Hello,
I want to run an exit-node through mit home connection. Has anyone experience with running a Tor-Relay in Germany( Bavaria)?
Are there known cases of police raids? Is there a list of lawyers which work with the torproject which should be called in case of a raid? Has anyone had sucsess with talking to the police prior to setting up the exit-node? If so, to which departmed did you talk to?
Yours
Matthias
On Thu, Aug 01, 2013 at 02:33:17PM +0200, Matthias Redies wrote:
Hello,
I want to run an exit-node through mit home connection. Has anyone
I wouldn't run a Tor exit at home, especially in Bavaria. The upstream is not worth it (unless you have fiber), and the hassle can be considerable. I recommend renting a root server or putting up your own hardware in a colo -- or, better, donate it to Torservers/Zwiebelfreunde e.V. so that they can pay people to run servers in sparsely covered areas of the world, e.g. Asia.
experience with running a Tor-Relay in Germany( Bavaria)?
A Tor relay is a non-exit, and completely unproblematic but for potential traffic issues.
Are there known cases of police raids? Is there a list of lawyers which work with the torproject which should be called in case of a raid? Has anyone had sucsess with talking to the police prior to setting up the exit-node? If so, to which departmed did you talk to?
I've had a couple contacts with the local police when running an exit at home, where I came in with printouts of Tor exits which listed my node's IP, and explained how Tor worked using online description like https://www.torproject.org/about/overview.html.en
You should contact http://www.zwiebelfreunde.de/ and CCC, imo.
Luckly I have a fiber connection and a unused RaspberryPi. So running an exit-node would be free for me. Can you describe the encounter with the police? Did you just go to your local police station oder did you call a special cybercriminality unit?
What exactly was the 'hassle' when you ran an exit-node?
Am 01.08.13 15:22, schrieb Eugen Leitl:
On Thu, Aug 01, 2013 at 02:33:17PM +0200, Matthias Redies wrote:
Hello,
I want to run an exit-node through mit home connection. Has anyone
I wouldn't run a Tor exit at home, especially in Bavaria. The upstream is not worth it (unless you have fiber), and the hassle can be considerable. I recommend renting a root server or putting up your own hardware in a colo -- or, better, donate it to Torservers/Zwiebelfreunde e.V. so that they can pay people to run servers in sparsely covered areas of the world, e.g. Asia.
experience with running a Tor-Relay in Germany( Bavaria)?
A Tor relay is a non-exit, and completely unproblematic but for potential traffic issues.
Are there known cases of police raids? Is there a list of lawyers which work with the torproject which should be called in case of a raid? Has anyone had sucsess with talking to the police prior to setting up the exit-node? If so, to which departmed did you talk to?
I've had a couple contacts with the local police when running an exit at home, where I came in with printouts of Tor exits which listed my node's IP, and explained how Tor worked using online description like https://www.torproject.org/about/overview.html.en
You should contact http://www.zwiebelfreunde.de/ and CCC, imo. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Thu, Aug 1, 2013 at 10:03 PM, Matthias Redies rediesmatthias@yahoo.dewrote:
Luckly I have a fiber connection and a unused RaspberryPi. So running an exit-node would be free for me. Can you describe the encounter with the police? Did you just go to your local police station oder did you call a special cybercriminality unit?
What exactly was the 'hassle' when you ran an exit-node?
This is for Singapore, but may provide you with a data point.
I run a number of Tor nodes in Singapore. The servers are hosted on IPs that are registered to me in APNIC whois.
The Singapore Police has an active Cyber Crime division. Singapore Law is based in large part on English Law.
I am not sure if the investigation is ongoing, so I am leaving out specifics.
I received, about 3 months ago, an email from a Police Officer. It was addressed to my address in the whois, and seemed to be written assuming I was an ISP. It cited a date and time range, an IP address, and asked which customer was using the IP address at that time. This was in connection with "unathorised fund transfers".
I replied back explaining that the IP was in my control, and ran TOR. I provided a link to the TOR website, and that I did not have any logs.
I got back a prompt response thanking me, and have heard nothing since.
So it is possible that, as law enforcement gets better clued in to Tor, they would be willing to let you go with dirty looks for making their life harder, but not call down the SWAT team.
