Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

German TOR Servers Seized 427

Posted by Hemos
from the sometimes-being-an-AC-is-abad dept.
mrogers writes "Servers participating in the TOR anonymizing network have been seized by public prosecutors during a child porn crackdown in Germany. TOR provides anonymity for clients and servers by redirecting traffic through a network of volunteer-operated relays; the German prosecutors may have been trying to locate an anonymous server by examining the logs of the captured relays."
This discussion has been archived. No new comments can be posted.

German TOR Servers Seized

Comments Filter:
  • legal basis (Score:4, Interesting)

    by IAR80 (598046) on Monday September 11, 2006 @07:42AM (#16080174) Homepage
    On what legal basis?

    ---
    http://world4.monstersgame.co.uk/?ac=vid&vid=47010 693 [monstersgame.co.uk]
    • Re: (Score:3, Insightful)

      by Anonymous Coward
      Axis of evil, 9/11, terrorists, paedophiles, pirates, political opposition. That should cover it.
      • Re: (Score:3, Insightful)

        by IAmTheDave (746256)
        Exactly - anything that is not in direct government control - or directly viewable by said government - is a haven for child pornographers. Don't you know anything?
    • Re:legal basis (Score:5, Informative)

      by Alphager (957739) <florian.haas@nOsPAM.gmail.com> on Monday September 11, 2006 @07:48AM (#16080202) Homepage Journal
      They were siezed as evidence. The prosecutors monitored a forum where childporn was traded and basically siezed every computer whoose IP was in the logs. There is some controversity on this siezure, as there are rumors that the prosecutors knew that they won't find anything on a tor-node. It is important to note that none of the tor-nodes-owners has been charged with anything; running tor on a server is NOT the reason these people were targetted.
      • Re:legal basis (Score:5, Insightful)

        by alcmaeon (684971) on Monday September 11, 2006 @08:32AM (#16080405)

        running tor on a server is NOT the reason these people were targetted.

        I disagree. Running TOR is exactly the reason they were targeted. There may be nothing illegal about running TOR, but there is no denying the chilling effect of the government seizing people's computers on the kiddie porn pretext. The fewer people running TOR, the fewer people who can freely criticize governments--any governments, not just those in China.

      • by CastrTroy (595695)
        Did they seize every router through which regular traffic would have had to travel to get to the forum? How far is it going to go. Are the going to seize all the computers from a major German ISP? because i'm sure somebody used their networks.
        • Re: (Score:2, Insightful)

          by Alphager (957739)
          As long as we don't know that the prosecutors knew that it were tor-servers with no information whatsoever on them, it is just standard-procedure:
          1.found childporn-forum
          2.get the logfiles from the forum
          3.get your hands on every machine mentioned in the logfiles to find additional evidence
          It is important to note that the servers were siezed after a judge autorized the siezure. Once they notice that they cannot gain any info from the servers, they will be returned.
          • Re: (Score:3, Insightful)

            by Anonymous Coward
            Once they notice that they cannot gain any info from the servers, they will be returned.

            HAAAAAAAAHAHAHAH! That's hilarious.

            5 years from now, once the machines are basically worthless, they'll be "returned" with severe damage and missing hard drive.
        • by timeOday (582209)
          the difference is that the anonymizing networks serve no other purpose.
          • Re:legal basis (Score:5, Insightful)

            by Intron (870560) on Monday September 11, 2006 @10:45AM (#16081395)
            Do you mail your letters in clear envelopes?
          • Use of Tor (Score:3, Informative)

            by iendedi (687301)
            I use Tor quite regularly and for a variety of reasons, none of them at all having to do with anonymity. The primary reason for running Tor is to avoid ISP man-in-the middle password phishing attacks while traveling in South East Asia (I started using Tor after having passwords stolen in this way while using my own laptop in a hotel in Manila). Tor encrypts traffic and bounces it around in Tor land until it bounces out, generally in Europe or the USA - and that brings me to the second reason for using it.
      • Re:legal basis (Score:5, Insightful)

        by Ford Prefect (8777) on Monday September 11, 2006 @10:36AM (#16081331) Homepage
        There is some controversity on this siezure, as there are rumors that the prosecutors knew that they won't find anything on a tor-node. It is important to note that none of the tor-nodes-owners has been charged with anything; running tor on a server is NOT the reason these people were targetted.

        A machine connects to a child porn website. The website server records its IP address. The police obtain the server's logs, locate the suspicious machine and are informed by its owner that it's a Tor node.

