[HN Gopher] Another police raid in Germany
___________________________________________________________________
Another police raid in Germany
Author : costco
Score : 221 points
Date : 2024-09-10 20:12 UTC (2 hours ago)
(HTM) web link (forum.torproject.org)
(TXT) w3m dump (forum.torproject.org)
| LinuxBender wrote:
| Archive [1]
|
| [1] - https://archive.is/LDTL8
| walrus01 wrote:
| Historical:
|
| "Why you need balls of steel to operate a tor exit node"
|
| http://web.archive.org/web/20100414224255/http://calumog.wor...
|
| The above is within the context of a western legal system, and
| certainly since it was written domestic law enforcement has
| become even more militarized and aggressive. I would be
| absolutely unsurprised if the same thing happened today and it
| resulted in a battering ram on the door at 0400 in the morning,
| flashbang grenades and the house being rampaged through by a SWAT
| team.
| tptacek wrote:
| Has that ever happened to a Tor node operator? If it hasn't,
| what's the closest incident to a Tor node operator you're aware
| of where it has?
| dewey wrote:
| In my country there was this famous case ~a few~ many years
| ago: https://www.zdnet.com/article/austrian-man-raided-for-
| operat...
| golergka wrote:
| https://lwn.net/Articles/720231/
| chucksmash wrote:
| > As a parent of very young children I have an extensive
| network of friends and contacts in my neighbourhood who also
| have children. As we know the subject of paedophilia is not one
| that can be debated with any rationality at all _in the UK_. It
| is surrounded by hysteria. I was terrified that people would
| find out that my computer had been taken because of that - 'no
| smoke without fire'.
| numpad0 wrote:
| Many European countries have standing police armed forces,
| closer to army national guards than blue shirted civilian
| police. They're for suppressing resistance forces and
| revolutionary uprisings, and they tend to fill roles of FBI
| too. I think that contributes more to normalization of MP5
| ninjas fast roping down through your chimney for Internet
| crimes in Europe than law enforcement over-militarization had
| done.
| Manuel_D wrote:
| I'm not sure how a Tor exit node could operate legally. Tor is
| widely used for illegal activities. Like drug sales and CSE
| media. If a government goes on Tor, downloads such material
| they'll easily see the exit node as the last hop in the chain.
| It's a clear-cut case that the exit node operator facilitated
| illegal activity.
|
| My assumption is that Germany has some sort of common-carrier
| privileges for Tor node operators. In America, telecoms can't be
| sued for facilitating illegal activity. But they do have to
| assist law enforcement with finding criminals when requested.
|
| Would be happy to hear from someone who is more knowledgeable in
| this area.
| Hizonner wrote:
| > I'm not sure how a Tor exit node could operate legally. Tor
| is widely used for illegal activities.
|
| How do ISPs operate legally? Every single thing that's ever
| been done over a Tor relay has crossed multiple ISPs.
| Manuel_D wrote:
| > How do ISPs operate legally?
|
| I described exactly that in my second paragraph.
| Hizonner wrote:
| Tor relay operators are, as a rule, entirely willing to
| give law enforcement all the information they have about
| connections that have gone through their relays. They
| simply don't have any. And there's no legal requirement for
| them to have any.
|
| ... or at least there never was in the past. The new wave
| of stupid and extremely broad "duty of care" laws that try
| to apply to the _design_ of any and every communication
| service may change that. But it hasn 't been litigated
| anywhere.
| bawolff wrote:
| The original post mentioned facilitation, which from what
| i understand is when you assist comitting a crime but
| have no secific knowledge of the crime.
|
| I imagine for tor, the reason is that there are also good
| uses for tor. However i dont think "i intentionally know
| nothing" works as a defence in general.
|
| Ianal
| Hizonner wrote:
| I was answering something about assistance to law
| enforcement, which isn't the same issue as facilitation
| of crime.
|
| "Facilitation" as an _offense in itself_ is one of those
| things that tends to be a real thing, but varies a lot
| depending on the jurisdiction. In _most_ places, _most_
| of the time, you 're only going to get in trouble for
| facilitating crime if your service is especially set up
| to be unusually useful for crime. You're especially
| vulnerable if you specifically designed it for crime. If
| those things apply, then knowing it's being used for
| crime (but not necessarily on which specific occasions)
| can make it worse for you. Give or take, depending on
| where you live.
|
| In the past, Tor nodes, even exit nodes, have mostly
| gotten a pass, at least in countries where most of them
| are located. They get raided all the time, but largely as
| cases of mistaken identity. That's probably because
| _most_ Tor traffic has historically probably been people
| trying to hide from ad tracking or people worried about
| their perfectly legal activities being spied on. So it 's
| hard to say the service is really aimed at illegal
| activity.
|
| Things are tightening up worldwide, in statute and
| probably in case law, mostly because of Tor and other
| services possibly being swept in by standards primarily
| aimed at social media. We may start seeing Tor nodes
| targeted because Tor is now considered "too adapted to
| legal activity", or even because node operators are "not
| doing enough to prevent" illegal activity (including
| redesigning the system if necessary).
|
| But until fairly recently that's been more what you'd
| expect to see in North Korea than what you'd expect to
| see in Germany (or the US).
| Manuel_D wrote:
| Whether or not the exit node operators retained logs is
| besides the point. These exit nodes are facilitating
| illegal activities, and it's trivial to prove. How do
| they not get arrested?
|
| It sounds like Germany extends some sort of carrier
| protection to Tor exit node operators. E.g. if someone
| organizes a drug deal over the phone, Verizon is not
| liable. But Verizon does have to meet some minimum
| standards of records keeping and law enforcement
| assistance (wire tapping).
