Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Crime The Internet News

Harvard Bomb Hoax Perpetrator Caught Despite Tor Use 547

Posted by Soulskill
from the do-not-pass-go dept.
Meshach writes "The FBI has caught the student who called in a bomb threat at Harvard University on December 16. The student used a temporary anonymous email account routed through Tor, but the FBI was able to trace it (PDF) because it originated from the Harvard wireless network. He could face as long as five years in prison, three years of supervised release and a $250,000 fine if convicted. He made the threat to get out of an exam."
This discussion has been archived. No new comments can be posted.

Harvard Bomb Hoax Perpetrator Caught Despite Tor Use

Comments Filter:
  • Heckler veto (Score:5, Insightful)

    by smitty_one_each (243267) * on Wednesday December 18, 2013 @05:24AM (#45724139) Homepage Journal
    We can either live in a future where little jackwagons can effect a denial-of-service attack on society, or
    we can spank the crap out of the idiots so that this kind of noise is minimized. Same goes for rape/hate crime hoaxes.
  • What an idiot. (Score:3, Insightful)

    by Anonymous Coward on Wednesday December 18, 2013 @05:28AM (#45724159)

    Really?! Smart man.

    Avoid exam?
    Bomb threat!

    Police arrive?
    Immediately confess!

    The evidence itself was completely circumstantial. Without a confession they surely had nothing.
    They had no way to prove anything other than:
    1. Guerilla Mail was accessed by Tor to send the e-mails.
    2. Kim is a Harvard student that recently accessed Tor.

  • by Anonymous Coward on Wednesday December 18, 2013 @05:31AM (#45724183)

    " as the presumption of innocence would probably compel a jury, in the absence of any other compelling evidence, to find him not guilty."

    LOL, you believe too much what the tv tells you.

  • by Anonymous Coward on Wednesday December 18, 2013 @05:33AM (#45724191)

    also, don't make false bomb threats. They're stupid

    Don't make real ones either. They're even stupider.

  • by Ihlosi (895663) on Wednesday December 18, 2013 @05:34AM (#45724193)
    ... to use TOR, but then gave a full confession during an "interview", throwing his right to remain silent (and to have a lawyer present during questioning) out the window?
  • Harvard (Score:5, Insightful)

    by Thanshin (1188877) on Wednesday December 18, 2013 @05:42AM (#45724229)

    I expected more from a Harvard student.

    A couple of hours of online research should have taught him to, at least, connect through a cracked wifi far from his neighborhood. Or, if he was computer illiterate, to convince someone from another country to send the mails for him.

    Also, once he decided to avoid the exam in a way that could land him in prison, why use a method he didn't understand, instead of burning down the building or paying someone to send the teacher to the hospital?

    However, the first question I would ask him would be if he had considered that simply approaching the teacher and explaining him that he and all his family would be killed unless the exam was postponed, carried a shorter jail time than a terrorist threat.

    In conclusion, clearly in Harvard they are not teaching how to deal with real world problems pragmatically.

  • by SB9876 (723368) on Wednesday December 18, 2013 @05:45AM (#45724247)

    He called in a bomb threat to delay taking a final. This is a dude that has already shown that he has poor decision making skills.

  • by Sockatume (732728) on Wednesday December 18, 2013 @05:49AM (#45724267)

    The wonderful thing about shows like CSI is that it convinces criminals to implement absurd technical defences when their crimes will almost certainly be dealt with by old-fashioned police work.

  • by isorox (205688) on Wednesday December 18, 2013 @05:51AM (#45724279) Homepage Journal

    You should look at the statistics for people who attend Harvard. 30% of their students have a family that pulls in 150k or more.

    I'm amazed it's that low.

  • Re:Harvard (Score:5, Insightful)

    by fuzzyfuzzyfungus (1223518) on Wednesday December 18, 2013 @05:54AM (#45724289) Journal
    The best Harvard students learn that you have no need to conceal your crimes if you can commit them from a position of enough influence to simply make them legal. That's where kiddo slipped up.
  • by gnasher719 (869701) on Wednesday December 18, 2013 @06:02AM (#45724311)

    ... to use TOR, but then gave a full confession during an "interview", throwing his right to remain silent (and to have a lawyer present during questioning) out the window?

