As anonymous bomb threats rattle the University of Pittsburgh, the
FBI is taking some extraordinary measures to identify their source–ones
that are raising the hackles of digital anonymity advocates.
The Seattle-based digital activist collective Riseup Networks released a statement Thursday that the FBI used a search warrant to seize one of its servers from a colocation facility in New York provided by the firm High Winds and used by the Italian-based activist group the European Counter Network. As well as a collection of mail lists and websites of political groups, the server ran a program called Mixmaster, used for rerouting email to hide the identity of the sender, and Riseup believes that server was seized as part of an investigation into anonymous bomb threats emailed to the University of Pittsburgh over the last week.
Devin Theriot-Orr, an attorney and spokesperson for Riseup, says he’s sympathetic to the University of Pittsburgh’s anxiety over the dozens of bomb threats that have hit the school over the last weeks, but less than pleased with the FBI’s aggressive measures to out the source.
“Our position is that anonymous speech is vital to a thriving democracy,” he says. “Anonymous remailers are used by democracy activists, people in oppressive regimes and whistleblowers. There isn’t a way to run an anonymous remailer that allows good anonymous speech and not bad anonymous speech.”
Mixmaster, a program developed in 1995 by then-astrophysics graduate student and cryptography enthusiast Lance Cottrell, wraps messages in multiple layers of encryption that are peeled off by successive servers as the message is bounced through multiple destinations, a process that makes the message very difficult to trace. The program served as a precursor for Tor, the anonymity application used today by tens of millions around the world to hide their tracks on the Web.
Like Tor, Mixmaster is designed to prevent an eavesdropper from connecting a message to its source by gaining access to a single server. Since the message makes multiple hops before reaching its destination, it’s not certain the FBI’s seizure of the ECN’s server will identify the sender.
To underscore that problem, the University of Pittsburgh received six more anonymous bomb threats Thursday, a day after the server’s seizure.
“There’s no way for anyone, not even the server’s operator to learn the identity of someone using the service,” says Riseup’s Theriot-Orr, “The FBI is well aware of that fact, yet they seize it anyway. This isn’t an effective way to either determine the source or stop the bomb threat.”
I’ve reached out to the FBI for comment but have yet to hear back from them.
The FBI has also reportedly seized the computers of a couple who are being questioned in relation to the threats
The Pittsburgh Post Gazette had reported earlier in the week that ECN’s server had been “hijacked” by the user who sent the anonymous bomb threats. But Jamie Mclelland, a spokesperson for May First, another activist group that shares use of the New York facility with Riseup and hosts ECN’s server, says that’s not the case.
“The server wasn’t hijacked or hacked, someone simply used an anonymous remailing service of ECN.org,” says Mclelland. “Anonymous remailers exists so that people can communicate anonymously on the Internet.”
Mclelland says that ECN, Riseup and May First have been cooperating with the FBI’s subpoena since the beginning of the week, but that they didn’t expect the agency to enter the facility and take their server, disrupting dozens of mail lists and several websites. “We replied to the subpoena we received and gave them all the information we had, which was basically nothing,” he says. “But they still proceeded to seize the server in question.”
Riseup has provided the digital infrastructure for a number of progressive groups including the National Lawyers Guild and the Green Party. In late 2006 it hosted a mail list for an early incarnation of WikiLeaks.
Riseup’s David Theriot-Orr admits that the bomb threats have been “horribly disruptive,” but he stands by his group’s enabling of anonymity online. ”I’d much rather live in a country with anonymous speech and a small number of bomb threats than one that has no bomb threats and no anonymity,” he says. “[The FBI's raid] is an attack on all forms of anonymous communications.”
The Seattle-based digital activist collective Riseup Networks released a statement Thursday that the FBI used a search warrant to seize one of its servers from a colocation facility in New York provided by the firm High Winds and used by the Italian-based activist group the European Counter Network. As well as a collection of mail lists and websites of political groups, the server ran a program called Mixmaster, used for rerouting email to hide the identity of the sender, and Riseup believes that server was seized as part of an investigation into anonymous bomb threats emailed to the University of Pittsburgh over the last week.
Devin Theriot-Orr, an attorney and spokesperson for Riseup, says he’s sympathetic to the University of Pittsburgh’s anxiety over the dozens of bomb threats that have hit the school over the last weeks, but less than pleased with the FBI’s aggressive measures to out the source.
“Our position is that anonymous speech is vital to a thriving democracy,” he says. “Anonymous remailers are used by democracy activists, people in oppressive regimes and whistleblowers. There isn’t a way to run an anonymous remailer that allows good anonymous speech and not bad anonymous speech.”
Mixmaster, a program developed in 1995 by then-astrophysics graduate student and cryptography enthusiast Lance Cottrell, wraps messages in multiple layers of encryption that are peeled off by successive servers as the message is bounced through multiple destinations, a process that makes the message very difficult to trace. The program served as a precursor for Tor, the anonymity application used today by tens of millions around the world to hide their tracks on the Web.
Like Tor, Mixmaster is designed to prevent an eavesdropper from connecting a message to its source by gaining access to a single server. Since the message makes multiple hops before reaching its destination, it’s not certain the FBI’s seizure of the ECN’s server will identify the sender.
To underscore that problem, the University of Pittsburgh received six more anonymous bomb threats Thursday, a day after the server’s seizure.
“There’s no way for anyone, not even the server’s operator to learn the identity of someone using the service,” says Riseup’s Theriot-Orr, “The FBI is well aware of that fact, yet they seize it anyway. This isn’t an effective way to either determine the source or stop the bomb threat.”
I’ve reached out to the FBI for comment but have yet to hear back from them.
The FBI has also reportedly seized the computers of a couple who are being questioned in relation to the threats
The Pittsburgh Post Gazette had reported earlier in the week that ECN’s server had been “hijacked” by the user who sent the anonymous bomb threats. But Jamie Mclelland, a spokesperson for May First, another activist group that shares use of the New York facility with Riseup and hosts ECN’s server, says that’s not the case.
“The server wasn’t hijacked or hacked, someone simply used an anonymous remailing service of ECN.org,” says Mclelland. “Anonymous remailers exists so that people can communicate anonymously on the Internet.”
Mclelland says that ECN, Riseup and May First have been cooperating with the FBI’s subpoena since the beginning of the week, but that they didn’t expect the agency to enter the facility and take their server, disrupting dozens of mail lists and several websites. “We replied to the subpoena we received and gave them all the information we had, which was basically nothing,” he says. “But they still proceeded to seize the server in question.”
Riseup has provided the digital infrastructure for a number of progressive groups including the National Lawyers Guild and the Green Party. In late 2006 it hosted a mail list for an early incarnation of WikiLeaks.
Riseup’s David Theriot-Orr admits that the bomb threats have been “horribly disruptive,” but he stands by his group’s enabling of anonymity online. ”I’d much rather live in a country with anonymous speech and a small number of bomb threats than one that has no bomb threats and no anonymity,” he says. “[The FBI's raid] is an attack on all forms of anonymous communications.”
0 comments:
Post a Comment