        Should the police:
        1. Instantly believe this explanation, and eliminate this machine from their enquiries without a further word; OR
             
        2. Seize the machine, and check it over to make sure that the owner's excuses are indeed true, and that the machine isn't compromised or running other data-relaying software or whatever on behalf of an elusive child pornographer.

        If it is a 100% legitimate Tor node, then the police won't find anything untoward. But the police still have to check - because otherwise, "I was running a Tor node, honest guv'nor!" could become a standard get-out-of-custody-free card for anyone else whose computer is under investigation.

    • by truedfx (802492)

      On what legal basis?

      FTFA:

      Those servers were most probably configured to be TOR Exit-Nodes, so their IP-addresses might have shown up in the server logfiles of the child-porn servers in question.

      Shame on them, investigating computers used to access child pornography. And as for

      What the fuck does this have to do with anything? (I browse with signatures disabled, so no, that is not a signature.)

      • Re:legal basis (Score:5, Informative)

        by makomk (752139) on Monday September 11, 2006 @08:44AM (#16080475) Journal
        Shame on them, investigating computers used to access child pornography.

        Note that, due to the way Tor works, seizing the Tor exit nodes won't help track down the actual people responsible in any way. (Even if they had full access logs, which I somehow doubt, all each node knows is the previous step in the routing chain, not where the connection originated). It will, however, help scare people off running Tor nodes quite nicely.
    • Re:legal basis (Score:5, Insightful)

      by Ice.Saoshyant (993846) on Monday September 11, 2006 @07:52AM (#16080223) Homepage
      Child porn. Apparently, the IPs of some of those servers were found on the logs of child porn web sites.

      The excuse to seize the servers relies on the cops wanting to find any data of those web site users, which they won't, because of the way Tor is built.

      Sad day for annonymous Internet, as more of the crap side of humanity uses services like Tor, and people who do need it, like people in China, are the ones burned.
      • Re:legal basis (Score:5, Insightful)

        by alcmaeon (684971) on Monday September 11, 2006 @08:48AM (#16080498)

        Sad day for annonymous Internet, as more of the crap side of humanity uses services like Tor, and people who do need it, like people in China, are the ones burned.

        Did it ever occur to anyone that protecting governments--all governments, not just those in China--from opposition is the very reason for taking actions like this?

        Think about it: do kiddie porn and terrorism really affect more people in the world than say, domestic violence, or alcohol abuse, or even theft? Do kiddie porn and terrorism affect more people than lack of food, lack of sanitary water, low wages, or disease? Do kiddie porn and terrorism affect more people than hurricanes and tsunamis? Do kiddie porn and terrorism affect more people than war, cluster bombs, or unexploded mines?

        Ah, but where are government resources spent: fighting the scourge of kiddie porn and the battling terrorists lurking under every bed.

        The point of these "fights" against kiddie porn and terrorism are to get people accustomed to giving up their rights and, sure enough, even in the U.S. our rights are rapidly being eroded. A supreme Court Justice from even 30 years ago would hardly recognize the U.S. today.

      • Re:legal basis (Score:5, Interesting)

        by LWATCDR (28044) on Monday September 11, 2006 @09:11AM (#16080633) Homepage Journal
        The truth is there is not guarantee to anonymity in the US constitution out side of voting. I doubt that Germany or the rest of EU is any different. What people don't seem to get is that Child pornography isn't a victimless crime and it is a bigger problem that most people want to admit. Child pornography looks like it will be the down fall of the all anonymous Internet access.
        I was going to rant about how TOR and Freenet should do some self policing and frankly I wish that they would. However I can also see how that could remove any type of common carrier status protection they may have.
        • Re:legal basis (Score:4, Insightful)

          by BalanceOfJudgement (962905) on Monday September 11, 2006 @11:48AM (#16081937) Homepage
          The truth is there is not guarantee to anonymity in the US constitution out side of voting.
          Wrong.

          "The congress shall pass no law restricting the freedom of speech."

          1st Amendment to the US Constitution. Anonymity is a prerequisite for truly free speech, and any judge who rules otherwise should be shot. The founders themselves published under pseudonyms in order to protect their identities while still spreading the word about their new government, for two reasons:

          1. Anonymous writers do not have to deal with ad hominem attacks, meaning nobody can try to kill the message by attacking the messenger, and

          2. People saying unpopular things tend to become the focus of alot of violence very quickly, and anonymous speech protects their lives.

