First published: 31st December 2007
Dan Egerstad, the security researcher at the centre of the Tor mis-use incident previously reported and updated in this newsletter, was arrested and interrogated last month. Although his home was searched and his equipment was seized, he has been released and not charged. He reports that his is "suspected for 'computer break in'".
In an interview, Mr Egerstad also suggested that he may have inadvertently stumbled on a spying operation when he sniffed the traffic passing through his Tor node, saying, "The whole point of the story that has been forgotten, and I haven't said much about it, many of these accounts had been compromised. The logins I caught were not legit users but actual hackers who'd been reading these accounts." In this scenario, the Tor network users accessing the accounts were not the legitimate users, but hackers using guessed or stolen passwords to spy on the legitimate users' emails.