| lokar wrote:
| Lots of people and organizations facilitate crime. That's
| not generally the legal standard. They typically must be
| proved to done so intentionally (or with reckless
| disregard)
| numpad0 wrote:
| No, it is. There are more often specific laws that exempt
| platformers of liabilities on condition that they keep
| logs and cooperate with LE.
|
| Perhaps the most famous example is DMCA: [Google] is
| exempt from liabilities for hosting pirated movies on
| [YouTube] by US laws, on condition that it's not actively
| involved with it and fully robotic with takedowns.
| golergka wrote:
| If a criminal rode on a bus to place of the crime, is the
| bus driver automatically liable? Bus company? Is his
| phone company liable because he talked about his crimes
| on the phone?
| codedokode wrote:
| Does iMessage or WhatsApp has wire tapping feature? Are
| they "facilitating illegal activities"?
| Manuel_D wrote:
| If a government investigator joins a WhatsApp channel
| where loads of people are sharing CSE, WhatsApp _will_
| help the government find the people responsible. WhatsApp
| encrypts the content of the data, but they retain message
| logs and do cooperate with law enforcement. Presumably
| the same for iMessage.
|
| This largely conforms with how the first telecoms
| received immunity for abuse of their services. They
| retain logs and assist the government with
| investigations, and in exchange they are shielded from
| liability. WhatsApp and iMessage would probably cooperate
| to the same extent, minus wire-tapping messages in
| transit (because they can't). That's vastly greater
| cooperation than a tor exit node operator that retains no
| logs.s
| RobRivera wrote:
| What law mandates forced compliance outside subpoenas?
| Manuel_D wrote:
| Communications act of 1934, among others: https://en.wiki
| pedia.org/wiki/Communications_Act_of_1934#Wir...
| RobRivera wrote:
| Both the communication acts of 34 and 96(?) Do not
| require software operators to legally do what LEO tells
| them to do without subpoena.
| Manuel_D wrote:
| The question was about ISPs.
| tensor wrote:
| ISPs cooperate with law enforcement and often happily give
| out the information for people doing illegal things on their
| networks. I realize that operators of Tor exit nodes likely
| can't help track people on the Tor exit nodes, but I doubt
| law enforcement cares, they just see it as "not helping"
| while they see ISPs as "helping."
| Hizonner wrote:
| Courts, and even law enforcement, _are_ actually smart
| enough to know that they have to enforce the laws as
| written and that they can 't just act on their feels. At
| least most of the time. In many places.
| beaglesss wrote:
| They can't say they're breaking the law but as long as
| they don't admit to wrongdoing they can accomplish the
| goal of picking up pretty much anyone for _something._.
|
| It's best to assume the government is a hostile, rabid
| actor who will seize any reachable assets and your
| freedom at any point they wish and proceed accordingly.
| varenc wrote:
| The core question here is w whether law enforcement
| actually believes, incorrectly, that the exit node
| operators are being intentionally unhelpful, or if they
| understand that due to Tor's design the exit node operators
| have no valuable information but the police continue to
| raid them anyway as a scare tactic.
| aniviacat wrote:
| > The core question here is w whether law enforcement
| actually believes, incorrectly, that the exit node
| operators are being intentionally unhelpful
|
| They could keep logs, but they choose not to. They _are_
| intentionally unhelpful.
|
| The reason they aren't keeping logs is not for the
| privacy of others.
|
| If I run an exit node, I know I am not reading the logs
| to garner personal information of others. And unless
| someone hacks my server and goes through the logs, which
| is extremely unlikely, noone else will read the logs
| either.
|
| The only one reading the logs would be law enforcement.
|
| By not keeping logs, you are intentionally hindering law
| enforcement.
| alasdair_ wrote:
| >By not keeping logs, you are intentionally hindering law
| enforcement.
|
| This is why I keep a diary indicating every single person
| I've ever interacted with, along with the date, time and
| place. It's a pain to do so and it takes up a lot of
| storage space and it makes people wary about interacting
| with me but I'd certainly never want to hinder law
| enforcement.
| afh1 wrote:
| Of course not keeping logs is for privacy. You seem to
| think "law enforcement" is about "catching the bad guys"
| when it's actually that AND going after whistleblowers,
| journalists, or, in most countries, just ordinary
| citizens the current people in power don't like, even if
| no crime was committed. This romantic view of government
| and police bears on childish.
| gwd wrote:
| > incorrectly, that the exit node operators are being
| intentionally unhelpful
|
| I mean, exit node operators _are_ being intentionally
| unhelpful? They 're intentionally helping people who
| don't want to be tracked. "I don't want to give you the
| papers" and "I can't give you the papers because I burned
| them so that I couldn't give them to anybody" are
| equivalent morally; the only difference is that the
| latter is irreversible.
|
| There are good reasons to not want to be tracked, but
| there are also bad reasons to not want to be tracked.
| Exit node operators have chosen to help both. Police on
| the whole tend not to be the kinds of people who
| understand the "good reasons not to want to be tracked"
| thing.
| cesarb wrote:
| > "I don't want to give you the papers" and "I can't give
| you the papers because I burned them so that I couldn't
| give them to anybody" are equivalent morally; the only
| difference is that the latter is irreversible.
|
| There are other differences. One is after the fact, the
| other is a decision made before the fact; one is specific
| (rejecting that request in particular), the other is
| general (all requests of that type are guaranteed to be
| affected equally).
|
| It's the same with, for instance, email retention
| policies. We accept that old messages are irrevocably
| deleted after X days, even when we require them to be
| produced once requested if they still exist.
| gwd wrote:
| > It's the same with, for instance, email retention
| policies.
|
| Indeed it is. The _intention_ and _moral purpose_ of
| email deletion policies is to reduce the risk of
| embarrassing or incriminating emails being turned up as
| part of a lawsuit or investigation -- in other words, to
| be unhelpful.