          The founders recognized that ideas are more important than stability and should be kept safe from force. THAT is the value in anonymity and that was one of the intentions behind the 1st Amendment.

          Anyone who has read the Federalist Papers (or even a good review of them) would know that, and that damn well includes ANY judge ruling on ANY topic that might even HINT at a Constitutional issue.
    • by Anonymous Coward on Monday September 11, 2006 @07:52AM (#16080226)
      "On what legal basis?"

      Actually, under the auspices of the Because Act, this is entirely legal. This little known piece of international legislation is, in fact, at the heart of many of the most prominent legal actions in the world today. Much loved by the RIAA, MPAA and the US due to it's implicit allowal for random search and seizure, legal 'fishing trips', non-judicially warranted wire taps, and it's espousal of 'guilty until proven guilty' legislature; the entire text of the Because Act has been reproduced below: -

      Because Act

      1. Because.

      1.1. Just, because.
      • You forgot; (Score:3, Funny)

        by empaler (130732)
        1.2. I've answered why already twice, are you going to be making trouble?
      • by cp.tar (871488)

        My parents used to use that one a lot... and I'd oh so foolishly tell them "there is no such law".
        Seems I was wrong after all.

      • Re: (Score:3, Funny)

        by gkhan1 (886823)

        In the UK they actually have another act, specifically to protect the right of governments to use the Because Act. It's the great Watchagonna do 'bout it? Act of 1843. It was enacted because Lord Featherbottom, a member of parliament, had been getting grief from a certain Mr. Parsley who had succesfully used the What defence against the good Lord. The court case was closely monitored in the media at the time, even though it has gone down in history as the most boring trial of all time. Excerpt from transcri

  • Why Logs Are Bad (Score:3, Interesting)

    by RealBothersome (838593) on Monday September 11, 2006 @07:44AM (#16080179)
    Just another fine example of why logging your customer activity can be a bad thing.
    • Re: (Score:2, Funny)

      by nstlgc (945418)
      Yes, finding those poor child porn collectors sure would be a bad thing.
      • by CastrTroy (595695)
        I think he was referring to the fact that if you have logs, then you're computers could be confiscated in the event that someone used your service for any illegal activity. I mean, catching the bad guys is good and all, but you're still quite inconvenienced when you get your computers taken away. If you keep no logs, then they might not catch the bad guys, but they also don't have a reason to take your computers away.
        • by TheGreek (2403)
          If you keep no logs, then they might not catch the bad guys, but they also don't have a reason to take your computers away.
          They won't know you don't keep logs until they seize your computers.
          • by hey (83763)
            You can publicize that you don't keep logs.
            Eg https://www.spammimic.com/terms.shtml [spammimic.com]
            • by TheGreek (2403)
              You can publicize that you don't keep logs.
              Yeah, there's lots of reason to believe you.
            • by pla (258480)
              You can publicize that you don't keep logs.

              One problem with that idea - Tor doesn't keep logs, and anyone capable of analyzing a captured machine would know that. Therefore the police took these machines as more of a petulant "fuck you for exercising your rights and wanting anonymity" rather than as any plausible form of evidence.

              Yes, we all need to fight to keep our rights eroding as slowly as possible (but still eroding, make no mistake - Thus the need for a legislative reboot, aka "revolution", eve
            • by Kjella (173770)
              You can publicize that you don't keep logs.

              Except you won't have much of a choice anymore. The EU has passed their Data Retention Act, in the US it looks like they're happy that AT&T bends over for them (not to mention they already have vastly expanded powers in the Patriot Act already, legally). JAP got slapped with an injunction that basicly said "short-circuit your anonymity, or we're shutting you down". The only ones you can "trust" are those you don't need to trust like open Wi-Fi spots, and networ
  • by johanw (1001493) on Monday September 11, 2006 @07:47AM (#16080198)
    As far as I know and read the Tor documentation, Tor doesn't keep logs. So either the police is incompetent, doesn't know it and seizes the servers anyway (not unsurprising), or either they are irritated by an anonymous network they can't control and try to harrass as many people using it as they can, to try to break it down (also wouldn't surprise me). Or both options apply at the same time (most probable option IMO).
    • Not interesting

      As far as I know and read the Tor documentation, Tor doesn't keep logs.

      Read first [noreply.org], then post.

