Harvard bomb hoaxer used Tor, got caught anyway

Harvard bomb hoaxer used Tor, got caught anyway

Summary: Eldo Kim, Harvard student, wanted to get out of a final exam so he sent in a bomb threat using Tor to disguise his location and identity. Tor's not magic and the FBI caught him anyway.

TOPICS: Security

Monday's bomb scare at Harvard was perpetrated by a sophomore "motivated by a desire to avoid a final exam..."

Even though Eldo Kim, 20, used the Tor network, in conjunction with an anonymous email service Guerilla Mail, to hide his location and identity, the FBI didn't have a lot of trouble locating him because he used the Harvard wireless network to send the threat. Some of the details of his critical error are spelled out in an affadavit filed by FBI Special Agent Thomas M Dalton in support of an arrest. The fact that the threats came on the day of finals was a good indicator that a student was responsible.

The affadavit doesn't give details on how he was traced, and it worked to a point. But the FBI and school IT were able to determine who was using that software at the time the emails were sent. That pointed to Kim's login.

Hat tip to On The Media.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • So there goes THAT Ivy League education right down the toilet.

    Wonder if he was a Computer Science major? Hmmm.

    No...I know what he majoring in...Rocket Science! :-)
    • Wouldn't be the first college student to recover from acute folly

      I'm guessing that he will be paying a substantial fine and might have some jail time, but this does not look like a life-ruining offense (and shouldn't be).
      John L. Ries
      • being rich and smart are not an excuse to break the law

        Yes he should be dispelled. If he is willing to use terror to advance his own future, who knows what he is capable of doing.

        This isn't some misdemeanor he committed.
  • Guess he comes under the adage ...

    Hey, it ain't brain science!

    It ain't rocket surgery!

    ... uh ...
  • End to end logging with directory aware interface is SOP nowadays

    Think along the lines of Lancope product with a wireless network management tool such as Aruba, and the end product is almost any ISO who can use these tools would be able to track this event to the source user. The lock would be the Mac addy and the local system logs, zero need to interrogate the ex-student. As others said "Their confession is the logs." We all know the next line "Book him, Dano!" Ha, shows the "ivy league" admissions process can be as flawed as a community college, unless there was potential endowment $$ on this dudes application, common enough in ivy towers.
  • Been waiting for a story like this

    What if Mr. Kim had used the services of a roving, on demand, mail server drone?

    1. Hire the drone with bitcoin or some other virtual currency, which was obtained at a physical (anonymous) swap.
    2. Connect to the drone as it hovers near you (in the park?), using the provided secure client.
    3. The drone flies off and uses some dude's wide open "linksys" router to send the message... if you think those aren't everything, think again.
    4. Drone is wiped (every time); no logs. (For an extra fee, all software on the drone is on an SD card which is burned up after one use.)
    5. The FBI follows the trace back to the Linksys Dude, who is 15 and may have heard of Harvard on the news for the first time a few days before that.

    So the only missing piece is the mail/file/NSA secret/whatever shuttling service. Available yet? Not that I know of. Is there demand? Think about it...
    • I meant "everywhere"

      ... wish you could edit these.
    • what about just studying ???

      would that not have been easier !