Tech

Owner of email service used by L.A. bomb-threat hoaxster speaks out as investigation deepens

After fake bomb threats led police to Cock.li, the saga of this email service is just beginning.

Photo of William Turton

William Turton

Article Lead Image

German authorities on Monday seized a data-center hard drive hosting the email service used to send fake bomb threats to multiple U.S. school districts, but the owner of that service isn’t too worried about legal consequences.

Featured Video

In a video explaining the seizure of his data, Vincent Canfield, the administrator of novelty domain-name service Cock.li, said, “SSL keys and private keys and full mail content of all 65,000 of my users—as well as hashed passwords, registration time, and the last seven days of logs—were all confiscated and now are in the hands of German authorities.”

The fake bomb threats, one of which prompted Los Angeles authorities to close their entire school district, reportedly came from madbomber@cock.li.

Canfield declined to directly connect the seizure with the investigation into the bomb-threat hoaxes, but he said that people could “draw their own conclusions.”

Advertisement

“I will say that I have the utmost respect for law enforcement,” Canfield said in the video. “I’ve always been [compliant with] things that they have asked [for] when it involves getting an actual legal order for user information.”

In an interview with the Daily Dot via an encrypted messaging service, Canfield explained the service he provided and how the Internet’s more colorful characters used it.

“The majority of the users I’ve spoken to seem to come from 4chan or 8chan, which is where the site was first made available for public registration,” he said. “So uh, there’s that! Other than that, the domain name attracts trolls, for sure, some of [whom] are actually funny and some of [whom] do really unfunny stuff like [make fake bomb threats].”

One person, he said, created “a programming language that was meant as a jab [at] politically correct social justice warriors.” The creator “used a cock.li email address and outraged emails sent to 4chan founder Christopher Poole.”

Advertisement

https://twitter.com/moot/status/457980036801630208

“More surreal I guess than funny,” Canfield said of that example. “But the fact that it’s sent from a cock.li address certainly adds some humor.”

Canfield hinted at 8chan with several jokes at the end of his public video.

“It’s a very grim situation indeed,” he said, not breaking his monotone demeanor. “But I think that with all of us combined, we’re all gonna make it, brah. Shoutout to zyzz, rest in peace.  I don’t really know what else to say that isn’t like, shitposting. It’s raining dicks right now. The forecast isn’t that good either. There’s a 90% chance of dicks all throughout tonight and a 90% chance of dicks all throughout tomorrow, too.”

Advertisement

Cock.li is still up and running, Canfield said in his video, because the server was using a RAID1 configuration, meaning there were two hard drives with the exact same data. When German authorities grabbed one drive, the second one took over and continued powering the service.

Canfield has retained lawyer Jesselyn Radack, whose other clients include NSA whistleblowers Edward Snowden and Thomas Drake. Radack, who is representing Canfield pro bono, told the Daily Dot that her client has received “bogus gag orders.”

Canfield said that Radack reached out to him because “she has seen way too many services providers be in the situation I’m in, where I may be subject to retaliation by [the] government due to embarrassment they’ve received.”

As part of his transparency commitment to his users, Canfield has posted the subpoenas he’s received, along with all of his phone calls with law enforcement. 

Advertisement

“You can probably guess about how I’m doing—really stressed,” Canfield told the Daily Dot. But, he said, he’s not worried.

“From a legal perspective I haven’t done anything wrong,” he said. “Google doesn’t get fucked when people abuse Gmail.”

https://vine.co/v/iK9A6eYIKOb

Canfield said that his users had “mixed responses” to their data being seized, but he added that they were “generally pretty positive.”

Advertisement

“People who understand the situation are generally pretty understanding,” he said.

Is he striving to protect his users’ privacy? To an extent, he said. “Privacy is something I have always advocated for and I hold to be extremely important. However, it was never a major tenant of the site.”

“What you see in the site that is privacy-respecting—not blocking Tor or VPNs, strictly holding myself to my privacy policy, not releasing data without a legal order—are extensions of my own passion for digital privacy,” he said. “But I have always maintained that stuff like email encryption is the responsibility of the user.”

The investigation into the fake bomb threats is ongoing and Canfield has not been charged with a crime.

Advertisement

Editor’s note, 12:33pm CT, Dec. 22: Clarified language of a quote.

Photo via Moyan Brenn/Flickr (CC BY 2.0) | Remix by Max Fleishman

 
The Daily Dot