FBI seizes anonymizing server in bomb threat probe
Groups using the server said there's little chance the FBI will be able to trace email sent by the machine
IDG News Service - The FBI is unlikely to uncover from a seized server the identity of someone emailing bomb threats to the University of Pittsburgh, according to groups who used the equipment.
The server was seized on Wednesday from a colocation facility in New York shared by Riseup Networks and May First/People Link, organizations that provide technology services to progressive groups, and run by the European Counter Network, an ISP.
The server ran an anonymous remailing program called Mixmaster, which routes email through anonymous servers in a network, scrubbing routing data contained in an email that could be used to trace its source. The application, intended to give people more privacy, does not retain logs or other message details.
The FBI had a search warrant that resulted in the server being seized as part of its investigation into dozens of bomb threats made against the University of Pittsburgh for more than two months. No explosives have been found.
But the server supported 300 email accounts, websites and email lists for feminist groups, gay rights groups, community centers and more, none of which have been implicated in the threats, according to Riseup Networks.
"This is plainly extra-judicial punishment and an attack on free speech and anonymity on the internet and serves as a chilling effect on others providers of anonymous remailers or other anonymous services," Riseup said in a news release.
Riseup acknowledged that Mixmaster could be abused, but said the abuse rate is low. Criminals already have lots of other options to maintain their privacy, such as hacking computers and stealing mobile phones, the group maintained.
"In absence of any other leads, the FBI needs to show that they are making progress in this case, and this has meant seizing a server so they can proudly demonstrate they are taking some action," Riseup said.
FBI officials could not be immediately reached.
- PCI 3.0 Compliance In this white paper, learn how PCI-DSS 3.0 effects how you deploy and maintain PCI compliant networks using CradlePoint devices.
- Mitigating Security Risks at the Networks Edge This white paper provides strategies and best practices for distributed enterprises to protect their networks against vulnerabilities, threats, and malicious attacks.
- 5 Strategies for Modern Data Protection Read the five strategies for modern data protection that will not only help solve your current data management challenges but also ensure that...
- 5 Ways Dropbox for Business Keeps Your Data Protected Protecting your data isn't a feature on a checklist, something to be tacked on as an afterthought. Download here to find out how...
- Business-driven data protection Setting up data protection infrastructures with your organizations' core mission or business in mind is key. In this webinar, the ARCserve team will...
- On-Demand Webinar: Mind the Gap! Watch the webinar featuring Bob Janssen, CTO and Co-Founder of RES Software, to start building a solid foundation for business and IT to... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!