Hi all,
Since 3 weeks, I'm running a TOR exit node [1] on a server I rent from Hetzner (A German hosting company), after reading about using Hetzner to run a TOR node, I decided to go for the "restricted" mode to avoid any stupid copywrong issue (That is, I allowed only a limited set of ports, which sadly excludes p2p).
Everything went well so far, until today. Someone, let's call this person/group "A", reported an abuse to Hetzner. A TOR User, "B", is spamming chat/forums with vociferous insults and disrespectful messages, I got a copy of few of them and the insults from B are as bad as the ideas defended by A, but I'm not here to judge anyone...
From A's timezone, it happened from the 9th of May, 8:20PM to the 10th of May, 2:30 AM. Given the nature of the TOR network, I assumed that it is very unlikely that stupid-B will use my server's IP to insult stupid-A any time soon... or is it?
Now, I have to report to Hetzner, I will tell them that I'm running a TOR exit node in "restricted" mode, but how can I defend myself, I am not sure that my "restricted node" and "given the nature of the TOR network" arguments will convinced them the Hetzner dudes.
Could anyone gives advice, feedback or stories on how to deal with this situation?
Best regards, Chris
[1] https://atlas.torproject.org/#details/18B6EBAF10814335242ECA5705A04AAD297740...
On 2014-05-14 12:08, Ch'Gans wrote:
Hi all,
Since 3 weeks, I'm running a TOR exit node [1] on a server I rent from Hetzner (A German hosting company), after reading about using Hetzner to run a TOR node,
Did you read the comments about Hetzner here: https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs
?
I decided to go for the "restricted" mode to avoid any stupid copywrong issue (That is, I allowed only a limited set of ports, which sadly excludes p2p).
What is bad about excluding p2p? People who do p2p are causing huge performance bottlenecks for normal Tor users. People who want to do p2p should use their p2p network for solving their illegality bypass issues.
Everything went well so far, until today. Someone, let's call this person/group "A", reported an abuse to Hetzner. A TOR User, "B", is spamming chat/forums with vociferous insults and disrespectful messages, I got a copy of few of them and the insults from B are as bad as the ideas defended by A, but I'm not here to judge anyone...
From A's timezone, it happened from the 9th of May, 8:20PM to the 10th of May, 2:30 AM. Given the nature of the TOR network, I assumed that it is very unlikely that stupid-B will use my server's IP to insult stupid-A any time soon... or is it?
They can just pick another exit. Hence why DNSEL exists, so that the operator of the site can chose to block accounts from signing up through Tor.
Now, I have to report to Hetzner, I will tell them that I'm running a TOR exit node in "restricted" mode, but how can I defend myself, I am not sure that my "restricted node" and "given the nature of the TOR network" arguments will convinced them the Hetzner dudes.
You cannot "defend" yourself. There is no way for anybody to be able to claim that it was you, not you, or somebody else. That is the bad thing about an exit. You are responsible what happens from that IP.
Could anyone gives advice, feedback or stories on how to deal with this situation?
See above. Hetzner typically does not allow Tor exits. Too much hassle for their abuse apartment and they are a budget hoster and abuse costs money thus you are cutting in on their bottom line: cash.
Greets, Jeroen
On 14/05/14 22:22, Jeroen Massar wrote:
Hi Jeroen,
Thanks for your comments
On 2014-05-14 12:08, Ch'Gans wrote:
Hi all,
Since 3 weeks, I'm running a TOR exit node [1] on a server I rent from Hetzner (A German hosting company), after reading about using Hetzner to run a TOR node,
Did you read the comments about Hetzner here: https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs
Yes, I did. And it's neither all-white nor all-black, so I decided i would give it a go, in restricted mode w/ finger crossed.
Update: OK, maybe... After reading again and again, it's more a deep-dark-grey than a white, ....
?
I decided to go for the "restricted" mode to avoid any stupid copywrong issue (That is, I allowed only a limited set of ports, which sadly excludes p2p).
What is bad about excluding p2p? People who do p2p are causing huge performance bottlenecks for normal Tor users. People who want to do p2p should use their p2p network for solving their illegality bypass issues.
Everything went well so far, until today. Someone, let's call this person/group "A", reported an abuse to Hetzner. A TOR User, "B", is spamming chat/forums with vociferous insults and disrespectful messages, I got a copy of few of them and the insults from B are as bad as the ideas defended by A, but I'm not here to judge anyone...
From A's timezone, it happened from the 9th of May, 8:20PM to the 10th of May, 2:30 AM. Given the nature of the TOR network, I assumed that it is very unlikely that stupid-B will use my server's IP to insult stupid-A any time soon... or is it?
They can just pick another exit. Hence why DNSEL exists, so that the operator of the site can chose to block accounts from signing up through Tor.
Now, I have to report to Hetzner, I will tell them that I'm running a TOR exit node in "restricted" mode, but how can I defend myself, I am not sure that my "restricted node" and "given the nature of the TOR network" arguments will convinced them the Hetzner dudes.
