Tor node admin raided by cops appeals for help with legal bills
A sysadmin had his flat raided and equipment seized by police last week for hosting a Tor exit node. William Weber from Graz, Austria, was questioned by cops after someone allegedly distributed child abuse images over one of the Tor exits he administered. Contrary to some early reports Weber was only questioned by police, who …
This topic is closed for new posts.
Re: No good deed...
@Dr Mouse: But he didn't keep logs, which is bordering on destruction of evidence in a child porn case. He could just as easily run a Tor node, keep logs and then provide them to law enforcement officers in the event of a crime. Like any other ISP or service provider would.
Re: No good deed...
"But he didn't keep logs, which is bordering on destruction of evidence in a child porn case."
Tor is provided as an anonymising service. It is used by many people, often for perfectly legitimate purposes, not just paedophiles. He cannot trace where the traffic comes from (a feature of Tor, the data is bounced around the network in such a way that you can't trace it, until it pops out of en exit node). And he would not want to. He has no legal obligation to, and the whole point of Tor is to avoid tracking. Nobody would use it if everything was logged, because it defeats the point of it.
Re: No good deed...
"But he didn't keep logs, which is bordering on destruction of evidence in a child porn case."
What Dr. Mouse said, plus: If you say he should have kept logs since it was within his technical capability to do so, doesn't that imply that our putative laptop repairman should have to do the same? Even if you say, well, actively copying the disk he works on is a different level of thing - what if he has to back up the media and put it on a new disk, since the old one is messed up? Is he obligated to keep the intermediate copy, since it would be 'destroying the evidence' if he did otherwise?
Unless there's been a crime committed and you have knowledge of said crime, you can't 'destroy evidence', otherwise almost anything which could *potentially* have been part of a crime would be sacrosanct. Find a bunch of broken glass in your sidewalk after a hard rain, and sweep it up? Well, it might have been part of a murder! Sure, you don't have any particular reason to believe so since the rain washed away *most* of the blood, but it's still there, so when you cleaned up the glass you were cleaning up a crime scene!
In short, and adjunct to my point above, it's not a private citizen's responsibility to positively vet any action as not being part of a crime. It's been pointed out that you can't get away with hauling a brown paper package for someone - well, this is and isn't true. If you're driving a box across the country for someone, you're (at least in the US) not going to be hauled off to jail for it. But if some guy in a trenchcoat (they all wear those, right?) offers you $4,000 in small, unmarked bills to stick a manila envelope under your shirt and walk through customs, you *do* have a reasonable basis to believe that he just might not be on the up-and-up.
Basically, you can't do stuff that you know damn well is specifically and only going to be used for crime. If this guy had run a server for Vladimir from Ukraine who wanted to host files for his modelling agency and would pay you ten times the going rate, you might be expected to go, "hmmm....". But if you offer a public service to all and sundry, the overwhelming majority of which are almost certainly not criminals, it's unreasonable to expect you to somehow divine who's doing what - and it's also unreasonable to ban private communications because of the potential for abuse.
Re: No good deed...
".....He has no legal obligation to....." Nothing to do with legal obligations, more to do with basic common sense.
Change of plan
I rent a couple of VPS servers in the US which host a noddy application of my own, and was thinking of 'donating' some of the unused bandwidth to Tor by running a couple of relays or even exit nodes. I think I may now scrap that idea!
Re: Change of plan
I think a relay is still pretty safe, assuming that unlike David Hicks, it's the legal risk and not damnation that you're worried about. There have been one or two cases like this one where exit node operators wound up (temporarily) in legal trouble, but I've never heard of a relay operator getting in trouble and it's difficult to imagine a situation where they would, unless Tor itself were illegal where you live.
If you run an exit node, it looks, at least initially, like any traffic "exiting" there is coming from you. With a relay node there should be no such confusion.
TOR:
What is Tor?
Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.