An exit relay operator in Austria recently had their home raided by police after abuse from the exit node IP,
http://www.theregister.co.uk/2012/12/10/tor_admin/
I recall reading somewhere else that the police pointed out that even if the abuse can from an IP address shared by a Tor exit node, they still needed to check whether the abuse did come from Tor, rather than another computer that was on the same internal networh (thus sharing the public IP address). So, it's worth bearing in mind if you will be sharing the same IP address with other computers in your home.
Samuel.
On 1 Aug 2013, at 15:25, Sanjeev Gupta ghane0@gmail.com wrote:
On Thu, Aug 1, 2013 at 10:03 PM, Matthias Redies rediesmatthias@yahoo.de wrote: Luckly I have a fiber connection and a unused RaspberryPi. So running an exit-node would be free for me. Can you describe the encounter with the police? Did you just go to your local police station oder did you call a special cybercriminality unit?
What exactly was the 'hassle' when you ran an exit-node?
This is for Singapore, but may provide you with a data point.
I run a number of Tor nodes in Singapore. The servers are hosted on IPs that are registered to me in APNIC whois.
The Singapore Police has an active Cyber Crime division. Singapore Law is based in large part on English Law.
I am not sure if the investigation is ongoing, so I am leaving out specifics.
I received, about 3 months ago, an email from a Police Officer. It was addressed to my address in the whois, and seemed to be written assuming I was an ISP. It cited a date and time range, an IP address, and asked which customer was using the IP address at that time. This was in connection with "unathorised fund transfers".
I replied back explaining that the IP was in my control, and ran TOR. I provided a link to the TOR website, and that I did not have any logs.
I got back a prompt response thanking me, and have heard nothing since.
So it is possible that, as law enforcement gets better clued in to Tor, they would be willing to let you go with dirty looks for making their life harder, but not call down the SWAT team.
-- Sanjeev Gupta +65 98551208 http://www.linkedin.com/in/ghane
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
I guess that's a good point. I don' want my non-tor-related hardware stuck with the police, because they can not encypt my harddrives. I think I will just run a tor-relay und donate a little so someone else can run an exit-node.
Am 01.08.13 16:36, schrieb Samuel Walker:
An exit relay operator in Austria recently had their home raided by police after abuse from the
exit node IP,
http://www.theregister.co.uk/2012/12/10/tor_admin/
I recall reading somewhere else that the police pointed out that even
if the abuse can from an IP address shared by a Tor exit node, they still needed to check whether the abuse did come from Tor, rather than another computer that was on the same internal networh (thus sharing the public IP address). So, it's worth bearing in mind if you will be sharing the same IP address with other computers in your home.
Samuel.
On 1 Aug 2013, at 15:25, Sanjeev Gupta <ghane0@gmail.com
mailto:ghane0@gmail.com> wrote:
On Thu, Aug 1, 2013 at 10:03 PM, Matthias Redies
<rediesmatthias@yahoo.de mailto:rediesmatthias@yahoo.de> wrote:
Luckly I have a fiber connection and a unused RaspberryPi. So
running an exit-node would be free for me. Can you describe the encounter with the police? Did you just go to your local police station oder did you call a special cybercriminality unit?
What exactly was the 'hassle' when you ran an exit-node?
This is for Singapore, but may provide you with a data point.
I run a number of Tor nodes in Singapore. The servers are hosted on
IPs that are registered to me in APNIC whois.
The Singapore Police has an active Cyber Crime division. Singapore
Law is based in large part on English Law.
I am not sure if the investigation is ongoing, so I am leaving out
specifics.
I received, about 3 months ago, an email from a Police Officer. It
was addressed to my address in the whois, and seemed to be written assuming I was an ISP. It cited a date and time range, an IP address, and asked which customer was using the IP address at that time. This was in connection with "unathorised fund transfers".
I replied back explaining that the IP was in my control, and ran
TOR. I provided a link to the TOR website, and that I did not have any logs.
I got back a prompt response thanking me, and have heard nothing since.
So it is possible that, as law enforcement gets better clued in to
Tor, they would be willing to let you go with dirty looks for making their life harder, but not call down the SWAT team.
