On Tue, Sep 04, 2018 at 10:19:45AM +0000, Paul Templeton wrote:
The thing that worries me is that this bill will probably go through and it can hoover up relay operators. That is they can force you to add/develop tools to eavesdrop on you.
Is there any real defense against this bill? IE having a parameter in the torrc that would act like a canary?
I don't believe they can actually force you to do these things, in this hypothetical future. You will always have the alternative of deciding to stop running your relay.
If you are faced with this choice, you should stop running the relay -- and then find some lawyers to get advice on how best to get the word out.
Tor's strength is in its distributed nature: a single relay operator isn't in the same centralized position as, say, Lavabit was.
These proposed laws are still scary, though, first because they promote broad insecurity (making civilization weaker at a time where attackers already have the advantage in so many ways), and second because if they get enough momentum in enough different places, our strategy will need to shift from "route around that terrible country with its stupid law" to some more pervasive design changes to handle the new attacks.
For those wanting more thoughts on this area, check out the discussion at https://blog.torproject.org/calea-2-and-tor (spoiler alert, it's basically the same broken record from 2013)
--Roger