Re: TOR:
no it isn't
Tor is a patented United States Navy product which still receives State Department funding.
establishing pseudonymity (near anonymity) is difficult and realistically requires hard cryptographic tools and sophistication. TOR is a fairly easy to use software that unfortunately SHOUTS I AM USING TOR to all and sundry. 'Bad states' can and do investigate and experiment to watch for ‘Tor headers’ and other unique signatures, MTU packet size etc; which are ‘bug doors’ designed in Tor for ‘work factor reduction’ purposes.
https://blog.torproject.org/blog/iran-blocks-tor-tor-releases-same-day-fix
Using Tor, caution is required, as Tor or Cloud Tor is likely to be under extreme surveillance by intelligence agencies and might not provide even pseudonymity if used in, say, Bahrain or Saudi Arabia
Reminds me of a few years back..
Long time ago I worked for a guy building a small ISP startup (back when such a thing was a realistic proposition).
By small I mean all we had his building cabled and some nearby businesses via Wifi - but we had some big ideas. We also had an ISDN modem bank supposedly for remote access (56K yay) but it mostly for show.
After not seeing much expansion for a few months I decided to sniff one of the boss's personal servers (hey sue me). Turns out the real business was running a subscription warez service, and being an "ISP" gave him the perfect legal coverage.
Re: Reminds me of a few years back..
A subscription warez service? I doubt it. One of the points of warez is that it is software that you are not prepared to pay money for, and so I doubt how successful such an enterprise would be.
Plus, if this was the golden age as you describe it, warez was everywhere - kickme.to/fosi - no-one was paying for it, let alone a subscription.
You sure this guy didn't just have a personal FTP server hooked up to his shiny network connection? 'Back in the day' the number of dodgy FTP sites covertly run by sysadmins on commercial networks was obscene.
Re: Reminds me of a few years back..
"A subscription warez service? I doubt it. One of the points of warez is that it is software that you are not prepared to pay money for, and so I doubt how successful such an enterprise would be."
Actually, I remember lots of subscription warez services from that era. You tended to get faster connections, larger collections of software, quicker access to newer releases and a single place to look. The subscriptions were small, and if you were after high value software (e.g. professional stuff costing thousands) it was well worth it. Plus, you got less malware in the subscription services.
I hope he gets a good precedence set so that people offering exit nodes are not liable for the actions of the users.
What difference is there between him and a company offering VPN's that don't keep logs?
Unless the judge is and the jury are ignorant there is no way he should be convicted of any crime
judge and jury ?
That's the nice thing about these cases - even if it never goes to trial you can bankrupt the person with legal bills, they lose their business because you impounded everything electronic they own for 3years, and then after it's all dropped they are still on your system as a "suspected whatever" so get refused any sort of job that needs a police check.
Actually bothering to have a trial and a conviction is almost unnecessary
Re: judge and jury ?
then after it's all dropped they are still on your system as a "suspected whatever" so get refused any sort of job that needs a police check.
That area of the law needs an overhaul, if you have a criminal record for not wearing a seat belt for example, you shouldn't be turned down for any job that does NOT involve a vehicle.
""I'm not unsympathetic to the fact that Tor gives a voice to oppressed groups and so on, but misuse is inevitable," Harley concluded."
"So how do we know he's really the saint he claims to be?
Looking a the photos and reading about his various co-located servers, he seems to have put a lot of kit into this .. Excuse me if I don't entirely believe this Good Samaritan story."
Guns can be misused. My opinions on such matters not being germane to the point, in those jurisdictions where gun ownership is legal, their potential for abuse is not held to the supplier's accountability.
Vehicles can be misused. If I see three cars parked in your driveway, how do I know you're not using them for improper purposes, you potential bank-robber, you?
The Internet can be (and is) abused and misused for various purposes. So should we close down all the ISPs, raid every server farm? I'm willing to bet such raids would find improper material in just6 about every one of them.
Yes, the comparisons are extreme. Yes, some people would potentially approve of a Code Napoleon (guilty until proven innocent). Apart from the big companies, of course. Obviously it wouldn't be fair to hold _them_ accountable to the same standards, right?
For the benefit of those who may choose to see it otherwise - the previous two sentences were in fact irony. Or sarcasm. Or artichokes. Or something.