-- Sanjeev Gupta +65 98551208 http://www.linkedin.com/in/ghane
tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
check whether the abuse did come from Tor, rather than another computer that was on the same internal networh (thus sharing the public IP address).
Many ISP's run netflow logging or its equivalent for some combination of statistics and security purposes. Being effectively an ISP, a Tor node operator would be able to discriminate between the two traffic sources by segmenting and logging their networks appropriately. Any look of the ISP's gear would then give the ISP a bit of defense against that question. Do your own work regarding legality and effectiveness of such logging in your area and application.
On Thu, Aug 01, 2013 at 10:25:15PM +0800, Sanjeev Gupta wrote:
I received, about 3 months ago, an email from a Police Officer. It was addressed to my address in the whois, and seemed to be written assuming I was an ISP. It cited a date and time range, an IP address, and asked which customer was using the IP address at that time. This was in connection with "unathorised fund transfers".
I replied back explaining that the IP was in my control, and ran TOR. I provided a link to the TOR website, and that I did not have any logs.
I got back a prompt response thanking me, and have heard nothing since.
So it is possible that, as law enforcement gets better clued in to Tor, they would be willing to let you go with dirty looks for making their life harder, but not call down the SWAT team.
Similarly, the FBI agents who talked to Noisebridge representatives said effectively, "I have 10 leads in this case. If you can tell me straight away that the IP address lead is a dead end, I can cross it off my list and not waste any time pursuing it."
-andy
Matthias Redies:
Luckly I have a fiber connection and a unused RaspberryPi. So running an
How many Mbps? I've had a RaspberyPi struggle to forward 1.5Mbps (only intermittently though) and posted about it in here - it may freeze or reboot when under stress. If you are pushing more than 1.5Mbps, you're more likely to get picked as guard, etc, which can push the Pi over the edge.
There are a number of highly scattered posts on tuning the Pi for Tor. I finally got time to get mine working 2 days ago and am collecting everything I did to it (and further tweaks - I'd had to take it offline due to TCP connection "storms" crashing my *router*) into a single long, highly detailed post for everybody here.
But stock Raspbian + Pi + Tor + fiber = you're gonna have a bad time, without tuning.
Best, -Gordon
Ok that is good to know. Right know I will probably run it on 1-1.5 Mbps and later on 3-4 Mbps. What is the maximum your raspberry is capable to do? Please let me know if you publish your tutorial.
Am 01.08.13 17:04, schrieb Gordon Morehouse:
Matthias Redies:
Luckly I have a fiber connection and a unused RaspberryPi. So running an
How many Mbps? I've had a RaspberyPi struggle to forward 1.5Mbps (only intermittently though) and posted about it in here - it may freeze or reboot when under stress. If you are pushing more than 1.5Mbps, you're more likely to get picked as guard, etc, which can push the Pi over the edge.
There are a number of highly scattered posts on tuning the Pi for Tor. I finally got time to get mine working 2 days ago and am collecting everything I did to it (and further tweaks - I'd had to take it offline due to TCP connection "storms" crashing my *router*) into a single long, highly detailed post for everybody here.
But stock Raspbian + Pi + Tor + fiber = you're gonna have a bad time, without tuning.
Best, -Gordon
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Matthias Redies:
Ok that is good to know. Right know I will probably run it on 1-1.5 Mbps and later on 3-4 Mbps. What is the maximum your raspberry is capable to do? Please let me know if you publish your tutorial.
I had it pushing about 1.5Mbps and crashing only about once a week before I started having TCP connect floods and had to take it offline until I could pay attention for a while. I'm still tuning it. It crashed much, much more often before some basic tuning, though.
And my plan is to publish my results to the entire list, because at $35, Raspberry Pis can make *great* relays for slower home broadband, but they need a little tender loving care first. :)
I hope to have something up in a week or two, I need to watch it for a while and continue to tweak, and maybe develop a solution for the TCP storms that can bring down a lot of consumer routers, before publishing for all.
Best, -Gordon
I don't know if you have any sensitive data on your raspberry, but it might make sense to create a SD-Card image, since tor will probably be the only application and the hardware will be absolutely identical. This would eliminate the loving care part and less people would give up.
