Egerstad illustrated how the Tor onion-routing system (that sends an Internet content request through a series of servers to make pursuit difficult) is no outright guarantee of information safety by capturing and publishing this information.

As Egerstad and I discussed the problem in August, we both came to the conclusion that the embassy employees were likely not using Tor nor even knew what Tor was. Instead, we suspected that the traffic he sniffed belonged to someone who had hacked the accounts and was eavesdropping on them via the Tor network. As the hacked data passed through Egerstad’s Tor exit nodes, he was able to read it as well.

So who was responsible for hacking the accounts? The likely suspect — given that most of the accounts Egerstad uncovered belonged to embassies, foreign and defense ministry officials, legislators and human rights groups — was a government or intelligence agency. I attempted to contact several of the account holders in August to ask them whether they used Tor or knew that their accounts had been compromised but never received a response from any of them.

On Sunday, July 29, German Tor onion router operator Alexander Janssen was arrested by the German police. A bomb threat against police on a German forum had run through Janssen’s Tor node and the police traced his IP address. he attempted to explain that Tor was a system distributed on computers around the world that allowed people in, say, repressive countries to both gain access to forbidden materials (like sex education or the Encyclopedia Britannica) and to send messages and post on websites without the Internet police in those countries finding you. The cops were not in a listening mood.

He was released not long after, with an apology but waited to tell the world about it on his blog until the charges were officially dropped.

Tor can be abused as well as used and police forces in theoretically non-repressive countries need to get some night-classes under their belts to avoid arresting people like Janssen, while really miscreants walk free.

Here is everything you need to read classified email and fuck up some serious International business. Hopefully this will put light on the security problems that are never talked about and get at least this fixed with a speed that you never seen your government work before. As a Swedish citizen I can’t give this information to anyone without getting into trouble, so instead I’m giving it to everyone.

Egerstad subsequently claimed that the United States shut down his site. (Egerstad’s in Sweden.) Later, he explained what he did and how. If you’re capable of following it, you are far more technically adept than I.

Five ToR exit nodes, at different locations in the world, equipped with our own packet-sniffer focused entirely on POP3 and IMAP traffic using a keyword-filter looking for words like “gov, government, embassy, military, war, terrorism, passport, visa” as well as domains belonging to governments. This was all set up after a small experiment looking into how many users encrypt their mail where one mail caught my eye and got me started thinking doing a large scale test. Each user is not only giving away his/her passwords but also every mail they read or download together with all other traffic such as web and instant messaging.

Did you get it? These governments told their users to use ToR, a software that sends all your traffic through not one but three other servers that you know absolutely nothing about. Yes, two are getting encrypted traffic but that last exit node is not. There are hundreds of thousands ToR-users but finding these kinds of accounts was… hmm… chocking! The person who wrote the security policy on these accounts should reconsider changing profession, start cleaning toilets! These administrators are responsible for giving away their own countries secrets to foreigners. I can’t call it a mistake, this is pure stupidity and not forgivable!