Mr Harley is , of course, entitled to express his view. I would, however, question the value of poiting out that (insert random thing here) has the potential to be abused. And equally AC is entitled to his (or her) doubts as to Herr Weber's Samariten-ness or otherwise. But the extension of such logic would seem to place us all in the same dock.
Or, rather, it would to me. And I am, I believe, entitled to _my_ view also.
Who keeps a mobile and cash in a safety deposit box - just in case ??
Does he think he is Jason Bourne ?
Indeed
"why does he not entrust all his money to the banksters ?"
I don't find it unreasonable at all.
Some cheap insurance if you ask me.
Any person with a vague understanding of how the modern world works probably has one reason or another to have some sort of plan b.
I can't tell you the last time I used cash for a purchase, much less a major one, but yet I still keep a reasonable amount of Cash handy in the event that I were to ever need it.
In this day and age, when even having the same name as someone else who happened to do a bad thing can be enough to have accounts frozen and services suspended (by error of course, but inconvenient at the very least), I think it might actually be a good idea.
Certainly a much better investment than any number of other dubious "insurance" policies one might be offered in the course of life.
Upon reflection, I may even add a pre-paid to the insurance pile.
As my dad always says "Either be prepared, or hang around someone who is" (:
Re: Indeed
@Frank - If he's got his money in a safety deposit box, he almost certainly is trusting it to bankers.
Anyway, as someone who has worked in UK FI for a while, I had annual training on money laundering, keeping large wads of cash in a safety deposit box is, while not damming, a highly suspicious behavior that would warrant further investigation under anti-money laundering regulations.
Tax Law
Is not the same throughout Europe. Austria has some arcane dodges that let you keep stuff in a safety deposit box with a nominal value to avoid death duties. Families do this as a matter of course, my inheritance included something similar.
Re: Indeed
Oh dear, I had no idea. I also have wads of cash and mobiles stashed away here and there. I pay for everything by cash wherever possible mostly because I'm utterly paranoid about those who decide to store my card details ad infinitum on their chaotic malware ridden servers. (Or *shudder* in teh cloud.)
Control Freaks Meme #1: "Child Porn"
If you really believe these lies by the government you are a sorry idiot. Western governments hate TOR for the same reason Mr Ahmadinejad hates it: Loss Of Information Control.
Using TOR, people can criticize the Rich&Powerful without the cost of "being investigated by intelligence and their stooges". These "investigations" do not usually include physical violence, but certainly threats of such including the use of dogs are basically "OK" in Pax Americana Land (from Tokio to Warsaw). This not being theory but practice. If you try rock the mental boat of the western world, many, many people will be royally pissed off. When they want war and have all their media outlets singing the tune of war and you are against this over your private DSL line, you bet strange things will happen.
The media whores are part of this scam and if you really believe in "free press" you are an equally sorry idiot. Established media is in collusion with every crime the rich&powerful concoct. Currently they want war with Iran and every third media message will directly or indirectly condition you for that "inevitable" war.
Let them try to shut down TOR: soon we will have much stronger systems without central points of weakness such as directory servers or exit nodes.
Re: Control Freaks Meme #1: "Child Porn"
Yeah, because right now, nobody in the media opposes the idea of war with Iran, anyone who criticizes the US government is investigated and threatened, and the 'rich and powerful' are, en masse, colluding with everyone whose voice reaches more than a few thousand people.
When was the last time you heard of someone in Europe or the US arrested or threatened for running a blog critical of their government?
Or does the media just cover it all up?
Sorry to break this to you, but at least in the US, the government is way to busy being at *its own* throat to worry about 'crushing opposition'. Hell, the media have been rabidly anti-government in many ways recently - and have been regularly accused by both sides of colluding with the other.
And yet organizations like Move On, Occupy, etc etc, continue to exist unfettered. Or are they mouthpieces of the 'government' too?
Honestly, I'm not seeing ANY media outlet singing the tune of war. Most people hate the idea. In Europe, there's not even an instinctive support for Israel that might be used to justify it.
How is it that news organizations like Fox and MSNBC disagree with eachother so much, yet neither have been put out of business by threats of physical violence and 'dogs' (whatever that means)? Which wealthy bastards are they beholden to when they're at odds with one another over most policies?