But I don't want to create more work than you already have. If you don't have the time to create an image, maybe I will try do it myself.
Am 01.08.13 17:29, schrieb Gordon Morehouse:
Matthias Redies:
Ok that is good to know. Right know I will probably run it on 1-1.5 Mbps and later on 3-4 Mbps. What is the maximum your raspberry is capable to do? Please let me know if you publish your tutorial.
I had it pushing about 1.5Mbps and crashing only about once a week before I started having TCP connect floods and had to take it offline until I could pay attention for a while. I'm still tuning it. It crashed much, much more often before some basic tuning, though.
And my plan is to publish my results to the entire list, because at $35, Raspberry Pis can make *great* relays for slower home broadband, but they need a little tender loving care first. :)
I hope to have something up in a week or two, I need to watch it for a while and continue to tweak, and maybe develop a solution for the TCP storms that can bring down a lot of consumer routers, before publishing for all.
Best, -Gordon
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Matthias Redies:
I don't know if you have any sensitive data on your raspberry, but it might make sense to create a SD-Card image, since tor will probably be the only application and the hardware will be absolutely identical. This would eliminate the loving care part and less people would give up.
But I don't want to create more work than you already have. If you don't have the time to create an image, maybe I will try do it myself.
That's actually not a bad idea, though there'd be a bit of editing and setup required.
But yeah, might be that somebody else gets to it before me - but it's on my mind now. Thanks.
-Gordon
Am 01.08.13 17:29, schrieb Gordon Morehouse:
Matthias Redies:
Ok that is good to know. Right know I will probably run it on 1-1.5 Mbps and later on 3-4 Mbps. What is the maximum your raspberry is capable to do? Please let me know if you publish your tutorial.
I had it pushing about 1.5Mbps and crashing only about once a week before I started having TCP connect floods and had to take it offline until I could pay attention for a while. I'm still tuning it. It crashed much, much more often before some basic tuning, though.
And my plan is to publish my results to the entire list, because at $35, Raspberry Pis can make *great* relays for slower home broadband, but they need a little tender loving care first. :)
I hope to have something up in a week or two, I need to watch it for a while and continue to tweak, and maybe develop a solution for the TCP storms that can bring down a lot of consumer routers, before publishing for all.
Best, -Gordon
You would need to remove the tor keyfile before creating the image so that a new hash is made of each new node when they first run tor. Other wise might get loads of nodes with same hash, not sure what that would mean for network. I am also running a pi relay and would like a copy of the tweaks you made. Maybe a blog post would be worth it to direct others in future. T. On Aug 1, 2013 8:47 PM, "Gordon Morehouse" gordon@morehouse.me wrote:
Matthias Redies:
I don't know if you have any sensitive data on your raspberry, but it might make sense to create a SD-Card image, since tor will probably be the only application and the hardware will be absolutely identical. This would eliminate the loving care part and less people would give up.
But I don't want to create more work than you already have. If you don't have the time to create an image, maybe I will try do it myself.
That's actually not a bad idea, though there'd be a bit of editing and setup required.
But yeah, might be that somebody else gets to it before me - but it's on my mind now. Thanks.
-Gordon
Am 01.08.13 17:29, schrieb Gordon Morehouse:
Matthias Redies:
Ok that is good to know. Right know I will probably run it on 1-1.5
Mbps
and later on 3-4 Mbps. What is the maximum your raspberry is capable to do? Please let me know if you publish your tutorial.
I had it pushing about 1.5Mbps and crashing only about once a week before I started having TCP connect floods and had to take it offline until I could pay attention for a while. I'm still tuning it. It crashed much, much more often before some basic tuning, though.
And my plan is to publish my results to the entire list, because at $35, Raspberry Pis can make *great* relays for slower home broadband, but they need a little tender loving care first. :)
I hope to have something up in a week or two, I need to watch it for a while and continue to tweak, and maybe develop a solution for the TCP storms that can bring down a lot of consumer routers, before publishing for all.
Best, -Gordon
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Ok that is good to know. Right know I will probably run it on 1-1.5 Mbps and later on 3-4 Mbps. What is the maximum your raspberry is capable of? Please let me know if you publish your tutorial.
