NPR story: When A Dark Web Volunteer Gets Raided By The Police
http://www.npr.org/sections/alltechconsidered/2016/04/04/472992023/when-a-da... A Seattle exit node operator is visited by local police over a child pornography warrant... Is this out of the ordinary or is this to be expected when running an exit from your home IP address?
It's probably unusual but exemplifies why exit nodes should not be run from a home connection. On Mon, Apr 4, 2016, 23:54 Greg <greggth@gmail.com> wrote:
http://www.npr.org/sections/alltechconsidered/2016/04/04/472992023/when-a-da...
A Seattle exit node operator is visited by local police over a child pornography warrant... Is this out of the ordinary or is this to be expected when running an exit from your home IP address? _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
http://www.npr.org/sections/alltechconsidered/2016/04/04/472992023/when-a-da... He/they gave passwords and let govt search (and perhaps even index, hash, and copy, knowingly or not [1]) his (possibly then unencrypted) data. As opposed to having it confiscated pending potentially 2^128 time. Where is the principled stand there? [2][4] [1] This happened while he was detained outside / away from control of his systems. [2] He "may now have to get rid of his computers because he can't be sure what the police did to them [3]". For which giving passwords had no purpose but to nullify a potentially good test case, trample rights and replace "innocent till guilty" with "violated, chilled, innocent for now, while Cardinal Richelieu's database hums... ... If you give me six lines written by the hand of the most honest of men, whether or not I find something in them which will hang him, I will database them and own his soul forever." [3] Already did: https://twitter.com/SeattlePrivacy/status/716460499106340864 [4] Due credit, thugs with guns at your door does tend to modify even the most well thought and prepared for principles. What doesn't kill you makes you stronger for next time.
On 04/05/2016 02:38 PM, grarpamp wrote:
http://www.npr.org/sections/alltechconsidered/2016/04/04/472992023/when-a-da...
He/they gave passwords and let govt search (and perhaps even index, hash, and copy, knowingly or not [1]) his (possibly then unencrypted) data.
What was the exit node's fingerprint? Is there a blacklist we or the Directory Authorities can add it to?
krishna e bera wrote on 05/04/2016 23:27:
On 04/05/2016 02:38 PM, grarpamp wrote:
http://www.npr.org/sections/alltechconsidered/2016/04/04/472992023/when-a-da... What was the exit node's fingerprint? Is there a blacklist we or the Directory Authorities can add it to?
Tor doesn't need that. Any police department can run as many nodes as it wishes. Bye, Marco
On 04/06/2016 04:29 AM, Marco Predicatori wrote:
krishna e bera wrote on 05/04/2016 23:27:
On 04/05/2016 02:38 PM, grarpamp wrote:
http://www.npr.org/sections/alltechconsidered/2016/04/04/472992023/when-a-da... What was the exit node's fingerprint? Is there a blacklist we or the Directory Authorities can add it to?
Tor doesn't need that. Any police department can run as many nodes as it wishes.
It doesnt matter who they were, they could run a copy of his server as if they were him. (Besides, you never heard of police sting operations or corrupt police?) Indeed all of his identity keys should be considered compromised, for example they might have got his secret PGP keyring as well.
I am a relative newbie to the running of a tor node and after about 6 month I wonder if the usage/traffic of my relay is what I should expect or if I need to change something. Or become a bridge? Or forget about being useful. My IP offers/allows me a 800kbyte/sec upload. The nickname of the relay is outhouse. I'd appreciate any guidance. Thanks
I am a relative newbie to the running of a tor node and after about 6 month I wonder if the usage/traffic of my relay is what I should expect or if I need to change something. Or become a bridge? Or forget about being useful. The nickname of the relay is outhouse. I'd appreciate any guidance. Thanks
krishna e bera wrote on 07/04/2016 04:28:
On 04/06/2016 04:29 AM, Marco Predicatori wrote:
krishna e bera wrote on 05/04/2016 23:27:
On 04/05/2016 02:38 PM, grarpamp wrote:
http://www.npr.org/sections/alltechconsidered/2016/04/04/472992023/when-a-da... What was the exit node's fingerprint? Is there a blacklist we or the Directory Authorities can add it to?