|
| The _legal justification_ for being unhelpful in both
| cases is that "this is just policy, we're treating
| everyone the same". That doesn't change the fact that in
| both cases the intent was to be unhelpful to
| investigators.
| ponorin wrote:
| Exit node applies only to traffic that goes into a clearnet.
| You could to illegal stuff, but only tor users have protection
| and website owners are liable to raids should they allow
| illegal stuff to happen on their platforms.
|
| With Tor Hidden Service there's no exit node as such since
| traffic terminates inside the Tor network. The networking route
| is doubly anonymized so both the server and the client can't
| track each other down.
| Manuel_D wrote:
| Perhaps I'm not understanding something. I'm imagining this
| scenario:
|
| 1. Bob is running a Tor exit node.
|
| 2. Charlie is a government official investigating illegal
| content (use your imagination)
|
| 3. Charlie downloads illegal content via Tor
|
| 4. This content is sent to Charlie from Bob's exit node.
|
| 5. Charlie observes that Bob's exit node sent him illegal
| content.
|
| I understand that even if Bob is raided and his computer
| searched, they cannot find the website hosting the illegal
| content. But Charlie would know that Bob helped deliver the
| illegal content. Tor Hidden Service does not anonymize the
| exit node from the client.
| varenc wrote:
| Your mixing up general Tor use vs Tor hidden services. With
| hidden services there's not really an exit node because the
| traffic never exits the Tor network.
|
| Charlie could only see the machine in the final step of
| requesting the illegal content it Charlie was hosting the
| hidden service themselves. These requests can come from
| many different Tor operators not just exit nodes.
| Manuel_D wrote:
| To be clear, Bob is not the host of the illegal content.
| Bob is just the second-to-last hop before the content
| reaches the end destination (Charlie). My understanding
| of the tor network is that it obfuscates traffic across
| many hops. The path content takes from the host to
| Charlie:
|
| Host -> Node 1 -> Node 2 -> ... Bob -> Charlie
|
| this obfuscates the Host from Charlie. But Charlie knows
| that Bob sent him illegal content. Yes, Bob didn't _host_
| the content. The host is obfuscated. But Bob is still
| delivering illegal content and Charlie knows it.
| aniviacat wrote:
| Exit nodes are not the nodes that are directly facing tor
| users. Those nodes are called "Guard Relays".
|
| Guard Relays usually don't have these issues, since you
| have to be somewhat technical to actively probe relays by
| requesting content through tor. And technical people know
| there isn't any point to rading an operator's home.
| Vecr wrote:
| Hidden service connections don't go through exit nodes. In
| theory it's two back-to-back Tor connection that meet
| somewhere in the network, but you can also think of it
| (possibly more correctly) as a six-hop Tor connection to an
| exit node that is only used to directly connect to the
| backend server. If set up right this prevents government
| sniffing at all points.
| Manuel_D wrote:
| The final recipient is going to be able to decrypt the
| content, right? Regardless of "hidden service connection"
| or "exit nodes". Charlie is the final recipient and will
| be able to decrypt the content and know that it's illegal
| content.
|
| Is there some mechanism that prevents Charlie from
| knowing who sent the content to him? Fundamentally, you
| can't stop the government from sniffing at the endpoint.
| Because they're not really "sniffing" they're just
| requesting content like any normal Tor user.
| Hizonner wrote:
| > Is there some mechanism that prevents Charlie from
| knowing who sent the content to him?
|
| That is, in fact, the whole point of Tor. In the hidden
| service case, neither end can identify the other.
| Manuel_D wrote:
| Sorry, in case I wasn't clear, I'm not talking about
| identifying the site _hosting_ the content. I 'm talking
| about the second-to-last hop in the traffic. My
| understanding is that Tor obfuscates traffic by sending
| through several hops, each one decrypting a layer of
| traffic (hence the "onion" network). So we have:
|
| Host -> Node 1 -> Node 2 -> .... -> Bob -> Charlie.
|
| Charlie doesn't know where the Host is. But Charlie does
| know that Bob sent him illegal content. Or is that final
| link, from Bob to Charlie, also obfuscated somehow? If
| so, how did OP get raided by police if he's supposed to
| be hidden?
| Hizonner wrote:
| OK, so there are basically three cases:
|
| 1. Charlie is running a client and downloads something.
| In which case Bob is an _entrance_ node, not an exit
| node, but it 's essentially the same thing. Charlie does
| know that the next hop is Bob. Depending on whether the
| ultimate destination is a hidden service or on the
| clearnet, Charlie may or may not know who's running that
| service.
|
| 2. Charlie is running a hidden service, and somebody
| _uploads_ something. Charlie knows that it came via Bob,
| but doesn 't know where it came from.
|
| 3. Charlie is running a regular clearnet Web server, and
| somebody uploads something to Charlie via Bob's exit
| node. Again Charlie sees that the traffic comes from Bob.
|
| In the first two cases, Charlie has to be actually
| running the Tor software, and knowingly using Tor. So
| Charlie also knows that (a) Bob is just a relay, (b) Bob
| doesn't actually host the content, (c) Bob doesn't handle
| more than a packet or two of the content at a time, and
| deletes those as soon as they've been relayed, (d) Bob
| doesn't know, and can't find out, what the content
| actually is, (e) Bob doesn't know, and can't find out,
| where the content originally came from, and (f) Bob is
| really unlikely to keep any record of the whole
| connection after the session is over, which means
| probably no more than 10 minutes or so.
|
| If that's enough to go after Bob, then it's enough to go
| after Bob... but historically it hasn't been. Bob can
| reasonably claim not only that he doesn't know what that
| particular traffic was, but that, although he knows
| there's probably _some_ illegal traffic, _most_ of the
| traffic he relays is probably legal.