Am 01.08.13 17:04, schrieb Gordon Morehouse:
Matthias Redies:
Luckly I have a fiber connection and a unused RaspberryPi. So running an
How many Mbps? I've had a RaspberyPi struggle to forward 1.5Mbps (only intermittently though) and posted about it in here - it may freeze or reboot when under stress. If you are pushing more than 1.5Mbps, you're more likely to get picked as guard, etc, which can push the Pi over the edge.
There are a number of highly scattered posts on tuning the Pi for Tor. I finally got time to get mine working 2 days ago and am collecting everything I did to it (and further tweaks - I'd had to take it offline due to TCP connection "storms" crashing my *router*) into a single long, highly detailed post for everybody here.
But stock Raspbian + Pi + Tor + fiber = you're gonna have a bad time, without tuning.
Best, -Gordon
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Am 2013-08-01 15:22, schrieb Eugen Leitl:
experience with running a Tor-Relay in Germany( Bavaria)?
A Tor relay is a non-exit, and completely unproblematic but for potential traffic issues.
Unfortunately, this is not completely true.
I'm running a non-exit Tor relay on a dedicated server at EUserv [1], an Internet provider from Hermsdorf, Thuringia, Germany. Last fall that hoster received an abuse complaint regarding my Tor relay. "eco -- Verband der deutschen Internetwirtschaft e.V." [2] reported child pornography being accessible via that relay. The example URLs they provided contained .onion domain names.
Obviously they knew how to run Tor, but they did not know or understand how hidden services work. They accessed hidden services providing child pornography and used my relay as entry node.
"eco" informed me that they already had informed the division SO 12 of the German Bundeskriminalamt (BKA) which is responsible for cases of child pornography. "eco" asked me to make the content containing child pornography inaccessible and to cooperate with the BKA.
As I am unable to make the content inaccessible through my server without shutting my relay down, I decided to provide a detailled explanation. I wrote a lengthy email explaining what Tor is, how hidden services work and why I run a Tor relay. I also explained that shutting down my server would not remove the child pornographic content from the Tor network and that there is no currently known way to deanonymize the person behind a hidden service.
Since then, I have never heard of "eco" or BKA again.
Paul
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Matthias,
I'm running an exit node from my home network in NRW for about 2 years now. Worst thing that happened was a cease-and-desist order ("Abmahnung") from 20th Century FOX in February this year, because someone obviously torrented a movie through my node.
They stopped threatening me after I've sent them a letter - kindly provided by Moritz from torservers.net - explaining the situation and including a link to metrics.torproject.org to show that my IP was indeed a Tor exit at the time in question.
I posted about this on this list, so you'll find my mails in the archive.
Hope that helped a little, Hendrik
- -- | Web: http://armselig.me/ | Twitter: https://twitter.com/armselig | LinkedIn: https://linkedin.com/in/hneumann
✎ PGP public key: http://j.mp/33ACAF0F ✔ 4CC3 EFE3 43AB 9D4C C8D3 CFB3 950A 9241 33AC AF0F
On Thu, Aug 1, 2013 at 2:33 PM, Matthias Redies rediesmatthias@yahoo.de wrote:
Hello,
I want to run an exit-node through mit home connection. Has anyone experience with running a Tor-Relay in Germany( Bavaria)?
Are there known cases of police raids? Is there a list of lawyers which work with the torproject which should be called in case of a raid? Has anyone had sucsess with talking to the police prior to setting up the exit-node? If so, to which departmed did you talk to?
Yours
Matthias
Hi Matthias,
Yes, unfortunately, individuals running exit nodes, especially if they do it at home, have to prepare to be raided and all their hardware taken for several months. This actually happened recently again, in Bavaria.
A good introduction into the topic are the Exit Guidelines https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines
Am 01.08.13 21:26, schrieb Moritz Bartl:
Hi Matthias,
Yes, unfortunately, individuals running exit nodes, especially if they do it at home, have to prepare to be raided and all their hardware taken for several months. This actually happened recently again, in Bavaria.
A good introduction into the topic are the Exit Guidelines https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines
Thanks for the info. But I can not risk that. So i will stick to a relay.
tor-relays@lists.torproject.org