FBI Seizes Anonymizing Email Service Server

Privacy activists criticize the FBIs anonymous remailer server takedown that resulted from a bomb threat investigation.

Did an FBI server seizure go too far? FBI agents investigating a University of Pittsburgh bomb threat Thursday seized a server, apparently because it was being used to host an anonymous remailer service that had been used to send bomb threats. But the takedown, which was backed by a search warrant, has drawn condemnation from activist groups, who have characterized the seizure as an attack on anonymous speech.
Service provider May First/People Link said the FBI seized the server--used by European Counter Network (ECN), an Italian service provider--because it hosts an
anonymous remailer service
called MixMaster, which was allegedly used to send the bomb threats. The server was also used by ECN to host numerous newsletters and several websites, all of which were knocked offline after the takedown.
Members of May First/People Link, which bills itself as a
cooperative, progressively run Internet service provider
that counts many organizers and activists as members, told the FBI that they believed an outsider had hacked into the ECN service and used it to send the messages, the
Pittsburgh Post-Gazette

first reported.
But May First/People Link director Jamie McClelland
told
Forbes
that the server, which it co-hosts with Riseup Networks, hadnt been hijacked or hacked. Rather, someone had simply used the remailer.
[ Proposed Cyber Intelligence Sharing and Protection Act is under attack from privacy groups.
Is CISPA Worth Saving?
]
McClelland said that his company, as well as Riseup and ECN, have been cooperating with the bureau on the bomb threat probe since early in the week. But Wednesday, FBI agents then seized the server used by ECN from a New York City colocation facility shared by May First/People Link and Riseup.
What might be recovered from the anonymous remailer service? According to McClelland, the service involves chains of anonymizing servers, each of which removes the header information from emails to
keep the senders identity private
. In addition, the underlying software maintains no logs, meaning that--by design--there was simply no relevant data to be shared with the FBI.
Riseup, which says that it provides online communication tools for people and groups working on liberatory social change, said that no data relating to its users, keys, or certificates, were on the seized server, and that the root file system was encrypted. It strongly condemned the seizure, which it said knocked offline more than 300 email accounts, roughly 50 to 80 email lists, and several websites.
The FBI is using a sledgehammer approach, shutting down service to hundreds of users due to the actions of one anonymous person, said Riseup spokesman Devin Theriot-Orr in a
statement
. This is particularly misguided because there is unlikely to be any information on the server regarding the source of the threatening emails.
While the bomb threats have been horribly disruptive, Theriot-Orr further emphasized to
Forbes
that many people have a
legitimate need to communicate anonymously
. Id much rather live in a country with anonymous speech and a small number of bomb threats than one that has no bomb threats and no anonymity, he said, characterizing the FBIs server seizure as an attack on all forms of anonymous communications.
The FBI Wednesday also seized a personal computer, laptop, router, cellphone, and CDs from the apartment of two people in Jackson, Penn., who are under scrutiny in the investigation,
reported the
Pittsburgh Post-Gazette
. Seamus Johnston, 22, who shares the apartment with Katherine Anne McCloskey, 56, told the newspaper that hed been unable to see a copy of the affidavit linking them to the crime under investigation, as the court papers remain sealed.
Until I can look at the affidavit of probable cause and see for myself what evidence they have against us, I consider what happened simply an armed break-in, he said. I have no idea when well get the stuff back and no idea why they took it.
An FBI spokesman didnt immediately respond to a request for comment about the server takedown or broader investigation.
This isnt the first time that an FBI server takedown created some collateral damage, or at least inconvenience. Last year, in an apparent scareware-related investigation, the bureau
seized 62 servers
from a data center in Virginia, which was apparently 59 more than they were due to seize. While extra servers were returned within 24 hours, in that case, about 160 sites were temporarily knocked offline.
Put an end to insider theft and accidental data disclosure with network and host controls--and dont forget to keep employees on their toes. Also in the new, all-digital
Stop Data Leaks
issue of Dark Reading: Why security must be everyones concern, and lessons learned from the Global Payments breach. (Free registration required.)

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
FBI Seizes Anonymizing Email Service Server