|
| In the third case, it looks to Charlie like Bob is the
| ultimate user. Unless Charlie does some investigation,
| Charlie may go raid Bob. But Charlie _should_ then find
| out all that other stuff.
|
| I think the most common actual case is that Charlie is
| running a honey pot, either as a hidden service or on the
| clearnet, and somebody gets the content _from_ Charlie
| via Bob. But the same basic ideas apply.
|
| The main issue isn't that Charlie doesn't know what the
| content is, but that _Bob_ doesn 't.
|
| [Oh, and on edit, just to be clear: In the first two
| cases, that "packet or two" that Bob may ephemerally
| buffer is encrypted so that Bob can't read it, nor can
| any other relay. In the third case, where Charlie is a
| clearnet service, the end user is usually still using
| TLS, so Bob _still_ can 't read it. And none of the non-
| exit relays can read it no matter what.]
| Manuel_D wrote:
| > So Charlie also knows that (a) Bob is just a relay, (b)
| Bob doesn't actually host the content, (c) Bob doesn't
| handle more than a packet or two of the content at a
| time, and deletes those as soon as they've been relayed,
| (d) Bob doesn't know, and can't find out, what the
| content actually is, (e) Bob doesn't know, and can't find
| out, where the content originally came from, and (f) Bob
| is really unlikely to keep any record of the whole
| connection after the session is over, which means
| probably no more than 10 minutes or so.?
|
| But at the end of the day Charlie, the government agent,
| is catching Bob in the act of delivering illegal content.
|
| Imagine a government agent buys drugs on the dark web and
| arrests the courier. The courier protests, "I didn't know
| it was drugs, I didn't ask what was in the package". Do
| you think that defense is going to keep the courier out
| of prison?
|
| It sounds like Germany is treating Tor operators as
| common carriers, and not holding them liable for content
| they delivery. They're being quite generous in that
| regard, in most countries the node operators are probably
| not met with such leniency.
| cesarb wrote:
| > Imagine a government agent buys drugs on the dark web
| and arrests the courier. The courier protests, "I didn't
| know it was drugs, I didn't ask what was in the package".
| Do you think that defense is going to keep the courier
| out of prison?
|
| I, recently, bought a computer mouse from an online shop.
| The courier who brought me the package had no idea it
| contained a computer mouse. It might have been listed on
| the manifest outside the package, but even then, the
| courier had no way of knowing whether that was true
| without opening the package.
|
| So, yes, I do think that defense can keep the courier out
| of prison.
| Manuel_D wrote:
| Reality demonstrates otherwise: plenty of drug mules are
| in prison because the jury didn't buy into this defense.
| alasdair_ wrote:
| >Imagine a government agent buys drugs on the dark web
| and arrests the courier. The courier protests, "I didn't
| know it was drugs, I didn't ask what was in the package".
| Do you think that defense is going to keep the courier
| out of prison?
|
| Well, yes, otherwise FedEx and UPS would quickly go out
| of business.
| Manuel_D wrote:
| FexEx and UPS receive immunity as carriers in exchange
| for several things. Minimum standards around
| recordkeeping and knowing their customers is one.
| Assisting the government with law enforcement (tracking
| down customers, scanning packages, etc.) is another.
|
| Juries aren't stupid, they're not going to buy it when
| the courier says, "I just saw this online ad for
| deliveries on the dark web. Sure, it paid way more than
| normal delivery jobs but that's not cause for suspicion,
| right?"
|
| And that's exactly what a tor node is doing: delivering
| content from the dark web. As far as I'm concerned,
| Germany is being very generous in its decision to let
| these operators continue to operate despite knowing full
| well that they are enabling criminal activity.
| Hizonner wrote:
| > Do you think that defense is going to keep the courier
| out of prison?
|
| Yes. That happens every day.
|
| > It sounds like Germany is treating Tor operators as
| common carriers,
|
| That's probably because they basically _are_ common
| carriers. And the service isn 't particularly designed
| for illegal activity, even it can be useful for that.
| It's _especially_ not designed for activities that tend
| to be illegal in the "free world".
|
| > in most countries the node operators are probably not
| met with such leniency.
|
| The Tor network has been running for about 20 years.
| There are on the order of thousands of relays. Unlike
| users, relay operators aren't anonymous; there's a public
| list of their IP addresses. The relays are all over most
| of Europe, especially Western Europe, and the Americas,
| especially the US and Canada, with a not-insignificant
| number of them in other countries.
|
| So far as I know, nobody's ever been arrested, let alone
| convicted, for running a Tor relay. If they have, it's
| been in the sort of country where you also get arrested
| for running a newspaper. That may change soon, but it's
| still the case so far. Oh, and a good chunk of the
| funding for development (but not relay operation) comes
| from the US government.
|
| You say "leniency", I say "not being an authoritarian
| hellhole".
| RobRivera wrote:
| >it's a clear-cut case that the exit node operator facilitated
| illegal activity.
|
| If someone leveraged your employment services to commit crime,
| would you consider yourself having facilitated illegal
| activity?
| Manuel_D wrote:
| My past employers have had to scramble to prevent things like
| hackers using their service for C&C, malware distribution,
| etc. Companies usually have to meet some minimum standard to
| enjoy immunity from liability for abuse of their services.
| Telecoms need to retain logs, know the identity of their
| customers, and assist with government wiretapping for
| example.
| bawolff wrote:
| IANAL, but i imagine it comes down to how many legit purposes
| tor has vs the illegal ones.
|
| I have no idea where the line is, but like we dont charge art
| supply stores with facilitating forgery, so some amount of bad
| usage is clearly acceptable.