    We can assume that someone who needs to avoid a test isn't the brightest spark. We can assume that someone who sends a bomb threat to avoid a test is reckless and stupid. We can assume that if someone who is reckless and stupid mails in a bomb threat, and his identity is discovered, then there _will_ be evidence. For example, they had easily enough to get a search warrant for his computer. What are the odds that there is evidence, like a draft of the email, on his computer? Remember: This is not an evil genius trying to disrupt US universities, it is a reckless idiot trying to get out of an exam.

  • by fuzzyfuzzyfungus (1223518) on Wednesday December 18, 2013 @06:02AM (#45724313) Journal
    All the campus networks I've seen remotely recently do some sort of access control, if only to avoid being a free wifi provider for every porn-torrent enthusiast in the neighborhood. Sometimes 802.11x, sometimes that bloody awful Cisco VPN monstrosity.

    What's more notable is that they apparently keep traffic logs for some amount of time, at least long enough to catch this guy, who knows how much longer?

    If you have a network of any nontrivial size, and want to keep it from falling in a screaming heap (especially with the lousiness of wireless links in the mix), taking steps to ensure that most of the users are the ones you are supposed to be providing service to, and doing some QoS to keep them from stepping on each others' toes is basically necessary. Keeping traffic logs, though, is an additional chunk of effort and expense, and all so that people will be motivated to come bug you for access to them. I wonder when they started keeping logs, and why.
  • Re:What an idiot. (Score:3, Insightful)

    by gnasher719 (869701) on Wednesday December 18, 2013 @06:05AM (#45724333)

    The evidence itself was completely circumstantial. Without a confession they surely had nothing.
    They had no way to prove anything other than:
    1. Guerilla Mail was accessed by Tor to send the e-mails.
    2. Kim is a Harvard student that recently accessed Tor.

    Enough to get a search warrant. So what do you think would a search warrant have shown? Fact is: If you did it, then there is evidence. And if the police thinks you did it, and the case is important enough to search very, very hard, they will find the evidence.

  • by Ihlosi (895663) on Wednesday December 18, 2013 @06:10AM (#45724357)
    I'm not sure that it's really that surprising that he confessed - most people who are convicted of crimes plead guilty.

    You plead guilty right before the trial would start, if anything.

    pleading guilty can get you a pretty hefty discount on your sentence

    And you waive that discount by confessing to a law enforcement officer during an "interview". Because in that case, the court has sufficient evidence to convict you regardless of your plea.

  • by quadrox (1174915) on Wednesday December 18, 2013 @06:18AM (#45724391)
    That doesn't change the fact that most likely he would be better of consulting a lawyer and not saying anything to the police/FBI/whoever.
  • by qbast (1265706) on Wednesday December 18, 2013 @06:18AM (#45724397)
    ... and they are not going to use it for this kind of case.
  • by fatphil (181876) on Wednesday December 18, 2013 @06:46AM (#45724485) Homepage
    Why do you want the best for this dipshit?

    If you're *innocent*, don't talk to cops.
    If you're guilty, spill the beans immediately.

    You seem to want to encourage criminals to waste the whole legal system's time? (Which, like everything in the end, is paid for by honest tax-payers.)
  • by Anonymous Coward on Wednesday December 18, 2013 @07:11AM (#45724569)

    Precisely this. Harvard keeps flow type logs, they found someone using tor. Pigs barfed on him, he cracked and confessed. The kid's a fucking retard, mostly for cranking people.

    Please, don't use Tor to harass and be an asshole.
    Real freedom fighters need Tor, not you and your lulz.

    See who else really needs Tor: https://www.torproject.org/

    And quit being assholes.

  • by gl4ss (559668) on Wednesday December 18, 2013 @07:12AM (#45724573) Homepage Journal

    legal council? probably not. he's a terrorism suspect after all!!

  • Kids these days... (Score:5, Insightful)

    by jcr (53032) <jcr.mac@com> on Wednesday December 18, 2013 @07:30AM (#45724689) Journal

    If he'd just called it in from a pay phone, they'd never have found him.

    -jcr

  • Re:Heckler veto (Score:5, Insightful)

    by Jherek Carnelian (831679) on Wednesday December 18, 2013 @07:38AM (#45724723)

    We can either live in a future where little jackwagons can effect a denial-of-service attack on society, or we can spank the crap out of the idiots so that this kind of noise is minimized.