Tor doesn't need that. Any police department can run as many nodes as it wishes.
It doesnt matter who they were, they could run a copy of his server as if they were him. (Besides, you never heard of police sting operations or corrupt police?)
Of course, but what would they make of it? They might have 200 perfectly legitimate Tor nodes already, making a blacklist absolutely useless.
Indeed all of his identity keys should be considered compromised, for example they might have got his secret PGP keyring as well.
That would be his problem, just like anybody who loses control of his hardware by theft or loss. It wouldn't have anything to do with Tor. Bye, Marco
Of course, but what would they make of it? They might have 200 perfectly legitimate Tor nodes already, making a blacklist absolutely useless.
So we should do nothing? This logic makes little sense. The directory authorities already have blacklist capabilities, and add known malicious relays to it as the need arises [1]. Sniffing traffic on an exit is a good enough reason to blacklist a node, as far as I can tell. So if we did know of government running or monitoring exits for this purpose, it would be sufficient reason to blacklist. This particular case is perhaps not so clear cut but I wouldn't be so quick to dismiss the idea of blacklisting. 1) The blacklist used to be published here https://trac.torproject.org/projects/tor/wiki/doc/badRelays but it's apparently no longer published.
What happened to "innocent until proven guilty?" While the police could have compromised the relay, we can't assume they did just because they're the police. On Apr 7, 2016 6:42 PM, "Green Dream" <greendream848@gmail.com> wrote:
Of course, but what would they make of it? They might have 200 perfectly legitimate Tor nodes already, making a blacklist absolutely useless.
So we should do nothing? This logic makes little sense. The directory authorities already have blacklist capabilities, and add known malicious relays to it as the need arises [1]. Sniffing traffic on an exit is a good enough reason to blacklist a node, as far as I can tell. So if we did know of government running or monitoring exits for this purpose, it would be sufficient reason to blacklist. This particular case is perhaps not so clear cut but I wouldn't be so quick to dismiss the idea of blacklisting.
1) The blacklist used to be published here https://trac.torproject.org/projects/tor/wiki/doc/badRelays but it's apparently no longer published.
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
@ Tristan re: "What happened to "innocent until proven guilty?" Please note I already said "This particular case is perhaps not so clear cut" @ Markus re: "How do you know a exit server is compromised?" You don't always know. With any skill on the attacker's part, you will NOT know. Still, sometimes attackers do stupid things, like run sslstrip, otherwise try to man-in-the-middle SSL, etc. As I already said, this particular case is not so clear cut. However letting the police poke around on the hardware is a really good reason not to trust it! I mean, I'd personally burn it all down and start over. Looks like that's what the Seattle operators are already doing, so this is perhaps a moot discussion.
Even if he is formating all the things: You can't be sure that any middle/exit/guard node is compromised. How do you know I am one of the good guys with my nodes? You can't. I could role play here and in reality be a member of the super secret society of the supreme awesome bunnies to take over the world with the help of compromising TOR nodes. TOR is not perfect, but it is the best we have. And we have strength in numbers :) 2016-04-08 1:54 GMT+02:00 Green Dream <greendream848@gmail.com>:
@ Tristan re: "What happened to "innocent until proven guilty?" Please note I already said "This particular case is perhaps not so clear cut"
@ Markus re: "How do you know a exit server is compromised?" You don't always know. With any skill on the attacker's part, you will NOT know. Still, sometimes attackers do stupid things, like run sslstrip, otherwise try to man-in-the-middle SSL, etc.
As I already said, this particular case is not so clear cut. However letting the police poke around on the hardware is a really good reason not to trust it! I mean, I'd personally burn it all down and start over. Looks like that's what the Seattle operators are already doing, so this is perhaps a moot discussion.
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Green Dream wrote on 08/04/2016 01:54:
As I already said, this particular case is not so clear cut. However letting the police poke around...