| RobRivera wrote:
| Well the great thing about U.S.C is that you don't have to
| imagine, you can read the docs.
|
| Measure of purposes, 'legit or otherwise', is not a law for
| anything ever.
| bawolff wrote:
| Fun fact, usc does not apply to germany where the article
| is about.
|
| But regardless, in both systems i am very certain your
| purpose ("intent") matters a lot. (Details depend on the
| specific crime in question)
| beaglesss wrote:
| All sorts of foreigners have been extradited for
| supposedly violating USC despite never stepping foot in
| America. They could argue the node operator facilitated
| money laundering that touched a US bank, that they
| conspired with a US person, a US CSAM victims likeness
| went through the node, etc etc.
|
| USC has extraterritorial power about everywhere but NK,
| Russia, and Iran either formally or through influence.
| bawolff wrote:
| Normally extradition requires the activity to be a crime
| in both juridsictions.
| RobRivera wrote:
| Forest for the trees, compadre.
|
| :%s/USC/law/g
|
| I distinctly believe you do not care to better understand
| the reality and the nuance, however.
| codexb wrote:
| You can make the same argument for developers of encryption.
| There are legitimate reasons for privacy. The fact that
| criminals want privacy, too, doesn't mean privacy should be
| illegal.
| edm0nd wrote:
| Part of the reason I sadly stopped running any exit nodes was law
| enforcement harassment.
|
| I ran a few exits for about about ~5 years. In those 5 years, my
| hosting provider (DigitalOcean) received 3 subpoenas for my
| account information.
|
| The first two were random. The 1st one was someone sent a bomb
| threat email to a university. The 2nd one was someone sending a
| phishing email.
|
| The last and final subpoena was the most serious one. Some
| nation-state hackers from Qatar had ended up using my exit IP to
| break into some email accounts belonging to people they were
| interested in and spied upon them and stole some info.
|
| Thankfully both the Tor Project and the EFF were able to help me
| pro-bono. The EFF lawyer that was assigned to me helped me fight
| this subpoena but ultimately we had to turn over my account
| information to the DOJ + I had to give an affidavit stating that
| I was simply just an operator and nothing on the server in
| question would be useful to their investigation (by design).
|
| The stress of having to deal with law enforcement, lawyers, and
| having to entertain the possibility of having my home raided over
| something so silly ultimately led to me finally shutting down my
| exits.
|
| Even though I had all of my exits using a reduced exit policy and
| I would blacklist known malicious IPs and c2/malware infra from
| being able to use it, I was still a target.
|
| I feel law enforcement realizes this is a big weakness they can
| target since a lot of Tor exit operators are individuals with not
| a lot of resources to fight them. They can use the legal system
| to scare operators into shutting down.
|
| I one day hope to resume running exits as I find it rewarding to
| be able to help people from around the world in a small way.
| beaglesss wrote:
| Wouldn't the true exit node be the ISP as you are one clear
| node behind them? How many ISP execs get raided by SWAT teams?
| edm0nd wrote:
| Yes the IP was just a DO vps I setup to be a Tor exit.
|
| That's why they requested my personal account information,
| billing info, IPs that I logged into DO with, all of that.
|
| If not interrupted by me getting the help of the amazing EFF
| lawyers, the next step after getting my personal information,
| could have been to raid my home and seize all my electronics.
| I work from home and would have been greatly disrupted and
| not been able to work without my computers and etc. Then I'd
| have to wait months/years to be found innocent and then get
| all of my electronics back + spend thousands on lawyers.
|
| During all of this, the EFF lawyers straight up told me to
| prepare my home as if it were to be raided and encrypt all my
| devices.
|
| Thankfully it did not come to that.
| Hizonner wrote:
| I actually think that Tor should deemphasize exit nodes and
| trying to provide access to the clearnet, in favor of better
| hidden services.
|
| Nearly every major site ends up either totally blocking
| anything that comes from a Tor relay, or applying massive
| numbers of weird CAPTCHAs and restrictions, so it's getting to
| be basically unusable anyway.
| genpfault wrote:
| > I actually think that Tor should deemphasize exit nodes and
| trying to provide access to the clearnet, in favor of better
| hidden services.
|
| Isn't that I2P[1]?
|
| [1]: https://en.wikipedia.org/wiki/I2P
| beefnugs wrote:
| There really is a fundamental difference between : secure end
| to end messages of willing participants. VS arbitrary
| anything-illegal from someone else's public ip.
| shadowgovt wrote:
| But flipping the script: bomb threats and Qatar conducting
| international espionage aren't silly things as far as the
| government is concerned, and if we intentionally interpose
| ourselves in the comms channel in a way that the attack trace
| stops at us, we should be expecting follow-up from a human
| being tasked with enforcing the law, right?
| edm0nd wrote:
| I suppose my issue stems from my perception of the seemingly
| lack of serious investigation on their law enforcement side.
|
| If you had visited any of my exit nodes via port 80 or 443, I
| had a lander on them stating that it was a Tor exit node and
| to please contact me if you wanted your IP to be blacklisted
| from it. I also stated that there was no useful information
| contained on this server (by design) that would be helpful
| for any evidence gathering or investigations. Seriously, all
| they had to do was plug my IP into a browser or do a simple
| scan of it but I suppose that's asking too much from LE lol.
|
| Additionally, Tor exit nodes are public and all they had to
| do was look into my IP more than 5 seconds after finding it
| in logs somewhere and firing off a warrant or subpoena for
| it. The first two were straight up vague templated fishing
| expeditions. The 3rd subpoena actually came straight from the
| DOJ and was a lot more detailed and serious.
|
| They should know what Tor is and know that any Tor server
| contains ZERO info that would be able to assist them in
| whatever they are attempting to investigate.