    OR we can stop over-reacting and instead apply a rational evaluation of the facts. This knee-jerk "all threats must be taken seriously" where "seriously" really means "total freakout" is the vulnerability here.

  • by goodmanj (234846) on Wednesday December 18, 2013 @07:49AM (#45724805)

    Remember the days when this story wouldn't even have made the local paper? Seriously, 25 years ago your average school saw one of these every few years. It headlined the school paper, the local cops investigated, but the FBI? National news? Heck no.

    Who needs terrorists when we now pay large corporations and government agencies to spread panic? Quit terrorizing the nation to protect your job security and let me know when something actually blows up.

  • Protip (Score:5, Insightful)

    by Anonymous Coward on Wednesday December 18, 2013 @08:05AM (#45724877)

    Just study, it's easier.

  • Re: In the kitchen (Score:5, Insightful)

    by O('_')O_Bush (1162487) on Wednesday December 18, 2013 @08:20AM (#45724979)
    Committing a felony already loses him the right to vote or own a firearm, and will make employment prospects difficult.

    Sure is a lot to give up to keep from having to take an exam.
  • Re:Heckler veto (Score:4, Insightful)

    by zwei2stein (782480) on Wednesday December 18, 2013 @08:29AM (#45725055) Homepage

    When you are in charge, rational thing to do is to take threat seriously amd act on it.

    Why? Because if you are wrong about it being hoax, you are the one who has been responsible for preventing any and all deaths or injuries related to bomb going off.

    Your life would be instantly ruined - you failed to do your job and people died. Media and Internet would make sure everyone knows for year (up untill your deaths).

    Best thing to do is to do your job properly and when someone tries to abuse that, kick the fucker in the nuts enough so that it is not worth it for him.

  • by Anonymous Coward on Wednesday December 18, 2013 @08:36AM (#45725079)

    Is that more or less work than actually studying for the exam?

  • No it isn't (Score:5, Insightful)

    by SmallFurryCreature (593017) on Wednesday December 18, 2013 @09:13AM (#45725347) Journal

    No normal person calls in a bomb threat to get out of a final that will at most just end being delayed.

    That YOU were (and are) an idiot doesn't mean everyone is. If your moronic logic was true, then the phone at your average school would never stop ringing. This guy (and since you clearly identify with him, you) is an asshole who thought nothing of creating a major nuisance for teachers and students because he wanted to get out of an exam. Ten to one you and him are the type who then later grow up... grow older and at the slightest provocation threaten to sue anyone and everyone for any delay or inconvenience.

    It is the eternal excuse of the asshole: Everyone does it.

    Nope.

  • Re:No it isn't (Score:3, Insightful)

    by ArsenneLupin (766289) on Wednesday December 18, 2013 @09:29AM (#45725533)

    No normal person calls in a bomb threat to get out of a final that will at most just end being delayed.

    Ok, so I was flippant when I said that "everybody" (and by implication, me) does it. Let me assure you that I never did such a thing, nor anybody that I know personally. However, it does happen often enough to be well known that some students do this (and in my town we did indeed have a case where a group of students did it, and they were caught by a phone camera hidden in the payphone booth).

    That YOU were (and are) an idiot doesn't mean everyone is.

    That you are a humourless prick (that can't spot a flippant remark) doesn't mean that everybody else is, either. And now shut up.

  • Re: In the kitchen (Score:4, Insightful)

    by larry bagina (561269) on Wednesday December 18, 2013 @10:14AM (#45725941) Journal
    Bad example -- in Mass., felons don't lose their right to vote. They do lose their rights to own guns but the gun laws are so draconian that they never really had that right in the first place. Most people who own a gun are breaking the law in doing so.
  • Re:In the kitchen (Score:1, Insightful)

    by rgbatduke (1231380) <rgb@[ ].duke.edu ['phy' in gap]> on Wednesday December 18, 2013 @10:36AM (#45726183) Homepage

    In all probability, Harvard's trusted wireless network requires registration of all connected hosts. It may have an anonymous network as well (Duke does), but in either case it is almost certain that they are logging every DHCP event AND have a registered match between the student's hardware and his MAC address. So once the FBI subpeona'd Tor to get the IP number that sent the threat, it was a done deal.