      By default, Tor logs to the screen (it's called "standard out", or "stdout" for short) at log-level notice. However, some Tor packages (notably the ones for OS X, Debian, Red Hat, etc) change the default logging so it logs to a file, and then Tor runs in the background.
      • Tor logs (Score:5, Interesting)

        by 1u3hr (530656) on Monday September 11, 2006 @08:16AM (#16080338)
        From Tor man page [eff.org]

        Log minSeverity[-maxSeverity] stderr|stdout|syslog
        Send all messages between minSeverity and maxSeverity to the standard output stream, the standard error stream, or to the system log. (The "syslog" value is only supported on Unix.) Recognized severity levels are debug, info, notice, warn, and err. We advise using "notice" in most cases, since anything more verbose may provide sensitive information to an attacker who obtains the logs. If only one severity level is given, all messages of that level or higher will be sent to the listed destination.

        SafeLogging 0|1
        If 1, Tor replaces potentially sensitive strings in the logs (e.g. addresses) with the string [scrubbed]. This way logs can still be useful, but they don't leave behind personally identifying information about what sites a user might have visited. (Default: 1)


        So one would have to deliberately change several defaults to get logs with any data the cops might be interested in. From their point of view, worth a try, but unlikely to be fruitful.
        • by lawpoop (604919)
          If I were the cops and there were any useful way to get data out of a TOR router, I would set up several honey-pots.
    • by thelost (808451)
      Or doing the only thing that they can under the circumstances? It's not unreasonable to give the Police a 3rd option, not just harassment or incompetence.

      I certainly don't support what they've done, but from their perspective they are doing the sensible thing and the appropriate thing. People should with-hold judgement for a little longer.
      • Re: (Score:3, Insightful)

        Or doing the only thing that they can under the circumstances?

        As long as we're coming up with and condoning police actions that are 1)useless in accomplishing their stated goal, 2)harassing innocent citizens that have broken no laws, and 3)designed to imtimidate society and quell anything that might reduce police power and control... well, they could have gone in and shot the guys operating these TOR nodes. Would have been just as effective as confiscating their computers in finding out who the kiddie

      • Depends, incompetent at what? The cops already recognise they are not competent enough to analyse what is on the machine so they send it to somebody who is. The same is true for all sorts of evidence that gets sent "to the lab".

        To me it seems like competent police work to hand this sort of thing to experts. To those who run TOR it sucks that law enforcement is a blunt instrument, but what choice does a competent cop have other than to "sieze all the computers and let the lab sort em out"?
    • by Anonymous Coward on Monday September 11, 2006 @08:07AM (#16080299)
      For all intents and purposes it looks like "harrassing" is the answer. There are several articles about this (See http://www.boingboing.net/2006/09/10/report_german _police.html [boingboing.net] for a nice round up of them) which clearly indicate that the authorities were both aware of how TOR operates and aware that any data gleaned from the TOR servers would likely be uselss. The good news is that the owners of said servers are (currently at least) treated as witnesses and not suspects; the bad news is that all raided nodes were exit nodes and that at least in one instances the hard drive was wiped during the investigation before being returned. Arguably, they might want to ensure that the owners of the TOR servers did not somehow try to mask their own access to kiddie porn through it, but in all it looks like heavy handed harassment.
    • by lawpoop (604919)
      OK, TOR doesn't keep logs, but is it possible to set up a honey-net TOR router that does keep logs? If I were law enforcement, that's what I would be doing.
      • Re: (Score:3, Informative)

        by Nuskrad (740518)
        No. The whole point of Tor is that it uses multiple relay servers, and incremential encryption, meaning that the route of the packet can't be traced from any one machine.
    • They pulled that crap with a Usnet provider [codemonkeyramblings.com], but our legal system actually provided the provider with some recourse against the police that moderated their seizure of equipment. The root problem in these sorts of cases is that the police can't seem to get competent forensic techs for this sort of thing. I don't know how it is in Germany, but in the US it's not for lack of money in many jurisdictions. I'd blame it in general on the police culture.
    • by alcmaeon (684971)

      or either they are irritated by an anonymous network they can't control and try to harrass as many people using it as they can, to try to break it down

      Bingo!