|
| Sure, I do think such situations require follow-up but as
| soon as they are informed it's a Tor ip, they should know to
| drop any pursuit of getting evidence from it. They do not,
| they continue to go after you via legal means. Even though I
| had the EFFs help, this entire process still took months.
|
| It's pretty stressful to be in a situation where its lil ole
| me VS the entire United States government who has unlimited
| resources, time, and money to go after you.
|
| I am extremely blessed to have had the EFF lawyers at my
| defense and will forever be a life long supporter and donor
| to them. They really do fight for our digital rights and can
| help defend you in a digital equivalent of a David versus
| Goliath situation.
| shadowgovt wrote:
| > Seriously, all they had to do was plug my IP into a
| browser or do a simple scan of it but I suppose that's
| asking too much from LE lol.
|
| I mean, yes, I'm pretty sure "just take my word for it" is
| asking too much of LE.
|
| We can always say "Come back with a warrant" but then
| sometimes they'll come back with a warrant.
|
| > They should know what Tor is and know that any Tor server
| contains ZERO info
|
| Unless, of course, one has misconfigured it... Which could
| be the case. Definitely the kind of thing LEO can figure
| out on the other side of a seize-and-strip of the hardware.
| Unfortunately, I think the only way to not be a part of the
| story here is to not be a part of the story here... Don't
| proxy anonymous traffic if you don't want law enforcement
| asking after the anonymous traffic you proxied. Otherwise,
| expect the responsibility imposed upon a service provider
| (since you're providing a service).
|
| Other ISPs avoid this scrutiny by going out of their way to
| be helpful to law enforcement.
| edm0nd wrote:
| Yup that's the same conclusion that I've come to for now.
| I got a family and stuffs now so don't want to bring any
| stress to them.
|
| One day I will resume but in the future :)
| madars wrote:
| Maybe they did not expect any useful info? One gets jaded
| but https://en.wikipedia.org/wiki/The_purpose_of_a_system_i
| s_wha...
| fn-mote wrote:
| That isn't the reading I would make of the situation.
|
| Like the OP says, it's harrassment to discourage
| continued operation.
| jacobgkau wrote:
| I think that's what the person you replied to was saying.
| The purpose of the "system" of law enforcement is not
| what they say it is (to try and gather evidence from the
| server), but rather is what the system does (get people
| to shut down exit nodes because of the hassle).
| cortesoft wrote:
| The end goal is probably to get you to do what you did,
| which is shut down the exit node. If they make it painful
| to run a Tor exit node, they make Tor harder to use.
| lolinder wrote:
| Exactly. Which is not as obviously an unethical approach
| as some here would think--if you are standing between law
| enforcement and a bomb threat, "I'm intentionally
| ignorant of the activities of the people that I'm
| shielding" is a morally dubious place to stand. The law
| allows law enforcement to subpoena records related to an
| investigation like this, and I honestly think it's fair
| to force Tor exit node operators to handle those
| subpoenas every time, even if the answer is always the
| same.
|
| To have some sort of automated process in place to
| deflect blame allows an exit node operator to ignore the
| real damage their work can do. They may still decide that
| the good that they're doing outweighs the bad, but
| forcing them to see the negative consequences of
| shielding anyone who wants a shield has value.
| courseofaction wrote:
| Is that the horseman we're giving up our rights for
| today?
| lolinder wrote:
| Your right to knowingly run a service that is used by
| people to kill other people while never having to
| interact with the consequences of that decision?
|
| I'm not suggesting people shouldn't be able to run a Tor
| exit node. I'm suggesting that people who run Tor exit
| nodes should occasionally have to a deal with a subpoena
| that says "your exit node was used by a criminal to hurt
| people in ${these ways} and we require any information
| you have to help apprehend the attacker."
|
| I don't want to deprive anyone of the right to make a
| moral decision, but I do want them to feel the weight of
| the full import of that decision.
| luckylion wrote:
| There's a very productive spammer that sends out spam for
| their shops and, on their home page, they have a big info
| about how they didn't send that spam, and it's just
| somebody else trying to ruin their reputation.
|
| If all you'd need to deter law enforcement is to put a
| website up on your server and say that you don't have
| anything to do with anything happening on that server and
| that they shouldn't bother because there's nothing to see
| anyhow, a lot more criminals would do that. I'm sure they'd
| even put an actual exit node on their machines if that
| protected them from law enforcement.
| edm0nd wrote:
| Fair enough!
| treebeard901 wrote:
| The danger is that the Government could just make all this up
| to specifically target nodes they do not control.
|
| The exit nodes have been known to be the weakest part of the
| tor design. It has been a logical theory for a while that all
| exit nodes are visible to the U.S. Govt.
|
| This is just one way they can leave a system like Tor up for
| their uses and also make sure anything domestically is fully
| visible to them.
| impossiblefork wrote:
| What about timing attacks though, things like governments
| controlling things coming and going into routers and the
| internet as a whole?
|
| Surely that's worse than the exit nodes?
|
| The way I see it, the right approach is some kind of
| continuous communication where messages end up in fixed
| slots, where if no message would have gone, there'd have
| been a randomly generated message.
| gary_0 wrote:
| Yes, but they should be able to investigate without placing
| an undue burden on exit node operators (or regular people
| with a compromised device that was used as a proxy).
| Unfortunately it's hard not to be cynical and assume that
| these kinds of overreactions (and worse) are going to
| continue. But in my opinion, any society where policing is
| convenient for the police is a horrible place to live. (Is it
| really such a radical concept that law enforcement should be
| focused on protecting the innocent, not punishing the
| guilty?)
| lolinder wrote:
| > but they should be able to investigate without placing an
| undue burden on exit node operators
|
| Is the burden undue?