    Of course, that doesn't mean that they'll get a conviction. Even though the evidence sounds like a smoking gun, it is really still circumstantial unless they get a confession. The DA has to prove that the student was in direct possession of the laptop at the time the message was sent. The DA has to prove that the student was in direct CONTROL of the laptop in question at the time the message was sent, since a REAL hacker could well have taken control of the laptop any one of a dozen ways to use it as a breakout for sending the message, and could even have deleted the tools they used to leave no traces. I'm guessing that they'll have to show that the student had a motive for sending the bomb threat to get out of the exam to partly counter this sort of defense, but then we're back to circumstantial -- perhaps the hacker was another student failing in the class who selected this laptop to hack just because it would keep anyone from following the trail further. All the defense attorney has to do is create reasonable doubt and communicate it effectively -- even with the match the FBI has more forensic work to do on the laptop to be able to address/counter these possibilities IF the student chooses to fight it.

    More likely the student has already confessed, or will confess as part of a plea bargain (if they are in fact guilty). Nobody, especially the parents of the kid who would have to pay for it, will want to bring this to trial. He or they will likely get socked with a pretty hefty fine (to pay for the cost of the forensic work and bomb squad), three years probation with mandatory counseling/therapy, and (of course) will get kicked out of Harvard so hard that he bounces on the pavement all the way home, where his parents will very likely add their own line of punishment (such as working flipping burgers until he or she pays off the fine before resuming an education at the local community college). If the student was in academic difficulty because of bad habits or cognitive problems -- video gaming, drugs, partying constantly with too much alcohol, ADD with impulse control issues (all of which he might have to confess to just to get out of going to jail) there will be additional therapy there as well.

    Obviously the kid wasn't a rocket scientist, Harvard or not. A proper geek would have paid cash for a throwaway USB wireless stick, used the anonymous wireless network at Panera Bread or Barnes and Noble from a car (to avoid time-logged in-store video surveillance) and then simply thrown the stick into a storm drain. A geek who wears pants with belt and suspenders would have booted their linux box into single user mode and edited the log files to remove all trace of both the IP number and MAC address of the USB stick. A serious geek would never have been caught. But then, a serious geek wouldn't have needed to delay the exam...

    rgb

  • Re:In the kitchen (Score:3, Insightful)

    by tgd (2822) on Wednesday December 18, 2013 @10:52AM (#45726377)

    Yes. Or perhaps only one (in the relevant time frame).

    In terms of a deterrent, I'm not sure 5 years of jail is going to sound any more scary than just expulsion; the penalties here seem out of line.

    IMO, not even remotely out of line. Ignoring the impact to students at Harvard (and the cost to the school), it impacted local police, and the area around Harvard.

    And more importantly, and the whole point of punishments, is to put the deterrent high enough to prevent others from doing it. If the perception of a moron like this kid is "I'm going to flunk out" vs "I'm going to be expelled", unless there's a 100% chance of being caught making the threat, you're better off making the threat if the only ramification is being expelled.

  • by F.Ultra (1673484) on Wednesday December 18, 2013 @11:04AM (#45726501)
    TOR is not an entity and even if they managed to get hold of the exit node there is no logs left there to point back to the previous node and so on.
  • by phantomfive (622387) on Wednesday December 18, 2013 @11:30AM (#45726829) Journal
    Let's be honest, someone who makes a bomb threat to get out of an exam isn't exactly tipping the scales on the brightness side.........

    He could make a great banker, though.
  • by LWATCDR (28044) on Wednesday December 18, 2013 @01:29PM (#45728231) Homepage Journal

    "His mistake was admitting it."
    And this is what is wrong with the world. His mistake was calling in a bomb threat to get out of taking an exam.
     

  • Re: In the kitchen (Score:3, Insightful)

    by Qwaniton (166432) on Wednesday December 18, 2013 @02:19PM (#45728755)
    The person you replied to was talking about gun laws in Massachusetts. You're talking about gun sales in the United States of America as a whole, completely ignoring state-level differences. If you don't see the obvious, slap-you-in-the-face error here, then you should trust that you have absolutely no idea what you're talking about. If you are indeed a United States citizen, which I heavily doubt, you're a fool. Pick another topic to try to sound smart about.

"Anyone attempting to generate random numbers by deterministic means is, of course, living in a state of sin." -- John Von Neumann

Working...