Are El Reg part of this group of 'media whores' which are in on it with "the government" - notwithstanding that "the government" apparently applies to every Western nation, most of whose governments have profound disagreements.
The EU can't even agree on central banking policy, and yet you accuse them of running a massive conspiracy along with big business and the US to foment media support (which doesn't exist) for a war in Iran (that nobody is talking about)?
Seriously?
This is why the CCC offers a Tor service
The Chaos Computer Club runs multiple Tor exit nodes, financed by donations. They have the resources to fend of legal threats. It is probably the more sane way of supporting the Tor network.
http://www.ccc.de/anonymizer/
One More Anti-TOR Message: "Perfidious Botnets !!!!"
http://www.computerworld.com.au/article/444088/tor_network_used_command_skynet_botnet/
If you are deep government
..I hope they will get you in crackistan, Iran or wherever the MIC currently wages a War For Profit.
Thanks for the PSYOP work this evening.
A point worth noting is that he is being investigated, he is not being punished. At least, not yet.
If the police decided not to investigate any child pornography found where the person was running a Tor exit node, how long would it take before all the child pornographers decided to start running Tor exit nodes? Until the investigate, they don't know if the person was doing it themselves or it was done through the exit node.
And taking away the guns? I'd rather hope that's standard procedure when someone is being investigated for a crime, much like taking their passport away.
"A point worth noting is that he is being investigated, he is not being punished. At least, not yet."
This depends on your definition of punishment.
If the cops came to your house, took away all your computers, mobile phones etc, some of which may be part of your business, this could easily be thought of as a punishment.
For example, for myself, it would have a big impact on my life. I only use my mobile phone, so I would loose contact with a lot of people. My computers contain a large amount of my personal data, projects, photos, and many other things. There would be a huge inconvenience, and at this point I would already consider it a punishment.
Then there's my work's laptop. Although all my data is backed up at work, there would be a lot of work to set me up a new workstation. There is also the damage to reputation: In this case, I would likely have to explain to my bosses why the laptop had been seized. if it is on suspicion of child porn, imagine what my bosses would think! Do you really think there would be no impact? I could easily see being suspended from work, and irreparable damage being done to my reputation, even if cleared later.
If you run a computer based business, it would be even worse. Even a few months of investigation could bankrupt a small business. The destruction of a business that someone has worked hard to build, ploughed large amounts of money and time into, is definitely a punishment.
I'm sorry, but I do think that even this "investigation" step is punishment. It may be necessary, but it's still punishment.
This is a common tactic against legitimate porn sites in the USA
The operators are required to keep records showing the models are over 18 - the police have a right to "inspect" those records
This is often interpreted as a right to seize anything that may contain a record = every computer, every disk drive, every digital camera, every video editing console - and take them away for a few months "to be inspected"
>>"I'm sorry, but I do think that even this "investigation" step is punishment. It may be necessary, but it's still punishment."
If you're saying that it's [potentially] necessary to avoid people doing what Danny Bowman suggested some people might be tempted to do, whose 'fault' is the punishment?
Some kind of mix of his, some of the TOR users and the authorities?
Goddess help them...
...if they ever come for me.
They'll need at least two 40-foot containers, and a forklift... I've just moved the Corestore collection from New York to New Zealand, and the total weight was something in the region of 35 tons... most of it IBM mainframes!
And they won't get diddly squat without a rubber hose; nothing much less will get them anywhere with Truecrypt, let alone RACF!
criminalization of technology
https://www.youtube.com/watch?v=qJYlmEZ399I
I wonder how many sysadmins here know precisely what data is being transmitted over their networks.
If this man is convicted on the basis of traffic that passed through his exit node, then the TOR protocol is in effect being outlawed in Austria, and possibly the rest of the EU.
Where does the culpability stop? Are you confident that all that encrypted traffic passing through your firewall is squeaky clean? Do you keep meticulous records and logs to prove that you are only providing a communications network and not aiding child pornographers and terrorists? Is your audit trail good enough to convince a technically illiterate judge and jury that you are not a nonce?