  • by cerberusss (660701) on Monday September 11, 2006 @07:53AM (#16080228) Homepage Journal
    This is exactly why almost any shell or virtual private server provider has something in their policies like:
    Bouncers, anonymous proxy servers, Wingates, open relay SMTP servers, or other systems or mechanisms that allow remote users to connect through the system(s) to (an)other system(s), are not allowed.
  • by RyanFenton (230700) on Monday September 11, 2006 @07:55AM (#16080240)
    I wonder how the law is worded in Germany - is the crime posession (in which case stray banner ads in your browser cache would be just as criminal), or is the crime the intentional act? The catch is that if the crime is over intentional act, then that law is a thought crime law, which is also bad - though it does protect against automatic guilt for detection.

    Sexual crimes against children are some of the most monsterous things mankind can do - and they do occur with a very high frequency, and they are worth detecting and stopped at every opportunity. But like most conceptual wars on horrible things, it collateral damage can go out of control when unchecked. Here's hoping that this guy is innocent, and that his case can at least set some boundries on law are acceptable in this horrible issue.

    Ryan Fenton
    • by swarsron (612788) on Monday September 11, 2006 @08:24AM (#16080368)
      The crime is posession. I know a case where police raided several homes because one picture of a cdrom full of porn pictures which you could order via internet was child porn. Most people didn't even notice it (several thousand pictures on one cd) but still got prosecuted for posessing child porn.
    • by Greyfox (87712)
      I honestly wouldn't be surprised to see that happen in the USA or pretty much any other country either. Your IP shows up in a kidde porn list, your server gets confiscated as evidence and held indefinitely. I'd hate to be a test case in an "Aiding and Abetting" charge, too. I could just see a prosecutor trying to float that one past a judge, too.

      If this sort of thing were routine, it might make a good way to deal with botnets. Acquire botnet info, install tor on the zombies, get zombies confiscated. Later

    • Re: (Score:3, Informative)

      by CTachyon (412849)

      If "intentional act" equals "thoughtcrime", then all degrees of murder and manslaughter are equivalent. Law has a long basis of judging degree of guilt depending on intent, and for good reason: someone who did it intentionally is more likely do it again. This makes the most sense in the murder/manslaughter distinction, but also applies to e.g. 2nd degree murder (a crime of passion, unique to the situation) versus 1st degree murder (a planned murder, something that might become a pattern) versus 1st degree

    • Define Child (Score:5, Insightful)

      by Anonymous Coward on Monday September 11, 2006 @09:02AM (#16080561)

      Sexual crimes against children are some of the most monsterous things mankind can do - and they do occur with a very high frequency...


      Is taking nude photos of a girl who is 17 years and 11 months old some of the most monsterous (sic) things mankind can do? According to Albert Gonzalez it is. Is it monstrous to take nude photos of a woman made up to look like a young girl? Maybe your age limit should be 21 years to be sure.

      The current withchunt on pedophiles fails to make a distinction between act against a 5 year old, and those of a seventeen year old. A Seventeen year old can be accepted in the army and carry a gun, but is not mature enough to make decisions about their own bodies. Makes sense to me...
    • Re: (Score:2, Insightful)

      by zenthax (737879)
      Sexual crimes against children are some of the most monsterous things mankind can do - and they do occur with a very high frequency, and they are worth detecting and stopped at every opportunity.
      I'm thinking abusing the trust and power the public citizenry has place in your hands is one of the most monstrous things mankind can do and it does occur with a very high frequency
    • by demigod (20497)
      Sexual crimes against children are some of the most monsterous things mankind can do - and they do occur with a very high frequency


      "very high frequency", now that's kind of vague.

      Do you have any real stats? It doesn't appear that they are reported on the FBI's Uniform Crime Report [fbi.gov].

    • by value_added (719364) on Monday September 11, 2006 @09:33AM (#16080776)
      Sexual crimes against children are some of the most monsterous things mankind can do - and they do occur with a very high frequency, and they are worth detecting and stopped at every opportunity.

      When I read words like these, I have to wonder if there is a purpose to such self-righteous posturing, or whether the poster expect everyone to share that leap of faith and assume it's relevant to the article or subject.

      Hate to disturb any heads that might have been nodding in unison, but what the hell. A reasonable estimate is that 99.99% of the crap that would/could be found is the same crap that's been shovelled and re-shovelled through usenet as far back as I remember. Have a look some time. The only real crime to be found (with rare exceptions) is the crime you would commit by looking (i.e., downloading) and that crime, as far as I'm concerned, is a very technical one. As for everything else -- provocative, lewd, in bad taste, shameful -- I can think of lots of words, but an organised police hunt to track down a bunch of wankers downloading pictures protects no one and is a misplaced effort at best. If you're looking for likely targets of people who do, in fact, commit real crimes against children, you might start by looking at families -- aunts, uncles and close relatives. Those folks rarely take pictures, however, let alone publish evidence of their crimes for everyone on the the internet to share.

