Tracing the kidnappers' e-mails
February 6, 2002
One of the notable features of the search for the kidnapped US journalist Daniel Pearl in Pakistan has been the role of e-mails.
The news that Pakistani police have traced at least one of the suspected kidnappers via an e-mail trail raises the question of how easy it is to remain anonymous on the net.
Genuine e-mails were sent showing Mr Pearl in captivity.
And at least one hoax e-mail saying Mr Pearl was dead was also sent.
The police say they achieved a breakthrough when they arrested three men who they say sent the genuine e-mails.
The men deny being the actual kidnappers, police say, but sent the e-mail on behalf of the abductors.
However, it is still not clear if:
Police tracked down the three using sophisticated e-mail tracking computer technology
Or they relied on more traditional detection methods, such as a tip-off from informers
A BBC correspondent in Karachi says police examined dozens of computers before identifying the one used for sending the e-mails which said Mr Pearl had been kidnapped.
Experts say it would have been relatively easy to find the identities of the kidnappers, especially if they had wanted to stay in contact.
Address clearly visible
"The kidnappers had to show they were tangible people who might have captured a journalist and if they were demanding money they would want a return message," said Peter Sommer, a research fellow at the London School of Economics and expert witness in many criminal cases involving technology.
At the simplest level each e-mail that is sent contains an address to which to send a reply. In the case of anonymous email services such as HushMail, e-mails are sent to an anonymising server.
But this address is not the only clue to the identity of the sender.
Every e-mail also contains what is called an IP address in the header which reveals the identity of the computer is was sent from.
The only way for a kidnapper to avoid capture would be to make sure they used an internet cafe to send their message, in which case the IP address would not help track the suspect down.
This method is believed to have been used by the terrorists involved in the 11 September attacks.
Hard to guarantee anonymity
Even then the user would have to be extremely careful, said Ian Brown, a researcher at the London School of Economics.
"You could set up an anonymous Hotmail account in a cyber-cafe but you would only ever be able to send one message via that account. The more information you send, the easier it is to trace you," he said.
For a computer enthusiast with some knowledge of how email works, it is possible to send fairly disguised messages.
But even using services such as HushMail is no guarantee of total anonymity.
If HushMail believes that someone is abusing their service, they will hand over the IP address of the user to the authorities.
"The only thing that remains anonymous will be the data which has been encrypted and would require the individual to hand over an encryption key to decode it," explained a spokeswoman for the company.
Source: http://news.bbc.co.uk/ Copyright © 2002 BBC News