The implication of a guilty verdict in this case would be that anyone operating a computer network should inspect all traffic to determine that it complies with the laws of the country they reside in.
Child abuse is a social problem that has always existed, it tends to run in families as the victims turn into abusers themselves. Since the invention of the camera pedophiles have been able to record their crimes and seem to have a compulsion to share the pictures. This could be achieved by any number of means, criminalizing encrypted anonymous communication will not remove the compulsion.
Prosecutions like this are pushing the use of anonymous encrypted communication into a legal grey area, with a presumption of guilt, effectively branding anyone providing it a paedo/thief/terrorist. Will making TOR unavailable stop child abuse happening? I think not.
What's he done
Surely, a network such as TOR is effectively performing the same function as an ISP? It's simply providing an infrastructure layer over which people send traffic? An ISP isn't held liable for what goes over its network. So, why should anything to do with TOR? They don't know what's in the traffic in the same way as an ISP doesn't. So, why can't people running these dark nets have the same protections? Obviously, should they become aware of something dodgy happening, they should deal with it in much the same way an ISP would.
Seems to be a matter of ensuring the authorities have control over anyone they want. ISPs are basically under control, but TOR admins etc. are not. So, whilst logically they're doing the same thing (simply providing bandwidth), the TOR admins have to go as they're not under control. Nothing to do with the law or natural justice. Simply ensuring you are powerful and control the world.
Re: What's he done
>>"An ISP isn't held liable for what goes over its network. So, why should anything to do with TOR?"
It's a tricky issue.
It *might* be considered less likely that an ISP would be a cover for an individual's own illegal activity.
An ISP might be more able to help in an ongoing way with an enquiry by allowing future monitoring, or to provide historic data (who was using what IP address at what time) which allowed an investigation to progress.
The second of those things somewhat reinforces the first - the fact that what went where should be traceable is likely to make people working at the ISP fairly unlikely to try doing anything dodgy due to the likelihood of detection.
In the case of someone running an exit node, if they are unable to be of any real help and are thought to be more likely than an ISP to be responsible for some of the offending traffic, it's easy to see why they may be seen differently.
Being honestly unable to help the police shouldn't itself be a crime, nor should simply putting oneself in a position where one is honestly unable to help, but deliberately putting oneself in that position (especially in a situation where it is difficult for anyone else to tell whether dodgy traffic was someone else's or not without significant investigation) is going to make it more likely that one becomes collateral damage in an investigation, and that's something that people choosing to assist others access the internet untraceably should understand.
I understand that if I leave a wifi router open, I'm opening myself to at least having my machines looked at if someone does do something dodgy with my net connection.
However innocent someone might know they are, if their hospitality has been abused in order to help someone commit a crime, they can't expect that there won't be any kind of investigation, or that it won't be inconvenient for them.
In the case of an ISP, being legally regulated, they have some kind of defence - if the law says they have to keep certain data for X months, it effectively also says that getting rid of it after X months is permissible - if they do provide what the law requires that they provide, there would be little justification for seizing machines unless there were unusual grounds for suspicion that they were doing something dodgy themselves and covering it up.
Re: What's he done
>>"Seems to be a matter of ensuring the authorities have control over anyone they want. ISPs are basically under control, but TOR admins etc. are not. So, whilst logically they're doing the same thing (simply providing bandwidth), the TOR admins have to go as they're not under control. Nothing to do with the law or natural justice. Simply ensuring you are powerful and control the world."
But they're not 'simply providing bandwidth' - they are quite intentionally providing anonymity, which ISPs are not doing.
In fact, they're not even 'providing bandwidth' - in reality they are consuming it by bouncing the same data around in ways which are entirely unnecessary for simple communication, but useful for anonymity.
They are not logically doing the same thing as ISPs, as is fairly obvious from the fact that everyone using them has an ISP and is using TOR as an addition.