      I'm reminded of something I heard not too long ago on a show hosted by that emotional snow-job of a wanna-be-anchor by the name of Anderson Cooper. He was speaking with some law enforcement officer who informed him with requisite officiousness that there were "over 100,000 child pornography sites" on the internet. Shit, you'd think with that many we'd all be tripping over them every day! But we don't. Go figure. The veteran reporter's reply was "Gee, I didn't know that."

      Journalism at it's finest.

      What does exists, to varying degrees, is the content from a bunch o teen modelling sites (many in the US) and a few websites here and there that are most likely run by Russian mafia that belong in the provocative, lewd, or in bad taste category (depending on one's jurisdiction, religeous affiliation and/or degree of interest in prurient matter). Criminals? Most likely, at least the Russian ones. But no monsters.
  • Because my school's network is prejudiced against IRC connections. They last maybe all of 5 seconds. IRC over SSL works fine, but unfortunately not all networks support it. Only downside to using tor for IRC is that some idiots have gone and gotten some tor nodes glined (ie banned).

    Luckily tor servers are run by people from all over the world. It would have to take a very large cooperative international effort in order to bring down tor... hopefully the majority of governments realize that would be a

    • Re: (Score:3, Insightful)

      by RAMMS+EIN (578166)
      ``Only downside to using tor for IRC is that some idiots have gone and gotten some tor nodes glined (ie banned).''

      That's kind of the problem I have with tor. In the absence of better identifying information, how else do you fight abuse than by throwing the baby (good tor users) out with the bathwater (abusers using tor)? The same applies to whole networks that operate from behind NAT or proxies, etc.
    • to break the rules (Score:4, Interesting)

      by Silver Sloth (770927) on Monday September 11, 2006 @08:34AM (#16080414)
      I'm not saying that the rules are 'good' rules, but you, exactly like the child pornographers, are using tor to avoid the rules.

      The point here is that certain 'freedoms' have costs and limits. Your demand to avoid the petty rules of your school about IRC is merely a matter of degree away from a child pornographers demand to view kiddie porn unmolested.

      And meanwhile, with the current international paranoia, the powers that be will always be very interested in who doesn't want to be listened to.

    • I can't imagine IRCing over Tor. Tor is as slow as molasses. The lag, everything... gah!
  • by moxley (895517) on Monday September 11, 2006 @08:41AM (#16080451)
    These governments want total control and will do whatever is necessary to get it - including subverting their own laws, false flag attacks, manipulation of the public via mainstream corporate media distortions etc.

    BY the time their goals are achieved the internet will probably be like an interactive version of MSNBC crossed with the home shopping network.

    Anonymity and privacy online will be a thing of the past. All dissenting viewpoints will be monitored; no, wait, ALL viewpoints will be monitored.

    Things like TOR which promote freedom and privacy will not be tolerated by these fasicsts, and they will find a way to subvert or desrtoy them - if the child porn argument doesn't work then they'll use the oldest trick in the book: There are terra-ists out there, they're gonna get us! We must take away your freedom to keep you safe. Give it up for safety, trust us, we know what's best and we have your best interest in mind.
  • by Pig Hogger (10379) <pig.hogger@g[ ]l.com ['mai' in gap]> on Monday September 11, 2006 @08:47AM (#16080493) Journal
    Remember Bronfman's declaration about anonymity?
    "Anonymity, on the other hand, means being able to get away with stealing, or hacking, or disseminating illegal material on the Internet - and presuming the right that nobody should know who you are. There is no such right. This is nothing more than the digital equivalent of putting on a ski mask when you rob a bank."
    Edgar Bronfman, Jr., CEO Seagram [freeservers.com]
    Only the rich and powerful can enjoy true anonymity.

    The rest of the unwashed masses are to be tagged and followed "for their own good" (according to the police).

    If you listened to the police, they would jail everyone for their own good.

