Photo credit: joeythibault)

On Tuesday, the FBI filed a criminal complaint against a Harvard University sophomore student for making bomb threats that led school officials to delay some final exams, including his, that had been scheduled for Monday. According to the five-page complaint, the student "took steps to disguise his identity" by using Tor, a software which allows users to browse the web anonymously, and Guerrilla Mail, a service which allows users to create free, temporary email addresses.

Despite 20-year-old Eldo Kim's goal of anonymity, his attempts to mask his identity led authorities right to his front door. Does that mean that Tor failed a user looking to delay his "Politics of American Education" exam? Not in the slightest.

While the Harvard student did indeed use Tor, it was his other sloppy security measures that led to his arrest. The complaint says the university "was able to determine that, in the several hours leading up to the receipt of the e-mail messages ... Eldo Kim accessed Tor using Harvard’s wireless network."

What Kim didn’t realize is that Tor, which masks online activity, doesn't hide the fact that you are using the software. In analyzing the headers of the emails sent through the Guerrilla Mail account, authorities were able to determine that the anonymous sender was connected to the anonymity network.

Using that conclusion, they then attempted to discern which students had been using Tor on the Harvard wireless network around the time of the threats. Before firing up Tor, Kim had to log on to the school’s wireless system, which requires users to authenticate with a username and password. By going through network logs and looking for users who connected to the publicly-known IP addresses that are part of the Tor network, the university was able to cross-reference users that were using both Tor and its wireless internet around the time the bomb threats were received.

Given how quickly he was found, Kim was likely one of the few—if not the only—individuals on Tor around on Monday morning. According to authorities, he “anonymously” emailed threats including “"bombs placed around campus" at 8:30 a.m. to the Harvard University Police Department, two officials of Harvard University and the president of the Harvard Crimson, the student-run daily newspaper.

Shortly thereafter, Harvard police called in the FBI, the Bureau of Alcohol, Tobacco, Firearms and Explosives, the Secret Service, the Cambridge Police Department, the Boston Police Department and the Cambridge Fire Department. Around 3 p.m., long after Kim's exam had been canceled, officials concluded that the threats were a hoax and reopened the buildings.

Kim was taken into custody on Monday—identified as one of the few Harvard wireless users who was also on Tor at the time. When interviewed by an FBI agent and an officer with the Harvard University Police Department that night, Kim admitted to sending the bomb threat emails and said that he acted alone. The complaint says Kim was "motivated by a desire to avoid a final exam" scheduled to be held on Monday. Kim is set to appear in U.S. District Court later on Wednesday. If convicted, he could face a maximum of five years in prison, three years of suspended release, and a $250,000 fine.

And to think he could have had gotten away with it had he just used the wireless internet at a local Cambridge coffee shop.

-

You can follow me on Twitter and email me (GPG public key).

Also on Forbes: