William was raided for running a Tor exit node. Please help if you can.
I'm not William and a friend pasted a link on IRC to me. I'm going to send him a few bucks because I know how it feels to get blindsided by the police on one random day and your world is turned upside down. Source: http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-acce...
From the URL:
Yes, it happened to me now as well - Yesterday i got raided for someone sharing child pornography over one of my Tor exits. I'm good so far, not in jail, but all my computers and hardware have been confiscated. (20 computers, 100TB+ storage, My Tablets/Consoles/Phones) If convicted i could face up to 6 years in jail, of course i do not want that and i also want to try to set a legal base for running Tor exit nodes in Austria or even the EU. Sadly we have nothing like the EFF here that could help me in this case by legal assistance, so i'm on my own and require a good lawyer. Thus i'm accepting donations for my legal expenses which i expect to be around 5000-10000 EUR. If you can i would appreciate if you could donate a bit (every amount helps, even the smallest) either by PayPal (any currency is ok): https://paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=2Q4LZNBBD7EH4 Or by Bank Transfer (EUR only please): Holder: William Weber Bank: EasyBank AG (Vienna, Austria) Account: 20011351213 Bank sort number: 14200 IBAN: AT031420020011351213 BIC: EASYATW1 I will try to pay them back when i'm out of this (or even before) but i can obviously not guarantee this, please keep this in mind. This money will only be used for legal expenses related to this case. If you have any questions or want to donate by another way (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free to send me a mail (william@william.si) or a PM, or contact me in LET IRC. Thanks! William -- --C "The dumber people think you are, the more surprised they're going to be when you kill them." - Sir William Clayton
If you run Tor, then you should probably accept that it might be used for activity that you don't approve of or even is in violation of the law. I'm not saying Tor is good or bad, just that if you're using it you probably know what you're getting into. In order to catch someone in a criminal case, most law enforcement will certainly take whatever they think could be used as evidence, perform forensic analysis on it, and retain it as long as they think necessary. Depending on how well your laws are written, you might be not be protected from them discovering "other" activity that is outside the scope and bringing a separate criminal case against you directly. Got any pirated music or movies? On Thu, Nov 29, 2012 at 8:04 AM, Chris <caldcv@gmail.com> wrote:
I'm not William and a friend pasted a link on IRC to me. I'm going to send him a few bucks because I know how it feels to get blindsided by the police on one random day and your world is turned upside down.
Source: http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-acce...
From the URL:
Yes, it happened to me now as well - Yesterday i got raided for someone sharing child pornography over one of my Tor exits. I'm good so far, not in jail, but all my computers and hardware have been confiscated. (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)
If convicted i could face up to 6 years in jail, of course i do not want that and i also want to try to set a legal base for running Tor exit nodes in Austria or even the EU.
Sadly we have nothing like the EFF here that could help me in this case by legal assistance, so i'm on my own and require a good lawyer. Thus i'm accepting donations for my legal expenses which i expect to be around 5000-10000 EUR.
If you can i would appreciate if you could donate a bit (every amount helps, even the smallest) either by PayPal (any currency is ok): https://paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=2Q4LZNBBD7EH4
Or by Bank Transfer (EUR only please):
Holder: William Weber Bank: EasyBank AG (Vienna, Austria) Account: 20011351213 Bank sort number: 14200 IBAN: AT031420020011351213 BIC: EASYATW1
I will try to pay them back when i'm out of this (or even before) but i can obviously not guarantee this, please keep this in mind. This money will only be used for legal expenses related to this case.
If you have any questions or want to donate by another way (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free to send me a mail (william@william.si) or a PM, or contact me in LET IRC.
Thanks! William
-- --C
"The dumber people think you are, the more surprised they're going to be when you kill them." - Sir William Clayton
-- Ray Patrick Soucy Network Engineer University of Maine System T: 207-561-3526 F: 207-561-3531 MaineREN, Maine's Research and Education Network www.maineren.net
Back in the early days of the public internet we didn't require any id to create an account, just that you found a way to pay us. We had anonymous accts some of whom dropped by personally to pay their bill, some said hello but I usually didn't know their names and that's how they wanted it, I'd answer "hello <ACCOUNT>", whatever their login was if I recognized them. Some mailed in something, a mail order, even currency tho that was rare but it did happen, or had someone else drop by to pay in cash (that is, no idea if they were local.) LEO occasionally served a warrant for information, usually child porn biz (more than just accessing child porn, selling it) tho I don't remember any anonymous accts being involved. I never expected to be held accountable for anyone's behavior unless I was knowingly involved somehow (just the usual caveat.) LEO never showed any particular interest in the fact that we were ok with anonymous accounts. If I was made aware of illegal activities we'd shut them off, didn't really happen much, maybe some credible "hacking" complaint on occasion. It's funny, it's all illusion like show business. It's not hard to set up anonymous service, crap, just drop in at any wi-fi hotspot, many just ask you to click that you accept their T&Cs and you're on. Would they raid them, I was just using one at a major hospital this week that was just like that, if someone used that for child porn etc? But I guess stick your nose out and say you're specifically offering anon accts and watch out I guess. -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
On Nov 29, 2012, at 11:17 , Barry Shein <bzs@world.std.com> wrote:
Back in the early days of the public internet we didn't require any id to create an account, just that you found a way to pay us. We had anonymous accts some of whom dropped by personally to pay their bill, some said hello but I usually didn't know their names and that's how they wanted it, I'd answer "hello <ACCOUNT>", whatever their login was if I recognized them. Some mailed in something, a mail order, even currency tho that was rare but it did happen, or had someone else drop by to pay in cash (that is, no idea if they were local.)
LEO occasionally served a warrant for information, usually child porn biz (more than just accessing child porn, selling it) tho I don't remember any anonymous accts being involved.
"Mere conduit" defense. (Please do not anyone mention "common carrier status" or the like, ISPs are _not_ common carriers.)
I never expected to be held accountable for anyone's behavior unless I was knowingly involved somehow (just the usual caveat.) LEO never showed any particular interest in the fact that we were ok with anonymous accounts. If I was made aware of illegal activities we'd shut them off, didn't really happen much, maybe some credible "hacking" complaint on occasion.
How do you "shut off" a Tor "account"?
It's funny, it's all illusion like show business. It's not hard to set up anonymous service, crap, just drop in at any wi-fi hotspot, many just ask you to click that you accept their T&Cs and you're on. Would they raid them, I was just using one at a major hospital this week that was just like that, if someone used that for child porn etc? But I guess stick your nose out and say you're specifically offering anon accts and watch out I guess.
Do you think if the police found out child pr0n was being served from a starbux they wouldn't confiscate the equipment from that store? -- TTFN, patrick
On November 29, 2012 at 11:45 patrick@ianai.net (Patrick W. Gilmore) wrote:
On Nov 29, 2012, at 11:17 , Barry Shein <bzs@world.std.com> wrote:
It's funny, it's all illusion like show business. It's not hard to set up anonymous service, crap, just drop in at any wi-fi hotspot, many just ask you to click that you accept their T&Cs and you're on. Would they raid them, I was just using one at a major hospital this week that was just like that, if someone used that for child porn etc? But I guess stick your nose out and say you're specifically offering anon accts and watch out I guess.
Do you think if the police found out child pr0n was being served from a starbux they wouldn't confiscate the equipment from that store?
I dunno, has it ever happened? I mean confiscated the store's equipment, I assume that's what you mean. Is that because no one has ever been involved with child porn etc from a Starbucks? Does that seem likely? I don't know, really. And why would confiscating it from one location address the issue if they offer anonymous hotspots (I don't know if they do but whatever, there are plenty of others) at all locations and they're one company? It would seem like they'd have to confiscate the equipment at every Starbucks in their jurisdiction, which could be every one in the US for example. -b
On Nov 29, 2012, at 12:58 , Barry Shein <bzs@world.std.com> wrote:
On November 29, 2012 at 11:45 patrick@ianai.net (Patrick W. Gilmore) wrote:
On Nov 29, 2012, at 11:17 , Barry Shein <bzs@world.std.com> wrote:
It's funny, it's all illusion like show business. It's not hard to set up anonymous service, crap, just drop in at any wi-fi hotspot, many just ask you to click that you accept their T&Cs and you're on. Would they raid them, I was just using one at a major hospital this week that was just like that, if someone used that for child porn etc? But I guess stick your nose out and say you're specifically offering anon accts and watch out I guess.
Do you think if the police found out child pr0n was being served from a starbux they wouldn't confiscate the equipment from that store?
I dunno, has it ever happened?
No idea. However, I would not be the least bit surprised. In fact, I would be surprised if they failed to do so, after having "proof" that child pr0n was served from one.
I mean confiscated the store's equipment, I assume that's what you mean. Is that because no one has ever been involved with child porn etc from a Starbucks? Does that seem likely? I don't know, really.
And why would confiscating it from one location address the issue if they offer anonymous hotspots (I don't know if they do but whatever, there are plenty of others) at all locations and they're one company?
It would seem like they'd have to confiscate the equipment at every Starbucks in their jurisdiction, which could be every one in the US for example.
They didn't confiscate every Tor exit node in the US once they found something nefarious emanating from one. -- TTFN, patrick
* Patrick W. Gilmore (patrick@ianai.net) wrote:
On Nov 29, 2012, at 12:58 , Barry Shein <bzs@world.std.com> wrote:
It would seem like they'd have to confiscate the equipment at every Starbucks in their jurisdiction, which could be every one in the US for example.
They didn't confiscate every Tor exit node in the US once they found something nefarious emanating from one.
Lets assume that some child pr0n dealer used this Tor exit node, is it not reasonable if the police wants to see if there are logs that make it possible to catch the sleazebag? Should LE ignore crime if it originates from a network which operates a Tor exit node? I am all for being anonymous on the net but I seriously believe that we still need to enforce the law when it comes to serious felonies like child pr0n, organized crime etc, we can't give them a free pass just by using Tor. I dont think it should be illegal to operate a Tor exit node but what just happened could be a consequence of doing it. Of course they might not know abot Tor and believes that it is Mr Williams that is the bad guy. /J
Joakim Aronius wrote:
Lets assume that some child pr0n dealer used this Tor exit node, is it not reasonable if the police wants to see if there are logs that make it possible to catch the sleazebag? Should LE ignore crime if it originates from a network which operates a Tor exit node?
I am all for being anonymous on the net but I seriously believe that we still need to enforce the law when it comes to serious felonies like child pr0n, organized crime etc, we can't give them a free pass just by using Tor. I dont think it should be illegal to operate a Tor exit node but what just happened could be a consequence of doing it.
Of course they might not know abot Tor and believes that it is Mr Williams that is the bad guy.
/J
Wouldn't Austrian LEA need possession/knowledge of this pr0n site in order to determine the exit node that was using it?
On November 30, 2012 at 08:18 joakim@aronius.se (Joakim Aronius) wrote:
I am all for being anonymous on the net but I seriously believe that we still need to enforce the law when it comes to serious felonies like child pr0n, organized crime etc, we can't give them a free pass just by using Tor. I dont think it should be illegal to operate a Tor exit node but what just happened could be a consequence of doing it.
Yeah, next they'll let just anyone walk down the sidewalk without identifying themselves. And those are public sidewalks paid for by tax dollars! Or drop a few coins in a public telephone (I know, a little dated, but they exist) w/o id and commit some crime! I think some here need to reflect on what they're saying. Sure, it'd be better to stop bad guys, but this has always been the problem in a free society, you can't just put draconian rules on everyone else because otherwise some bad guy might not be immediately and easily identified. This was the sort of reasoning they used in the Soviet Union to make it very difficult to get access to a photocopy machine (ask someone who lived there, it was practically like buying a firearm in the US.) We're all (well most of us) glad that law enforcement does its job, but even the US Constitution (3rd amendment) bothered to state: No Soldier shall, in time of peace be quartered in any house, without the consent of the Owner, nor in time of war, but in a manner to be prescribed by law. It's only an analogy but I think it's clear, if we're protected from being forced to provide food & shelter directly to soldiers presumably defending our lives and country the principle as it pertains to being required to do whatever law enforcement dreams up to catch bad guys is pretty clear. As a principle -- Note: I am NOT making a legal point! Ok, grab onto that "manner prescribed by law", but remember that it said "in time of war". None of what we're discussing is relevant to any war (except as politicians toss around the war on this or that.)
Of course they might not know abot Tor and believes that it is Mr Williams that is the bad guy.
/J
Sure, but I assume he told them that :-) -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
Barry Shein wrote:
On November 30, 2012 at 08:18 joakim@aronius.se (Joakim Aronius) wrote:
I am all for being anonymous on the net but I seriously believe that we still need to enforce the law when it comes to serious felonies like child pr0n, organized crime etc, we can't give them a free pass just by using Tor. I dont think it should be illegal to operate a Tor exit node but what just happened could be a consequence of doing it.
Yeah, next they'll let just anyone walk down the sidewalk without identifying themselves. And those are public sidewalks paid for by tax dollars!
Or drop a few coins in a public telephone (I know, a little dated, but they exist) w/o id and commit some crime!
I think some here need to reflect on what they're saying.
Sure, it'd be better to stop bad guys, but this has always been the problem in a free society, you can't just put draconian rules on everyone else because otherwise some bad guy might not be immediately and easily identified.
Well put Barry. Or, as Ben Franklin put it: "They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." Miles Fidelman* * -- In theory, there is no difference between theory and practice. In practice, there is. .... Yogi Berra
On Fri, Nov 30, 2012 at 12:48 PM, Barry Shein <bzs@world.std.com> wrote:
Yeah, next they'll let just anyone walk down the sidewalk without identifying themselves. And those are public sidewalks paid for by tax dollars!
If you hang out with criminals, sooner or later you'll encounter a situation where there is a reasonable suspicion that you committed a crime. Not because you hung out with criminals but because something criminal happened while you were hanging out with the criminals and with only a partial set of facts it appears likely that you did it. It takes extraordinary diligence to hang out with criminals yet remain personally above reproach. It's a tightrope many news reporters have to walk. I have yet to see such diligence practiced in the operation of a Tor node. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
The BBC has an article about a similar issue on a Tor exit node in Austria: Austrian police raid privacy network over child porn http://www.bbc.co.uk/news/technology-20554788 ## Austrian police have seized servers that were part of a global anonymous browsing system, after images showing child sex abuse were found passing through them. Many people use the Tor network to conceal their browsing activity. Police raided the home of William Weber, who ran the servers, and charged him with distributing illegal images. ## It is unfortunate that systems in place to allow free speech end up being abused for the wrong purposes. The same applies to anonymous remailers which have been used to stalk and harass/bully people often using forged email addresses (since those remailers allow one to forge the sender's email address instead of forcing an "Anonymous" sender email. If Tor servers are just glorified routers then they could be considered more as transit providers and not responsible for content transiting through them. However, if a transit service goes out of its way to hide the identity of the sender of a packet to make it untraceable, then it becomes more than a simpler "carrier".
The BBC has an article about a similar issue on a Tor exit node in Austria:
Austrian police raid privacy network over child porn http://www.bbc.co.uk/news/technology-20554788
actually it is not a "similar case" but the case of William W. that BBC reported. Though with some mistakes: the servers were not seized, the hardware (drives etc) at his home was seized, William was not charged (he says), police is just investigating. http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-acce... And so far only the police know if "images showing child sex abuse" were actually "found passing through them" as BBC writes. The warrent posted at arstechnica.net http://cdn.arstechnica.net/wp-content/uploads/2012/11/Beschluss.png mentions section 207a, para 2, 2nd case, and para 4 no 2, lit b of Austrian Criminal Code, which would be possession of a a pornographic depiction of a minor person over 14, showing their genitals in an obscene manner. (the text of the relevant section in German: http://www.ris.bka.gv.at/Dokumente/Bundesnormen/NOR40105143/NOR40105143.html) The warrent does not mention anything that refers to distribution or transport of pornographic images. So, either police and judge were not aware that it was a TOR server or they have/had a suspicion that's not related to running a TOR server. Or the made a mistake and quoted the wrong section. We simply don't know at present. regards, jutta am Samstag, 01. Dezember 2012 um 17:10 schrieb nanog@nanog.org:
The BBC has an article about a similar issue on a Tor exit node in Austria:
Austrian police raid privacy network over child porn http://www.bbc.co.uk/news/technology-20554788
## Austrian police have seized servers that were part of a global anonymous browsing system, after images showing child sex abuse were found passing through them.
<...>
On 11/29/12 23:18 , Joakim Aronius wrote:
I am all for being anonymous on the net but I seriously believe that we still need to enforce the law when it comes to serious felonies like child pr0n, organized crime etc, we can't give them a free pass just by using Tor. I dont think it should be illegal to operate a Tor exit node but what just happened could be a consequence of doing it.
The seriousness of crimes that can be committed using anonymization services should not be diminished. That said the motive I had for running a tor exit when I did was that speech, and in particular political organization (dare we call it sedition) are in fact very serious crimes in many places. R.g. they can result in indefinite imprisonment, torture, judicial or extra-legal execution and so forth, I don't consider that unserious.. The internet is potentially quite a useful tool for getting your message out so long as using it isn't holding a gun to your own head. While we site here with the convenient idea of some legal arbitrage which allows me to do something which isn't illegal in my own domain to facilitate something that is quite illegal elsewhere, the fact of the matter is if you run a service like this you don't get to pick and choose.
Joel jaeggli wrote:
The internet is potentially quite a useful tool for getting your message out so long as using it isn't holding a gun to your own head. While we site here with the convenient idea of some legal arbitrage which allows me to do something which isn't illegal in my own domain to facilitate something that is quite illegal elsewhere, the fact of the matter is if you run a service like this you don't get to pick and choose.
In your opinion, would it make *any* kind of semse to engage in child pron AND run an exit node? Thanks, --Michael
On 2012-12-02 22:44, Michael Painter wrote:
Joel jaeggli wrote:
The internet is potentially quite a useful tool for getting your message out so long as using it isn't holding a gun to your own head. While we site here with the convenient idea of some legal arbitrage which allows me to do something which isn't illegal in my own domain to facilitate something that is quite illegal elsewhere, the fact of the matter is if you run a service like this you don't get to pick and choose.
In your opinion, would it make *any* kind of semse to engage in child pron AND run an exit node?
It makes a little. Last I checked (granted: years ago), a user can steer their traffic to a given exit node; by doing so, they could pick one that they know to have no internal scrutiny (i.e., by the person managing the exit node), while maintaining plausible deniability as to whether the traffic originating from that exit node was theirs, in the event of external scrutiny (as was the case here). I suspect running a middle node (not an exit, not an entrance) would provide a similar or greater degree of plausible deniability, albeit without the assurance of no internal scrutiny of the exit node. Jima
* Joel jaeggli (joelja@bogus.com) wrote:
On 11/29/12 23:18 , Joakim Aronius wrote:
I am all for being anonymous on the net but I seriously believe that we still need to enforce the law when it comes to serious felonies like child pr0n, organized crime etc, we can't give them a free pass just by using Tor. I dont think it should be illegal to operate a Tor exit node but what just happened could be a consequence of doing it.
The seriousness of crimes that can be committed using anonymization services should not be diminished. That said the motive I had for running a tor exit when I did was that speech, and in particular political organization (dare we call it sedition) are in fact very serious crimes in many places. R.g. they can result in indefinite imprisonment, torture, judicial or extra-legal execution and so forth, I don't consider that unserious..
The internet is potentially quite a useful tool for getting your message out so long as using it isn't holding a gun to your own head. While we site here with the convenient idea of some legal arbitrage which allows me to do something which isn't illegal in my own domain to facilitate something that is quite illegal elsewhere, the fact of the matter is if you run a service like this you don't get to pick and choose.
I agree. I was about to set up a tor node a few years ago but never got around to it. I send cash to orgs working for human rights in countries with oppressive regimes. I am all for providing anonymized access to help free speech. Perhaps its better with anon access to specific applications like twitter, fb etc and not general internet access. I suspect that the 'free speech' part of the total tor traffic volume is pretty small(?). Cheers, /Joakim
I suspect that the 'free speech' part of the total tor traffic volume is pretty small(?).
Something like tor doesn't work if it is all traffic that's "free speech" regarding the regime of whatever country the user lives in. If it were, it'd be just as sensible to set a DETAIN_AND_TORTURE_ME bit on your IP traffic instead. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Speaking of torture.. Can you imagine an email thread that lasted longer than an entire weekend? This email needs to be murdered, because it is completely out of control. In other words, the shit has been mercilessly beat out of this horse.
From my Galaxy Note II, please excuse any mistakes.
-------- Original message -------- From: Joe Greco <jgreco@ns.sol.net> Date: 12/03/2012 12:24 AM (GMT-08:00) To: Joakim Aronius <joakim@aronius.se> Cc: NANOG list <nanog@nanog.org> Subject: Re: William was raided for running a Tor exit node. Please help if
I suspect that the 'free speech' part of the total tor traffic volume is pretty small(?).
Something like tor doesn't work if it is all traffic that's "free speech" regarding the regime of whatever country the user lives in. If it were, it'd be just as sensible to set a DETAIN_AND_TORTURE_ME bit on your IP traffic instead. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
On Mon, Dec 03, 2012 at 08:49:24AM +0000, Warren Bailey wrote:
Can you imagine an email thread that lasted longer than an entire weekend?
Yes, I can. I've participated in some that went on for months. It's simply a matter of effectiveness and attention span.
This email needs to be murdered, because it is completely out of control.
I disagree, strongly, as this is an issue of unfortunate timely relevance to the community. However, if you, personally, grow tired of the discussion then of course you can use your email client to ignore all messages in the thread -- all superior mail clients make that a trivial exercise. (I recommend mutt, possibly supplemented by procmail. Both tools are suitable for professionals: stable, mature, portable, and extremely efficient.) ---rsk
The crime of routing somebody else traffic in the wrong iso layer. -- -- ℱin del ℳensaje.
On 12/03/2012 03:31 AM, Rich Kulawiec wrote:
On Mon, Dec 03, 2012 at 08:49:24AM +0000, Warren Bailey wrote:
Can you imagine an email thread that lasted longer than an entire weekend?
Yes, I can. I've participated in some that went on for months. It's simply a matter of effectiveness and attention span.
This email needs to be murdered, because it is completely out of control.
I disagree, strongly, as this is an issue of unfortunate timely relevance to the community.
+1 I strongly disagree as well. I am very interested to see how this case evolves in and out of court. Are Tor exit-node operators going to be given the same rights as ISP's who's networks are used for illegal purposes? I would hope so, but it doesn't seem like that has happened in this case, so I am very interested to hear how the situation pans out. It is extremely relevant to the Internet community and to free speech in general. Kind regards, Jordan Michaels Vivio Technologies
I seriously doubt many TOR exit nodes have the political clout to be considered a common carrier. In a related note, I wonder if the six-strike rule would violate the ISP's safe harbor, as it's clearly content inspection. Nick On Mon, Dec 3, 2012 at 2:44 PM, Jordan Michaels <jordan@viviotech.net>wrote:
On 12/03/2012 03:31 AM, Rich Kulawiec wrote:
On Mon, Dec 03, 2012 at 08:49:24AM +0000, Warren Bailey wrote:
Can you imagine an email thread that lasted longer than an entire weekend?
Yes, I can. I've participated in some that went on for months. It's simply a matter of effectiveness and attention span.
This email needs to be murdered, because it is completely out of control.
I disagree, strongly, as this is an issue of unfortunate timely relevance to the community.
+1 I strongly disagree as well. I am very interested to see how this case evolves in and out of court. Are Tor exit-node operators going to be given the same rights as ISP's who's networks are used for illegal purposes? I would hope so, but it doesn't seem like that has happened in this case, so I am very interested to hear how the situation pans out.
It is extremely relevant to the Internet community and to free speech in general.
Kind regards, Jordan Michaels Vivio Technologies
On 2012-12-04 11:51, Nick B wrote:
In a related note, I wonder if the six-strike rule would violate the ISP's safe harbor, as it's clearly content inspection.
As performed in France, what happens is that some copyright owner contacts the ISP that IP address a.b.c.d had accessed/served copyright infringing data at date/time dd-mm-yyyy HH:mm providing some kind of detail on how they figured that out. That report is a 'strike' and gets forwarded to the user. If that then happens 6 times they are blocked. The ISP as such does not do any content inspection. It is though assumed that some ISPs simply count bytes and that they do some investigation themselves when you reach a certain bandwidth threshold (it seems to correlate that copyright infringers are downloading a lot more than normal webbrowsing users...) Greets, Jeroen
We don't do content inspection. We don't really want to know what our customers are doing, and even if we did, there's not enough time in the day to spend paying attention. When we get complaints from the various copyright agencies, we warn the customer to stop. When we hit a certain number of complaints, its bye-bye customer. On Tue, Dec 4, 2012 at 11:04 AM, Jeroen Massar <jeroen@unfix.org> wrote:
On 2012-12-04 11:51, Nick B wrote:
In a related note, I wonder if the six-strike rule would violate the ISP's safe harbor, as it's clearly content inspection.
As performed in France, what happens is that some copyright owner contacts the ISP that IP address a.b.c.d had accessed/served copyright infringing data at date/time dd-mm-yyyy HH:mm providing some kind of detail on how they figured that out.
That report is a 'strike' and gets forwarded to the user.
If that then happens 6 times they are blocked.
The ISP as such does not do any content inspection.
It is though assumed that some ISPs simply count bytes and that they do some investigation themselves when you reach a certain bandwidth threshold (it seems to correlate that copyright infringers are downloading a lot more than normal webbrowsing users...)
Greets, Jeroen
ISOC-NY ran a half day conflab on 6 strikes (which incidentally - and for reasons that escape me - is a name the Copyright Alert System perpetrators wish would not be used) last November 15. A full archive is available at http://isoc-ny.org/p2/4527 On Tue, Dec 4, 2012 at 12:10 PM, Jason Baugher <jason@thebaughers.com>wrote:
We don't do content inspection. We don't really want to know what our customers are doing, and even if we did, there's not enough time in the day to spend paying attention. When we get complaints from the various copyright agencies, we warn the customer to stop. When we hit a certain number of complaints, its bye-bye customer.
On Tue, Dec 4, 2012 at 11:04 AM, Jeroen Massar <jeroen@unfix.org> wrote:
On 2012-12-04 11:51, Nick B wrote:
In a related note, I wonder if the six-strike rule would violate the ISP's safe harbor, as it's clearly content inspection.
As performed in France, what happens is that some copyright owner contacts the ISP that IP address a.b.c.d had accessed/served copyright infringing data at date/time dd-mm-yyyy HH:mm providing some kind of detail on how they figured that out.
That report is a 'strike' and gets forwarded to the user.
If that then happens 6 times they are blocked.
The ISP as such does not do any content inspection.
It is though assumed that some ISPs simply count bytes and that they do some investigation themselves when you reach a certain bandwidth threshold (it seems to correlate that copyright infringers are downloading a lot more than normal webbrowsing users...)
Greets, Jeroen
-- --------------------------------------------------------------- Joly MacFie 218 565 9365 Skype:punkcast WWWhatsup NYC - http://wwwhatsup.com http://pinstand.com - http://punkcast.com VP (Admin) - ISOC-NY - http://isoc-ny.org -------------------------------------------------------------- -
Marketing... They don't want to risk it getting caught in the current backlash against 3-strikes laws. Owen On Dec 4, 2012, at 11:13 , Joly MacFie <joly@punkcast.com> wrote:
ISOC-NY ran a half day conflab on 6 strikes (which incidentally - and for reasons that escape me - is a name the Copyright Alert System perpetrators wish would not be used) last November 15.
A full archive is available at http://isoc-ny.org/p2/4527
On Tue, Dec 4, 2012 at 12:10 PM, Jason Baugher <jason@thebaughers.com>wrote:
We don't do content inspection. We don't really want to know what our customers are doing, and even if we did, there's not enough time in the day to spend paying attention. When we get complaints from the various copyright agencies, we warn the customer to stop. When we hit a certain number of complaints, its bye-bye customer.
On Tue, Dec 4, 2012 at 11:04 AM, Jeroen Massar <jeroen@unfix.org> wrote:
On 2012-12-04 11:51, Nick B wrote:
In a related note, I wonder if the six-strike rule would violate the ISP's safe harbor, as it's clearly content inspection.
As performed in France, what happens is that some copyright owner contacts the ISP that IP address a.b.c.d had accessed/served copyright infringing data at date/time dd-mm-yyyy HH:mm providing some kind of detail on how they figured that out.
That report is a 'strike' and gets forwarded to the user.
If that then happens 6 times they are blocked.
The ISP as such does not do any content inspection.
It is though assumed that some ISPs simply count bytes and that they do some investigation themselves when you reach a certain bandwidth threshold (it seems to correlate that copyright infringers are downloading a lot more than normal webbrowsing users...)
Greets, Jeroen
-- --------------------------------------------------------------- Joly MacFie 218 565 9365 Skype:punkcast WWWhatsup NYC - http://wwwhatsup.com http://pinstand.com - http://punkcast.com VP (Admin) - ISOC-NY - http://isoc-ny.org -------------------------------------------------------------- -
On December 4, 2012 at 11:10 jason@thebaughers.com (Jason Baugher) wrote:
We don't do content inspection. We don't really want to know what our customers are doing, and even if we did, there's not enough time in the day to spend paying attention. When we get complaints from the various copyright agencies, we warn the customer to stop. When we hit a certain number of complaints, its bye-bye customer.
This is why there's a need for some sort of reasonable, organized response outlined in writing. In my experience law enforcement (and others) will try to shift whatever investigative tasks are convenient to them to anyone in the loop. Why not, it costs them nothing to have you running around all day and night doing investigative work for them. They will generally cite the seriousness of the underlying crime as (bottomless) justification for your contribution. The rational response is to sit down as a group within some framework and come to some agreement* with them as to what is a reasonable and sufficient response in these cases. Otherwise you're just the complaint desk at Macy's taking all comers and subject to whatever they can dream up to try to get you to solve their problems. * Agreement with LEOs is best, a unilateral document would at least open discussion one would hope and move towards that end. -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
We don't do content inspection. We don't really want to know what our customers are doing, and even if we did, there's not enough time in
If you are a facilities based broadband provider in the US you have to comply with CALEA. There is no "coming to some agreement", you have a legal obligation to comply. No more, and no less. You don't have to comply with requests from agencies other than law enforcement under CALEA but you may need to under other requirements such as DMCA. You should know what the minimum legal requirements are and if you don't want to do more than that, fine. However, you could get a court order telling you to do almost anything and it would be expensive and potentially put you in contempt not to comply with them. I am not a lawyer but dealt with these requirements for years on the job. Steven Naslund -----Original Message----- From: Barry Shein [mailto:bzs@world.std.com] Sent: Wednesday, December 05, 2012 11:22 AM To: nanog@nanog.org Subject: Re: Six Strike Rule (Was: William was raided...) On December 4, 2012 at 11:10 jason@thebaughers.com (Jason Baugher) wrote: the day > to spend paying attention. When we get complaints from the various > copyright agencies, we warn the customer to stop. When we hit a certain > number of complaints, its bye-bye customer. This is why there's a need for some sort of reasonable, organized response outlined in writing. In my experience law enforcement (and others) will try to shift whatever investigative tasks are convenient to them to anyone in the loop. Why not, it costs them nothing to have you running around all day and night doing investigative work for them. They will generally cite the seriousness of the underlying crime as (bottomless) justification for your contribution. The rational response is to sit down as a group within some framework and come to some agreement* with them as to what is a reasonable and sufficient response in these cases. Otherwise you're just the complaint desk at Macy's taking all comers and subject to whatever they can dream up to try to get you to solve their problems. * Agreement with LEOs is best, a unilateral document would at least open discussion one would hope and move towards that end. -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
On 12-12-03 14:44, Jordan Michaels wrote:
case evolves in and out of court. Are Tor exit-node operators going to be given the same rights as ISP's who's networks are used for illegal purposes?
Perhaps if "Tor exit node" were called "Tor exit Router", politicians/policemen would have a better understanding that this service provides no indexing of data, no storage of data and is just a networking service that is agnostic to whatever data flows through it. If they declare illegal any part of the internet which makes police investigations hard due to lack of traceability/logs then they can go after any NAT router, Tor exit nodes, VPN servers etc.
I know I'm going to get flamed and excoriated, but here goes.... <snip>
case evolves in and out of court. Are Tor exit-node operators going to be given the same rights as ISP's who's networks are used for illegal purposes? I would hope so, but it doesn't seem like that has happened in this case, so I am very interested to hear how the situation pans out.
This is a misleading statement. ISP's (Common carriers) do not provide a knowingly illegal offering, AND they do provide the PHYSICAL infrastructure for packets to be passed and interconnected to other PHYSICAL networks. TOR exit/entrance nodes provide only the former. The lack of providing a physical infrastructure is crucial. Also, most ISP's (US specifically) are required by Law (under subpoena) to provide details to law enforcement. I really hate this idea of privacy on the Internet. If you really think you have the "right" to use the public infrastructure (to whatever extent you want to label the Internet as such) and be completely anonymous, I have a bridge to sell you. Network operators may treat your packets to whatever level of scrutiny that they may find necessary to determine if they want to pass your packets, keeping in mind that good operators want the Internet to work. I'm waiting for the next hot "application" to use a widely known "bad" port and see what happens. :)
It is extremely relevant to the Internet community and to free speech in general.
I'm actually in agreement that law enforcement may have overstepped here if the only reason was the TOR exit point, but having a TOR exit point to me, seems to be condoning the actions/statements/packets used through the exit point. You are knowingly hiding information that your local government may require you to disclose. Short answer... don't use TOR. It's not a bad thing, but it's not a good thing either. - Brian
On Tue, 04 Dec 2012 17:32:01 +0000, Brian Johnson said:
This is a misleading statement. ISP's (Common carriers) do not provide a knowingly illegal offering, ... TOR exit/entrance nodes provide only the former.
This is also a misleading statement. Explain the difference between a consumer ISP selling you a cable Internet plan knowing that NN% of the traffic will be data with questionable copyright status, and 1 of of 5 or so will be a botted box doing other illegal stuff, and a TOR node providing transit knowing that NN% will be similarly questionable etc etc etc. In other words, if TOR exit nodes provide a "knowingly illegal offering", then Comcast is doing exactly the same thing... (Also, feel free to cite actual statute or case law that says TOR is by *definition* or finding of fact, a "knowingly illegal offering" in and of itself - distinct from what uses the user thereof may do with it. Absent that, it's not a "knowingly illegal offering" the same way that some sites have ended up in court for contributory copyright infringement.)
This is a misleading statement. ISP's (Common carriers) do not provide a knowingly
I'm trying to remember when ISP's became common carriers...
illegal offering, ... TOR exit/entrance nodes provide only the former.
This is also a misleading statement. Explain the difference between a consumer ISP selling you a cable Internet plan knowing that NN% of the traffic will be data with questionable copyright status, and 1 of of 5 or so will be a botted box doing other illegal stuff, and a TOR node providing transit knowing that NN% will be similarly questionable etc etc etc.
Great point. The question might also revolve around this issue, restored from the previous msg:
AND they do provide the PHYSICAL infrastructure for packets to be passed and interconnected to other PHYSICAL networks.
Well, an ISP does do that, but so does an end user's network. So if I put a Tor node on an ethernet ("PHYSICAL infrastructure") and then connect that to an ISP ("other PHYSICAL networks"), that doesn't make for a real good way to differentiate between an ISP, a commercial ISP customer who gets routed IP networks via BGP, or an end user who has an ethernet behind a NAT gateway. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
- Brian J.
-----Original Message----- From: Joe Greco [mailto:jgreco@ns.sol.net] Sent: Tuesday, December 04, 2012 1:58 PM To: Valdis.Kletnieks@vt.edu Cc: Brian Johnson; nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if
This is a misleading statement. ISP's (Common carriers) do not provide a knowingly
I'm trying to remember when ISP's became common carriers...
Not all ISPs are. I was referring to those of us who are both Common Carriers and ISPs. The Common Carrier status will override.
illegal offering, ... TOR exit/entrance nodes provide only the former.
This is also a misleading statement. Explain the difference between a consumer ISP selling you a cable Internet plan knowing that NN% of the traffic will be data with questionable copyright status, and 1 of of 5 or so will be a botted box doing other illegal stuff, and a TOR node providing transit knowing that NN% will be similarly questionable etc etc etc.
Great point.
The question might also revolve around this issue, restored from the previous msg:
AND they do provide the PHYSICAL infrastructure for packets to be passed and interconnected to other PHYSICAL networks.
Well, an ISP does do that, but so does an end user's network. So if I put a Tor node on an ethernet ("PHYSICAL infrastructure") and then connect that to an ISP ("other PHYSICAL networks"), that doesn't make for a real good way to differentiate between an ISP, a commercial ISP customer who gets routed IP networks via BGP, or an end user who has an ethernet behind a NAT gateway.
I was speaking of TOR as a service. The service is not provided inherent of the infrastructure to pass packets. It's more similar to a tunneling protocol service. The person hosting the endpoint on their infrastructure would be the service point and they are the ones acting as protector and as such should take on the responsibility as such. I can feel lawyers rubbing their hands together as I type. - Brian
Well, an ISP does do that, but so does an end user's network. So if I put a Tor node on an ethernet ("PHYSICAL infrastructure") and then connect that to an ISP ("other PHYSICAL networks"), that doesn't make for a real good way to differentiate between an ISP, a commercial ISP customer who gets routed IP networks via BGP, or an end user who has an ethernet behind a NAT gateway.
I was speaking of TOR as a service. The service is not provided inherent of= the infrastructure to pass packets. It's more similar to a tunneling proto= col service.
So if we can choose convenient definitions for the sake of discussing the issue, this is a pointless discussion, because you'll use your preferred definitions and I'll use mine, and we'll both be right by that logic. Tunnels and VPN's are a fact of life on the modern internet, though. Those could be considered services. Or they could be considered part of the infrastructure.
From my point of view, they're just a way to attach to the Internet in order to gain specific characteristics (a secure pathway, or IPv6, or whatever). When you look at it like that, Tor looks suspiciously similar to that, in that it's just a way to attach to the Internet in order to gain anonymity - a characteristic. The traffic flows through a Tor node in much the same way as traffic flows through a NAT gateway, being modified a bit in the process.
The person hosting the endpoint on their infrastructure would be the servic= e point and they are the ones acting as protector and as such should take o= n the responsibility as such. I can feel lawyers rubbing their hands togeth= er as I type.
You could say the same thing about Internet Service Providers. But ISP's have cried foul at that for years, and even got significant protections embodied in law. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
<SNIP HEADERS>
This is a misleading statement. ISP's (Common carriers) do not provide a knowingly illegal offering, ... TOR exit/entrance nodes provide only the former.
This is also a misleading statement. Explain the difference between a consumer ISP selling you a cable Internet plan knowing that NN% of the traffic will be data with questionable copyright status, and 1 of of 5 or so will be a botted box doing other illegal stuff, and a TOR node providing transit knowing that NN% will be similarly questionable etc etc etc.
You actually are saying what I said, just you misunderstand your own point. You clipped my entire statement to make it appear to say something else. A TOR node, in and of itself, is not infrastructure for passing packets. It's a service on the infrastructure. I never implied that the traffic through/from the ISP or the TOR was more or less legal than the other.
In other words, if TOR exit nodes provide a "knowingly illegal offering", then Comcast is doing exactly the same thing...
No they are not. See previous. <SNIP ongoing blathering> - Brian
I think it is a fallacious debate to discuss whether Tor servers or services are illegal or legal. Like any other tool, it is all about intent. I know that as engineering types we tend to not like relativism but the law is very much about that. Intent is ultimately very critical to obtaining a criminal conviction. Every day someone does something that might otherwise be considered a crime but because of intent is innocent. For example, ****I shoot a bear out of season, this is a crime right? What if I told you the bear was attacking a four year old little girl, does that change your mind? ****It is not a crime to send an encoded letter. It is a crime to send an encoded letter that communicates an impending attack on someone. ****It is not a crime to make a phone call. It is a crime to make a telephonic bomb threat. ****A gun is not a crime. Shooting someone is a crime (mostly). ****An ISP selling internet service that most people use for legal purposes is not doing anything illegal when someone uses it to illegally share music because they did not intend to commit a crime. ****If you build a server solely for hosting copyrighted software for illegal distribution, you are a criminal. If someone hacks your FTP server and hides a piece of copyrighted software there for illegal distribution you are probably not a criminal as long as you take some action to prevent the crime once you are aware of it. Steven Naslund -----Original Message----- From: Brian Johnson [mailto:bjohnson@drtel.com] Sent: Tuesday, December 04, 2012 3:26 PM To: Valdis.Kletnieks@vt.edu; nanog@nanog.org Cc: nanog@nanog.org Subject: RE: William was raided for running a Tor exit node. Please help if <SNIP HEADERS>
This is a misleading statement. ISP's (Common carriers) do not provide a knowingly illegal offering, ... TOR exit/entrance nodes provide only the
former.
This is also a misleading statement. Explain the difference between a
consumer ISP selling you a cable Internet plan knowing that NN% of the
traffic will be data with questionable copyright status, and 1 of of 5 or so will be a botted box doing other illegal stuff, and a TOR node providing transit knowing that NN% will be similarly questionable etc etc etc.
You actually are saying what I said, just you misunderstand your own point. You clipped my entire statement to make it appear to say something else. A TOR node, in and of itself, is not infrastructure for passing packets. It's a service on the infrastructure. I never implied that the traffic through/from the ISP or the TOR was more or less legal than the other.
In other words, if TOR exit nodes provide a "knowingly illegal offering", then Comcast is doing exactly the same thing...
No they are not. See previous. <SNIP ongoing blathering> - Brian
A TOR node, in and of itself, is not infrastructure for passing packets. It's a service on the infrastructure.
Technically you are right. But then: what is the difference to ISPs? They offer routing- and DNS- and mail- and other services on various infrastructure. jutta
On 12/5/12, Jutta Zalud <ju@netzwerklabor.at> wrote:
Technically you are right. But then: what is the difference to ISPs? They offer routing- and DNS- and mail- and other services on various infrastructure.
ISPs typically have a customer. They know their customer, they retain sufficient information to identify their customer, such as name, billing address, physical location, telephone number, and have a signed agreement to provide the service. They collect consideration from their customer; usually in the form of cash. The customer of an ISP is normally expected to adhere to some sort of AUP or TOU, providing terms of their use of the service. Typically including some provisions, such as 'customer is responsible for activities that are performed while dialed into their account', 'no illegal activities', ' no sending spam', conducting other network abuses. For consumer ISPs, sometimes activities such as running internet servers, reselling, or providing ISP access to 3rd parties, might be restricted (restrictions incompatible with running a TOR exit node on that service). An end user operating a TOR exit node, or wide open Wireless AP, intentionally allows other people to connect to their infrastructure and the internet whom they have no relationship with or prior dealings with, in spite of the possibility of network abuse or illegal activities, they choose to allow connectivity without first gathering information required to hold the 3rd party responsible for their activity. An intentional "anonymizer" which is in contrast to what an ISP does. The operator of an ordinary anonymizer service is subject to the possibility of court-ordered intercept upon future use. If the operator of the Tor node believes that criminal intent is the most likely use of the TOR exit node. the degree of intentional ignorance might be considered so severe, that it becomes a situation in which they are considered culpable. E.g. the Tor exit node operator might possibly be considered an accessory, to the activity occuring on their node, that they are harboring / allowing to occur anonymously. Not to say whether Tor node operators are possibly guilty of anything or not. But they are definitely different from ISPs in a number of important ways. Any similarity between Open AP/Tor Exit node operator and ISP are highly superficial.
jutta -- -JH
On Dec 5, 2012, at 12:38 AM, Jimmy Hess <mysidia@gmail.com> wrote:
On 12/5/12, Jutta Zalud <ju@netzwerklabor.at> wrote:
Technically you are right. But then: what is the difference to ISPs? They offer routing- and DNS- and mail- and other services on various infrastructure.
ISPs typically have a customer. They know their customer, they retain sufficient information to identify their customer, such as name, billing address, physical location, telephone number, and have a signed agreement to provide the service. They collect consideration from their customer; usually in the form of cash.
What if it's a free open wireless ISP where all you have to do is click an assent to a basic TOS agreement? What if it's a free open wireless ISP (such as any Apple store) where all you have to do is get within range and connect? No contract or click-thru at all?
The customer of an ISP is normally expected to adhere to some sort of AUP or TOU, providing terms of their use of the service. Typically including some provisions, such as 'customer is responsible for activities that are performed while dialed into their account', 'no illegal activities', ' no sending spam', conducting other network abuses.
In many cases, but not all. However I do have to wonder what makes you think a civil contract would be a deterrent to someone willing to commit a criminal act?
For consumer ISPs, sometimes activities such as running internet servers, reselling, or providing ISP access to 3rd parties, might be restricted (restrictions incompatible with running a TOR exit node on that service).
But such restrictions are not all that common and aren't particularly relevant to this discussion.
An end user operating a TOR exit node, or wide open Wireless AP, intentionally allows other people to connect to their infrastructure and the internet whom they have no relationship with or prior dealings with, in spite of the possibility of network abuse or illegal activities, they choose to allow connectivity without first gathering information required to hold the 3rd party responsible for their activity.
I find it amusing that you feel the need to continuously repeat "an end user operating a TOR exit node." Is there some reason that it makes a difference whether the entity operating the TOR exit node or open Wireless AP is an end user or an ISP? Of course, I would argue that operating an open Wireless AP or a TOR node makes you a form of ISP whether you recognize the fact or not.
An intentional "anonymizer" which is in contrast to what an ISP does. The operator of an ordinary anonymizer service is subject to the possibility of court-ordered intercept upon future use.
So is the operator of a TOR node. The primary difference being that TOR is specifically engineered to make such an intercept virtually useless. So it seems your real criticism here is simply that TOR is a more effective anonymizer.
If the operator of the Tor node believes that criminal intent is the most likely use of the TOR exit node. the degree of intentional ignorance might be considered so severe, that it becomes a situation in which they are considered culpable.
This assumes a whole lot of facts not in evidence. If I were to put up a TOR exit node, I would assume that the most likely intent would be free speech which is not illegal in my jurisdiction. I don't consider that I am responsible for the myriad jurisdictions that may exist at the entry and/or transit points prior to reaching said exit node. Do you have any data to support your conclusion that criminal intent is the most likely use of TOR exit nodes?
E.g. the Tor exit node operator might possibly be considered an accessory, to the activity occuring on their node, that they are harboring / allowing to occur anonymously.
Very hard to prove that intent beyond a reasonable doubt in my opinion.
Not to say whether Tor node operators are possibly guilty of anything or not. But they are definitely different from ISPs in a number of important ways.
You have yet to show one yet. You've shown how they're different from some ISPs, but there are many ISPs operating today which don't fit your model of what constitutes an ISP, so I remain unconvinced. I'm further unconvinced that your proposed distinctions are actually meaningful from a legal perspective. Perhaps the lawyer that chimed in earlier will come back and address this question.
Any similarity between Open AP/Tor Exit node operator and ISP are highly superficial.
I guess this depends almost entirely on what properties it is that you believe define an ISP. Given the number of ISPs that don't have customers, don't collect data on their customers, and operate free open public access networks, I don't think that the properties you suggest above can be used in said definition. As I said, given that Apple Computer operates such networks quite intentionally in all of their stores as well as within range of the Apple campus in Cupertino, I think you'd be hard pressed to claim that these are strictly some small fringe exceptions. To me, an ISP is defined by the fact that they provide packet forwarding service(s) to some group of external parties. By that definition, I cannot make any legitimate claim that any of the following are not ISPs: TOR Exit nodes Tunnel Brokers 6to4 gateways/servers Teredo gateways/servers Access networks Datacenters Universities (in most cases) etc. So… You claim that those similarities are superficial…What are the deeply meaningful differences that apply across the board to all ISPs? Owen
Does it matter if an anomysing service advertises itself as allowing free speech to users in countries where free speech is censored, compared to a service that advertises itself as catering to the mafias of the world, ensuring their crimes are untraceable ? In the later case, it makes it very easy to think of the sercice operator as an accomplice to crime. But if the primary purpose of a service is legitimate, should the service operator be held liable if there is *some* misuse which cannot be prevented by the service operator ? In my opinion, the operator should remain immune until the police shows up with a warrant and the operator refuses to cooperate. Tor exit nodes are not that different from payphones or disposable pre-paid cellular service where the wireless operator has no verifiable identity/address for the purchasor of the service. Are phone companies held liable because the mafia uses a payphone to plan their crimes knowing that they can't trace calls to an individual ?
An end user operating a TOR exit node, or wide open Wireless AP, intentionally allows other people to connect to their infrastructure and the internet whom they have no relationship with or prior dealings with, in spite of the possibility of network abuse or illegal activities, they choose to allow connectivity without first gathering information required to hold the 3rd party responsible for their activity.
Oh please. I don't know where you've been hiding out for the last half a decade or so, but around here, every McDonalds, Starbucks, Sam's Club, Home Depot, Lowe's, and most libraries, hotels, hospitals, and laundromats offer WiFi, and those are just the ones I can readily think of. The level of wishful-thinking implied by the quoted text about how the Internet works is mind-boggling. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
On 12/5/2012 8:35 AM, Joe Greco wrote:
An end user operating a TOR exit node, or wide open Wireless AP, intentionally allows other people to connect to their infrastructure and the internet whom they have no relationship with or prior dealings with, in spite of the possibility of network abuse or illegal activities, they choose to allow connectivity without first gathering information required to hold the 3rd party responsible for their activity. Oh please. I don't know where you've been hiding out for the last half a decade or so, but around here, every McDonalds, Starbucks, Sam's Club, Home Depot, Lowe's, and most libraries, hotels, hospitals, and laundromats offer WiFi, and those are just the ones I can readily think of.
The level of wishful-thinking implied by the quoted text about how the Internet works is mind-boggling.
... JG
Yes, but THAT free WiFi is offered by responsible businesses. We certainly can't trust lowly citizens with such things. It would be chaos! The sky would fall, the world would end, and puppies would be kicked. No, such power should only be in the hands of those we trust. - Pete
Here is something else to consider : Why will just about any ISP shut down a customer with an open mail relay? It allows anonymous access to anyone trying to send an email, right. So why would this not be considered just as "free speech" as the Tor server. The reason I believe is because we as an industry decided that spam was a "bad thing" before it even became illegal. In the case of Tor, it largely enables anonymous transfer of data (like copyrighted bit torrent traffic) including some content that is blatently illegal to even possess. As a community we have been a lot less decisive about that subject. Before we chastise the legal process being used by the government just consider everything we do as service providers under the guise of "acceptable use" which has just about no basis in the law. Most "acceptable use" violations are basically doing stuff we don't like. As far as the Internet just being a tool, I agree but there are and always have been laws to govern the use of tools whether we are talking about telephones, guns, postal system, or any other tool. Conducting the alleged business over the telephone would be a crime just as sending it through the postal system. If you were encrypting voice calls for the sole purpose of avoiding a legal wiretap I think the law might have a problem with that. If you were to provide that service to someone like a kidnapper or the mafia, I bet you are going to have some tough questions thrown at you. As I see it, here are the possible reasons this individual set up this Tor network : 1. This man is truly the saint of the Internet privacy community and he spent his own hard earned money to set up a bunch of off shore Tor servers for the benefit of mankind. Why he needs exit nodes in the United States and Poland I am not sure about. Is the German government cracking down a lot on dissident traffic coming out of servers in his own country? He must not be able to pay his own legal expenses because he is too busy building servers for the good of humanity. 2. This guy was using Tor for whatever personal reasons. Could be that there were not enough exit nodes to get the kind of performance he wanted. Maybe he was downloading / uploading various content, legal or illegal and was serious enough about it that he set up exit nodes in multiple countries. That might explain the ton of storage he had at his residence. Maybe he has a big recipe collection, pirated movie collection, or unspeakable content the police are looking at now. The content will say if he is innocent or guilty. Maybe he was using it for one thing and others were using it for something else. In that case, my thoughts are if you swim with sharks you might get bit. 3. Maybe this guy was running a Tor network as a paid service for others not wanting to get caught doing whatever they were doing. Could be a lucrative business for an enterprising system admin I suppose. You would not want to set up these servers at your own workplace right, and maybe you have customers in multiple countries. Who might want a covert communications network? Drug cartels, media pirates, intelligence agencies, terrorists, illegal child porn producers, whoever does not want to get caught communicating. Maybe even downtrodden dissidents but they likely don't have a lot of money. He is going to need your money to defend himself because the government will gets suspicious if he shows up with another safe deposit box of cash and his customer certainly can't be contacted to help. I see these possible outcomes : 1. The guy has nothing on his home computers or the Tor server that point to a crime and he gets his stuff back. Inconvenient no doubt but he won't need that legal defense fund. 2. Maybe this guy is as serious about his home gear as his network privacy. Maybe everything at home is deep encrypted. Unlikely it will be secure enough but maybe the government has its suspicions but cannot make the case and they drop it. 2. The guy has tons of illegal content on his home storage stuff and gets nailed for it. That legal defense fund is going to be paying the SPA, RIAA, or whoever else is going to sue him. If it what the police allege then he is going away for quite awhile. 3. The guy is innocent but gets found guilty because "the man" just does not like Tor. Your legal defense fund probably won't help much because if "the man" wants him locked up with no evidence then your defense probably won't help a lot. You will be better off selling "Free Mother Tor-esa" T-shirt to try to get him sprung. I might be a cynic but I am just not thinking it is #1 on these lists. Steven Naslund -----Original Message----- From: Valdis.Kletnieks@vt.edu [mailto:Valdis.Kletnieks@vt.edu] Sent: Tuesday, December 04, 2012 1:36 PM To: Brian Johnson Cc: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if On Tue, 04 Dec 2012 17:32:01 +0000, Brian Johnson said:
This is a misleading statement. ISP's (Common carriers) do not provide
a knowingly illegal offering, ... TOR exit/entrance nodes provide only the former.
This is also a misleading statement. Explain the difference between a consumer ISP selling you a cable Internet plan knowing that NN% of the traffic will be data with questionable copyright status, and 1 of of 5 or so will be a botted box doing other illegal stuff, and a TOR node providing transit knowing that NN% will be similarly questionable etc etc etc. In other words, if TOR exit nodes provide a "knowingly illegal offering", then Comcast is doing exactly the same thing... (Also, feel free to cite actual statute or case law that says TOR is by *definition* or finding of fact, a "knowingly illegal offering" in and of itself - distinct from what uses the user thereof may do with it. Absent that, it's not a "knowingly illegal offering" the same way that some sites have ended up in court for contributory copyright infringement.)
+1 - Brian J.
-----Original Message----- From: Naslund, Steve [mailto:SNaslund@medline.com] Sent: Tuesday, December 04, 2012 3:44 PM To: nanog@nanog.org Subject: RE: William was raided for running a Tor exit node. Please help if
Here is something else to consider :
Why will just about any ISP shut down a customer with an open mail relay? It allows anonymous access to anyone trying to send an email, right. So why would this not be considered just as "free speech" as the Tor server. The reason I believe is because we as an industry decided that spam was a "bad thing" before it even became illegal. In the case of Tor, it largely enables anonymous transfer of data (like copyrighted bit torrent traffic) including some content that is blatently illegal to even possess. As a community we have been a lot less decisive about that subject.
Before we chastise the legal process being used by the government just consider everything we do as service providers under the guise of "acceptable use" which has just about no basis in the law. Most "acceptable use" violations are basically doing stuff we don't like.
As far as the Internet just being a tool, I agree but there are and always have been laws to govern the use of tools whether we are talking about telephones, guns, postal system, or any other tool. Conducting the alleged business over the telephone would be a crime just as sending it through the postal system. If you were encrypting voice calls for the sole purpose of avoiding a legal wiretap I think the law might have a problem with that. If you were to provide that service to someone like a kidnapper or the mafia, I bet you are going to have some tough questions thrown at you.
As I see it, here are the possible reasons this individual set up this Tor network :
1. This man is truly the saint of the Internet privacy community and he spent his own hard earned money to set up a bunch of off shore Tor servers for the benefit of mankind. Why he needs exit nodes in the United States and Poland I am not sure about. Is the German government cracking down a lot on dissident traffic coming out of servers in his own country? He must not be able to pay his own legal expenses because he is too busy building servers for the good of humanity.
2. This guy was using Tor for whatever personal reasons. Could be that there were not enough exit nodes to get the kind of performance he wanted. Maybe he was downloading / uploading various content, legal or illegal and was serious enough about it that he set up exit nodes in multiple countries. That might explain the ton of storage he had at his residence. Maybe he has a big recipe collection, pirated movie collection, or unspeakable content the police are looking at now. The content will say if he is innocent or guilty. Maybe he was using it for one thing and others were using it for something else. In that case, my thoughts are if you swim with sharks you might get bit.
3. Maybe this guy was running a Tor network as a paid service for others not wanting to get caught doing whatever they were doing. Could be a lucrative business for an enterprising system admin I suppose. You would not want to set up these servers at your own workplace right, and maybe you have customers in multiple countries. Who might want a covert communications network? Drug cartels, media pirates, intelligence agencies, terrorists, illegal child porn producers, whoever does not want to get caught communicating. Maybe even downtrodden dissidents but they likely don't have a lot of money. He is going to need your money to defend himself because the government will gets suspicious if he shows up with another safe deposit box of cash and his customer certainly can't be contacted to help.
I see these possible outcomes :
1. The guy has nothing on his home computers or the Tor server that point to a crime and he gets his stuff back. Inconvenient no doubt but he won't need that legal defense fund.
2. Maybe this guy is as serious about his home gear as his network privacy. Maybe everything at home is deep encrypted. Unlikely it will be secure enough but maybe the government has its suspicions but cannot make the case and they drop it.
2. The guy has tons of illegal content on his home storage stuff and gets nailed for it. That legal defense fund is going to be paying the SPA, RIAA, or whoever else is going to sue him. If it what the police allege then he is going away for quite awhile.
3. The guy is innocent but gets found guilty because "the man" just does not like Tor. Your legal defense fund probably won't help much because if "the man" wants him locked up with no evidence then your defense probably won't help a lot. You will be better off selling "Free Mother Tor-esa" T-shirt to try to get him sprung.
I might be a cynic but I am just not thinking it is #1 on these lists.
Steven Naslund
-----Original Message----- From: Valdis.Kletnieks@vt.edu [mailto:Valdis.Kletnieks@vt.edu] Sent: Tuesday, December 04, 2012 1:36 PM To: Brian Johnson Cc: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if
On Tue, 04 Dec 2012 17:32:01 +0000, Brian Johnson said:
This is a misleading statement. ISP's (Common carriers) do not provide
a knowingly illegal offering, ... TOR exit/entrance nodes provide only the former.
This is also a misleading statement. Explain the difference between a consumer ISP selling you a cable Internet plan knowing that NN% of the traffic will be data with questionable copyright status, and 1 of of 5 or so will be a botted box doing other illegal stuff, and a TOR node providing transit knowing that NN% will be similarly questionable etc etc etc.
In other words, if TOR exit nodes provide a "knowingly illegal offering", then Comcast is doing exactly the same thing...
(Also, feel free to cite actual statute or case law that says TOR is by *definition* or finding of fact, a "knowingly illegal offering" in and of itself - distinct from what uses the user thereof may do with it. Absent that, it's not a "knowingly illegal offering" the same way that some sites have ended up in court for contributory copyright infringement.)
In countries where the law does not dictate that all carriers maintain extensive logs, this is fairly simple. Whether you are a Tor node or a normal ISP, you do nothig until you get a court ordered warrant, at which point you collect information passing through your network and hand it over to authorities. So the "Tor" service remain anonymous until the police suspect illegal data passing through it, at which point they snoop what passes through and work they way up to find the true origin of the data. In countries where log files must be created and retained by law, this is less simple. Is a Tor node covered by the law ? If so, then it is non compliant of it fails to colect the law mandated logs. If the Tor node is not covered by the law, then law enforcment cannot complain if there are no logs to analyse.
On Dec 4, 2012, at 09:32 , Brian Johnson <bjohnson@drtel.com> wrote:
I know I'm going to get flamed and excoriated, but here goes....
<snip>
case evolves in and out of court. Are Tor exit-node operators going to be given the same rights as ISP's who's networks are used for illegal purposes? I would hope so, but it doesn't seem like that has happened in this case, so I am very interested to hear how the situation pans out.
This is a misleading statement. ISP's (Common carriers) do not provide a knowingly illegal offering, AND they do provide the PHYSICAL infrastructure for packets to be passed and interconnected to other PHYSICAL networks. TOR exit/entrance nodes provide only the former. The lack of providing a physical infrastructure is crucial. Also, most ISP's (US specifically) are required by Law (under subpoena) to provide details to law enforcement.
I strongly disagree with you. TOR exit nodes provide a vital physical infrastructure to free speech advocates who live in jurisdictions where strong forces are aligned against free speech. I'm sure most TOR exit node operators would happily provide all the details they have if presented with an appropriate subpoena.
I really hate this idea of privacy on the Internet. If you really think you have the "right" to use the public infrastructure (to whatever extent you want to label the Internet as such) and be completely anonymous, I have a bridge to sell you. Network operators may treat your packets to whatever level of scrutiny that they may find necessary to determine if they want to pass your packets, keeping in mind that good operators want the Internet to work.
I really cherish this idea of privacy on the internet. It's a strong tool for enabling democracy and freedom of speech. First, the internet hasn't been "public infrastructure" for a very long time. It's a loose collection of privately owned networks with very few pieces still owned by government institutions. I don't think anyone has asserted a "right" to use that infrastructure, but, I certainly value that there are people who choose to provide it. I think society benefits from having such infrastructure available. I like free speech. I like that there are people making free speech possible in places where it is strongly discouraged. While I think it is a shame that child pornographers and other nefarious users are able to abuse this infrastructure to the detriment of society, the reality is that it is like any other tool. It has beneficial uses and harmful uses. Going after the tool is counterproductive and harmful.
I'm waiting for the next hot "application" to use a widely known "bad" port and see what happens. :)
What's a "bad" port? 80? 443? 25? 587? Most of the malware these days uses one or more of those.
It is extremely relevant to the Internet community and to free speech in general.
I'm actually in agreement that law enforcement may have overstepped here if the only reason was the TOR exit point, but having a TOR exit point to me, seems to be condoning the actions/statements/packets used through the exit point. You are knowingly hiding information that your local government may require you to disclose.
Having a TOR exit point is making an effort to provide a service. It doesn't condone the nefarious uses of the service any more than running an ISP condones running a warez site that happens to get transit services from said ISP. Running a TOR exit node isn't hiding any information. It's simply not collecting the information in the first place. You can't hide information you never had.
Short answer... don't use TOR. It's not a bad thing, but it's not a good thing either.
I strongly disagree. TOR is a tool. It's a very good thing in its ability to enable democratization of communications and freedom of speech. It also has some nefarious uses. Guess what... So do hammers. I don't see anyone calling for a ban on the sale of hammers or encouraging carpenters to stop using them. Owen
-----Original Message----- From: Owen DeLong [mailto:owen@delong.com] Sent: Tuesday, December 04, 2012 2:22 PM To: Brian Johnson Cc: Jordan Michaels; nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if
On Dec 4, 2012, at 09:32 , Brian Johnson <bjohnson@drtel.com> wrote:
I know I'm going to get flamed and excoriated, but here goes....
<snip>
case evolves in and out of court. Are Tor exit-node operators going to be given the same rights as ISP's who's networks are used for illegal purposes? I would hope so, but it doesn't seem like that has happened in this case, so I am very interested to hear how the situation pans out.
This is a misleading statement. ISP's (Common carriers) do not provide a knowingly illegal offering, AND they do provide the PHYSICAL infrastructure for packets to be passed and interconnected to other PHYSICAL networks. TOR exit/entrance nodes provide only the former. The lack of providing a physical infrastructure is crucial. Also, most ISP's (US specifically) are required by Law (under subpoena) to provide details to law enforcement.
I strongly disagree with you.
TOR exit nodes provide a vital physical infrastructure to free speech advocates who live in jurisdictions where strong forces are aligned against free speech. I'm sure most TOR exit node operators would happily provide all the details they have if presented with an appropriate subpoena.
TOR is not vital. It is political. I view this not as an issue of morals or political action. It is an issue of a technical nature. A TOR is a way to hide who you are. If I am hiding who you are from someone else and there is a law broken, who do you go after?
I really hate this idea of privacy on the Internet. If you really think you have the "right" to use the public infrastructure (to whatever extent you want to label the Internet as such) and be completely anonymous, I have a bridge to sell you. Network operators may treat your packets to whatever level of scrutiny that they may find necessary to determine if they want to pass your packets, keeping in mind that good operators want the Internet to work.
I really cherish this idea of privacy on the internet. It's a strong tool for enabling democracy and freedom of speech.
First, the internet hasn't been "public infrastructure" for a very long time. It's a loose collection of privately owned networks with very few pieces still owned by government institutions. I don't think anyone has asserted a "right" to use that infrastructure, but, I certainly value that there are people who choose to provide it. I think society benefits from having such infrastructure available.
I like free speech. I like that there are people making free speech possible in places where it is strongly discouraged. While I think it is a shame that child pornographers and other nefarious users are able to abuse this infrastructure to the detriment of society, the reality is that it is like any other tool. It has beneficial uses and harmful uses. Going after the tool is counterproductive and harmful.
This is ridiculous. Owen you damn well know that if you send packets from a source, that source can be tracked back. Add a subpoena, privacy hereby destroyed. Other countries are generally less protective of the citizen than the US and as such... what was your argument again. Oh yeah. I'll be hiding behind my packets. ;P
I'm waiting for the next hot "application" to use a widely known "bad" port and see what happens. :)
What's a "bad" port? 80? 443? 25? 587? Most of the malware these days uses one or more of those.
Point given. I got off topic here.
It is extremely relevant to the Internet community and to free speech in general.
I'm actually in agreement that law enforcement may have overstepped
here if the only reason was the TOR exit point, but having a TOR exit point to me, seems to be condoning the actions/statements/packets used through the exit point. You are knowingly hiding information that your local government may require you to disclose.
Having a TOR exit point is making an effort to provide a service. It doesn't condone the nefarious uses of the service any more than running an ISP condones running a warez site that happens to get transit services from said ISP.
Running a TOR exit node isn't hiding any information. It's simply not collecting the information in the first place. You can't hide information you never had.
And supplying the Sudafed to the kiddies to use for runny noses is not condoning use for crystal meth.
Short answer... don't use TOR. It's not a bad thing, but it's not a good thing
either.
I strongly disagree. TOR is a tool. It's a very good thing in its ability to enable democratization of communications and freedom of speech. It also has some nefarious uses. Guess what... So do hammers. I don't see anyone calling for a ban on the sale of hammers or encouraging carpenters to stop using them.
Once again, this is a political reason not a technical reason. I'm sorry for your political situation. - Brian
On Dec 4, 2012, at 1:36 PM, Brian Johnson <bjohnson@drtel.com> wrote:
-----Original Message----- From: Owen DeLong [mailto:owen@delong.com] Sent: Tuesday, December 04, 2012 2:22 PM To: Brian Johnson Cc: Jordan Michaels; nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if
On Dec 4, 2012, at 09:32 , Brian Johnson <bjohnson@drtel.com> wrote:
I know I'm going to get flamed and excoriated, but here goes....
<snip>
case evolves in and out of court. Are Tor exit-node operators going to be given the same rights as ISP's who's networks are used for illegal purposes? I would hope so, but it doesn't seem like that has happened in this case, so I am very interested to hear how the situation pans out.
This is a misleading statement. ISP's (Common carriers) do not provide a knowingly illegal offering, AND they do provide the PHYSICAL infrastructure for packets to be passed and interconnected to other PHYSICAL networks. TOR exit/entrance nodes provide only the former. The lack of providing a physical infrastructure is crucial. Also, most ISP's (US specifically) are required by Law (under subpoena) to provide details to law enforcement.
I strongly disagree with you.
TOR exit nodes provide a vital physical infrastructure to free speech advocates who live in jurisdictions where strong forces are aligned against free speech. I'm sure most TOR exit node operators would happily provide all the details they have if presented with an appropriate subpoena.
TOR is not vital. It is political. I view this not as an issue of morals or political action. It is an issue of a technical nature. A TOR is a way to hide who you are. If I am hiding who you are from someone else and there is a law broken, who do you go after?
Merely because something is political does not exclude it from being vital. There are opportunities for free speech which would be diminished or eliminated if TOR were eliminated. As such, yes, it is, in fact a vital political tool. It was a technical issue until people started having their civil rights potentially infringed. At that point, it became political and moral also. If you are hiding who I am from someone else and I am breaking a law, I presume they would come to you asking (or even demanding) what you know about my identity. However, that's not what a TOR exit node does. The TOR exit node operator isn't hiding the identity of the sender. You can't hide what you never knew.
I really hate this idea of privacy on the Internet. If you really think you have the "right" to use the public infrastructure (to whatever extent you want to label the Internet as such) and be completely anonymous, I have a bridge to sell you. Network operators may treat your packets to whatever level of scrutiny that they may find necessary to determine if they want to pass your packets, keeping in mind that good operators want the Internet to work.
I really cherish this idea of privacy on the internet. It's a strong tool for enabling democracy and freedom of speech.
First, the internet hasn't been "public infrastructure" for a very long time. It's a loose collection of privately owned networks with very few pieces still owned by government institutions. I don't think anyone has asserted a "right" to use that infrastructure, but, I certainly value that there are people who choose to provide it. I think society benefits from having such infrastructure available.
I like free speech. I like that there are people making free speech possible in places where it is strongly discouraged. While I think it is a shame that child pornographers and other nefarious users are able to abuse this infrastructure to the detriment of society, the reality is that it is like any other tool. It has beneficial uses and harmful uses. Going after the tool is counterproductive and harmful.
This is ridiculous. Owen you damn well know that if you send packets from a source, that source can be tracked back. Add a subpoena, privacy hereby destroyed. Other countries are generally less protective of the citizen than the US and as such... what was your argument again. Oh yeah. I'll be hiding behind my packets. ;P
If you send packets from a source, they can be tracked back in some cases. However, if you send your packets to someone nearby, anyone outside of that path probably can't easily track them back. If they then rewrite the packets and forward them to another who repeats that process and this process is repeated a few times, then if the person attempting to do the track-back isn't aware of the packets until the very far end, it can, in fact, be virtually impossible to track them back to the originator. This, combined with some obfuscation of the actual content along the way and a lack of logging is basically how TOR works. Providing an effective cloak of anonymity has repeatedly been shown to allow important political speech to be made public under circumstances when it otherwise would not have been able to. You may not like the other uses of TOR. I certainly don't like some of the uses that TOR has been put to. However, denying that TOR has, in fact, enabled improved freedom of speech in difficult environments ignores substantial evidence to the contrary.
I'm waiting for the next hot "application" to use a widely known "bad" port and see what happens. :)
What's a "bad" port? 80? 443? 25? 587? Most of the malware these days uses one or more of those.
Point given. I got off topic here.
It is extremely relevant to the Internet community and to free speech in general.
I'm actually in agreement that law enforcement may have overstepped
here if the only reason was the TOR exit point, but having a TOR exit point to me, seems to be condoning the actions/statements/packets used through the exit point. You are knowingly hiding information that your local government may require you to disclose.
Having a TOR exit point is making an effort to provide a service. It doesn't condone the nefarious uses of the service any more than running an ISP condones running a warez site that happens to get transit services from said ISP.
Running a TOR exit node isn't hiding any information. It's simply not collecting the information in the first place. You can't hide information you never had.
And supplying the Sudafed to the kiddies to use for runny noses is not condoning use for crystal meth.
Agreed. I think the current effort I have to go through as an adult to buy a simple OTC medication at a time when I'm already feeling like crap is ridiculous.
Short answer... don't use TOR. It's not a bad thing, but it's not a good thing
either.
I strongly disagree. TOR is a tool. It's a very good thing in its ability to enable democratization of communications and freedom of speech. It also has some nefarious uses. Guess what... So do hammers. I don't see anyone calling for a ban on the sale of hammers or encouraging carpenters to stop using them.
Once again, this is a political reason not a technical reason. I'm sorry for your political situation.
Yes, this is a political reason. TOR is a technology that is important to solving a political problem. It isn't my personal political situation, but I have tremendous respect and admiration for those courageous enough to make use of it in political situations where it is important. I live in the US. In spite of the extent to which recent government actions have reduced civil liberties and ignore the constitution, they have not quite gotten to the point of eliminating free speech. There's no technological problem with TOR. It works quite well. There's no inherent political problem with TOR. There is a political problem with certain uses of TOR. There is a worse political problem with attempting to eliminate TOR just because there is a political problem with some uses of TOR. Owen
Owen DeLong wrote:
I strongly disagree with you.
TOR exit nodes provide a vital physical infrastructure to free speech advocates who live in jurisdictions where strong forces are aligned against free speech. I'm sure most TOR exit node operators would happily provide all the details they have if presented with an appropriate subpoena. I really cherish this idea of privacy on the internet. It's a strong tool for enabling democracy and freedom of speech. [snip]
Isn't William's problem because he used an IP address that was registered to him on the Polish server? If not, what am I missing? SANS has chimed in via their latest Newsbites: --TOR Operator Charged For Content Sent Through His Servers (November 29 & 30, 2012) An Austrian man who operated TOR servers has been charged with distributing child pornography. Authorities detected the images passing through the servers maintained by the man. Police seized 20 computers and other equipment from William Weber's home. TOR is an acronym for The Onion Router, a project developed by the US Naval Research Laboratory that allows people surf the web anonymously. It is often used by political dissidents, journalists, and law enforcement officers, and has also been used by criminals. The offending images were being distributed by a server in Poland and sent through Weber's servers. Weber operated exit servers; traffic from these nodes can be traced back to the servers' IP addresses. While the authorities became "friendlier" after understanding where the images came from, there is a precedent for holding TOR operators liable for content that passes through servers they operate. The Electronic Frontier Foundations acknowledges the risk that accompanies operating exit nodes and advises that "it's best not to run your exit relay in your home or using your home Internet connection." http://arstechnica.com/tech-policy/2012/11/tor-operator-charged-for-child-po... http://www.bbc.co.uk/news/technology-20554788 http://www.zdnet.com/austrian-man-raided-for-operating-tor-exit-node-7000008... [Editor's Note (Ullrich): IMHO, the TOR operator acted like a transit ISP/NSP in this case. (Hoan): In many countries it is not illegal to run a Tor exit node. However, for anyone considering, or are already, running a Tor exit node you should familiarise yourself with the Electronic Frontier Foundation's Legal FAQ on the topic at https://www.eff.org/torchallenge/legal-faq/]
As usual one or more of the stories out there is wrong. It also says the man was charged which he apparently was not. Steven Naslund -----Original Message----- From: Michael Painter [mailto:tvhawaii@shaka.com] Sent: Tuesday, December 04, 2012 4:37 PM To: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if Owen DeLong wrote:
I strongly disagree with you.
TOR exit nodes provide a vital physical infrastructure to free speech advocates who live in jurisdictions where strong forces are aligned against free speech. I'm sure most TOR exit node operators would happily provide all the details they have if presented with an appropriate subpoena. I really cherish this idea of privacy on the internet. It's a strong tool for enabling democracy and freedom of speech. [snip]
Isn't William's problem because he used an IP address that was registered to him on the Polish server? If not, what am I missing? SANS has chimed in via their latest Newsbites: --TOR Operator Charged For Content Sent Through His Servers (November 29 & 30, 2012) An Austrian man who operated TOR servers has been charged with distributing child pornography. Authorities detected the images passing through the servers maintained by the man. Police seized 20 computers and other equipment from William Weber's home. TOR is an acronym for The Onion Router, a project developed by the US Naval Research Laboratory that allows people surf the web anonymously. It is often used by political dissidents, journalists, and law enforcement officers, and has also been used by criminals. The offending images were being distributed by a server in Poland and sent through Weber's servers. Weber operated exit servers; traffic from these nodes can be traced back to the servers' IP addresses. While the authorities became "friendlier" after understanding where the images came from, there is a precedent for holding TOR operators liable for content that passes through servers they operate. The Electronic Frontier Foundations acknowledges the risk that accompanies operating exit nodes and advises that "it's best not to run your exit relay in your home or using your home Internet connection." http://arstechnica.com/tech-policy/2012/11/tor-operator-charged-for-chil d-porn-transmitted-over-his-servers/ http://www.bbc.co.uk/news/technology-20554788 http://www.zdnet.com/austrian-man-raided-for-operating-tor-exit-node-700 0008133/ [Editor's Note (Ullrich): IMHO, the TOR operator acted like a transit ISP/NSP in this case. (Hoan): In many countries it is not illegal to run a Tor exit node. However, for anyone considering, or are already, running a Tor exit node you should familiarise yourself with the Electronic Frontier Foundation's Legal FAQ on the topic at https://www.eff.org/torchallenge/legal-faq/]
If I am a network guy and I sent up a heavily encrypted VPN for use by worldwide drug cartels, I am pretty sure I am committing a crime. If I have knowledge that what I am doing is going to further the commission of a crime, I am probably committing a crime. The service provider that sold me the connection is not at fault here because they have no way of knowing what I am up to in the normal course of their business. I don't know where anyone got the idea that communications is private from law enforcement with the proper authorizations. Your phone can be traced or tapped under the laws of most countries, the only difference is the level of control. Even though we may all view some groups in China, Syria, Sudan, or wherever as dissidents, their own governments may view them as terrorists and you will probably get in trouble for helping them. I would guess (but don't know) that it is illegal to communicate covertly inside of China. It is probably also some sort of crime to circumvent their firewall protections. I am not making the right vs wrong case here but be advised that what might be philanthropic in one country could very well be a crime in another. A lot of the law (and moral decision making in general ) is about intent. If the guy was trying to help people protect themselves from totalitarian regimes and such then he is probably morally and legally innocent of a crime. If the guy was building a covert network for what the police allege, he is guilty. If he was pirating movies and someone else was using it for child crimes then he is partial responsible in my moral opinion. I am not familiar enough with German law to tell you if he is legally guilty or not. Steven Naslund -----Original Message----- From: Brian Johnson [mailto:bjohnson@drtel.com] Sent: Tuesday, December 04, 2012 11:32 AM To: Jordan Michaels; nanog@nanog.org Subject: RE: William was raided for running a Tor exit node. Please help if I know I'm going to get flamed and excoriated, but here goes.... <snip>
case evolves in and out of court. Are Tor exit-node operators going to
be given the same rights as ISP's who's networks are used for illegal purposes? I would hope so, but it doesn't seem like that has happened in this case, so I am very interested to hear how the situation pans out.
This is a misleading statement. ISP's (Common carriers) do not provide a knowingly illegal offering, AND they do provide the PHYSICAL infrastructure for packets to be passed and interconnected to other PHYSICAL networks. TOR exit/entrance nodes provide only the former. The lack of providing a physical infrastructure is crucial. Also, most ISP's (US specifically) are required by Law (under subpoena) to provide details to law enforcement. I really hate this idea of privacy on the Internet. If you really think you have the "right" to use the public infrastructure (to whatever extent you want to label the Internet as such) and be completely anonymous, I have a bridge to sell you. Network operators may treat your packets to whatever level of scrutiny that they may find necessary to determine if they want to pass your packets, keeping in mind that good operators want the Internet to work. I'm waiting for the next hot "application" to use a widely known "bad" port and see what happens. :)
It is extremely relevant to the Internet community and to free speech in general.
I'm actually in agreement that law enforcement may have overstepped here if the only reason was the TOR exit point, but having a TOR exit point to me, seems to be condoning the actions/statements/packets used through the exit point. You are knowingly hiding information that your local government may require you to disclose. Short answer... don't use TOR. It's not a bad thing, but it's not a good thing either. - Brian
On 3 December 2012 07:19, Joakim Aronius <joakim@aronius.se> wrote:
I am all for providing anonymized access to help free speech. Perhaps its better with anon access to specific applications like twitter, fb etc and not general internet access. I suspect that the 'free speech' part of the total tor traffic volume is pretty small(?).
I agree. I can understand that people need to be anonymous when they are going to publicly stand against an oppressive regime, or expose corporate corruption etc. What I'm not sure I believe as strongly is the justification for anonymity in private, closed communication - this is the use case for paedophiles and terrorists organising their crimes. So in my view, anonymous + public = OK, anonymous + private = doubtful. This isn't a solution to the troll or hate crimes problem (anonymous people making statements that are distasteful on public forums) but at least we can all see this going on and develop other solutions. Aled
On Thu, Nov 29, 2012 at 11:45 AM, Patrick W. Gilmore <patrick@ianai.net> wrote:
Do you think if the police found out child pr0n was being served from a starbux they wouldn't confiscate the equipment from that store?
I think if they took the cash registers too the Starbucks lawyer would be in court an hour later with a motion to quash in one hand and an offer of full cooperation in the other. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
It's difficult to compare a guy in Austria to a multi-billion dollar corporation. Here in the US, the fed has charged 3 men with involuntary manslaughter for their parts in the Gulf of Mexico Rig explosion. BP received a slap on the wrist, and a decent (to us, not them) sized fine. On 11/29/12 10:57 AM, "William Herrin" <bill@herrin.us> wrote:
On Thu, Nov 29, 2012 at 11:45 AM, Patrick W. Gilmore <patrick@ianai.net> wrote:
Do you think if the police found out child pr0n was being served from a starbux they wouldn't confiscate the equipment from that store?
I think if they took the cash registers too the Starbucks lawyer would be in court an hour later with a motion to quash in one hand and an offer of full cooperation in the other.
Regards, Bill Herrin
-- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
On Nov 29, 2012, at 13:57 , William Herrin <bill@herrin.us> wrote:
On Thu, Nov 29, 2012 at 11:45 AM, Patrick W. Gilmore <patrick@ianai.net> wrote:
Do you think if the police found out child pr0n was being served from a starbux they wouldn't confiscate the equipment from that store?
I think if they took the cash registers too the Starbucks lawyer would be in court an hour later with a motion to quash in one hand and an offer of full cooperation in the other.
And if the sky were orange.... Any other non-sequitors? :) -- TTFN, patrick P.S. I can come up with some examples where the cash registers would be fair game, such as when the manager was charging the hosting provider extra to sit in the corner and host the 'bad content'. But it is still a non-sequitor w/r/t this thread.
On Thu, Nov 29, 2012 at 2:06 PM, Patrick W. Gilmore <patrick@ianai.net> wrote:
On Nov 29, 2012, at 13:57 , William Herrin <bill@herrin.us> wrote:
On Thu, Nov 29, 2012 at 11:45 AM, Patrick W. Gilmore <patrick@ianai.net> wrote:
Do you think if the police found out child pr0n was being served from a starbux they wouldn't confiscate the equipment from that store?
I think if they took the cash registers too the Starbucks lawyer would be in court an hour later with a motion to quash in one hand and an offer of full cooperation in the other.
And if the sky were orange.... Any other non-sequitors? :)
All of Mr. Weber's equipment was seized. Last I checked the cash registers at Starbucks were networked computers too. Maybe your Starbucks is different. Mr. Weber lives in another jurisdiction, but in the U.S. the warrant is limited to material plausibly connected to the alleged crime. If the guy was shot with a 9mm and the warrant says "all firearms," it's unlawfully broad. The most it should be is "small calliber handguns" and not even that much if they know for sure it's a 9mm. If the police seize a shotgun and a couple of knives, they've overstepped. If the computer at IP:port:timestamp transmitted child porn, a warrant for "all computers" is also too broad. "Computers which use said IP address or which employ forensic countermeasures which prevent a ready determination whether they employed said IP address." And have a qualified technician on the search team, same as you would for any other material being searched. On the flip side, I think that if you're running a Tor node you'd better hope the police *want* your cooperation. If they don't your activity falls somewhere between criminal recklessness and criminal facilitation. Seriously, who do you think uses your Tor node? Whistle blowers exposing corruption and freedom loving libertarians? Fool. -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
On 11/29/12, William Herrin <bill@herrin.us> wrote:
If the computer at IP:port:timestamp transmitted child porn, a warrant for "all computers" is also too broad. "Computers which use said IP
As you know, there may always be some uncertainty about which computer was using a certain IP address at a certain time -- the computer assigned that address might have been off, with a deviant individual spoofing MAC address and IP address of a certain computer, using different equipment still attached to the same physical LAN. Their warrant authors will probably not say "all computers"; they will more likely say something like all digital storage media, and equipment required for access. Which includes all hard drives, SSDs, CF cards, diskettes, CDRs, and all the computing equipment they are installed in (keyboard, monitor, mouse, etc) normally used to access the media.
address or which employ forensic countermeasures which prevent a ready determination whether they employed said IP address." And have a
DHCP?
qualified technician on the search team, same as you would for any other material being searched.
If they had a qualified technician, they probably wouldn't be raiding a TOR exit node in the first place; they would have investigated the matter more thoroughly, and saved precious time. -- -JH
On Fri, Nov 30, 2012 at 4:46 PM, Jimmy Hess <mysidia@gmail.com> wrote:
If they had a qualified technician, they probably wouldn't be raiding a TOR exit node in the first place; they would have investigated the matter more thoroughly, and saved precious time.
And what if the TOR exit node was in the cloud? Are they going to confiscate millions of servers just because a few of them were hosting child pornography?? (I am a believer of Cloud Computing, and in fact earlier this month we had a 10,000-node Grid Engine HPC cluster running in Amazon EC2: http://blogs.scalablelogic.com/2012/11/running-10000-node-grid-engine-cluste... ) I believe most Cloud providers (Google, Amazon, IBM, etc) have some sort of disclaimer clause... but then one can get a VPN account easily too (there are many free ones as well)! So how could VPN, local coffee shops, and cloud providers protect themselves from this kind of non-sense?? Rayson ================================================== Open Grid Scheduler - The Official Open Source Grid Engine http://gridscheduler.sourceforge.net/
-- -JH
On November 30, 2012 at 17:02 raysonlogin@gmail.com (Rayson Ho) wrote:
And what if the TOR exit node was in the cloud? Are they going to confiscate millions of servers just because a few of them were hosting child pornography??
Based on the recent experiences of Megaupload I think the answer to that is an unqualified yes. http://www.telepresenceoptions.com/2012/11/megaupload_and_the_governments/ or http://tinyurl.com/cj7wjzz -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
From: Jimmy Hess [mailto:mysidia@gmail.com] Sent: Friday, November 30, 2012 3:47 PM To: William Herrin Cc: NANOG list Subject: Re: William was raided for running a Tor exit node. Please help if you can.
On 11/29/12, William Herrin <bill@herrin.us> wrote:
If the computer at IP:port:timestamp transmitted child porn, a warrant for "all computers" is also too broad. "Computers which use said IP
As you know, there may always be some uncertainty about which computer was using a certain IP address at a certain time -- the computer assigned that address might have been off, with a deviant individual spoofing MAC address and IP address of a certain computer, using different equipment still attached to the same physical LAN.
Their warrant authors will probably not say "all computers"; they will more likely say something like all digital storage media, and equipment required for access.
Funny thing is they hit his residence, not the location where the Tor server was located. Most likely they tracked the Tor server's IP to an account at the ISP that hosted it, that pointed at his residence. Strange that they did not seize the server itself according to the interview of the guy involved.
Which includes all hard drives, SSDs, CF cards, diskettes, CDRs, and all the computing equipment they are installed in (keyboard, monitor, mouse, >etc) normally used to access the media.
Probably said all computing equipment and media on the premise. That is extremely common language for these warrants. I have never, ever, heard of a seizure that only involved a single IP address. The cops know that media moves around.
address or which employ forensic countermeasures which prevent a ready determination whether they employed said IP address." And have a
DHCP?
qualified technician on the search team, same as you would for any other material being searched.
If they had a qualified technician, they probably wouldn't be raiding a TOR exit node in the first place; they would have investigated the matter more thoroughly, and saved precious time.
Remember, they did not raid the Tor exit node. They raided the home of the guy running the Tor exit node. Way different.
-- -JH
Steven Naslund
On Fri, Nov 30, 2012 at 4:46 PM, Jimmy Hess <mysidia@gmail.com> wrote:
On 11/29/12, William Herrin <bill@herrin.us> wrote:
If the computer at IP:port:timestamp transmitted child porn, a warrant for "all computers" is also too broad. "Computers which use said IP
As you know, there may always be some uncertainty about which computer was using a certain IP address at a certain time -- the computer assigned that address might have been off, with a deviant
Or more likely behind a NAT device where the address which presents is the NAT device. But the police won't know that until they search. Until they search they have no factual basis for the presumptions either that more than one computer was associated with the activity or that it isn't possible to readily identify which computer was involved. That Tor node was probably on a static IP address and was probably on the same static IP address at the time of the alleged activity. "Reasonable suspicion" doesn't mean Bob thinks you did it, it means that there's a trail of facts which lead *directly* to the evidence you seek permission to seize. The trail to child porn doesn't include the right to seize the stack of John Denver music and while it might include the right to search the shelf of DVDs it doesn't include the right to seize the ones produced by Disney. The right to search your computer and the right to seize it are not at all the same thing. Practically speaking, right now the police are going to seize all your computers. But keep watching. Some time in the next decade or two warrants will start to get quashed for failing to specify (by parameters) *which* computer they were looking for. As computers become more central to our lives it will probably come out that they have the right to duplicate your hard drives and other read/write media but don't have a right to take the originals unless they observe warrant-covered material *on* the computer while searching. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
I might be reading this the wrong way but it looked to me like the cops raided his home and the Tor server is hosted off site with an ISP. That is what is bugging me so much. The cops raided his house, not the location of the server. If they had tracked the server by its IP it would have led to the hoster, not his home. They could have gotten his address as the account holder but the ISP would have known that the Tor server was at their site not his home. The IP would not track to his residence. Something is not the full story here or I am misreading his interview. I have seen some of the warrants due to child porn cases. They tend to be very sweeping and usually specify recordable media and data processing equipment. That is admittedly broad but the cops usually do not have forensic computer guys on site so they try to grab it all. It is not right but that is how it currently works. Anything else requires the expertise on site to search the equipment where it is. Most cops don't know a PC from a router, from a switch. It all goes. Steven Naslund -----Original Message----- From: William Herrin [mailto:bill@herrin.us] Sent: Friday, November 30, 2012 4:21 PM To: Jimmy Hess Cc: NANOG list Subject: Re: William was raided for running a Tor exit node. Please help if you can. On Fri, Nov 30, 2012 at 4:46 PM, Jimmy Hess <mysidia@gmail.com> wrote:
On 11/29/12, William Herrin <bill@herrin.us> wrote:
If the computer at IP:port:timestamp transmitted child porn, a warrant for "all computers" is also too broad. "Computers which use said IP
As you know, there may always be some uncertainty about which computer
was using a certain IP address at a certain time -- the computer assigned that address might have been off, with a deviant
Or more likely behind a NAT device where the address which presents is the NAT device. But the police won't know that until they search. Until they search they have no factual basis for the presumptions either that more than one computer was associated with the activity or that it isn't possible to readily identify which computer was involved. That Tor node was probably on a static IP address and was probably on the same static IP address at the time of the alleged activity. "Reasonable suspicion" doesn't mean Bob thinks you did it, it means that there's a trail of facts which lead *directly* to the evidence you seek permission to seize. The trail to child porn doesn't include the right to seize the stack of John Denver music and while it might include the right to search the shelf of DVDs it doesn't include the right to seize the ones produced by Disney. The right to search your computer and the right to seize it are not at all the same thing. Practically speaking, right now the police are going to seize all your computers. But keep watching. Some time in the next decade or two warrants will start to get quashed for failing to specify (by parameters) *which* computer they were looking for. As computers become more central to our lives it will probably come out that they have the right to duplicate your hard drives and other read/write media but don't have a right to take the originals unless they observe warrant-covered material *on* the computer while searching. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
Naslund, Steve wrote:
I might be reading this the wrong way but it looked to me like the cops raided his home and the Tor server is hosted off site with an ISP. That is what is bugging me so much. The cops raided his house, not the location of the server. If they had tracked the server by its IP it would have led to the hoster, not his home. They could have gotten his address as the account holder but the ISP would have known that the Tor server was at their site not his home. The IP would not track to his residence. Something is not the full story here or I am misreading his interview.
How about: Police have seen CP and have logs from "Additionally, I was accused of sharing (and possibly producing) child pornography on a clearnet forum via an image hosting site that was probably tapped." Police look at IP addresses that have accessed the images for those that are within their jurisdiction. Police find an address within a block that is registered to Wiliam. Police raid William and receive an education on TOR exit nodes on servers in Poland. Maybe? Why wouldn't the IP address have led to William? --Michael
If he is claiming that the traffic to the forum came through the Tor node, that IP would lead them to the hosting company of the Tor node. Not his residence. If they had an IP that led to his home, that would have to mean that the traffic did not come from his Tor node at the ISP. I suppose you could get your own block of addresses and get the ISP to advertise them for you to host your server but I don't think you would. If they got his address from the hosting company, I suppose that might lead them to his house but it also would have told them that the Tor node was not AT his house. Why go there? I think they have something else. There are lots of terabytes for them to look at. Who wants to bet what is there? Steven Naslund -----Original Message----- From: Michael Painter [mailto:tvhawaii@flex.com] On Behalf Of Michael Painter Sent: Friday, November 30, 2012 5:37 PM To: Naslund, Steve; NANOG list Subject: Re: William was raided for running a Tor exit node. Please help if you can. Naslund, Steve wrote:
I might be reading this the wrong way but it looked to me like the cops raided his home and the Tor server is hosted off site with an ISP. That is what is bugging me so much. The cops raided his house, not the location of the server. If they had tracked the server by its
IP it would have led to the hoster, not his home. They could have gotten his address as the account holder but the ISP would have known that the Tor server was at their site not his home. The IP would not track to his residence. Something is not the full story here or I am misreading his interview.
How about: Police have seen CP and have logs from "Additionally, I was accused of sharing (and possibly producing) child pornography on a clearnet forum via an image hosting site that was probably tapped." Police look at IP addresses that have accessed the images for those that are within their jurisdiction. Police find an address within a block that is registered to Wiliam. Police raid William and receive an education on TOR exit nodes on servers in Poland. Maybe? Why wouldn't the IP address have led to William? --Michael
----- Original Message -----
From: "Patrick W. Gilmore" <patrick@ianai.net>
I think if they took the cash registers too the Starbucks lawyer would be in court an hour later with a motion to quash in one hand and an offer of full cooperation in the other.
And if the sky were orange....
Any other non-sequitors? :)
P.S. I can come up with some examples where the cash registers would be fair game, such as when the manager was charging the hosting provider extra to sit in the corner and host the 'bad content'. But it is still a non-sequitor w/r/t this thread.
The hell it is: cops sieze things which are not only not related to a crime, but cannot *possibly be* relevant to that crime *all the effing time*, Patrick. You know this, I'm sure. Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
How would this be legally different than receiving the illegal content in an envelope and anonymously forwarding the envelope via the post office? I am pretty sure you are still liable since you were the sender. I realize that there are special postal regulations but I think that agreeing to forward anything for anyone sight unseen is pretty risky and I think you will have a hard time pulling of the "service provider" defense if you are not selling services and are not licensed as a carrier. Steven Naslund -----Original Message----- From: Patrick W. Gilmore [mailto:patrick@ianai.net] Sent: Thursday, November 29, 2012 10:45 AM To: NANOG list Subject: Re: William was raided for running a Tor exit node. Please help if you can. On Nov 29, 2012, at 11:17 , Barry Shein <bzs@world.std.com> wrote:
Back in the early days of the public internet we didn't require any id to create an account, just that you found a way to pay us. We had anonymous accts some of whom dropped by personally to pay their bill, some said hello but I usually didn't know their names and that's how they wanted it, I'd answer "hello <ACCOUNT>", whatever their login was
if I recognized them. Some mailed in something, a mail order, even currency tho that was rare but it did happen, or had someone else drop
by to pay in cash (that is, no idea if they were local.)
LEO occasionally served a warrant for information, usually child porn biz (more than just accessing child porn, selling it) tho I don't remember any anonymous accts being involved.
"Mere conduit" defense. (Please do not anyone mention "common carrier status" or the like, ISPs are _not_ common carriers.)
I never expected to be held accountable for anyone's behavior unless I
was knowingly involved somehow (just the usual caveat.) LEO never showed any particular interest in the fact that we were ok with anonymous accounts. If I was made aware of illegal activities we'd shut them off, didn't really happen much, maybe some credible "hacking" complaint on occasion.
How do you "shut off" a Tor "account"?
It's funny, it's all illusion like show business. It's not hard to set
up anonymous service, crap, just drop in at any wi-fi hotspot, many just ask you to click that you accept their T&Cs and you're on. Would they raid them, I was just using one at a major hospital this week that was just like that, if someone used that for child porn etc? But I guess stick your nose out and say you're specifically offering anon accts and watch out I guess.
Do you think if the police found out child pr0n was being served from a starbux they wouldn't confiscate the equipment from that store? -- TTFN, patrick
Not sure if there is a legal precedent for this, but logically the difference is that there are no robots that I know of that can automatically receive and parse postal mail, then re-address and forward it. For a human to forward a letter takes a conscious manual action, even if they choose not to look inside. Having a Tor node for no specific purpose, having a hacked server/pc that is then compromised for some nefarious purpose, etc. are not necessarily purposeful actions that one could be held accountable for without other proof. I'd think the LEA would have to establish motive, like in any other crime, to make that jump. Perhaps in this case they believe they have, and that would end up in the courts, where you'd have to hope the Judge and or Jury sees that difference. Don't see this as very different either from when an agency confiscates a whole rack of shared servers because one user was suspected of some bad action, and we all know that does happen. -Scott -----Original Message----- From: Naslund, Steve [mailto:SNaslund@medline.com] Sent: Thursday, November 29, 2012 2:07 PM To: nanog@nanog.org Subject: RE: William was raided for running a Tor exit node. Please help if you can. How would this be legally different than receiving the illegal content in an envelope and anonymously forwarding the envelope via the post office? I am pretty sure you are still liable since you were the sender. I realize that there are special postal regulations but I think that agreeing to forward anything for anyone sight unseen is pretty risky and I think you will have a hard time pulling of the "service provider" defense if you are not selling services and are not licensed as a carrier. Steven Naslund -----Original Message----- From: Patrick W. Gilmore [mailto:patrick@ianai.net] Sent: Thursday, November 29, 2012 10:45 AM To: NANOG list Subject: Re: William was raided for running a Tor exit node. Please help if you can. On Nov 29, 2012, at 11:17 , Barry Shein <bzs@world.std.com> wrote:
Back in the early days of the public internet we didn't require any id to create an account, just that you found a way to pay us. We had anonymous accts some of whom dropped by personally to pay their bill, some said hello but I usually didn't know their names and that's how they wanted it, I'd answer "hello <ACCOUNT>", whatever their login was
if I recognized them. Some mailed in something, a mail order, even currency tho that was rare but it did happen, or had someone else drop
by to pay in cash (that is, no idea if they were local.)
LEO occasionally served a warrant for information, usually child porn biz (more than just accessing child porn, selling it) tho I don't remember any anonymous accts being involved.
"Mere conduit" defense. (Please do not anyone mention "common carrier status" or the like, ISPs are _not_ common carriers.)
I never expected to be held accountable for anyone's behavior unless I
was knowingly involved somehow (just the usual caveat.) LEO never showed any particular interest in the fact that we were ok with anonymous accounts. If I was made aware of illegal activities we'd shut them off, didn't really happen much, maybe some credible "hacking" complaint on occasion.
How do you "shut off" a Tor "account"?
It's funny, it's all illusion like show business. It's not hard to set
up anonymous service, crap, just drop in at any wi-fi hotspot, many just ask you to click that you accept their T&Cs and you're on. Would they raid them, I was just using one at a major hospital this week that was just like that, if someone used that for child porn etc? But I guess stick your nose out and say you're specifically offering anon accts and watch out I guess.
Do you think if the police found out child pr0n was being served from a starbux they wouldn't confiscate the equipment from that store? -- TTFN, patrick
----- Original Message -----
From: "Patrick W. Gilmore" <patrick@ianai.net>
"Mere conduit" defense. (Please do not anyone mention "common carrier status" or the like, ISPs are _not_ common carriers.)
Do you think if the police found out child pr0n was being served from a starbux they wouldn't confiscate the equipment from that store?
Well, pursuant to the "mere conduit" defense, I believe (IANAL) a defensible case could be made that the (people operating) Tor nodes are not "servers" as that term is generally understood in the industry, in the same way that web browser/caches are not "copies" as IP law understands *that* term. Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
I think the best analogy I would use in defense is something like the pre-paid cellular phones that are sold. That is about the only anonymous communications service I can think of off the top of my head. Problem is that most people are not licensed carriers and may not be able to hide behind that protection. I can see an argument both ways with the feds saying that you are running a service for the express service of concealing the identity of a person allowing them to avoid law enforcement (among other uses). On the other hand, the makers of guns do not get charged with murder even though their tool enabled a criminal. Could go either way but the problem is that in any case it will be expensive to defend so win or lose, you lose. I guess you can't run a Tor exit unless you have a legal defense fund set up. I understand the legit uses of Tor but wonder what the actual percentage of good vs. evil use really is. Steven Naslund -----Original Message----- From: Barry Shein [mailto:bzs@world.std.com] Sent: Thursday, November 29, 2012 10:17 AM To: NANOG list Subject: Re: William was raided for running a Tor exit node. Please help if you can. Back in the early days of the public internet we didn't require any id to create an account, just that you found a way to pay us. We had anonymous accts some of whom dropped by personally to pay their bill, some said hello but I usually didn't know their names and that's how they wanted it, I'd answer "hello <ACCOUNT>", whatever their login was if I recognized them. Some mailed in something, a mail order, even currency tho that was rare but it did happen, or had someone else drop by to pay in cash (that is, no idea if they were local.) LEO occasionally served a warrant for information, usually child porn biz (more than just accessing child porn, selling it) tho I don't remember any anonymous accts being involved. I never expected to be held accountable for anyone's behavior unless I was knowingly involved somehow (just the usual caveat.) LEO never showed any particular interest in the fact that we were ok with anonymous accounts. If I was made aware of illegal activities we'd shut them off, didn't really happen much, maybe some credible "hacking" complaint on occasion. It's funny, it's all illusion like show business. It's not hard to set up anonymous service, crap, just drop in at any wi-fi hotspot, many just ask you to click that you accept their T&Cs and you're on. Would they raid them, I was just using one at a major hospital this week that was just like that, if someone used that for child porn etc? But I guess stick your nose out and say you're specifically offering anon accts and watch out I guess. -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
On Thu, Nov 29, 2012 at 01:19:19PM -0600, Naslund, Steve wrote:
I think the best analogy I would use in defense is something like the pre-paid cellular phones that are sold. That is about the only anonymous communications service I can think of off the top of my head. Problem is that most people are not licensed carriers and may not be able to hide behind that protection.
if your phone is stolen and used by a drug dealer, i'm pretty sure the cops would not be after you for anything the dealer did. if you stand on the corner with a sign saying "free cell phone airtime, just ask me", they might take a different view on things. now, whether you are guilty of anything or not, by standing there with a sign you are certainly opening yourself to legal inquiry, delay and hassle. i wouldn't be surprised if the cops didn't accept your "i'm just letting people use my phone, i've got nothing to do with their activities" defence, at least not without poking about for a bit, which might include looking at your cellphone, your home phone, your bank records, and anything else they think (and a judge agrees) might need viewing to clear you. -- Jim Mercer Reptilian Research jim@reptiles.org +1 416 410-5633 "He who dies with the most toys is nonetheless dead"
On Thu, Nov 29, 2012 at 2:00 PM, Jim Mercer <jim@reptiles.org> wrote:
On Thu, Nov 29, 2012 at 01:19:19PM -0600, Naslund, Steve wrote:
I think the best analogy I would use in defense is something like the pre-paid cellular phones that are sold. That is about the only anonymous communications service I can think of off the top of my head. Problem is that most people are not licensed carriers and may not be able to hide behind that protection.
if your phone is stolen and used by a drug dealer, i'm pretty sure the cops would not be after you for anything the dealer did.
if you stand on the corner with a sign saying "free cell phone airtime, just ask me", they might take a different view on things.
now, whether you are guilty of anything or not, by standing there with a sign you are certainly opening yourself to legal inquiry, delay and hassle.
i wouldn't be surprised if the cops didn't accept your "i'm just letting people use my phone, i've got nothing to do with their activities" defence, at least not without poking about for a bit, which might include looking at your cellphone, your home phone, your bank records, and anything else they think (and a judge agrees) might need viewing to clear you.
A few questions this thread raises for me: you are a very trusting person, and frequently let people borrow your things. A friend frequently borrows your phone, which he explains is because he: a) frequently lets his phone die, or has run close to using too many minutes. You frequently allow him (and other people) to borrow your phone. At some point, it becomes clear that his life has taken a turn for the worse, and he has become involved in activities of which you do not approve. You stop allowing him to use your phone. During a criminal investigation of your friend's activities, it later becomes clear that for some time he was using it for illegal activities. At what point did allowing him to use your phone become illegal, and how should a responsible citizen rationally realize or identify this point? How can one be reasonably sure that one knows another person well enough to allow them to use one's equipment/resources? When do you become responsible for the activity of someone else on your equipment? Clearly "always" is not correct; similarly, "never" is also not correct. b) (most analogous to the actual situation) has a [legitimate?] reason for wanting to avoid the entity he calls having, being able to predict, see, or otherwise link some information he wishes to give them with some information he does not wish to give them (for example, his phone number [1]) Upon this pretense, which seems fairly reasonable, you allow him access to your phone. In order to enable this pursuit (so that this phone number cannot be attached to a pattern of activity), you also allow others to use your phone for similar reasons. You consider such activity correlation/tracking and data mining to be a violation of privacy (explicitly with regard to data-mining and activity tracking performed in pursuit of selling this data for profit). Now arguably, in the second case, you are operating this "service" with an explicitly altruistic intent. IF you are not informed about the mechanics of this process, and you are unaware of the issues this creates for law enforcement entities in identifying criminals, what constitutes wrongdoing? If you are not aware of criminal uses of your service which is entirely free and only intended for avoiding data-miners, are you still accountable for the activities of those using it? Why? At what point do you accept or acquire this responsibility? How is this different from operating a party line shared by an apartment building or phone bridge with external calling ability? I am curious about the impact of the nuances of each of these situations. [1] he is paranoid, and doesn't like the pizza place associating his address with his phone number, or perhaps he is calling someone who collects marketing data and attempts to data-mine his activity, or some other more legitimate, applicable and realistic take on appropriate cases for desiring anonymity in such a transaction
-- Jim Mercer Reptilian Research jim@reptiles.org +1 416 410-5633 "He who dies with the most toys is nonetheless dead"
-- Kyle Creyts Information Assurance Professional BSidesDetroit Organizer
Hi, I gotta ask and I'm sure someone would if I didn't, but how do we know this guy is legit? He's jumped up on a forum saying, "Hey, police raided me, help. gib mone plz" and failed to provide and reason as to how he's real and not just making it up. Maybe if there's a way to know this guy is legit, I'll help out if possible, but until then I'm just going to watch others with caution and I suggest others do as well. On Fri, Nov 30, 2012 at 12:04 AM, Chris <caldcv@gmail.com> wrote:
I'm not William and a friend pasted a link on IRC to me. I'm going to send him a few bucks because I know how it feels to get blindsided by the police on one random day and your world is turned upside down.
Source: http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-acce...
From the URL:
Yes, it happened to me now as well - Yesterday i got raided for someone sharing child pornography over one of my Tor exits. I'm good so far, not in jail, but all my computers and hardware have been confiscated. (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)
If convicted i could face up to 6 years in jail, of course i do not want that and i also want to try to set a legal base for running Tor exit nodes in Austria or even the EU.
Sadly we have nothing like the EFF here that could help me in this case by legal assistance, so i'm on my own and require a good lawyer. Thus i'm accepting donations for my legal expenses which i expect to be around 5000-10000 EUR.
If you can i would appreciate if you could donate a bit (every amount helps, even the smallest) either by PayPal (any currency is ok): https://paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=2Q4LZNBBD7EH4
Or by Bank Transfer (EUR only please):
Holder: William Weber Bank: EasyBank AG (Vienna, Austria) Account: 20011351213 Bank sort number: 14200 IBAN: AT031420020011351213 BIC: EASYATW1
I will try to pay them back when i'm out of this (or even before) but i can obviously not guarantee this, please keep this in mind. This money will only be used for legal expenses related to this case.
If you have any questions or want to donate by another way (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free to send me a mail (william@william.si) or a PM, or contact me in LET IRC.
Thanks! William
-- --C
"The dumber people think you are, the more surprised they're going to be when you kill them." - Sir William Clayton
-- ~Em
On Fri, Nov 30, 2012 at 01:14:08AM +1100, Emily Ozols wrote:
Hi,
I gotta ask and I'm sure someone would if I didn't, but how do we know this guy is legit? He's jumped up on a forum saying, "Hey, police raided me, help. gib mone plz" and failed to provide and reason as to how he's real and not just making it up.
Maybe if there's a way to know this guy is legit, I'll help out if possible, but until then I'm just going to watch others with caution and I suggest others do as well.
This matter is being investigated by the Tor developers. It looks legitimate, so far.
On Fri, Nov 30, 2012 at 12:04 AM, Chris <caldcv@gmail.com> wrote:
I'm not William and a friend pasted a link on IRC to me. I'm going to send him a few bucks because I know how it feels to get blindsided by the police on one random day and your world is turned upside down.
Source: http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-acce...
From the URL:
Yes, it happened to me now as well - Yesterday i got raided for someone sharing child pornography over one of my Tor exits. I'm good so far, not in jail, but all my computers and hardware have been confiscated. (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)
If convicted i could face up to 6 years in jail, of course i do not want that and i also want to try to set a legal base for running Tor exit nodes in Austria or even the EU.
Sadly we have nothing like the EFF here that could help me in this case by legal assistance, so i'm on my own and require a good lawyer. Thus i'm accepting donations for my legal expenses which i expect to be around 5000-10000 EUR.
If you can i would appreciate if you could donate a bit (every amount helps, even the smallest) either by PayPal (any currency is ok): https://paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=2Q4LZNBBD7EH4
Or by Bank Transfer (EUR only please):
Holder: William Weber Bank: EasyBank AG (Vienna, Austria) Account: 20011351213 Bank sort number: 14200 IBAN: AT031420020011351213 BIC: EASYATW1
I will try to pay them back when i'm out of this (or even before) but i can obviously not guarantee this, please keep this in mind. This money will only be used for legal expenses related to this case.
If you have any questions or want to donate by another way (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free to send me a mail (william@william.si) or a PM, or contact me in LET IRC.
Thanks! William
-- --C
"The dumber people think you are, the more surprised they're going to be when you kill them." - Sir William Clayton
-- ~Em -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
We had a guy (aka potential customer) inquire the other day about hosting a Tor exit on our infrastructure the other day; he disappeared fairly quickly when he figured out that we weren't just going to give him an endless supply of unmetered 10G bandwidth. I was looking forward to billing him. :-) I'm not sure that armchair lawyering, here, actually helps anyone. Also, spel-chek, sequitur. best, --e On Thu, Nov 29, 2012 at 1:22 PM, Eugen Leitl <eugen@leitl.org> wrote:
On Fri, Nov 30, 2012 at 01:14:08AM +1100, Emily Ozols wrote:
Hi,
I gotta ask and I'm sure someone would if I didn't, but how do we know this guy is legit? He's jumped up on a forum saying, "Hey, police raided me, help. gib mone plz" and failed to provide and reason as to how he's real and not just making it up.
Maybe if there's a way to know this guy is legit, I'll help out if possible, but until then I'm just going to watch others with caution and I suggest others do as well.
This matter is being investigated by the Tor developers. It looks legitimate, so far.
On Fri, Nov 30, 2012 at 12:04 AM, Chris <caldcv@gmail.com> wrote:
I'm not William and a friend pasted a link on IRC to me. I'm going to send him a few bucks because I know how it feels to get blindsided by the police on one random day and your world is turned upside down.
Source: http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-acce...
From the URL:
Yes, it happened to me now as well - Yesterday i got raided for someone sharing child pornography over one of my Tor exits. I'm good so far, not in jail, but all my computers and hardware have been confiscated. (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)
If convicted i could face up to 6 years in jail, of course i do not want that and i also want to try to set a legal base for running Tor exit nodes in Austria or even the EU.
Sadly we have nothing like the EFF here that could help me in this case by legal assistance, so i'm on my own and require a good lawyer. Thus i'm accepting donations for my legal expenses which i expect to be around 5000-10000 EUR.
If you can i would appreciate if you could donate a bit (every amount helps, even the smallest) either by PayPal (any currency is ok):
https://paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=2Q4LZNBBD7EH4
Or by Bank Transfer (EUR only please):
Holder: William Weber Bank: EasyBank AG (Vienna, Austria) Account: 20011351213 Bank sort number: 14200 IBAN: AT031420020011351213 BIC: EASYATW1
I will try to pay them back when i'm out of this (or even before) but i can obviously not guarantee this, please keep this in mind. This money will only be used for legal expenses related to this case.
If you have any questions or want to donate by another way (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free to send me a mail (william@william.si) or a PM, or contact me in LET IRC.
Thanks! William
-- --C
"The dumber people think you are, the more surprised they're going to be when you kill them." - Sir William Clayton
-- ~Em -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just folly. People will spend time and money securing their home wireless so their neighbor can't steal their internet, but willingly allow strangers from anywhere in the world to use their connections no strings attached. It's hilarious. On 11/29/2012 8:04 AM, Chris wrote:
I'm not William and a friend pasted a link on IRC to me. I'm going to send him a few bucks because I know how it feels to get blindsided by the police on one random day and your world is turned upside down.
Source: http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-acce...
From the URL:
Yes, it happened to me now as well - Yesterday i got raided for someone sharing child pornography over one of my Tor exits. I'm good so far, not in jail, but all my computers and hardware have been confiscated. (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)
If convicted i could face up to 6 years in jail, of course i do not want that and i also want to try to set a legal base for running Tor exit nodes in Austria or even the EU.
Sadly we have nothing like the EFF here that could help me in this case by legal assistance, so i'm on my own and require a good lawyer. Thus i'm accepting donations for my legal expenses which i expect to be around 5000-10000 EUR.
If you can i would appreciate if you could donate a bit (every amount helps, even the smallest) either by PayPal (any currency is ok): https://paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=2Q4LZNBBD7EH4
Or by Bank Transfer (EUR only please):
Holder: William Weber Bank: EasyBank AG (Vienna, Austria) Account: 20011351213 Bank sort number: 14200 IBAN: AT031420020011351213 BIC: EASYATW1
I will try to pay them back when i'm out of this (or even before) but i can obviously not guarantee this, please keep this in mind. This money will only be used for legal expenses related to this case.
If you have any questions or want to donate by another way (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free to send me a mail (william@william.si) or a PM, or contact me in LET IRC.
Thanks! William
-- --C
"The dumber people think you are, the more surprised they're going to be when you kill them." - Sir William Clayton
On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just folly.
Such as, say, an Internet Service Provider business? ... -- -george william herbert george.herbert@gmail.com
Not really comparable. Speaking from a US point of view, ISPs has strong legal protections isolating them from culpability for the actions of their customers. I know internationally things are different, but here in the US the ISP doesn't get dinged, except in certain cases where they are legally required to remove access to material and don't. End users have no such protections that I'm aware of that cover them similarly. On 11/29/2012 2:50 PM, George Herbert wrote:
On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just folly. Such as, say, an Internet Service Provider business?
...
On Thu, Nov 29, 2012 at 11:58 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Not really comparable.
Speaking from a US point of view, ISPs has strong legal protections isolating them from culpability for the actions of their customers. I know internationally things are different, but here in the US the ISP doesn't get dinged, except in certain cases where they are legally required to remove access to material and don't.
End users have no such protections that I'm aware of that cover them similarly.
On 11/29/2012 2:50 PM, George Herbert wrote:
On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just folly.
Such as, say, an Internet Service Provider business?
There are plenty of ISPs with no or little customer contracts; anyone running open access wireless. Plenty of "open access" sites with free accounts. And any but the largest ISPs are "end users" of upstream bandwidth. The analogy of a small free access ISP and a Tor exit node is legally defensible. I know of five, six, seven that I can think of off the top of my head that are run by people I know, one of whom has started and/or been architect or operations lead for 5 or more commercial ISPs. Even more, ISP like protections are extended in the US to many "end user" sites such as blogging sites, Wikis, etc; where the site is "publishing" content but not creating it or exerting control over it, etc. This is US specific, and the case of a user in Austria is entirely unrelated to US law, but I don't know that this type of response would hold up in US court for these reasons. I am going to ping my internet law contacts in the US and see what they think, as IANAL. -- -george william herbert george.herbert@gmail.com
Communications Decency Act, 47 U.S.C. §230 is the US law that has been interpreted to provide immunity to ISP for the actions of their users. Zeran v. America Online, Inc., 4th Circuit, 1997 Jane Doe v. America Online, Inc., 5th Circuit, 1997 Blumenthal v. Drudge, DC District, 1998 Green v. AOL, 3rd Circuit, 2003 Gentry v. eBay, Inc, California Appeals, 2002 Delfino v. Agilent Technologies, California Appeals, 2006 The ISP ones are most relevant here, but look at these cases. The situation would be complicated if the ISP ran the TOR exit node themselves, and that would be a messy legal battle I'm sure. Either way, that doesn't change the fact that running a TOR exit on a home PC on a residential internet connection is silly. You might legally not be held responsible at the end of the day, but it just may cost you a lot in legal fees to get there. Personally, I have better things to spend money on. On 11/29/2012 3:06 PM, George Herbert wrote:
On Thu, Nov 29, 2012 at 11:58 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Not really comparable.
Speaking from a US point of view, ISPs has strong legal protections isolating them from culpability for the actions of their customers. I know internationally things are different, but here in the US the ISP doesn't get dinged, except in certain cases where they are legally required to remove access to material and don't.
End users have no such protections that I'm aware of that cover them similarly.
On 11/29/2012 2:50 PM, George Herbert wrote:
On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just folly. Such as, say, an Internet Service Provider business? There are plenty of ISPs with no or little customer contracts; anyone running open access wireless. Plenty of "open access" sites with free accounts.
And any but the largest ISPs are "end users" of upstream bandwidth.
The analogy of a small free access ISP and a Tor exit node is legally defensible. I know of five, six, seven that I can think of off the top of my head that are run by people I know, one of whom has started and/or been architect or operations lead for 5 or more commercial ISPs.
Even more, ISP like protections are extended in the US to many "end user" sites such as blogging sites, Wikis, etc; where the site is "publishing" content but not creating it or exerting control over it, etc.
This is US specific, and the case of a user in Austria is entirely unrelated to US law, but I don't know that this type of response would hold up in US court for these reasons. I am going to ping my internet law contacts in the US and see what they think, as IANAL.
-- Thomas Beecher II Senior Network Administrator LocalNet Corp. CoreComm Internet Services 716-799-8881 tbeecher@localnet.com
Date: Thu, 29 Nov 2012 15:26:57 -0500 From: Tom Beecher <tbeecher@localnet.com> Subject: Re: William was raided for running a Tor exit node. Please help if you can.
Communications Decency Act, 47 U.S.C. 230 is the US law that has been interpreted to provide immunity to ISP for the actions of their users.
It is worth noting that 47 U.S.C. 230 provides _limited_ protections, only. Broad protection, but limited. It says that a provider shall not 'be treated as author' for material provided by someone else. This of little-to-no help with regard to kiddie porn, since distribution, and even 'mere' possession, are crimes -- independant of authorship.
47 U.S.C. 230 doesn't do much for child porn, no. However, PROTECT does. PROTECT spells out reporting, but also contains safe harbor provisions such that an ISP who didn't know that child porn was being transmitted across their network cannot be prosecuted for not knowing, only for not taking the required reporting/preservation/destruction actions as required by law. And in practice, the process is: On 11/29/2012 5:06 PM, Robert Bonomi wrote:
Date: Thu, 29 Nov 2012 15:26:57 -0500 From: Tom Beecher <tbeecher@localnet.com> Subject: Re: William was raided for running a Tor exit node. Please help if you can.
Communications Decency Act, 47 U.S.C. 230 is the US law that has been interpreted to provide immunity to ISP for the actions of their users. It is worth noting that 47 U.S.C. 230 provides _limited_ protections, only. Broad protection, but limited. It says that a provider shall not 'be treated as author' for material provided by someone else.
This of little-to-no help with regard to kiddie porn, since distribution, and even 'mere' possession, are crimes -- independant of authorship.
1. Running open access wireless does not make you legally an ISP and if your open wireless is used to commit a crime you could be criminally negligent if you did not take "reasonable care" in the eyes of the court. 2. If I provide access to four or five friends, I am not an ISP and in fact I am responsible if they use my connection to do something illegal since I am the customer of record. If you loan your car to an unlicensed driver and he kills someone, you are on the hook. 3. I guarantee you that if your blogging site, wiki or whatever is publishing content like child porn, you are going to jail. There is no "ISP like protections" for that. If you do not take action as soon as you know a crime is being committed, you are going to get nailed. The question in this case would be all about whether the Tor exit node is viewed as a device specifically enabling a criminal or something that was incidentally used to commit a crime. For example, if I give you a hammer and you break into someone's house with it, I am probably not criminally negligent. If I provided you with lock picking equipment and you are not a locksmith, I might be criminally negligent. This is not so clear cut a case that there would not be a fight about it. Steven Naslund -----Original Message----- From: George Herbert [mailto:george.herbert@gmail.com] Sent: Thursday, November 29, 2012 2:06 PM To: Tom Beecher Cc: NANOG Subject: Re: William was raided for running a Tor exit node. Please help if you can. On Thu, Nov 29, 2012 at 11:58 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Not really comparable.
Speaking from a US point of view, ISPs has strong legal protections isolating them from culpability for the actions of their customers. I know internationally things are different, but here in the US the ISP doesn't get dinged, except in certain cases where they are legally required to remove access to material and don't.
End users have no such protections that I'm aware of that cover them similarly.
On 11/29/2012 2:50 PM, George Herbert wrote:
On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just
folly.
Such as, say, an Internet Service Provider business?
There are plenty of ISPs with no or little customer contracts; anyone running open access wireless. Plenty of "open access" sites with free accounts. And any but the largest ISPs are "end users" of upstream bandwidth. The analogy of a small free access ISP and a Tor exit node is legally defensible. I know of five, six, seven that I can think of off the top of my head that are run by people I know, one of whom has started and/or been architect or operations lead for 5 or more commercial ISPs. Even more, ISP like protections are extended in the US to many "end user" sites such as blogging sites, Wikis, etc; where the site is "publishing" content but not creating it or exerting control over it, etc. This is US specific, and the case of a user in Austria is entirely unrelated to US law, but I don't know that this type of response would hold up in US court for these reasons. I am going to ping my internet law contacts in the US and see what they think, as IANAL. -- -george william herbert george.herbert@gmail.com
The entire question here is whether CALEA's covered entities definition and ISP "common carrier" (not exactly, but the commonly used term for CDA protections available, see earlier discussion) definitions overlap. The answer is no. It always has been no. Plenty of publishers and access providers do not fall under CALEA. The FCC and law enforcement are aware of that. The conflation of the two in this conversation has not been useful or educational. What the future might hold is an open question, but for the time being, CDA protections are available (at least theoretically, or arguably) for a lot of people for whom CALEA clearly is not applicable. CDA protections are available whether you log commenters' IP addresses on your blog, keep long lasting web acces logs, allow unrestricted wireless access point access without logging, or what. Responsibility under it does not kick in unless you're aware of or notified of an issue, with some exceptions. Plenty of sites do not keep logs long and some do not log. -george On Thu, Nov 29, 2012 at 12:59 PM, Naslund, Steve <SNaslund@medline.com> wrote:
1. Running open access wireless does not make you legally an ISP and if your open wireless is used to commit a crime you could be criminally negligent if you did not take "reasonable care" in the eyes of the court.
2. If I provide access to four or five friends, I am not an ISP and in fact I am responsible if they use my connection to do something illegal since I am the customer of record. If you loan your car to an unlicensed driver and he kills someone, you are on the hook.
3. I guarantee you that if your blogging site, wiki or whatever is publishing content like child porn, you are going to jail. There is no "ISP like protections" for that. If you do not take action as soon as you know a crime is being committed, you are going to get nailed.
The question in this case would be all about whether the Tor exit node is viewed as a device specifically enabling a criminal or something that was incidentally used to commit a crime. For example, if I give you a hammer and you break into someone's house with it, I am probably not criminally negligent. If I provided you with lock picking equipment and you are not a locksmith, I might be criminally negligent. This is not so clear cut a case that there would not be a fight about it.
Steven Naslund
-----Original Message----- From: George Herbert [mailto:george.herbert@gmail.com] Sent: Thursday, November 29, 2012 2:06 PM To: Tom Beecher Cc: NANOG Subject: Re: William was raided for running a Tor exit node. Please help if you can.
On Thu, Nov 29, 2012 at 11:58 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Not really comparable.
Speaking from a US point of view, ISPs has strong legal protections isolating them from culpability for the actions of their customers. I know internationally things are different, but here in the US the ISP doesn't get dinged, except in certain cases where they are legally required to remove access to material and don't.
End users have no such protections that I'm aware of that cover them similarly.
On 11/29/2012 2:50 PM, George Herbert wrote:
On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just
folly.
Such as, say, an Internet Service Provider business?
There are plenty of ISPs with no or little customer contracts; anyone running open access wireless. Plenty of "open access" sites with free accounts.
And any but the largest ISPs are "end users" of upstream bandwidth.
The analogy of a small free access ISP and a Tor exit node is legally defensible. I know of five, six, seven that I can think of off the top of my head that are run by people I know, one of whom has started and/or been architect or operations lead for 5 or more commercial ISPs.
Even more, ISP like protections are extended in the US to many "end user" sites such as blogging sites, Wikis, etc; where the site is "publishing" content but not creating it or exerting control over it, etc.
This is US specific, and the case of a user in Austria is entirely unrelated to US law, but I don't know that this type of response would hold up in US court for these reasons. I am going to ping my internet law contacts in the US and see what they think, as IANAL.
-- -george william herbert george.herbert@gmail.com
-- -george william herbert george.herbert@gmail.com
On Thu, 29 Nov 2012, Naslund, Steve wrote:
1. Running open access wireless does not make you legally an ISP and if OK.
your open wireless is used to commit a crime you could be criminally negligent if you did not take "reasonable care" in the eyes of the court.
I believe this is incorrect under US law. Do you have any support, statutory or case law, for this claim?
2. If I provide access to four or five friends, I am not an ISP and in fact I am responsible if they use my connection to do something illegal since I am the customer of record. If you loan your car to an unlicensed driver and he kills someone, you are on the hook.
The key word above is "unlicensed". And the other key word -- not present -- is "knowingly". But the analogy breaks down because you don't need a license to use the Internet. Consequently, in most cases you will not know, and cannot reasonably be expected to know, about legal violations. If you let your buddy use your home wireless while he's staying with you for the weekend, and he commits, say, a fraud, or blackmails someone, you are not legally responsible for any of it unless you participated knowingly in some way. Of course, that you didn't know may be hard and expensive and unpleasant to try to prove, but that's a different question.
3. I guarantee you that if your blogging site, wiki or whatever is publishing content like child porn, you are going to jail. There is no
Child porn is an unusual strict liability crime. If you publish or possess it, even unknowingly, you face real risks. As a practical matter most prosecutors do not bring cases against innocent victims (e.g. someone on AOL who gets an evil popup unexpectedly). In theory maybe they could, but I suspect they don't really want the test case.
"ISP like protections" for that. If you do not take action as soon as you know a crime is being committed, you are going to get nailed.
The question in this case would be all about whether the Tor exit node is viewed as a device specifically enabling a criminal or something that
I do not think that would be the analysis under US law at all. The first question is mens rea. We do not charge the car rental company with something if its car is used to rob a bank -- unless they knew in advance that was the plan. Cars enable criminals too.
was incidentally used to commit a crime. For example, if I give you a hammer and you break into someone's house with it, I am probably not criminally negligent. If I provided you with lock picking equipment and you are not a locksmith, I might be criminally negligent. This is not
The term "criminally negligent" really has no role here. Negligence is in most cases a civil not a criminal offense. There are specific crimes. There is aiding and abetting. There may be criminal negligence in unrelated cases where you have a duty to secure something or protect (or not harm) someone and fail to do so (e.g. you leave your car in a position to roll downhill and it hurts someone, or you are willfully blind to a danger to child for whom you should be caring, or you act with such inattention so as to kill someone). But in the USA ***you have no legal duty to secure your wireless***. None. You can leave it open, just as you can leave your window open and let people enjoy what you are playing on your stereo (modulo public nuisance law, and copyright rules against some types of unlicensed public performance). Thus there can be no negligence in leaving it open, at least absent specific knowledge that a person intends to do a specific thing.
so clear cut a case that there would not be a fight about it.
Steven Naslund
[...] -- A. Michael Froomkin, http://www.law.tm Blog: http://www.discourse.net Laurie Silvers & Mitchell Rubenstein Distinguished Professor of Law Editor, Jotwell: The Journal of Things We Like (Lots), jotwell.com U. Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA +1 (305) 284-4285 | +1 (305) 284-6506 (fax) | froomkin@law.tm -->It's warm here.<--
Michael Froomkin - U.Miami School of Law wrote:
2. If I provide access to four or five friends, I am not an ISP and in fact I am responsible if they use my connection to do something illegal since I am the customer of record. If you loan your car to an unlicensed driver and he kills someone, you are on the hook.
The key word above is "unlicensed". And the other key word -- not present -- is "knowingly". But the analogy breaks down because you don't need a license to use the Internet. Consequently, in most cases you will not know, and cannot reasonably be expected to know, about legal violations. If you let your buddy use your home wireless while he's staying with you for the weekend, and he commits, say, a fraud, or blackmails someone, you are not legally responsible for any of it unless you participated knowingly in some way. Of course, that you didn't know may be hard and expensive and unpleasant to try to prove, but that's a different question.
Ummm... you might be liable under your service agreement with your ISP. Most of these have all kinds of restrictive clauses re. not letting others use your connection, copyright infringement, assumption of liability, yada, yada, yada. We all violate these, all the time, but there are times when that might catch up with someone.
The term "criminally negligent" really has no role here. Negligence is in most cases a civil not a criminal offense. There are specific crimes. There is aiding and abetting. There may be criminal negligence in unrelated cases where you have a duty to secure something or protect (or not harm) someone and fail to do so (e.g. you leave your car in a position to roll downhill and it hurts someone, or you are willfully blind to a danger to child for whom you should be caring, or you act with such inattention so as to kill someone). But in the USA ***you have no legal duty to secure your wireless***. None. You can leave it open, just as you can leave your window open and let people enjoy what you are playing on your stereo (modulo public nuisance law, and copyright rules against some types of unlicensed public performance). Thus there can be no negligence in leaving it open, at least absent specific knowledge that a person intends to do a specific thing.
You may have a civil liability to secure your wireless under the terms-of-service agreement with your Internet provider. Well, maybe not to "secure your wireless" but to prevent unauthorized use of your connection to the service provider - which could be accomplished in other ways. Miles Fidelman -- In theory, there is no difference between theory and practice. In practice, there is. .... Yogi Berra
Comments deep below. On Thu, 29 Nov 2012, Miles Fidelman wrote:
Michael Froomkin - U.Miami School of Law wrote:
2. If I provide access to four or five friends, I am not an ISP and in fact I am responsible if they use my connection to do something illegal since I am the customer of record. If you loan your car to an unlicensed driver and he kills someone, you are on the hook.
The key word above is "unlicensed". And the other key word -- not present -- is "knowingly". But the analogy breaks down because you don't need a license to use the Internet. Consequently, in most cases you will not know, and cannot reasonably be expected to know, about legal violations. If you let your buddy use your home wireless while he's staying with you for the weekend, and he commits, say, a fraud, or blackmails someone, you are not legally responsible for any of it unless you participated knowingly in some way. Of course, that you didn't know may be hard and expensive and unpleasant to try to prove, but that's a different question.
Ummm... you might be liable under your service agreement with your ISP. Most of these have all kinds of restrictive clauses re. not letting others use your connection, copyright infringement, assumption of liability, yada, yada, yada. We all violate these, all the time, but there are times when that might catch up with someone.
OK, you might have *contract* liability to the ISP, but not to third parities in the main. Contract damages < tort damages < criminal penalties, the latter being what we were talking about). The only attempt I know of to make violation of those contract terms the predicate for criminal liability failed. Google "Lori Drew".
The term "criminally negligent" really has no role here. Negligence is in most cases a civil not a criminal offense. There are specific crimes. There is aiding and abetting. There may be criminal negligence in unrelated cases where you have a duty to secure something or protect (or not harm) someone and fail to do so (e.g. you leave your car in a position to roll downhill and it hurts someone, or you are willfully blind to a danger to child for whom you should be caring, or you act with such inattention so as to kill someone). But in the USA ***you have no legal duty to secure your wireless***. None. You can leave it open, just as you can leave your window open and let people enjoy what you are playing on your stereo (modulo public nuisance law, and copyright rules against some types of unlicensed public performance). Thus there can be no negligence in leaving it open, at least absent specific knowledge that a person intends to do a specific thing.
You may have a civil liability to secure your wireless under the terms-of-service agreement with your Internet provider. Well, maybe not to "secure your wireless" but to prevent unauthorized use of your connection to the service provider - which could be accomplished in other ways.
Normally that would just be a capacity or useage based billing issue in practice. But sure, contract terms vary widely. Note, though, the distinction between "having contracted to pay extra in some circumstances" (one type of 'civil liability') and risking being found in violation of the contract (another type, but usually one that results in termination of the service rather than an obligation to pay).
Miles Fidelman
-- A. Michael Froomkin, http://www.law.tm Blog: http://www.discourse.net Laurie Silvers & Mitchell Rubenstein Distinguished Professor of Law Editor, Jotwell: The Journal of Things We Like (Lots), jotwell.com U. Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA +1 (305) 284-4285 | +1 (305) 284-6506 (fax) | froomkin@law.tm -->It's warm here.<--
Naslund, Steve wrote:
1. Running open access wireless does not make you legally an ISP and if your open wireless is used to commit a crime you could be criminally negligent if you did not take "reasonable care" in the eyes of the court.
Related: https://www.eff.org/deeplinks/2012/07/judge-copyright-troll-cant-bully-inter... http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2035633
Yes, but if you are operating a TOR node, it's not entirely clear to me that you are not actually an ISP (whether you realize that or not). You are, after all, providing a form of internet access to non-paying customers. Owen On Nov 29, 2012, at 11:58 , Tom Beecher <tbeecher@localnet.com> wrote:
Not really comparable.
Speaking from a US point of view, ISPs has strong legal protections isolating them from culpability for the actions of their customers. I know internationally things are different, but here in the US the ISP doesn't get dinged, except in certain cases where they are legally required to remove access to material and don't.
End users have no such protections that I'm aware of that cover them similarly.
On 11/29/2012 2:50 PM, George Herbert wrote:
On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just folly. Such as, say, an Internet Service Provider business?
...
I think service providers are afforded special protections because the law recognizes their utility and the inability of the service provider to be responsible for the actions of all of their customers. The major problem is that not every individual has the same protections. A lot of ISPs are actually also CLECs or LECs that are protected as licensed telecom carriers. ISPs also do not "allow strangers to do whatever they want" ISPs have responsibilities to act on DCMA notices and CALEA requests from law enforcement. These are things that Tor exit nodes are not capable of doing. If you were an ISP and could not respond to CALEA requests, you will find yourself out of business in a big hurry. Steven Naslund -----Original Message----- From: George Herbert [mailto:george.herbert@gmail.com] Sent: Thursday, November 29, 2012 1:51 PM To: Tom Beecher; NANOG Subject: Re: William was raided for running a Tor exit node. Please help if you can. On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just folly.
Such as, say, an Internet Service Provider business? ... -- -george william herbert george.herbert@gmail.com
On Thu, Nov 29, 2012 at 12:00 PM, Naslund, Steve <SNaslund@medline.com> wrote:
ISPs also do not "allow strangers to do whatever they want" ISPs have responsibilities to act on DCMA notices and CALEA requests from law enforcement. These are things that Tor exit nodes are not capable of doing. If you were an ISP and could not respond to CALEA requests, you will find yourself out of business in a big hurry.
Sure, Tor exit nodes are 'capable of doing' those things if a report is generated that someone's using it to source child porn or terrorist communications or DMCA violations. At the most extreme the owner can shut down a node; they might also put egress filters in place pursuant to notifications. Plenty of small ISPs in one sense or another don't comply with CALEA because they own systems not networks (open access sites, etc). CALEA goes to the network providers in those cases, as I understand it. The Tor owner also might chose to fight it and leave it completely open, but an ISP might chose to do that in response to certain notices as well. This presumes that law enforcement deems them the right place to go investigating an incident, and notifies them. But if they seem to be aware of what Tor is in the US and be generally reasonable in responding to issues with it, that I know of. -- -george william herbert george.herbert@gmail.com
The entire point of Tor is to be untraceable back to the source. Egress filters can prevent future abuse but do not provide for tracing back to the original source of offending conduct. They are not trying to stop the flow of the data in this case, they want the source in jail. If law enforcement comes to you and asks you to show them the source or destination on a case like the one in question, you cannot comply and if law enforcement asks you to trap this data in the future you will also have a problem complying because I think you cannot identify the original source. You ARE providing a network if you are running a Tor exit node just the same as someone who builds a MPLS VPN would be responsible for responding to law enforcement requests for data inside the secure network. A licensed LEC and CLEC has very specific requirements in terms of CALEA and DCMA. It is not something they optionally comply with. An ISP that does not respond to CALEA and DCMA can become liable for events that happen after their non-response. Their "safe harbor" protection ends the moment they do not act in good faith to comply with the law. Even a small ISP that does not own their own network can be subpoenaed to provide logs, sniffer traces, and file dumps from any system they own. I know this for a fact and have provided this data under court orders. CALEA applies just as well to servers and data as it does to the communication circuits themselves. If you have a server on the network, it has a communications circuit into it and you can be required to provide access to that circuit. You can also be required to tap email accounts or data directories as well. This data may not fall strictly under CALEA but a court order can compel you to provide any data you are in possession of. That is why law enforcement can grab a server or PC. ISPs and carriers are often given the benefit of the doubt and law enforcement accepts copies of data they want. If they view you as an adversary or have any inclination of hiding data, they will seize the machine. If they view a Tor exit node owner as an accessory, they are not going to be nicey nice about it. The main problem with Tor is that it purposefully attempts to make this data obscure which could be construed as obstruction. As far as US law enforcement attitudes on Tor, those can and will change as the government sees fit. It is all a matter of the "greater good" in their eyes and whether they think the fight is worthwhile. You better believe that as soon as it becomes a "national security threat" it is coming down. Steven Naslund -----Original Message----- From: George Herbert [mailto:george.herbert@gmail.com] Sent: Thursday, November 29, 2012 2:14 PM To: Naslund, Steve Cc: NANOG Subject: Re: William was raided for running a Tor exit node. Please help if you can. On Thu, Nov 29, 2012 at 12:00 PM, Naslund, Steve <SNaslund@medline.com> wrote:
ISPs also do not "allow strangers to do whatever they want" ISPs have
responsibilities to act on DCMA notices and CALEA requests from law enforcement. These are things that Tor exit nodes are not capable of doing. If you were an ISP and could not respond to CALEA requests, you will find yourself out of business in a big hurry.
Sure, Tor exit nodes are 'capable of doing' those things if a report is generated that someone's using it to source child porn or terrorist communications or DMCA violations. At the most extreme the owner can shut down a node; they might also put egress filters in place pursuant to notifications. Plenty of small ISPs in one sense or another don't comply with CALEA because they own systems not networks (open access sites, etc). CALEA goes to the network providers in those cases, as I understand it. The Tor owner also might chose to fight it and leave it completely open, but an ISP might chose to do that in response to certain notices as well. This presumes that law enforcement deems them the right place to go investigating an incident, and notifies them. But if they seem to be aware of what Tor is in the US and be generally reasonable in responding to issues with it, that I know of. -- -george william herbert george.herbert@gmail.com
On Thu, Nov 29, 2012 at 12:42 PM, Naslund, Steve <SNaslund@medline.com> wrote:
The entire point of Tor is to be untraceable back to the source. Egress filters can prevent future abuse but do not provide for tracing back to the original source of offending conduct. They are not trying to stop the flow of the data in this case, they want the source in jail. If law enforcement comes to you and asks you to show them the source or destination on a case like the one in question, you cannot comply and if law enforcement asks you to trap this data in the future you will also have a problem complying because I think you cannot identify the original source.
If you run an open wireless access point and don't log MACs / MAC to IP DHCP assignments, you are in similar straights. If they come to you 31 days after the data flow and you retain logs for 30, you are in similar straights. If someone faked their wireless MAC and the data in your log is not definitive, everyone's stymied. If someone went into a Library and used an open access computer, there's often no log of who / when. The assertion being made here, that it's somehow illegal (or immoral, or scary) for there to be not-completely-traceable internet access in the US, is absurd. CALEA doesn't say what you're asserting. From the First Report and Order: "24. In this section, we find that facilities-based providers of any type of broadband Internet access service, including but not limited to wireline, cable modem, satellite, wireless, fixed wireless, and broadband access via powerline are subject to CALEA" ( http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-05-153A1.pdf ) If you're not a facilities-based provider, you aren't covered. -- -george william herbert george.herbert@gmail.com
You are correct about most people not falling under CALEA. That also means that they do not have the "safe harbor" provisions provided to facilities based providers (however an open wireless hotspot MIGHT just make you a wireless facilities based provider). You are not under an obligation to provide data under CALEA but a court can order you collect that data going forward, allow LE to tap a device, or just seize the server to study it anytime they feel you may have evidence of a crime. A court can seize almost anything from anyone as long as a judge thinks it is a reasonable search and seizure. If you provide someone with any kind of tools or services (free or not) you are opening yourself up to a liability. If you are in physical possession of a server that contains kiddie porn you are likely to go to jail. I am not saying this Tor server has data like that onboard (but I suppose there could be caches, temp files, and such) but they are going to look until they understand it. You may very well be able to defend your right to a Tor server but it is certainly going to cost you a lot of money and I am sure it is going to be uncomfortable to explain why you want to have one to a judge when LE explains all the evil uses for one. When it comes to running an open access point, I think the legal issue would be negligence. Is it negligence for the 90 year old grandma to have an open AP (probably not, just didn't know better)? Is it negligence for me to have an open AP (probably, I am a network professional and know how to secure a network). As a long time service provider I can tell you that a lot of CALEA enforcement has to do with good faith more than the letter of the law. If your policy is to delete logs after 30 days and the cops show up on day 31, no big deal. If they show up at day 5 and you say you dump your logs at day 4, expect to get grilled. They can tell real quick if you are cooperating to the best of your ability. In the early Internet days, before the CALEA applied to ISPs I had to try to work with LE to comply with court orders and often we explained the technology and limitations of it to the FBI. We were even involved in expert testimony to explain how this "Internet Stuff" worked. Often we did not have the data they wanted but there were ways to get it for an ongoing investigation. Our policy was to not provide specific data without a court order but we would begin collecting it as soon as a LE agent told us they were going to try to obtain it. It was just a professional courtesy to them. I know there is a big counter-culture, no big brother, no regulation attitude toward a lot of Internet issues but I have seen some sick cases involving emailed threats (later carried out) and kids that made me give the law the benefit of the doubt in a lot of cases. There are lots of evil people out there and the Internet is a big tool for them. I have no statistics to back this up (and no one probably does) but with my many years of experience in engineering ARPANET, MILNET, and the Internet I would have to guess that most Tor servers are used for no good much more than they are protecting anyone's privacy. I am guessing that a ton of the Tor traffic is likely to be BitTorrent that is just as likely copyrighted material. That does not mean that Tor or BitTorrent is evil but as network professionals we all know (wink, wink) what that kind of stuff is really mainly used for. That probably does not affect your legal rights to have a Tor server but certainly affects my decision to donate to your defense if you get in a legal case. This is certainly an interesting discussion and I think there are not a lot of concrete answers since this is on the edge of technology law. I do think history shows us that while the government lags behind, they will eventually find a way to control this if it suits them and becomes a source of pain for them. Done with this subject, sorry for the long windedness Steven Naslund -----Original Message----- From: George Herbert [mailto:george.herbert@gmail.com] Sent: Thursday, November 29, 2012 2:53 PM To: Naslund, Steve Cc: NANOG Subject: Re: William was raided for running a Tor exit node. Please help if you can. On Thu, Nov 29, 2012 at 12:42 PM, Naslund, Steve <SNaslund@medline.com> wrote:
The entire point of Tor is to be untraceable back to the source. Egress filters can prevent future abuse but do not provide for tracing
back to the original source of offending conduct. They are not trying to stop the flow of the data in this case, they want the source in jail. If law enforcement comes to you and asks you to show them the source or destination on a case like the one in question, you cannot comply and if law enforcement asks you to trap this data in the future
you will also have a problem complying because I think you cannot identify the original source.
If you run an open wireless access point and don't log MACs / MAC to IP DHCP assignments, you are in similar straights. If they come to you 31 days after the data flow and you retain logs for 30, you are in similar straights. If someone faked their wireless MAC and the data in your log is not definitive, everyone's stymied. If someone went into a Library and used an open access computer, there's often no log of who / when. The assertion being made here, that it's somehow illegal (or immoral, or scary) for there to be not-completely-traceable internet access in the US, is absurd. CALEA doesn't say what you're asserting. From the First Report and Order: "24. In this section, we find that facilities-based providers of any type of broadband Internet access service, including but not limited to wireline, cable modem, satellite, wireless, fixed wireless, and broadband access via powerline are subject to CALEA" ( http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-05-153A1.pdf ) If you're not a facilities-based provider, you aren't covered. -- -george william herbert george.herbert@gmail.com
On Thu, 29 Nov 2012, Naslund, Steve wrote: [...]
When it comes to running an open access point, I think the legal issue would be negligence. Is it negligence for the 90 year old grandma to have an open AP (probably not, just didn't know better)? Is it negligence for me to have an open AP (probably, I am a network professional and know how to secure a network).
In order for there to be a civil claim of negligence there must be, inter alia, a breach of duty. What duty has been breached in your scenario? None. [...]
This is certainly an interesting discussion and I think there are not a lot of concrete answers since this is on the edge of technology law. I
Actually some of us have been teaching and writing about this stuff since the mid 1990s. These issues are far from new; we went through them in the early anonymous remailer days. <relurk> -- A. Michael Froomkin, http://www.law.tm Blog: http://www.discourse.net Laurie Silvers & Mitchell Rubenstein Distinguished Professor of Law Editor, Jotwell: The Journal of Things We Like (Lots), jotwell.com U. Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA +1 (305) 284-4285 | +1 (305) 284-6506 (fax) | froomkin@law.tm -->It's warm here.<--
As a network professional do I not have a duty to protect my companies network from unauthorized access within my ability to do so? I think I do. If you lost all of your credit card and identity data because I left an open wifi hotspot on my network would you have a liability case? I sure think so. If I go into your building and plug in an open wifi hotspot that allows a hacker to gain access to your stuff, is that illegal? I think it is. In this case we are not talking about a civil claim of negligence at all. It is not even a civil case. Let's look at it more as the credibility of deniability. Grandma can claim in court that she had no idea that the neighborhood was using her wifi and be believable. I can't make that claim because it is easy to prove that I know better. Whether the act itself is legal is another matter, but the ability to deny knowledge of the act is the question. So, the way this translates is "Sir, did you know that a large percentage of Tor use is for illegal activities?" How does this guy answer no when he supposedly runs a large ISP? As far as the anonymous remailer, at that time sending anonymous email or spam was not yet illegal. Many ISPs began cracking down on open mail relays well before the CAN SPAM stuff came about because it was good business and most of the industry agreed that open mail relay was bad. What I find really interesting is that the ISP (in general, there are a few rogues) will immediately shut down access to an open mail relay being hosted by their customer because it enables SPAM, but would allow a Tor relay that allows lots of illegal activity. I can tell you exactly why this happens. Most network professionals hate spam, its inconvenience, its clogging of the systems we maintain, and we declared war on the spammers. Tor however enables a whole lot of "gray area" activities like media piracy, warez, and lots of other stuff that some of us are less concerned about (and some of us actually use). If the ISPs and engineers get concerned about any of this stuff, we are capable of killing it off easier than the law enforcement channels. We never eliminated SPAM but it was made a lot tougher. Unfortunately, the history of the public Internet shows that one of the technology drivers of higher and better connections are for things like media sharing and distribution which includes some not so savory or legal sharing and distribution and some not so nice media. Steven Naslund -----Original Message----- From: Michael Froomkin - U.Miami School of Law [mailto:froomkin@law.miami.edu] Sent: Thursday, November 29, 2012 6:30 PM To: Naslund, Steve Cc: NANOG Subject: RE: William was raided for running a Tor exit node. Please help if you can. On Thu, 29 Nov 2012, Naslund, Steve wrote: [...]
When it comes to running an open access point, I think the legal issue
would be negligence. Is it negligence for the 90 year old grandma to have an open AP (probably not, just didn't know better)? Is it negligence for me to have an open AP (probably, I am a network professional and know how to secure a network).
In order for there to be a civil claim of negligence there must be, inter alia, a breach of duty. What duty has been breached in your scenario? None. [...]
This is certainly an interesting discussion and I think there are not a lot of concrete answers since this is on the edge of technology law.
I
Actually some of us have been teaching and writing about this stuff since the mid 1990s. These issues are far from new; we went through them in the early anonymous remailer days. <relurk> -- A. Michael Froomkin, http://www.law.tm Blog: http://www.discourse.net Laurie Silvers & Mitchell Rubenstein Distinguished Professor of Law Editor, Jotwell: The Journal of Things We Like (Lots), jotwell.com U. Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA +1 (305) 284-4285 | +1 (305) 284-6506 (fax) | froomkin@law.tm -->It's warm here.<--
On 29 Nov 2012, at 20:53, George Herbert <george.herbert@gmail.com> wrote:
The assertion being made here, that it's somehow illegal (or immoral, or scary) for there to be not-completely-traceable internet access in the US, is absurd.
The real issue here is *not* the legality of the act of providing a Tor exit node, or an open access point, or anything else. In sensible countries that is perfectly legal. The problem here is the reality of undergoing a criminal investigation. Think carefully about the impact of having everything in your life which runs an operating system taken away. Phones. Tablet. Laptop. Servers. All portable drives, data. If you rely on that hardware for your income (and who doesn't?) you're going to have to buy all of that again. And restore your data, if you are able. -- Will
* Will Hargrave (will@harg.net) wrote:
On 29 Nov 2012, at 20:53, George Herbert <george.herbert@gmail.com> wrote:
The assertion being made here, that it's somehow illegal (or immoral, or scary) for there to be not-completely-traceable internet access in the US, is absurd.
The real issue here is *not* the legality of the act of providing a Tor exit node, or an open access point, or anything else. In sensible countries that is perfectly legal. The problem here is the reality of undergoing a criminal investigation.
It could also be the case that they think the person running the Tor exit node is the actual perpetrator, i.e. its needed to seize all HW to get the kiddie pr0n. Is it even possible for a network sniffer to distinguish between Tor exit traffic and his own traffic? Hopefully he will get it all back but it will most liklely cost both time and money to explain Tor to the Austrian judical system.
Think carefully about the impact of having everything in your life which runs an operating system taken away. Phones. Tablet. Laptop. Servers. All portable drives, data. If you rely on that hardware for your income (and who doesn't?) you're going to have to buy all of that again. And restore your data, if you are able.
Fully agree. /J
On 2012-11-30 13:51 , Joakim Aronius wrote:
* Will Hargrave (will@harg.net) wrote:
On 29 Nov 2012, at 20:53, George Herbert <george.herbert@gmail.com> wrote:
The assertion being made here, that it's somehow illegal (or immoral, or scary) for there to be not-completely-traceable internet access in the US, is absurd.
The real issue here is *not* the legality of the act of providing a Tor exit node, or an open access point, or anything else. In sensible countries that is perfectly legal. The problem here is the reality of undergoing a criminal investigation.
It could also be the case that they think the person running the Tor exit node is the actual perpetrator, i.e. its needed to seize all HW to get the kiddie pr0n. Is it even possible for a network sniffer to distinguish between Tor exit traffic and his own traffic?
Not easily, this as TCP connections originate from the box itself.
Hopefully he will get it all back but it will most liklely cost both time and money to explain Tor to the Austrian judical system.
According to http://raided4tor.cryto.net/ he at least got a full list of what was confiscated including the various weapons in his possession, that in combo with the owning of a safe deposit box (which was not searched) with amongst others cash is an interesting part in personal security IMHO though ;)
Think carefully about the impact of having everything in your life which runs an operating system taken away. Phones. Tablet. Laptop. Servers. All portable drives, data. If you rely on that hardware for your income (and who doesn't?) you're going to have to buy all of that again. And restore your data, if you are able.
Actually they did not take anything away that was really related to the what was detected. The IP that the connection to the (apparently monitored or owned by the $investigators) CP website came from was a rented server in Poland. He apparently was notified that that exit node was being used for abuse and thus 'closed it because of the hacking through it' (which really is not helping when you still run others and looks a lot like you have something to hide to me...) All the other servers he apparently runs in the US and Hong Kong etc are still up and running too. Thus the computer things confiscated where effectively unrelated to the IP that triggered them to look at it. On 2012-11-30 13:58 , Rich Kulawiec wrote:> On Thu, Nov 29, 2012 at 08:04:02AM -0500, Chris quoted (William):
Yes, it happened to me now as well - Yesterday i got raided for someone sharing child pornography over one of my Tor exits.
Question: what evidence has been published -- that is, placed somewhere that we can all see it -- that substantiates the claim that child porn traversed the node in question?
The moment you can see that it is real CP you have seen CP. Do not ask for that. There are special people who have legally signed documents and agreements that investigate this.
Followup question 1: if no such evidence has been produced, then why should we believe that it exists? Extraordinary claims require extraordinary proof.
What likely is the case, from what I understand, is that the server hosting the CP was being either monitored or operated by $investigators.
Followup question 2: if the goal is to identify and apprehend the perpetrators of child porn (and that's a good goal) then why would the police raid this operation?
Because they maybe think he originated it, see also the note above of closing the Tor exit that (allegedly) sourced the request(s).
Would it not make far more sense to take advantage of the operator's knowledge and experience and quietly ask for his/her cooperation *while leaving the node running*?
He already closed the node, apparently due to hacking happening through it. But that would not help anyway, as it is Tor, thus unless you are really really good there is nothing to see there as you'll never find out who originated the connection through Tor.
Followup question 3: what evidence in front of us allows us to clearly discern that this is what it purports to be and not simply an attempt to shut down a Tor node (and intimidate the operators of others) by using a plausible excuse based on a universal hot-button issue?
The owner (the William person this is about) shut it down himself. See the blog mentioned above for more details from his side. Greets, Jeroen
On November 29, 2012 at 11:50 george.herbert@gmail.com (George Herbert) wrote:
On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just folly.
Such as, say, an Internet Service Provider business?
Or a wi-fi hotspot that only requires clicking Accept, no id involved? -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
On Thu, Nov 29, 2012 at 08:04:02AM -0500, Chris quoted (William):
Yes, it happened to me now as well - Yesterday i got raided for someone sharing child pornography over one of my Tor exits.
Question: what evidence has been published -- that is, placed somewhere that we can all see it -- that substantiates the claim that child porn traversed the node in question? Followup question 1: if no such evidence has been produced, then why should we believe that it exists? Extraordinary claims require extraordinary proof. Followup question 2: if the goal is to identify and apprehend the perpetrators of child porn (and that's a good goal) then why would the police raid this operation? Would it not make far more sense to take advantage of the operator's knowledge and experience and quietly ask for his/her cooperation *while leaving the node running*? Followup question 3: what evidence in front of us allows us to clearly discern that this is what it purports to be and not simply an attempt to shut down a Tor node (and intimidate the operators of others) by using a plausible excuse based on a universal hot-button issue? ---rsk
On Nov 30, 2012, at 4:58 AM, Rich Kulawiec <rsk@gsp.org> wrote:
On Thu, Nov 29, 2012 at 08:04:02AM -0500, Chris quoted (William):
Yes, it happened to me now as well - Yesterday i got raided for someone sharing child pornography over one of my Tor exits.
Question: what evidence has been published -- that is, placed somewhere that we can all see it -- that substantiates the claim that child porn traversed the node in question?
Followup question 1: if no such evidence has been produced, then why should we believe that it exists? Extraordinary claims require extraordinary proof.
I don't find the claim all that extraordinary. I think it was only a matter of time before the kiddie-pr0n distributors figured out TOR as a perfect way to distribute anonymously.
Followup question 2: if the goal is to identify and apprehend the perpetrators of child porn (and that's a good goal) then why would the police raid this operation? Would it not make far more sense to take advantage of the operator's knowledge and experience and quietly ask for his/her cooperation *while leaving the node running*?
Sure, but law enforcement isn't exactly renowned for doing the smart things in such situations. Especially during their rather extensive learning curve.
Followup question 3: what evidence in front of us allows us to clearly discern that this is what it purports to be and not simply an attempt to shut down a Tor node (and intimidate the operators of others) by using a plausible excuse based on a universal hot-button issue?
None whatsoever. It's an entirely plausible alternate explanation. At this point, we can't rule either of them out. However, the basic theory "Never attribute to malice what can be adequately explained by incompetence." says that the kiddie-pr0n story is more likely. Owen
-----Original Message----- From: Rich Kulawiec [mailto:rsk@gsp.org] Sent: Friday, November 30, 2012 6:59 AM To: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can.
On Thu, Nov 29, 2012 at 08:04:02AM -0500, Chris quoted (William): Yes, it happened to me now as well - Yesterday i got raided for someone sharing child pornography over one of my Tor exits.
Question: what evidence has been published -- that is, placed somewhere that we can all see it -- that substantiates the claim that child porn traversed the node in question?
The cops don't have to present evidence until there is a court case. Since this guy was not arrested, they have apparently not decided to charge him yet. The apparently had some evidence to get the seizure order. They have to convince a judge, not the public.
Followup question 1: if no such evidence has been produced, then why should we believe that it exists? Extraordinary claims require extraordinary proof.
Followup question 2: if the goal is to identify and apprehend the
Again, no evidence needed until a prosecution happens. Just enough for the cops to convince a judge to allow the evidence seizure. perpetrators of child porn (and that's a good goal) then why would the police raid >this operation? Would it not make far more sense to take advantage of the operator's knowledge and experience and quietly ask for his/her cooperation >*while leaving the node running*? Maybe the cops think he is a perpetrator. It is not unthinkable that he set up a network to hide his own activities. Note that they seized his HOME storage devices, not the Tor server.
Followup question 3: what evidence in front of us allows us to clearly discern that this is what it purports to be and not simply an attempt to shut >down a Tor node (and intimidate the operators of others) by using a plausible excuse based on a universal hot-button issue?
Since the individual indicates that the Tor node was already down and the police did not seize it, what makes you think that it was the target at all. The individual only indicated that the police asked about the IP address used by the Tor server during his questioning so it is possible they did not know it was a Tor node and maybe thought it was at his apartment. I have yet to see anything indicating that he is not allowed to bring his Tor node back online. I am not assuming this is only about the Tor node just because the cops asked him about it. I am a little concerned that this guy keeps a safe deposit box with a burner phone and cash around. Is he a CIA agent? :) Why would I donate to his legal defense when he has not been charged yet? A little premature, no?
---rsk
Steven Naslund
On 11/30/2012 04:01 PM, Naslund, Steve wrote:
I am a little concerned that this guy keeps a safe deposit box with a burner phone and cash around. Is he a CIA agent? :) Anyone who DOESN'T have such things stashed away somewhere is, IMHO, incredibly naive and taking on quite a large amount of risk.
The likelihood (and hope) is that you'll never need it. But on the off chance that you get f***ed by the legal system because of some power hungry, mouth-breather cop who can't/won't understand that you've done nothing wrong -- or worse, that you're easily provably within the law, but he "believes" that you're not and drags you through the process anyways -- you'll be very happy that you stashed away that old unlocked cell phone, old laptop, change of clothes and cash. I'm a (legal) firearms owner... up here in Canada, where some previous governments enacted extreme anti-gun legislation, that pretty much means that if I so much as sneeze in a way that a cop doesn't like, I can have my life ruined pretty damned fast (not quite, but really close). I wouldn't bet against me having an excrement-hitting-the-oscillator stash like this guy does. ;) (Note: I don't mean to imply that all cops are power hungry mouth-breathers intent on destroying the lives of citizens. Most cops are fundamentally good people and do a great job. But like every other profession, there ARE bad cops out there, and it's within the realm of possibility that you'll deal with one of them one day.)
Why would I donate to his legal defense when he has not been charged yet? A little premature, no?
If you think that legal costs in a criminal case only start when you've been formally charged, you're grossly misinformed. At what point you personally decide to donate is one thing, but implying that someone doesn't need a defense fund prior to charges being laid is a bit naive about how the process works. - Pete
OK, there must be a lot more paranoid people out there than I thought there were. I personally don't have a "runaway kit" stashed away. I will get right on that. So when that "mouth breather cop" won't believe you are innocent, your answer is to grab your stuff and go on the lamb for awhile? I am sure he will let you out to go to the bank, get your stuff, and leave town. I think you have seen way to many movies. So if the cops show up at his door tomorrow and say "Here's all your stuff back, there was no evidence of a crime.", you are OK with this guys keeping the "defense fund"? Steve -----Original Message----- From: Peter Kristolaitis [mailto:alter3d@alter3d.ca] Sent: Friday, November 30, 2012 3:53 PM To: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can. On 11/30/2012 04:01 PM, Naslund, Steve wrote:
I am a little concerned that this guy keeps a safe deposit box with
a burner phone and cash around. Is he a CIA agent? :) Anyone who DOESN'T have such things stashed away somewhere is, IMHO, incredibly naive and taking on quite a large amount of risk.
The likelihood (and hope) is that you'll never need it. But on the off chance that you get f***ed by the legal system because of some power hungry, mouth-breather cop who can't/won't understand that you've done nothing wrong -- or worse, that you're easily provably within the law, but he "believes" that you're not and drags you through the process anyways -- you'll be very happy that you stashed away that old unlocked cell phone, old laptop, change of clothes and cash. I'm a (legal) firearms owner... up here in Canada, where some previous governments enacted extreme anti-gun legislation, that pretty much means that if I so much as sneeze in a way that a cop doesn't like, I can have my life ruined pretty damned fast (not quite, but really close). I wouldn't bet against me having an excrement-hitting-the-oscillator stash like this guy does. ;) (Note: I don't mean to imply that all cops are power hungry mouth-breathers intent on destroying the lives of citizens. Most cops are fundamentally good people and do a great job. But like every other profession, there ARE bad cops out there, and it's within the realm of possibility that you'll deal with one of them one day.)
Why would I donate to his legal defense when he has not been charged yet? A little premature, no?
If you think that legal costs in a criminal case only start when you've been formally charged, you're grossly misinformed. At what point you personally decide to donate is one thing, but implying that someone doesn't need a defense fund prior to charges being laid is a bit naive about how the process works. - Pete
I didn't say anything about trying to run away. That probably won't accomplish a whole lot in the long run. But when all of your bank accounts and credit cards are frozen, and your house is a crime scene, at least you have the means to rent a hotel room, contact family/lawyers, etc. And no, I'm not OK with people keeping any money that was donated for a specific purpose in excess of what was actually used. You'd hope that he'd be a good guy about it and give back the portion that wasn't used, or clearly state that any excess will go to charity or something. However, there's no such guarantee (short of doing it through a trust fund with his lawyer), and just like any philanthropic venture, it's up to each donor choose when/if they'll help out. It's just like Kickstarter -- you hope to get something good out of it, but if it bombs, well... you pay your money and you take your chances. - Pete On 11/30/2012 05:02 PM, Naslund, Steve wrote:
OK, there must be a lot more paranoid people out there than I thought there were. I personally don't have a "runaway kit" stashed away. I will get right on that. So when that "mouth breather cop" won't believe you are innocent, your answer is to grab your stuff and go on the lamb for awhile? I am sure he will let you out to go to the bank, get your stuff, and leave town. I think you have seen way to many movies.
So if the cops show up at his door tomorrow and say "Here's all your stuff back, there was no evidence of a crime.", you are OK with this guys keeping the "defense fund"?
Steve
-----Original Message----- From: Peter Kristolaitis [mailto:alter3d@alter3d.ca] Sent: Friday, November 30, 2012 3:53 PM To: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can.
On 11/30/2012 04:01 PM, Naslund, Steve wrote:
I am a little concerned that this guy keeps a safe deposit box with a burner phone and cash around. Is he a CIA agent? :)
Anyone who DOESN'T have such things stashed away somewhere is, IMHO, incredibly naive and taking on quite a large amount of risk.
The likelihood (and hope) is that you'll never need it. But on the off chance that you get f***ed by the legal system because of some power hungry, mouth-breather cop who can't/won't understand that you've done nothing wrong -- or worse, that you're easily provably within the law, but he "believes" that you're not and drags you through the process anyways -- you'll be very happy that you stashed away that old unlocked cell phone, old laptop, change of clothes and cash.
I'm a (legal) firearms owner... up here in Canada, where some previous governments enacted extreme anti-gun legislation, that pretty much means that if I so much as sneeze in a way that a cop doesn't like, I can have my life ruined pretty damned fast (not quite, but really close). I wouldn't bet against me having an excrement-hitting-the-oscillator stash like this guy does. ;)
(Note: I don't mean to imply that all cops are power hungry mouth-breathers intent on destroying the lives of citizens. Most cops are fundamentally good people and do a great job. But like every other profession, there ARE bad cops out there, and it's within the realm of possibility that you'll deal with one of them one day.)
Why would I donate to his legal defense when he has not been charged yet? A little premature, no?
If you think that legal costs in a criminal case only start when you've been formally charged, you're grossly misinformed. At what point you personally decide to donate is one thing, but implying that someone doesn't need a defense fund prior to charges being laid is a bit naive about how the process works.
- Pete
OK, I get it. I think my BS detector is set to high today. I am just really suspicious that this guy that runs an large ISP can't at least wait until there are charges before all the uproar. I think if the cops came and seized my home PCs right now I would probably give them the time to look at them, realize there is nothing there, and give them back to me before freaking out completely. I would be wondering what was going on but probably not raising a defense fund. Steve -----Original Message----- From: Peter Kristolaitis [mailto:alter3d@alter3d.ca] Sent: Friday, November 30, 2012 4:21 PM To: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can. I didn't say anything about trying to run away. That probably won't accomplish a whole lot in the long run. But when all of your bank accounts and credit cards are frozen, and your house is a crime scene, at least you have the means to rent a hotel room, contact family/lawyers, etc. And no, I'm not OK with people keeping any money that was donated for a specific purpose in excess of what was actually used. You'd hope that he'd be a good guy about it and give back the portion that wasn't used, or clearly state that any excess will go to charity or something. However, there's no such guarantee (short of doing it through a trust fund with his lawyer), and just like any philanthropic venture, it's up to each donor choose when/if they'll help out. It's just like Kickstarter -- you hope to get something good out of it, but if it bombs, well... you pay your money and you take your chances. - Pete On 11/30/2012 05:02 PM, Naslund, Steve wrote:
OK, there must be a lot more paranoid people out there than I thought there were. I personally don't have a "runaway kit" stashed away. I will get right on that. So when that "mouth breather cop" won't believe you are innocent, your answer is to grab your stuff and go on the lamb for awhile? I am sure he will let you out to go to the bank,
get your stuff, and leave town. I think you have seen way to many movies.
So if the cops show up at his door tomorrow and say "Here's all your stuff back, there was no evidence of a crime.", you are OK with this guys keeping the "defense fund"?
Steve
-----Original Message----- From: Peter Kristolaitis [mailto:alter3d@alter3d.ca] Sent: Friday, November 30, 2012 3:53 PM To: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can.
On 11/30/2012 04:01 PM, Naslund, Steve wrote:
I am a little concerned that this guy keeps a safe deposit box with a burner phone and cash around. Is he a CIA agent? :)
Anyone who DOESN'T have such things stashed away somewhere is, IMHO, incredibly naive and taking on quite a large amount of risk.
The likelihood (and hope) is that you'll never need it. But on the off chance that you get f***ed by the legal system because of some power hungry, mouth-breather cop who can't/won't understand that you've done nothing wrong -- or worse, that you're easily provably within the law, but he "believes" that you're not and drags you through the process anyways -- you'll be very happy that you stashed away that old unlocked cell phone, old laptop, change of clothes and cash.
I'm a (legal) firearms owner... up here in Canada, where some previous
governments enacted extreme anti-gun legislation, that pretty much means that if I so much as sneeze in a way that a cop doesn't like, I can have my life ruined pretty damned fast (not quite, but really close). I wouldn't bet against me having an excrement-hitting-the-oscillator stash like this guy does. ;)
(Note: I don't mean to imply that all cops are power hungry mouth-breathers intent on destroying the lives of citizens. Most cops are fundamentally good people and do a great job. But like every other profession, there ARE bad cops out there, and it's within the realm of possibility that you'll deal with one of them one day.)
Why would I donate to his legal defense when he has not been charged yet? A little premature, no?
If you think that legal costs in a criminal case only start when you've been formally charged, you're grossly misinformed. At what point you personally decide to donate is one thing, but implying that someone doesn't need a defense fund prior to charges being laid is a bit naive
about how the process works.
- Pete
OK, I get it. I think my BS detector is set to high today. I am just really suspicious that this guy that runs an large ISP can't at least wait until there are charges before all the uproar. I think if the cops came and seized my home PCs right now I would probably give them the time to look at them, realize there is nothing there, and give them back to me before freaking out completely. I would be wondering what was going on but probably not raising a defense fund.
You do realize that it is completely common for "looking" at them to take months. This is a big thing to people in this community, because the police will happily come and confiscate the tools you need to do your job, and not return them for months, years, or sometimes even ever, even in cases where it seems fairly straightforward to identify that the person has done nothing wrong. The police, and many of the policies surrounding this issue, often assume that the party is guilty, and also assume that seizure isn't a significant professional issue. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
I understand that they could look at them for many months. In the meantime, my life will go on. I don't believe there is a whole lot you can do about it. If they take too long, I will consider asking a lawyer to look into getting my stuff back but it would have to be expensive stuff to make the lawyer worthwhile. I am guessing I would buy a new PC (they did not seize this guys bank account or credit cards), I probably don't need 100 Terabytes of storage so my costs are not so bad. My message to the cops and my lawyer would be charge me or lets clear this up. There are laws to protect you from the government from taking your stuff in an unfair manner if you want to go that route. If there is a misunderstanding I will talk to the cops all they want. If I feel I need representation, I will get some. If I am really innocent, I doubt they could ask me too much that would upset me. My guess is they would rather move on in their case instead of spinning their wheels with me. I have thought it was rough on people to have all their stuff seized and I suppose you could try and collect some damages if you bought new gear while your stuff was being held (if for no reason) but I think that very often the cops seize the right stuff. I would really like a poll since we have a lot of network professionals on here, exactly how many of us have had something seized by the cops with NO CAUSE. Anybody, I would like to hear from a real life case. Sorry people...most cops want to put the right people in jail and are not trying to violate your rights. There are bad eggs but that is why we have judges. When I hear someone I don't know say they are innocent and the cops say they are guilty, I tend to believe the cop. Everyone in jail says he is innocent too. BTW - in this case, the cops have not even said this guy is guilty of anything yet. Steven Naslund -----Original Message----- From: Joe Greco [mailto:jgreco@ns.sol.net] Sent: Friday, November 30, 2012 4:49 PM To: Naslund, Steve Cc: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if
OK, I get it. I think my BS detector is set to high today. I am just
really suspicious that this guy that runs an large ISP can't at least wait until there are charges before all the uproar. I think if the cops came and seized my home PCs right now I would probably give them the time to look at them, realize there is nothing there, and give them back to me before freaking out completely. I would be wondering what was going on but probably not raising a defense fund.
You do realize that it is completely common for "looking" at them to take months. This is a big thing to people in this community, because the police will happily come and confiscate the tools you need to do your job, and not return them for months, years, or sometimes even ever, even in cases where it seems fairly straightforward to identify that the person has done nothing wrong. The police, and many of the policies surrounding this issue, often assume that the party is guilty, and also assume that seizure isn't a significant professional issue. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
On Fri, 30 Nov 2012, Naslund, Steve wrote:
My message to the cops and my lawyer would be charge me or lets clear this up. There are laws to protect you from the government from taking your stuff in an unfair manner if you want to go that route. If there is a misunderstanding I will talk to the cops all they want. If I feel I need representation, I will get some. If I am really innocent, I doubt they could ask me too much that would upset me. My guess is they would rather move on in their case instead of spinning their wheels with me.
Those who do not remember history... On Fri, Nov 30, 2012 at 5:23 PM, <goemon@anime.net> wrote:
On Fri, 30 Nov 2012, Naslund, Steve wrote:
My message to the cops and my lawyer would be charge me or lets clear this up. There are laws to protect you from the government from taking your stuff in an unfair manner if you want to go that route. If there is a misunderstanding I will talk to the cops all they want. If I feel I need representation, I will get some. If I am really innocent, I doubt they could ask me too much that would upset me. My guess is they would rather move on in their case instead of spinning their wheels with me.
-Dan
-- -george william herbert george.herbert@gmail.com
Those who do not remember history...
On Fri, Nov 30, 2012 at 5:23 PM, <goemon@anime.net> wrote:
Those who do not remember history... what, exactly? We're doomed to repeat this over and over even if we remember it. Even if we were to assume that there are no "bad actors" in law enforcement, what happens when someone is simply faced with something so complex that they don't really understand it? The conventional wisdom is to seize it and let experts work it out. But there is the possibility of there being so much data, and such complexity in modern systems. What happens when you've got a Mac and you're running VMware Fusion and you've got VM images sitting on a NAS device? Ten or twenty years ago, "nab all the media" was pretty straightforward in the average case, but these days, it's pretty easy even for Joe Sixpack to have some sophistication and to be storing stuff on a NAS device. If you have an iomega ix2-dl with two 4TB hard drives in it, and the thing only reads out at ~60MB/sec, how do you effectively deal with that? You can either seize it or not. You can't realistically analyze the whole thing on site. You can't realistically copy it in place (two days to read it all!). So you seize it. And what happens when it is reliant on other stuff on the local network? And what happens when the police can't quite figure out the way everything worked together? Heaven help us when we start talking about tech-sophisticated users who employ things like encryption and run multiple levels of abstractions. And that brings us to Tor... The flip side to the coin is that there is such little disincentive to be aggressive in seizures. There are any number of examples of overreach, and since there is virtually no personal risk to the authorities responsible, even if the company is successful in filing suit (see SJ Games). The authorities have one hell of a problem going forward. I hope that part is obvious. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
On Sat, Dec 01, 2012 at 10:36:56AM -0600, Joe Greco wrote:
Even if we were to assume that there are no "bad actors" in law enforcement, what happens when someone is simply faced with something so complex that they don't really understand it? The conventional wisdom is to seize it and let experts work it out.
There is another problem with that approach. Actually, two, one that affects us, one that bears on the root cause. We all know, or should know, that there are a couple hundred million zombies (aka bots) out there. Nobody knows exactly how many, of course, because it's impossible to know. But any estimate under 100M should be discarded immediately, and I think numbers in the 200M to 300M are at least plausible, if not probable. Those systems are pretty much EVERYWHERE. The thing is, we don't know specifically where until either (a) they do something that's externally observable that indicates they're zombies AND someone in a position to observe it makes the observation or (b) someone does a forensic-grade examination of them -- which is often what it takes to find some of the more devious malware. There is nothing at all that stops child porn types from leasing zombies or creating their own. There is also nothing stopping them from setting those systems up to transmit/receive child porn via HTTP/S or SMTP or FTP or any other protocol. Or through a VPN or whatever. No Tor required. So -- five minutes from now -- you (generic you) could suddenly be in a position where what happened to this guy is happening to you, because 7 zombies on your network just went active and started shovelling child porn. And you probably won't know it because the traffic will be noise buried in all the other noise. That is, until the authorities, whoever they are wherever you are, show up and confiscate everything, including desktops, laptops, servers, tablets, phones, printers, everything with a CPU. And why shouldn't they? Do you think you're immune to this? Why should you be? Because you're an ISP? A Fortune 500 company? A major university? Joe's Donut Shop? Why should *you* get a pass from this treatment? My point, which I suppose I should get to, is this: This tactic (confiscating everything) is simply not a sensible response by any law enforcement agency. It's bad police work. It's lazy. It's stupid. And worse than any of THAT, it *helps* the child porn types do their thing. (Why? Because it clearly signals the nature and location and time of a security breach. This helps them avoid capture and provides useful intelligence that can be used to design the next operation.) The right tactic is to keep all that gear exactly where it is and doing exactly what it's doing. The children who have already been horribly, tragically exploited will not be any more so if those systems keep running: that damage is done and unplugging computers won't fix it. But keeping that stuff in place and figuring how to start tracing the purveyors and producers, THAT will attack the root cause of the problem, so that maybe other children will be spared, and the people responsible brought to justice. I know it's unfashionable for police to, you know, actually engage in police work any more. It's tedious, boring, and doesn't make headlines. It's much easier to hold self-congratulory press conferences, torture helpless people with tasers, and try to out-do Stasi by setting up a surveillance state. But it would be nice if someone with a clue got them to stop supporting child porn by virtue of being so damn lazy, ignorant and incompetent. TL;DR: try a rapier rather than a bludgeon. ---rsk
I can't help but wonder who would send money to same random person based on a story that may or may not be true. Were these people sucked in by Nigeria scams as well? Not only that, but the list of people who proclaimed their innocence only to be proven guilty is very long. I can't vouch for countries outside of the USA, but here at least we don't get subpoenas on a whim. They are usually part of a very long drawn-out investigation, and they usually are for a very good reason. Jason On Fri, Nov 30, 2012 at 4:37 PM, Naslund, Steve <SNaslund@medline.com>wrote:
OK, I get it. I think my BS detector is set to high today. I am just really suspicious that this guy that runs an large ISP can't at least wait until there are charges before all the uproar. I think if the cops came and seized my home PCs right now I would probably give them the time to look at them, realize there is nothing there, and give them back to me before freaking out completely. I would be wondering what was going on but probably not raising a defense fund.
Steve
-----Original Message----- From: Peter Kristolaitis [mailto:alter3d@alter3d.ca] Sent: Friday, November 30, 2012 4:21 PM To: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can.
I didn't say anything about trying to run away. That probably won't accomplish a whole lot in the long run. But when all of your bank accounts and credit cards are frozen, and your house is a crime scene, at least you have the means to rent a hotel room, contact family/lawyers, etc.
And no, I'm not OK with people keeping any money that was donated for a specific purpose in excess of what was actually used. You'd hope that he'd be a good guy about it and give back the portion that wasn't used, or clearly state that any excess will go to charity or something. However, there's no such guarantee (short of doing it through a trust fund with his lawyer), and just like any philanthropic venture, it's up to each donor choose when/if they'll help out. It's just like Kickstarter -- you hope to get something good out of it, but if it bombs, well... you pay your money and you take your chances.
- Pete
On 11/30/2012 05:02 PM, Naslund, Steve wrote:
OK, there must be a lot more paranoid people out there than I thought there were. I personally don't have a "runaway kit" stashed away. I will get right on that. So when that "mouth breather cop" won't believe you are innocent, your answer is to grab your stuff and go on the lamb for awhile? I am sure he will let you out to go to the bank,
get your stuff, and leave town. I think you have seen way to many movies.
So if the cops show up at his door tomorrow and say "Here's all your stuff back, there was no evidence of a crime.", you are OK with this guys keeping the "defense fund"?
Steve
-----Original Message----- From: Peter Kristolaitis [mailto:alter3d@alter3d.ca] Sent: Friday, November 30, 2012 3:53 PM To: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can.
On 11/30/2012 04:01 PM, Naslund, Steve wrote:
I am a little concerned that this guy keeps a safe deposit box with a burner phone and cash around. Is he a CIA agent? :)
Anyone who DOESN'T have such things stashed away somewhere is, IMHO, incredibly naive and taking on quite a large amount of risk.
The likelihood (and hope) is that you'll never need it. But on the off chance that you get f***ed by the legal system because of some power hungry, mouth-breather cop who can't/won't understand that you've done nothing wrong -- or worse, that you're easily provably within the law, but he "believes" that you're not and drags you through the process anyways -- you'll be very happy that you stashed away that old unlocked cell phone, old laptop, change of clothes and cash.
I'm a (legal) firearms owner... up here in Canada, where some previous
governments enacted extreme anti-gun legislation, that pretty much means that if I so much as sneeze in a way that a cop doesn't like, I can have my life ruined pretty damned fast (not quite, but really close). I wouldn't bet against me having an excrement-hitting-the-oscillator stash like this guy does. ;)
(Note: I don't mean to imply that all cops are power hungry mouth-breathers intent on destroying the lives of citizens. Most cops are fundamentally good people and do a great job. But like every other profession, there ARE bad cops out there, and it's within the realm of possibility that you'll deal with one of them one day.)
Why would I donate to his legal defense when he has not been charged yet? A little premature, no?
If you think that legal costs in a criminal case only start when you've been formally charged, you're grossly misinformed. At what point you personally decide to donate is one thing, but implying that someone doesn't need a defense fund prior to charges being laid is a bit naive
about how the process works.
- Pete
Not only that, but the list of people who proclaimed their innocence only to be proven guilty is very long. I can't vouch for countries outside of the USA, but here at least we don't get subpoenas on a whim. They are usually part of a very long drawn-out investigation, and they usually are for a very good reason.
Usually, but not always. I've seen a number of subpoenas and a few search warrants that were: Ridiculously broad Overreaching Really stretched the concept of probable cause As in all else, not all LEOs are good actors. Owen
On 11/30/2012 02:02 PM, Naslund, Steve wrote:
OK, there must be a lot more paranoid people out there than I thought
for awhile? I am sure he will let you out to go to the bank, get your stuff, and leave town. I think you have seen way to many movies.
So if the cops show up at his door tomorrow and say "Here's all your stuff back, there was no evidence of a crime.", you are OK with this guys keeping the "defense fund"?
I for one vote for installing a de-gauging ring in your door frame. any removal of equipment you don't approve of will be wiped. That and encryption possibly combined with hiding the "real" OS (truecrypt can do that). Greetings, Jeroen -- Earthquake Magnitude: 5.1 Date: Monday, December 17, 2012 17:46:48 UTC Location: central East Pacific Rise Latitude: -3.9682; Longitude: -104.0375 Depth: 15.70 km
In most jurisdictions, wouldn't using a de-gaussing ring in the door frame to wipe any equipment being removed constitute "tampering with evidence" or interfering with an investigation if the authority in question is in possession of a warrant/subpoena? On Mon, Dec 17, 2012 at 11:33 AM, Jeroen van Aart <jeroen@mompl.net> wrote:
On 11/30/2012 02:02 PM, Naslund, Steve wrote:
OK, there must be a lot more paranoid people out there than I thought
for awhile? I am sure he will let you out to go to the bank, get your
stuff, and leave town. I think you have seen way to many movies.
So if the cops show up at his door tomorrow and say "Here's all your
stuff back, there was no evidence of a crime.", you are OK with this guys keeping the "defense fund"?
I for one vote for installing a de-gauging ring in your door frame. any removal of equipment you don't approve of will be wiped. That and encryption possibly combined with hiding the "real" OS (truecrypt can do that).
Greetings, Jeroen
-- Earthquake Magnitude: 5.1 Date: Monday, December 17, 2012 17:46:48 UTC Location: central East Pacific Rise Latitude: -3.9682; Longitude: -104.0375 Depth: 15.70 km
-- Kyle Creyts Information Assurance Professional BSidesDetroit Organizer
Drifting a big off topic for NANOG (but hey, that happens every /pi/ days anyways!), but I'll toss this in... Like every other legal incident, it would be unique to your own situation. Keep in mind that, should any of the charges you mentioned go to court, the prosecution would have to prove /mens rea/ (intent). They would have to prove that you intended to cause the drives to be wiped specifically because you did not want them admitted as evidence. If you weren't even home at the time the warrant was executed, the worst lawyer in the world would be able to argue that you have the system in place to prevent sensitive data from leaving in the event of common theft, and that it's not your fault the police triggered it (and suggest that maybe they should add "scan for an intense EM field" to their standard procedures when dealing with computer equipment :p ). If you were home at the time (or knew that a warrant was being executed, e.g. if the police show up at your workplace to inform you), things would be a lot dicier. Actively hitting the "turn on the system" button would definitely be bad news for you. However, simply not turning it off as the officers are walking out the door, well... it was a VERY stressful situation for you, with all the police running all over your house, and you simply forgot about the system until much later (or so your lawyer could argue). There would definitely be some unhappy people with the situation regardless, and either way you'll be contributing to buying your lawyer a new car. ;) Now, having said all that... I'm not sure I'd want to pay the electricity bill for keeping that degausser running... :p - Pete On 12/17/2012 02:52 PM, Kyle Creyts wrote:
In most jurisdictions, wouldn't using a de-gaussing ring in the door frame to wipe any equipment being removed constitute "tampering with evidence" or interfering with an investigation if the authority in question is in possession of a warrant/subpoena?
On Mon, Dec 17, 2012 at 11:33 AM, Jeroen van Aart <jeroen@mompl.net> wrote:
On 11/30/2012 02:02 PM, Naslund, Steve wrote:
OK, there must be a lot more paranoid people out there than I thought
for awhile? I am sure he will let you out to go to the bank, get your
stuff, and leave town. I think you have seen way to many movies.
So if the cops show up at his door tomorrow and say "Here's all your
stuff back, there was no evidence of a crime.", you are OK with this guys keeping the "defense fund"?
I for one vote for installing a de-gauging ring in your door frame. any removal of equipment you don't approve of will be wiped. That and encryption possibly combined with hiding the "real" OS (truecrypt can do that).
Greetings, Jeroen
-- Earthquake Magnitude: 5.1 Date: Monday, December 17, 2012 17:46:48 UTC Location: central East Pacific Rise Latitude: -3.9682; Longitude: -104.0375 Depth: 15.70 km
On Mon, 17 Dec 2012 16:28:28 -0500, Peter Kristolaitis said:
Now, having said all that... I'm not sure I'd want to pay the electricity bill for keeping that degausser running... :p
An EMP device doesn't have to chew power all the time... And of course, there's this: http://www.youtube.com/watch?v=8vxEimC3HME
In message <34925.1355780734@turing-police.cc.vt.edu>, Valdis.Kletnieks@vt.edu writes:
--==_Exmh_1355780734_2398P Content-Type: text/plain; charset=us-ascii
On Mon, 17 Dec 2012 16:28:28 -0500, Peter Kristolaitis said:
Now, having said all that... I'm not sure I'd want to pay the electricity bill for keeping that degausser running... :p
An EMP device doesn't have to chew power all the time...
And of course, there's this: http://www.youtube.com/watch?v=8vxEimC3HME
I suspect you would fine that such a ring would illegal as it is a potential "man trap". There are reasons hospitals have big warning signs around similar equipment used for medical imaging. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
On 12/17/12, Mark Andrews <marka@isc.org> wrote:
In message <34925.1355780734@turing-police.cc.vt.edu>,
On Mon, 17 Dec 2012 16:28:28 -0500, Peter Kristolaitis said:
Yeah... degaussing rings consume a lot of energy you shouldn't need to consume. If you _must_ be able to protect data from extreme physical threats: keep it encrypted end to end at all times, and concentrate on Information assurance for the key itself, and making the equipment tamper resistant, to prevent eavesdropping, for example: by incorporating computer chassis into the support structure of the building, with, EM shielding, plate steel vault doors and relocking mechanisms; just as you'd want to safeguard other physical valuables. Encryption keys are short, and easy to store on small tamper-resistant smartcards, which can be burned up or erased in a second by a low voltage circuit; possibly one triggered automatically if the incorrect PIN is entered, or the correct 3rd or 4th (easily accidentally lost, or left at some other place) SIM Card/Micro-sim shapped parts containing enough other shares of the encryption key aren't inserted in a partner module shortly after powerup. As long as the crypto algorithm was sound, reliable destruction of the key should make the data as hard (or harder) to be recovered, than if media had been degaussed.
And of course, there's this: http://www.youtube.com/watch?v=8vxEimC3HME
I suspect you would fine that such a ring would illegal as it is a potential "man trap". There are reasons hospitals have big warning signs around similar equipment used for medical imaging.
Mark -- -JH
On 12-12-17 21:45, Jimmy Hess wrote:
Yeah... degaussing rings consume a lot of energy you shouldn't need to consume.
Now now, you clearly have not watched enough scient fiction/action movies... Clearly, you have a mechanism which triggers the degaussing (or neutron bomb in the basement the minute a hard drive is disconnected from the server/disk array :-) And you just need to put up a sign "warning, this building is protected with a giant degaussing magnet to protect against data theft, remove all rings from your body parts if you intend to steal from this building :-) Note that they used this trick in "Breaking Bad" with a giant magnet in a van parked right next to where evidence room and they managed to zap the laptop that contained evidence against them. Of course, the laws of physics don't apply in Hollywood so it is not clear whether this is realistic or not.
On Mon, Dec 17, 2012 at 20:45:04AM -0600, Jimmy Hess wrote:
If you _must_ be able to protect data from extreme physical threats: keep it encrypted end to end at all times,
Physical threat is somewhat different than seizure by law enforcement, though. Although mooted when authorities decrypted an evidentiary laptop themselves, the idea of encryption as a shield against law enforcement is not yet a settled issue in the US; see the "Fricosu" case. A nice explanation: https://www.eff.org/deeplinks/2012/03/tale-two-encryption-cases -- Henry Yen Aegis Information Systems, Inc. Senior Systems Programmer Hicksville, New York
On 12/18/12, Henry Yen <henry@aegisinfosys.com> wrote:
On Mon, Dec 17, 2012 at 20:45:04AM -0600, Jimmy Hess wrote: Physical threat is somewhat different than seizure by law enforcement, though.
I'm not so sure about that. It's a kind of physical threat; the set of all physical threats includes a subset of threats that are LEO threats involving authorities and are related to (quasi-)legal threats. The law enforcement personnel may have been paid off by a rogue party in the first place, to seize and "misplace" the data (E.g. deny the legitimate principal access to it for the purposes of competitive advantage), or to seize and "accidentally" leak the data to overseas entity attempting to gain the data for economic advantage, by taking advantage of insufficient security controls of the law enforcement entity.
the idea of encryption as a shield against law enforcement is not yet a settled issue in the US; see the "Fricosu" case. A nice explanation: https://www.eff.org/deeplinks/2012/03/tale-two-encryption-cases
It obviously wouldn't work for all kinds of data, but; even if it's not a 5th amendment issue; E.g. "required to reveal your keys and allow the data to be decrypted"; the POSSIBILITY has to exist that that you can in fact know or recover the keys. You can't testify against yourself, if you had your memory permanently wiped in some manner, so that you are incapable of ever recalling, because "there's nothing there to present" --- it doesn't matter if there was no 5th amendment, the fact your memory was wiped, erased the possibility of ever testifying. If an automatic response to the security breach results in complete reliable destruction of physical and logical devices absolutely required to be fully intact to recover the keys and execute decryption activity, then "there is inherently nothing to provide", once that occured; the remaining option would be for the LEO to dedicate massive computing resources over a sufficient hundred years, to discover the key through brute force key space search of 10^77+ keys. That's assuming no backups of the key devices.
-- Henry Yen Aegis Information Systems, -- -JH
In any event, I'm pretty sure that I'd rather get hit with "tampering with evidence" versus them retrieving data that may incriminate me. I believe this may be a the "lesser of two evils" game.
-----Original Message----- From: Kyle Creyts [mailto:kyle.creyts@gmail.com] Sent: Monday, December 17, 2012 2:52 PM To: Jeroen van Aart Cc: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can.
In most jurisdictions, wouldn't using a de-gaussing ring in the door frame to wipe any equipment being removed constitute "tampering with evidence" or interfering with an investigation if the authority in question is in possession of a warrant/subpoena?
On Mon, Dec 17, 2012 at 11:33 AM, Jeroen van Aart <jeroen@mompl.net> wrote:
On 11/30/2012 02:02 PM, Naslund, Steve wrote:
OK, there must be a lot more paranoid people out there than I thought
for awhile? I am sure he will let you out to go to the bank, get your
stuff, and leave town. I think you have seen way to many movies.
So if the cops show up at his door tomorrow and say "Here's all your
stuff back, there was no evidence of a crime.", you are OK with this guys keeping the "defense fund"?
I for one vote for installing a de-gauging ring in your door frame. any removal of equipment you don't approve of will be wiped. That and encryption possibly combined with hiding the "real" OS (truecrypt can do that).
Greetings, Jeroen
-- Earthquake Magnitude: 5.1 Date: Monday, December 17, 2012 17:46:48 UTC Location: central East Pacific Rise Latitude: -3.9682; Longitude: -104.0375 Depth: 15.70 km
-- Kyle Creyts
Information Assurance Professional BSidesDetroit Organizer
-----Original Message----- From: Peter Kristolaitis [mailto:alter3d@alter3d.ca] Sent: Friday, November 30, 2012 4:53 PM To: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can.
(Note: I don't mean to imply that all cops are power hungry mouth-breathers intent on destroying the lives of citizens. Most cops are fundamentally good people and do a great job. But like every other profession, there ARE bad cops out there, and it's within the realm of possibility that you'll deal with one of them one day.)
Power corrupts and cops have power. What scares me is that there is no way *I* can tell the difference between a cop who accepts free coffee from the local café and a cop who will lie to get what they want.
Guess who has power over the networks and Internet. We do and power corrupts us too. There are some bad guy ISPs and engineers out there too. Just because you are running a Tor server to allow for "privacy protection" does not mean you were never doing anything illegal through it. I know this is not true in all cases but a lot of times the guy who screams the most about privacy has something to hide. Do you like getting phone calls with blocked callerID? Do you like getting anonymous SPAM? Do you mind having anonymously sourced pics of your kids going out over the internet? One guys privacy is sometimes an invasion of mine. If this guy is so distraught over this case maybe he should have ensured that he had the resources to defend himself before he put up the multiple exit nodes. There are test cases all the time, but if you want to be the test case you should be prepared. How many of us have killed an open mail relay (did you have a warrant before you interrupted that good Samaritan providing that free mail server to the poor downtrodden email-less masses...you are not even a cop and did not have a judge review your actions..how dare you...)? Steven Naslund -----Original Message----- From: Eric Wieling [mailto:EWieling@nyigc.com] Sent: Friday, November 30, 2012 4:12 PM To: nanog@nanog.org Subject: RE: William was raided for running a Tor exit node. Please help if you can.
-----Original Message----- From: Peter Kristolaitis [mailto:alter3d@alter3d.ca] Sent: Friday, November 30, 2012 4:53 PM To: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can.
(Note: I don't mean to imply that all cops are power hungry mouth-breathers intent on destroying the lives of citizens. Most cops are fundamentally good people and do a great job. But like every other profession, there ARE bad cops out there, and it's within the realm of possibility that you'll deal with one of them one day.)
Power corrupts and cops have power. What scares me is that there is no way *I* can tell the difference between a cop who accepts free coffee from the local café and a cop who will lie to get what they want.
participants (47)
-
.
-
Aled Morris
-
Barry Shein
-
Brandon Lehmann
-
Brian Johnson
-
Chris
-
elijah wright
-
Emily Ozols
-
Eric Wieling
-
Eugen Leitl
-
George Herbert
-
goemon@anime.net
-
Henry Yen
-
Jason Baugher
-
Jay Ashworth
-
Jean-Francois Mezei
-
Jeroen Massar
-
Jeroen van Aart
-
Jim Mercer
-
Jima
-
Jimmy Hess
-
Joakim Aronius
-
Joe Greco
-
Joel jaeggli
-
Joly MacFie
-
Jordan Michaels
-
Jutta Zalud
-
Kyle Creyts
-
Mark Andrews
-
Michael Froomkin - U.Miami School of Law
-
Michael Painter
-
Miles Fidelman
-
Naslund, Steve
-
Nick B
-
Owen DeLong
-
Patrick W. Gilmore
-
Peter Kristolaitis
-
Ray Soucy
-
Rayson Ho
-
Rich Kulawiec
-
Robert Bonomi
-
Scott Berkman
-
Tom Beecher
-
Valdis.Kletnieks@vt.edu
-
Warren Bailey
-
Will Hargrave
-
William Herrin