|
| A Tor exit node operator has made the ethical judgment call
| that they're doing more good than harm. That might be a
| reasonable position to take, but I don't think it's
| unreasonable for us to expect an operator to face up to
| exactly what it is that they are doing. I'm fully on board
| with any bomb threats (as just one example) leading to a
| subpoena on the exit node operator who shielded the threat
| actor, even if the answer is the same every time.
|
| Making the decision that you're doing more good than harm
| requires you to fully understand the harm that you're
| justifying, and law enforcement subpoenaing you every
| single time is one way to make it very clear what it is
| that you're choosing.
| gary_0 wrote:
| I can think of very few cases where the possibility of
| your home being raided by heavily armed police officers,
| and your property seized, is appropriate if it's clear
| all you're doing is _running software_. (Side note: I 'm
| surprised how often attitudes on this site are at odds
| with the "hacker" part of "Hacker News".)
|
| It is fair that running an exit node might be
| _inconvenient_ , maybe even to the point where consulting
| a lawyer is advisable, but I think we should draw a hard
| line at direct threats to an innocent person's liberty,
| livelihood, and physical safety. That kind of fear is
| definitely an "undue burden".
| lolinder wrote:
| Yes, I can agree that an armed raid or the threat thereof
| is definitely an undue burden.
|
| > it's clear all you're doing is _running software_.
| (Side note: I 'm surprised how often attitudes on this
| site are at odds with the "hacker" part of "Hacker
| News".)
|
| I do not view software as amoral. It's a tool, and like
| any tool it is an extension of myself. Software that I
| run is acting on my behalf, and what my software is
| designed to do is something that I should be held morally
| accountable for.
|
| I'm not sure when the hacker ethos came to mean that
| "just running software" absolved you from having to
| account for the damage your software causes, but if
| that's what the hacker ethos is about then yes, you can
| count me out.
| ajross wrote:
| > The 1st [subpoena] was someone sent a bomb threat email to a
| university. The 2nd one was someone sending a phishing email.
|
| ...
|
| > I one day hope to resume running exits as I find it rewarding
| to be able to help people from around the world in a small way.
|
| This really doesn't strike you as cognitive dissonance? I mean,
| yes, I get it, it's easy to construct a scenario where you're
| "helping people". But you're also "helping" people engage in
| terrorism and identity theft in exactly the same way.
|
| Surely that deserves at least a little thought and moral
| calculus, no? You're not making a first principles argument
| about fundamental rights or anything, you're saying you run
| exits because it's "helping". Well, shouldn't it help more than
| it hurts?
| loa_in_ wrote:
| Doesn't running a post office help people communicate coded
| messages about nefarious things? Doesn't running a telephone
| network help people do the same? What about cellular hardware
| providers and maintainers?
| ajross wrote:
| Tor isn't a post office or telephone network. We have post
| offices and telephone networks. Tor also isn't a
| replacement for a web browser or internet, we have those
| too.
|
| Tor's feature isn't "communication" in the abstract, it's
| _anonymity_. And yes, that can be used for good or for
| evil. But the upthread comment was saying how nice it was
| to run an exit node because it was "helping people". And
| to the extent that's true, I think correct thinking demands
| you also account for the harm.
|
| And let's be clear: Tor is definitely harmful. Almost all
| Tor traffic is some degree of nefarious. The tiny handful
| of dissidents are drowned in a sea of phishing and
| contraband.
| krisoft wrote:
| They do. But all of the above bend over backwards to help
| law enforcement.
|
| > post office help people communicate coded messages about
| nefarious thing
|
| The US postal service scans and stores the outside of every
| envelope and package they handle. Law enforcement agencies
| can query this metadata.
|
| https://en.m.wikipedia.org/wiki/Mail_Isolation_Control_and_
| T...
|
| > Doesn't running a telephone network help people do the
| same?
|
| They do, but they are not only share the metadata with law
| enforcement, but also let them wiretap. (Often they require
| a warrant for this, but that is not a hard burden for a
| LEO.) And this capability is not some aftertought, but
| deeply integrated into their tech stack.
| jacobsenscott wrote:
| You don't need tor for terrorism or identity theft, and it
| probably isn't widely used in those circles. There are easier
| ways. But plenty of people use tor to avoid what amount to
| terrorist govenments and regimes.
| zepearl wrote:
| Is something like this unexpected? I personally never ever
| thought so (which is the reason why I never ever even
| _considered_ running a TOR exit node).
|
| As much as I can respect the idealism about privacy and liberty
| etc..., I could not ignore the fact that any "really!!!" bad
| actor could use the same infrastructure to avoid
| investigation/prosecution, therefore I did not want to provide
| indirectly any help.
|
| > _I feel law enforcement realizes this is a big weakness they
| can target since a lot of Tor exit operators are individuals
| with not a lot of resources to fight them. They can use the
| legal system to scare operators into shutting down._
|
| On one hand I admit that that _might_ be the case, on the other
| hand even government organizations /departments/agencies can be
| "local" and scattered (e.g. similar IT departments for each
| "canton" in Switzerland) and not have huge amounts of
| resources/knowledge to track/identify perpetrators of all
| ongoing (sophisticated?) IT crimes => somebody somewhere might
| see the same IP involved in a lot of "bad" stuff not realizing
| it's just a TOR node.
|
| I hate the current general trend pushing a position of an
| either absolute "yes/no" for any theme, including this one (of
| encryption for privacy/etc vs. crime).
|
| In my opinion it's obvious that the current situation of
| solutions is in general bad: too much pressure on services that
| provide privacy because it's too easy for crime to misuse them
| :o(
| Sebb767 wrote:
| > As much as I can respect the idealism about privacy and
| liberty etc..., I could not ignore the fact that any
| "really!!!" bad actor could use the same infrastructure to
| avoid investigation/prosecution, therefore I did not want to
| provide indirectly any help.