You cannot "defend" yourself. There is no way for anybody to be able to claim that it was you, not you, or somebody else. That is the bad thing about an exit. You are responsible what happens from that IP.
I agree, it's just that I thought I could convince them I'm not a bad guy, and so they should "let me go", this was before I read your next point:
Could anyone gives advice, feedback or stories on how to deal with this situation?
See above. Hetzner typically does not allow Tor exits. Too much hassle for their abuse apartment and they are a budget hoster and abuse costs money thus you are cutting in on their bottom line: cash.
Good point, can't blame them for that. I will make something up and see how it goes. Worst case I'll be banned, which is OK for me.
Chris
Greets, Jeroen
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi,
On 05/14/2014 01:09 PM, Ch'Gans wrote:
Yes, I did. And it's neither all-white nor all-black, so I decided i would give it a go, in restricted mode w/ finger crossed. Update: OK, maybe... After reading again and again, it's more a deep-dark-grey than a white, ....
Regardless, you should _always_ ask the ISP _beforehand_ if they're ok with a Tor exit.
For more information, see https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines
Jeroen Massar:
Now, I have to report to Hetzner, I will tell them that I'm running a TOR exit node in "restricted" mode, but how can I defend myself, I am not sure that my "restricted node" and "given the nature of the TOR network" arguments will convinced them the Hetzner dudes.
You cannot "defend" yourself. There is no way for anybody to be able to claim that it was you, not you, or somebody else. That is the bad thing about an exit. You are responsible what happens from that IP.
Sorry but the last statement is wrong in many jurisdictions: https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines#Legal
For Germany, see TMG §8 and §15.
On 2014-05-14 13:29, Lunar wrote:
Jeroen Massar:
Now, I have to report to Hetzner, I will tell them that I'm running a TOR exit node in "restricted" mode, but how can I defend myself, I am not sure that my "restricted node" and "given the nature of the TOR network" arguments will convinced them the Hetzner dudes.
You cannot "defend" yourself. There is no way for anybody to be able to claim that it was you, not you, or somebody else. That is the bad thing about an exit. You are responsible what happens from that IP.
Sorry but the last statement is wrong in many jurisdictions: https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines#Legal
For Germany, see TMG §8 and §15.
Thanks for the pointers, but how is my statement "wrong"?
Note that I specifically do not state anything about "law" there.
As the ISP hosting the IP and/or the law enforcement involved cannot know the difference between the "owner/user" of the IP exiting or whatever traffic is going through Tor, you might just get in trouble, even for hosted boxes[1][2]. (though you must be stupid to put up a red flag like a Tor exit and then use that exit yourself for illegal things)
While what is linked on that page might be defined in the "law", has that ever been tested in court in those jurisdictions specifically for Tor[3][4]?
If they have been tested in court, links to the results of those cases would be awesome to see there as they actually have value.
The Dutch, Austrian and German ones are mostly similar (same three points) (did not check the other lingos). As they all fall under European law, having a court case in anywhere in the EU would already be a great start.
I personally would never consider a "proxy" (which is what Tor is in every which way you would define it, even though there is a forwarding "network" behind it) a "common-carrier" in the most general case how they call this.
Not that I wouldn't like to see it treated like that, but that is likely the way that courts will treat it most very likely.
The German variant "Kommunikationsnetz" might be more appropriate to Tor, depends though (the three points in $8) if one considers the unwrapping of the layers "modification of the information" or not of course. (then again, IP inside Ethernet inside PPPoE etc...).
The big 'no' in that three point list is that the source address is changed though, which would disqualify from "choosing the addressees of the information" depending on interpretation, hence, until those laws have been tested in court... nothing much one can really state about it.
To add to it all, the EFF's Tor Legal FAQ (https://www.torproject.org/eff/tor-legal-faq) has a rather important message: 8<----------------- Should I run an exit relay from my home?
No. If law enforcement becomes interested in traffic from your exit relay, it's possible that officers will seize your computer. For that reason, it's best not to run your exit relay in your home or using your home Internet connection.
Instead, consider running your exit relay in a commercial facility that is supportive of Tor. Have a separate IP address for your exit relay, and don't route your own traffic through it. ---------------->8
The last part "don't route your own traffic through it" is dubious, especially when requesting a VPS or some other setup with only 1 IP, you will be doing at least management through it, you will also not be able to claim you never send traffic through it (which is the intent of that sentence I would say).
To put it maybe better: running a Tor exit node on a VPS/dedicated-server where you host both private and Tor on, is likely a bad idea...
Greets, Jeroen
PS: Nope, not "giving" "legal advice" or anything either, just my point of view, thus comments on this subject extremely welcome of course!
-- [1] http://raided4tor.cryto.net/ [2] https://www.techdirt.com/articles/20121130/07495221185/tor-exit-node-operato...
