Why you need balls of steel to operate a Tor exit node

Eugen Leitl eugen at leitl.org
Wed Sep 9 20:09:16 UTC 2009


http://calumog.wordpress.com/2009/03/18/why-you-need-balls-of-steel-to-operate-a-tor-exit-node/

Why you need balls of steel to operate a Tor exit node

By calumog

I became interested in Tor in the spring of 2007 after reading about the
situation in Burma and felt that I would like to do something, anything, to
help. As a geek and lover of the internet it seemed the best thing I could do
was to run Tor as an exit node to allow those under jurisdictions that censor
the  internet free access to the information they need. I had a lot of unused
bandwidth and it seemed like a philanthropic use of it to donate that to Tor.

Tor is a system of anonymizing proxy servers which allows you to visit
resources on the web, not just web sites, without revealing your ip address.
This is extremely useful for those who are compromised in their access to the
internet because it means, rather than attempting to connect directly to the
resource in question, say Wikipedia, which might be filtered by their
government, they connect to a Tor relay which ultimately routes the request
to the resource in question via an exit node. Exit nodes are special kinds of
relays which proffer the request on behalf of the original client revealing
their ip address, not that of the original requestor, to the destination
resource. I sometimes imagine how exciting it must be for soemone in Burma,
say, or China, to load up Tor and browse to a web site they have never been
able to see before. And to know that there is nothing, nothing, that reveals
who it really is who is visiting.

I totally believe in Tor. I think it is a magnificent force for the
circumvention of internet censorship but there is a problem.  I was visited
by the police in November 2008 because my ip address had turned up in the
server logs of a site offering, or perhaps trading in (I was not told the
details of the offence) indecent images of children. The date of the offence
was about one month after I started the server so it looks as though the site
in question had been under surveillance for more than a year.  It was what is
known as a ‘dawn raid’ and, amazingly enough, my children were still asleep
when it occured. Thank God.  I explained to the officers, who we had heard
threatening to break the door down before we let them in, about Tor but they
had never heard of it. My wife says she thinks they were about to arrest me
before that. I was not arrested. I was told not to touch the computer and it
was placed, considerately, in a black plastic bag and taken away for forensic
examination.  I was OK at first. I knew that somebody had gone through my
server to access that material and that I was not guilty of any offence but
as the weeks wore on it started to get to me.

I was overwhelmed by horror to be implicated in such a thing. I was
desperately worried about my family. One of the officers had told my wife
that Social Services would be informed as a matter of course and there was a
possibility that my children would be taken into care.  The low point came
about two weeks after the visit by the police when I totalled my car. I was
distracted, stressed and unable to accurately assess the road conditions. I
ploughed into a hedgerow at speed, destroying the car which we had just
bought,  but, luckily, walked out of it with only bruised ribs.  I didn’t
have the money to hire a lawyer so I just sat the thing out. From time to
time the police called with an estimate of when the investigation would be
finished but none of that meant very much because those dates came and passed
with no resolution.

Eventually, four months after the visit, I picked up a voice message from the
police inviting me to call back. When I called  I was told that no evidence
had been retrieved and the machine would be returned to me.  I think, in
retrospect, I was desperately naive to run a Tor exit server on a home
computer but I didn’t believe that an ip address in a server log would be
enough evidence to warrant seizing equipment.  My wife, God bless her, was
absolutely marvellous throughout the whole thing and never doubted me.  I
have read with interest about the need to make Tor faster and that that
largely depends on having more nodes but there is no way I can contemplate
offering my ip address as a service to internet anonymity any more.  It was
very frightening for me to be implicated in a serious crime.  As a parent of
very young children I have an extensive network of friends and contacts in my
neighbourhood who also have children. As we know the subject of paedophilia
is not one that can be debated with any rationality at all in the UK. It is
surrounded by hysteria. I was terrified that people would find out that my
computer had been taken because of that – ‘no smoke without fire’.  I don’t
know what can be done about any of this. To my mind running an exit node is
extremely high risk. I think Tor is important but I don’t have any ideas
about how to support it at the moment.



More information about the tor-talk mailing list