|
| Well, what would be considered a "really!!!" bad actor for
| some might be a hero for others. Just as an example,
| depending on which side of the Israel/Palestine conflict you
| are on, either side using your node for military intelligence
| might be an use worth fighting for or terrible abuse.
|
| In the end, this really comes down to whether you value
| freedom or state protection more; either of which can be
| abused by rogue actors or a malicious state, respectively.
| There is no win-win-solution, unfortunately.
| batch12 wrote:
| Situations like this are the main reason I shuttered the
| torwhois.com service. The barely zero gain wasn't worth the
| risk, sadly.
| snakeyjake wrote:
| I ran an exit node back 2007-2008 ish after learning about Tor
| at a conference.
|
| I stopped running an exit node when I looked at the traffic
| flowing through it. I even sslstripped it back when that was
| much easier.
|
| No freedom fighters. No oppressed journalists. No free speech.
|
| Only porn and scams.
|
| Running a Tor exit node for freedom is like burning a village
| to save it or enriching your own uranium to solve the energy
| crisis.
|
| There's gotta be an answer, but this ain't it.
| qup wrote:
| Why don't lawyers just do this stuff? Then minor legal threats
| are not a concern.
|
| Alternatively, why don't we become lawyers, too?
| walrus01 wrote:
| From the point of view of a less-than-technical law enforcement
| person writing a affidavit in support to get a search warrant,
| abusive traffic from a tor exit node is indistinguishable from a
| person who is physically at a specific street address/premises
| with a laptop or computer engaged in the activity.
|
| They're going to assume until proven otherwise (by first
| confiscating all your electronics and sending them to a digital
| forensics lab to analyze them for 6-12 months) that some person
| who is physically present at that exact location is engaged in
| CSAM/CP or malicious/illegal activity.
| bawolff wrote:
| I mean, there is a public list of all tor nodes in the world so
| it is pretty distinguishable in that sense.
|
| Presumably still worth checking out in case a criminal is
| running a tor node as cover, but at the same time it seems
| unlikely someone is both technical enough to run a tor node but
| also doesn't bother covering their tracks.
| hnbad wrote:
| I have mixed feelings about this given that the organisation's
| only explicit stance is being in defense of free speech, the
| freedom of the press and opposition to censorship. This tells me
| nothing about who's behind this, who's involved and what their
| motives or views are, which, sadly, is often more important than
| what an organisation claims to be about. The name is also
| effectively ungoogleable, leaving the thin info on their own
| website as the only source of information. The author of that
| post is a former member of the German Pirate Party who left for
| unclear reasons and ran as an independent on his own penny with
| no clear message beyond being a protest vote for people who don't
| want to protest vote for the far right.
|
| On the other hand Germany does use flimsy excuses to crack down
| on services like Tor and that's bad.
| motohagiography wrote:
| perhaps an unpopular view as Tor has been a great legal canary
| and a useful privacy service, but it has also been a substitute
| for organizing.
|
| if you use Tor you already know what's going on. onion routing
| didn't save anyone from anything in 20 years. the evils Tor
| enabled often seem to trace back to the very states and
| establishments who manage and tolerate them. drug cartels run
| several of the governments Tor ostensibly protects users from,
| and human trafficking is within a degree of most western
| establishments in every direction, from "NGOs" to intelligence
| operations to the sex trade.
|
| if you want privacy, tech is an inferior solution. make nations
| that protect it.
| jrflowers wrote:
| > make nations that protect it
|
| What nations have you made?
| numpad0 wrote:
| Yeah, German armed police wrt Internet is kind of known to be a
| bit like, _that_. They make excuses, but at the end of the day
| they 're not the most respectful of free speech among G7 or
| whatever. I wouldn't be sure if Tor exit nodes are something that
| can lawfully(ignoring backwards ones) ran, though.
| ghransa wrote:
| It's a tough tradeoff for society, and a lot of harm is
| concentrated, but in a way that's good thing - there is a way to
| block tor exit nodes if you need to and the defaults ports do
| prevent many types of abuse and since the exit nodes are public
| they can just be blocked for spam, clickfraud, etc. But with any
| duel use technology, the opposite argument would be
| investigations also running through TOR, or even a totalitarian
| state (in this case it seems non technical judicial procedure
| through proper channels, but that's the concern). The trouble is
| the routing is outside of the state control and the typical
| mechanism for takedowns, ultimately for the worse of the worst
| ultimately has a host somewhere else as tor just does the
| routing. Since by design the exit node wouldn't necessarily get
| you any further up the chain to the middle node in the
| connection, it would be more fruitful to chose a different
| investigative strategy.
| o999 wrote:
| Interestingly enough, there are multiple exit nodes in Russia, as
| far as I know, law enforcements aren't taking them down
| hwbehrens wrote:
| > _There are obviously still people working in German law
| enforcement today, who think that harassing a node-operator NGO
| would somehow lead to the de-anonymization of individual tor
| users._
|
| This is not why.
|
| > _As a consequence, I am personally no longer willing to provide
| my personal address &office-space as registered address for our
| non-profit/NGO as long as we risk more raids by running exit
| nodes._
|
| This is why. It's basically a textbook example of a chilling
| effect.
| marcodiego wrote:
| I think I have a solution: countries (governments) could publish
| lists of forbidden addresses; you could be allowed to safely run
| you Tor exit node as long as those addresses are blocked. Of
| course, not ideal, but could make a lot of people more willing to
| run exit nodes.
|
| It wouldn't fix the "someone used my exit node to send a bomb
| treat" case though.
___________________________________________________________________
(page generated 2024-09-10 23:00 UTC)