[3] Especially as the top of that page mentions: "NOTE: This FAQ is for informational purposes only and does not constitute legal advice."
[4] https://www.torproject.org/eff/tor-legal-faq 8<------- Has anyone ever been sued or prosecuted for running Tor?
No, we aren’t aware of anyone being sued or prosecuted in the United States for running a Tor relay. Further, we believe that running a Tor relay — including an exit relay that allows people to anonymously send and receive traffic — is lawful under U.S. law. ------------>8
On 05/14/2014 01:29 PM, Lunar wrote:
about an exit. You are responsible what happens from that IP.
Sorry but the last statement is wrong in many jurisdictions: https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines#Legal For Germany, see TMG §8 and §15.
True, but the location of the server defines the legal territory for the data center, not your own. Even if you rent a server in a foreign country, you must still conform and know about your local laws. Then, in addition, you can take the foreign country's laws into account as well.
On Wed, May 14, 2014 at 10:08:47PM +1200, Ch'Gans wrote:
Hi all,
Since 3 weeks, I'm running a TOR exit node [1] on a server I rent from Hetzner (A German hosting company), after reading about using Hetzner to run a TOR node, I decided to go for the "restricted" mode
Hetzner doesn't like exits. Run a middleman.
to avoid any stupid copywrong issue (That is, I allowed only a limited set of ports, which sadly excludes p2p).
The abuse reply templates located at https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates contain some good ideas about how to reply to various complaints.
Hi all,
Since 3 weeks, I'm running a TOR exit node [1] on a server I rent from Hetzner (A German hosting company), after reading about using Hetzner to run a TOR node, I decided to go for the "restricted" mode to avoid any stupid copywrong issue (That is, I allowed only a limited set of ports, which sadly excludes p2p).
Everything went well so far, until today. Someone, let's call this person/group "A", reported an abuse to Hetzner. A TOR User, "B", is spamming chat/forums with vociferous insults and disrespectful messages, I got a copy of few of them and the insults from B are as bad as the ideas defended by A, but I'm not here to judge anyone...
From A's timezone, it happened from the 9th of May, 8:20PM to the 10th of May, 2:30 AM. Given the nature of the TOR network, I assumed that it is very unlikely that stupid-B will use my server's IP to insult stupid-A any time soon... or is it?
Now, I have to report to Hetzner, I will tell them that I'm running a TOR exit node in "restricted" mode, but how can I defend myself, I am not sure that my "restricted node" and "given the nature of the TOR network" arguments will convinced them the Hetzner dudes.
Could anyone gives advice, feedback or stories on how to deal with this situation?
Best regards, Chris
[1] https://atlas.torproject.org/#details/18B6EBAF10814335242ECA5705A04AAD297740...
-- QtCreator/qmakeparser.cpp:42 ////////// Parser /////////// #define fL1S(s) QString::fromLatin1(s) namespace { // MSVC2010 doesn't seem to know the semantics of "static" ... _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 15/05/14 01:02, Ed Carter wrote:
The abuse reply templates located at https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates contain some good ideas about how to reply to various complaints.
Hi Ed,
Thanks for the link, I still haven't decided yet how to handle this, but for the sake of record, this link might be useful too: https://www.torservers.net/wiki/abuse/templates
Chris
Hi all,
Since 3 weeks, I'm running a TOR exit node [1] on a server I rent from Hetzner (A German hosting company), after reading about using Hetzner to run a TOR node, I decided to go for the "restricted" mode to avoid any stupid copywrong issue (That is, I allowed only a limited set of ports, which sadly excludes p2p).
Everything went well so far, until today. Someone, let's call this person/group "A", reported an abuse to Hetzner. A TOR User, "B", is spamming chat/forums with vociferous insults and disrespectful messages, I got a copy of few of them and the insults from B are as bad as the ideas defended by A, but I'm not here to judge anyone...
From A's timezone, it happened from the 9th of May, 8:20PM to the 10th of May, 2:30 AM. Given the nature of the TOR network, I assumed that it is very unlikely that stupid-B will use my server's IP to insult stupid-A any time soon... or is it?
Now, I have to report to Hetzner, I will tell them that I'm running a TOR exit node in "restricted" mode, but how can I defend myself, I am not sure that my "restricted node" and "given the nature of the TOR network" arguments will convinced them the Hetzner dudes.
Could anyone gives advice, feedback or stories on how to deal with this situation?
Best regards, Chris
[1] https://atlas.torproject.org/#details/18B6EBAF10814335242ECA5705A04AAD297740...
-- QtCreator/qmakeparser.cpp:42 ////////// Parser /////////// #define fL1S(s) QString::fromLatin1(s) namespace { // MSVC2010 doesn't seem to know the semantics of "static" ... _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays@lists.torproject.org
-
Ch'Gans -
Ed Carter -
Eugen Leitl -
Jeroen Massar -
Lunar -
Moritz Bartl