  • log(0) (Score:3, Insightful)

    by Doc Ruby (173196) on Monday September 11, 2006 @08:59AM (#16080547) Homepage Journal
    Why do anonymizers keep logs? A perfect anonymizer would keep no logs, be stateless, offer no sign of a transaction once closed. That probably wouldn't actually work, or be maintainable. But why not logs only to Flash, overwritten with random data after every transaction is completed? Transient encrypted logs useable only within the transaction, with the key deleted along with the rest of the log?
  • Abuse? (Score:5, Informative)

    by Anon-Admin (443764) on Monday September 11, 2006 @09:59AM (#16080988) Homepage Journal
    I ran an anonymous service for 5 years providing anonymous browsing and anonymous e-mail. Looking at this article and calming that it is being abused and should be shut down (As one person has done) is nuts! When I ran my server I maintained a count on the number of transactions. This is the number of anonymous e-mails and the number of anonymous http connections. We averaged 500,000 e-mails a day (15,000,000 per month) and over 25,000,000 http tractions per month. This generated an average of 324 emails to abuse/complaints per month. Less than 10% of the complaints were abuses of the system. I would not considered the posting of KKK material to the alt.white.power group an abuse of the system but it would generate complaints. I may not agree with there views but they have a right to them.

    What you are seeing is one abuse of the system. This abuse is not put into prospective. If it were we would have an idea of the amount of traffic the Tor network handles and compare that to the number of abuses we see. We can not condom the network or servers based on a soul abuse of the system!

    Recently the president condemned Anonymous E-mail and pay as you go Cell phones and announced that we need to pass laws to stop it. This is just wrong! It is like saying that be for you can publish anything, you must ID your self. This is against everything that the founding Fathers stood for! The Federalist papers are a great example of that!

    The Federalist Papers were a series of articles written under
    the pen name of Publius by Alexander Hamilton, James Madison,
    and John Jay. Madison, widely recognized as the Father of
    the Constitution, would later go on to become President of
    the United States. Jay would become the first Chief Justice
    of the US Supreme Court. Hamilton would serve in the Cabinet
    and become a major force in setting economic policy for the US.

    Our founding Fathers hid there identity behind a pen name! So next time you condemn anonymity, remember that it is the way to have unwanted political views heard with out being persecuted for your ideas.
  • by Sloppy (14984) on Monday September 11, 2006 @11:49AM (#16081949) Homepage Journal

    There are two views about "bad" information:

    1. Some information can be "bad" and the government has the right to do something to prevent its trafficking.
    2. Information in itself is never "bad" and the government has no right to take action against the spread of any sort of information whatsoever.

    AFAIK, every government in the world, presumably in accordance with the will of the people, has laws that suggest their policy is based on the first view.

    They differ in how they stress the details. Some might be more concerned with kiddie porn, some more concerned with copyright infringement, maybe some(?) are concerned about nuclear bomb plans or other classified information. Whatever. I haven't heard of any government that completely and absolutely protects all free speech (though counter-examples are welcome).

    So let's think about what policies should exist, if we postulate that the first view (some kinds of information is "bad") represents "our" opinion. (If you disagree with this view, then you're going to hate the policy below.) Law Enforcement, civil lawyers, etc, are going to want some way to hold someone responsible when "bad" information gets spread.

    The simplest approach is for The Man to get on the net and search for "bad" information and find someone to serve it to Him, and then go after whoever served it. Then either they get held responsible, or else they show how they're just a middleman and they point to who sent it to them. If they can't pass the buck, then the buck stops with them.

    In the case of these pseudo-anonymous virtual networks, that means that if your TOR node passes packets containing kiddie porn (or copyrighted materials, or nuclear bomb plans, or an opinion piece about how the Nazi party should return to power in Germany) to an investigator and they come after you, then you are responsible for what your computer, acting as your agent, did. You're not a common carrier, unless you can show you were just a router and you can identify who sent you the packet so the investigator can continue to trace it back to the source.

    So that's why TOR either needs to log, or else TOR operators need to deal with the fact that sometimes The Man is going to attack them. Are you going to pass the buck, or are you going to take responsibility?

    What if you hold the second view, that information can't be bad and therefore no one ever has the right to try to prevent its spread? Well, you're in trouble. You live inside a legal environment that, frankly, does not agree with you. You can try to change that, but you're going to have an uphill battle against reality. So I recommend you lobby hard. If you're going to operate a TOR node prior to the lobbying completing its goal, be ready for when they take your computer and possibly press charges against you. Running a TOR node is dangerous and pisses off people who are more powerful than you, and it appears that the majority of people support the idea of this power being used against you. You understand what you're up against, right?

We don't know who it was that discovered water, but we're pretty sure that it wasn't a fish. -- Marshall McLuhan

Working...