It turns out that a surprisingly naïve trust in the supposed anonymity of pseudonymous email accounts has triggered the downfall of the US’s top spy chief.
FBI agents who were investigating what they initially thought was a cyber breach stumbled onto intimate messages on Gmail passed between David Petraeus, who on Friday abruptly resigned from his job as head of the Central Intelligence Agency, and his biographer, Paula Broadwell.
According to the New York Times, the scandal began when a Florida woman, Jill Kelley, received threatening, harassing email from an anonymous person who accused her of flirting with an unidentified man.
Kelley is a volunteer social planner for events at MacDill Air Force Base in Tampa, Florida, also home to the military’s Central Command, where Petraeus served as commander from 2008 to 2010 before stepping into his role as head of the CIA.
Wired reports that the anonymous harassment was contained in between five and 10 emails that began to arrive last May and that reportedly warned Kelley to “back off” and to “stay away” from an unnamed man.
Kelley contacted a friend at the FBI, unsure of whether the threats constituted cybercrime.
Investigators took it up, eventually tracing the anonymous account that sent the threatening emails (it’s not clear whether this was a Gmail or some other type of account) to a home in North Carolina that belongs to Broadwell and her husband.
As Wired points out, it’s unclear exactly how investigators tracked Broadwell down, but given our knowledge of email headers, we can make some guesses.
If the threatening mail came from a Gmail account, the FBI would have had to get the IP address from Google, given that Gmail headers only include the IP address and domains of the servers that pass along the email.
But other webmail providers, such as Yahoo, include the sender’s IP address in their email header metadata.
However they did it, FBI agents spent weeks piecing together the identity of the harassing emails, the Wall Street Journal reports.
To do so, they determined the locations from which the emails were sent, including not only the Broadwell home but also hotels where Ms. Broadwell was staying when some of the emails were sent.
FBI agents and federal prosecutors then used the information as probable cause to seek a warrant to monitor what other email accounts Ms. Broadwell might have used.
They learned that Broadwell and Petraeus had set up a private Gmail account to communicate, exchanging heaps of sexually explicit messages.
Eventually, in late summer, investigators determined the real identity behind Petraeus’s psuedonym.
As it turns out, Petraeus didn’t pass on classified documents during his relations with Broadwell. That had been a national security worry when the story first emerged.
The saga continues as details emerge, but from a security standpoint, there’s a takeaway for all of us who believe that an anonymous email account shields our identities.
If you’d like to see what your own Gmail, Yahoo or other email header is telling the world about you, I found this handy guide for looking at the information of 19 different webmail clients, third-party email applications and third-party webmail clients.
The X-Originating-IP header, which you can find in headers such as Yahoo’s, will tell you the IP address of the computer that sent a given email.
You can then use an IP address locator such as WhatIsMyIPAddress to find out the ISP or webhost to which an email account belongs, plus its geolocation.
That’s handy when tracking spam email, if you want to track down the owner of the originating IP address of spam in order to lodge a complaint.
It’s also handy to do it to yourself, to see how easily people can find information on you, even when you’re tucked away behind a supposedly anonymous email account.
Remember, that invisibility cloak has plenty of holes.
IP address image from Shutterstock.