LOGBOOK

HELP

Quiz Entry - updated: 2026.06.07

What does the 2013 Eldo Kim (Harvard) case teach about the limits of Tor?

Tor hid the content of his threat, but he connected through Harvard's own Wi-Fi — so the university's logs showed he was one of very few people using Tor at that exact time, and correlation did the rest.

In December 2013, Harvard student Eldo Kim e-mailed an anonymous bomb threat (to dodge an exam) over Tor, believing he was fully anonymous. The fatal mistake: he used Harvard's campus Wi-Fi to reach Tor, and the university logged which students connected to the Tor network at the time. Since only a handful of students were using Tor at that moment, the suspect pool collapsed; combined with other clues (who had an exam then?), Kim was identified, arrested, and convicted.

Lessons:

  • Contextual metadata kills anonymity: even with encrypted content, when and where you connected can identify you.
  • OpSec (operational security) matters more than the tool: Tor alone isn't enough if your surrounding behaviour narrows you down.

Tip: Anonymity tech protects the content and path, not your context. Being the only person doing something unusual at a tracked time and place is itself a fingerprint.

From Quiz: PRIVACY / Anonymous Surfing, Tor & Location Tracking | Updated: Jun 07, 2026