I didn't realize that Tor was against the police, or vice-versa, at least in decent countries like yours or mine, so far. I don't think it's a good idea to make it sound like it is, or we will have a hard time to explain that Tor is meant for decent people, and just incidentally used by pedophiles, druglords et similia. I wouldn't mind government entities from, say, Switzerland or Sweden, to put up huge lots of exit nodes. But I'm of course dreaming. Bye, Marco -- http://www.predicatori.it/marco/
Who said Tor was against the police? The fact is, in the United States, the FBI and other law enforcement agencies have been known to plant malware, modify hardware, etc., in order to maintain persistent access to machines they wish to monitor. Whether or not you think this is valid in some cases or all cases is really beside the point. The question is whether exit node hardware can be trusted after a search warrant is served and the police are given full and unmonitored access to said hardware. As a matter of due diligence, I'd argue the hardware and OS can no longer be trusted in such cases.
The issue is: How do you know a exit server is compromised? As a CCNP I can configure a SPAN Port in 30 seconds and suck all the exit traffic out of it without any indication for the server owner. Even if he visit his server in the data center and no one visit their servers :/ 2016-04-08 1:42 GMT+02:00 Green Dream <greendream848@gmail.com>:
Of course, but what would they make of it? They might have 200 perfectly legitimate Tor nodes already, making a blacklist absolutely useless.
So we should do nothing? This logic makes little sense. The directory authorities already have blacklist capabilities, and add known malicious relays to it as the need arises [1]. Sniffing traffic on an exit is a good enough reason to blacklist a node, as far as I can tell. So if we did know of government running or monitoring exits for this purpose, it would be sufficient reason to blacklist. This particular case is perhaps not so clear cut but I wouldn't be so quick to dismiss the idea of blacklisting.
1) The blacklist used to be published here https://trac.torproject.org/projects/tor/wiki/doc/badRelays but it's apparently no longer published.
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
The server on question was in this guy's house. He should be able to find something if it was compromised, and if not, he can easily backup his relay and wipe his hard drive. On Apr 7, 2016 6:48 PM, "Markus Koch" <niftybunny@googlemail.com> wrote:
The issue is: How do you know a exit server is compromised? As a CCNP I can configure a SPAN Port in 30 seconds and suck all the exit traffic out of it without any indication for the server owner. Even if he visit his server in the data center and no one visit their servers :/
2016-04-08 1:42 GMT+02:00 Green Dream <greendream848@gmail.com>:
Of course, but what would they make of it? They might have 200 perfectly legitimate Tor nodes already, making a blacklist absolutely useless.
So we should do nothing? This logic makes little sense. The directory authorities already have blacklist capabilities, and add known malicious relays to it as the need arises [1]. Sniffing traffic on an exit is a good enough reason to blacklist a node, as far as I can tell. So if we did know of government running or monitoring exits for this purpose, it would be sufficient reason to blacklist. This particular case is perhaps not so clear cut but I wouldn't be so quick to dismiss the idea of blacklisting.
1) The blacklist used to be published here https://trac.torproject.org/projects/tor/wiki/doc/badRelays but it's apparently no longer published.
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Tue, Apr 5, 2016 at 11:38 AM, grarpamp <grarpamp@gmail.com> wrote:
http://www.npr.org/sections/alltechconsidered/2016/04/04/472992023/when-a-da...
He/they gave passwords and let govt search (and perhaps even index, hash, and copy, knowingly or not [1]) his (possibly then unencrypted) data. As opposed to having it confiscated pending potentially 2^128 time. Where is the principled stand there? [2][4]
[1] This happened while he was detained outside / away from control of his systems.
[2] He "may now have to get rid of his computers because he can't be sure what the police did to them [3]". For which giving passwords had
no purpose but to nullify a potentially good test case, ...
I'm curious- A good test case for what? Running an exit on an IP that you also use for personal traffic?
trample rights and replace "innocent till guilty" with "violated, chilled, innocent for now, while Cardinal Richelieu's database hums... ... If you give me six lines written by the hand of the most honest of men, whether or not I find something in them which will hang him, I will database them and own his soul forever."
[3] Already did: https://twitter.com/SeattlePrivacy/status/716460499106340864
[4] Due credit, thugs with guns at your door does tend to modify even the most well thought and prepared for principles.
What doesn't kill you makes you stronger for next time. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
participants (9)
-
CJ Barlow -
grarpamp -
Green Dream -
Greg -
krishna e bera -
Marco Predicatori -
Markus Koch -
Tristan -
U