Re: What's he done
But TOR isn't adding anything to current, just making it simpler and easier. The traffic into TOR is just as visible as traffic without TOR, so no change there. Also, what's the difference between bouncing around various proxies in 'unfriendly' places and going through TOR. Yes, the ISP can tell you where the packets went and you can ask the proxy admin where they went, then the next etc.etc. However, once you meet a proxy in an unhelpful place, the trail stops. So, are we now going to investigate anyone who hosts a proxy for the same reason?
Effectively the misdealings of a few are being used as reason for putting the entire population under surveillance. That's the start of a totalitarian state. Surveillance is always the start point. East Germany and the Stasi would have loved to have some of these laws!! Essentially, what is wrong with people have private conversations or communications?
I guess the TOR network could be setup in such a way that each admin can keep records and reveal them to the authorities on demand (there are other ways of obscuring where the packets are going), but I suspect it wouldn't make any difference. They would still go after the admins as they can't be brought to heel and can appear and disappear as end point much easier and quicker than ISPs do. This smacks totally of control rather than anything else.
Re: What's he done
They are part of a communications path, whether physical infrastructure or logical functionality. Sort of like the various layers of the networking stack. On the basis of your argument, the inventors of SSL should be arrested and thrown in jail for making the packets unreadable!! Perhaps that is a better analogy. What the difference between SSL and TOR. Even if you can tell where the packet went, that doesn't help much unless you know the content. Or, are you going to investigate anyone who once sent or received a network packet from a known paedophile?
Re: What's he done
>>"On the basis of your argument, the inventors of SSL should be arrested and thrown in jail for making the packets unreadable!! "
Please don't misrepresent me.
I'm not remotely trying to argue anyone should be thrown in jail for developing encryption, or for running a proxy server, or a TOR exit point, or for opening up their Wifi to strangers.
I am pointing out that if someone is doing something which could ultimately result in detectable illegal traffic passing across communications links they are responsible for, they can expect one or other authority to be interested if such traffic actually occurs even in the absence of any Great Conspiracy to stamp out TOR.
In the case of ISPs, there will be a fairly consistent positive history of past co-operation of ISPs with legal enquiries, a legal framework regarding what an ISP has to provide in terms of information, and also a 'negative history' of enquiries pretty overwhelmingly turning out to be down to a customer doing something dodgy, not the ISP.
But face PC Plod with J Random Citizen with a net connection which illegal content has travelled over, and it's highly predictable that they will seize obvious hardware until they can satisfy themselves that the traffic *wasn't* that of the individual himself.
It's certainly a pain in the arse for the individual, but hardly an entirely unpredictable one.
Now if there was some way of making decent money out of running an exit node, and one was being run by a multi-employee company which had detailed records of all its internal traffic such that they could identify what went to internal machines and what disappeared into TOR, they might find it easier dealing with an enquiry since the police might trust rather more that they would be being given accurate information, and that people in the company would tend to keep an eye on each other and make sure no-one was abusing the system.
Even something run professionally but for free by volunteers might be in a reasonable position, especially if they have prior legal advice and representation on tap.
Being a one-man-band doing stuff for free seems likely to put someone in a meaningfully worse position even if doing the precise same thing, since the only people who can check on you are the boys in blue.
Re: What's he done
>>"Effectively the misdealings of a few are being used as reason for putting the entire population under surveillance. That's the start of a totalitarian state. Surveillance is always the start point. East Germany and the Stasi would have loved to have some of these laws!! Essentially, what is wrong with people have private conversations or communications?"
What is against the law about people having private conversations?
In times past, operators listened in to phone calls, letters could be opened, and people could be followed to see who they met, but that was by no means an inevitable slippery slope leading to totalitarianism.
I'm sure the Stasi would have absolutely loved people being able to encrypt emails, or untraceably hide messages in other files, or each be able to be their own mini-broadcaster with blogs, etc where messages could also be hidden, or instantly duplicate large mounts of information.
People these days have access to unsnoopable communication that people in the past could only have dreamed of.
Hell, some paranoid person worried about the route of a communication being traced could easily post a memory card with vast amounts of encrypted and obscured data to a trusted friend of their target recipient, knowing that it is useless if intercepted, and that recipient has full plausible deniability.
This topic is closed for new posts.
