"cracks" via tor (GUESSES on the situation in Germany)

Matthias Fischmann fis at wiwi.hu-berlin.de
Tue Mar 1 22:56:26 UTC 2005 


i am not a lawyer either, but i can say something about the legal
situation in germany.  but please don't try to hold me responsible for
my guesswork.  also note that german law changes quite rapidly,
terrorism and foreigners and all.

the ANON project (anon.inf.tu-dresden.de) is running pretty fat
anonymizing exit points and thus has fequent contact with offended
webmasters and the law.  three things that are potentially bad for you
as an exit point operator can happen:

 1) a fraction of the random people pissed off through your node, will
    piss off people in your organisation in return, e.g. by writing
    aggressive e-mails.  this *may* have unpleasant political
    implications, for instance if you are a university and your
    facutly dean doesn't understand what your research project is
    about.

 2) you may receive a fax from the police requesting the contents of
    access logs.  given a time and source IP, you are requested to
    reveal the name and address of the responsibel user.  if you
    explain to them that you don't have that kind of information, they
    tend to give up gently.  most of the people in the german police
    forces working on internet crime have by now learned about this
    technology.

    (if you are running a DSL node, the police is likely to contact
    you as the suspect right away, if anybody finds out how that goes
    i'd really like to know.  my bet would be that if you don't have
    any explosives stashed under your bed and they can find an
    operational tor server installed on your confiscated PC you should
    be reasonably safe.  just keep an old backup PC at your friend's
    place...  :-)

 3) in very rare cases, you may receive a request for surveillance of
    future traffic.  reasons for this may be offenses like child
    pornography or terrorism (i guess).  if that happens to you, you
    still have time to change your exit policy to "nothing exits", if
    you can't come up with a better plan.

    german police tried this once in dresden, and they got burned
    badly: a court ordered the deletion of the obtained IP address and
    punishment of the involved policemen.

any more guesswork or stories anyone?  any other countries?

cheers,
matthias



On Tue, Mar 01, 2005 at 03:03:51PM -0700, jeff wrote:
> To: or-talk at freehaven.net
> From: jeff <moe at blagblagblag.org>
> Subject: "cracks" via tor
> Organization: Brixton Linux Action Group
> Reply-To: or-talk at freehaven.net
> 
> I just got a complaint from someone who said one of my servers 
> (running a tor daemon) had a "hacker" on it trying to break 
> into his website. He sent me some log entries, which had some 
> pretty tame "foo.pl?user=bill" type of hits.
> 
> While this doesn't look like the crack of the century, it does 
> pose an interesting question in that if someone is trying to do 
> web exploits via tor, how can such a thing be prevented? I 
> can't think of any way.
> 
> Could this have some dodgy legal implications for people running 
> tor servers? I'm sure EFF has something to say about this. ;)
> 
> Thanks,
> 
> -Jeff
> 
> P.S. Fedora Core 3 tor RPMs @ 
> ftp://ftp.blagblagblag.org/pub/BLAG/linux/30000/en/os/i386/BLAG/RPMS/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20050301/e11083cb/attachment.pgp>

More information about the tor-talk mailing list