German TOR Servers Seized

mrogers writes "Servers participating in the TOR anonymizing network have been seized by public prosecutors during a child porn crackdown in Germany. TOR provides anonymity for clients and servers by redirecting traffic through a network of volunteer-operated relays; the German prosecutors may have been trying to locate an anonymous server by examining the logs of the captured relays."

Re:legal basis

[Alphager]

They were siezed as evidence. The prosecutors monitored a forum where childporn was traded and basically siezed every computer whoose IP was in the logs. There is some controversity on this siezure, as there are rumors that the prosecutors knew that they won't find anything on a tor-node. It is important to note that none of the tor-nodes-owners has been charged with anything; running tor on a server is NOT the reason these people were targetted.

Basically an open proxy

[cerberusss]

This is exactly why almost any shell or virtual private server provider has something in their policies like:

Bouncers, anonymous proxy servers, Wingates, open relay SMTP servers, or other systems or mechanisms that allow remote users to connect through the system(s) to (an)other system(s), are not allowed.

Tor can and does log data.

[hal9000(jr)]

Not interesting

As far as I know and read the Tor documentation, Tor doesn't keep logs.

Read first [noreply.org], then post.

By default, Tor logs to the screen (it's called "standard out", or "stdout" for short) at log-level notice. However, some Tor packages (notably the ones for OS X, Debian, Red Hat, etc) change the default logging so it logs to a file, and then Tor runs in the background.

Re:Is the polica incompetent or harassing?

[Anonymous Coward]

For all intents and purposes it looks like "harrassing" is the answer. There are several articles about this (See http://www.boingboing.net/2006/09/10/report_german _police.html [boingboing.net] for a nice round up of them) which clearly indicate that the authorities were both aware of how TOR operates and aware that any data gleaned from the TOR servers would likely be uselss. The good news is that the owners of said servers are (currently at least) treated as witnesses and not suspects; the bad news is that all raided nodes were exit nodes and that at least in one instances the hard drive was wiped during the investigation before being returned. Arguably, they might want to ensure that the owners of the TOR servers did not somehow try to mask their own access to kiddie porn through it, but in all it looks like heavy handed harassment.

Re:Is the polica incompetent or harassing?

[Nuskrad]

No. The whole point of Tor is that it uses multiple relay servers, and incremential encryption, meaning that the route of the packet can't be traced from any one machine.

Re:Automatic computer crime...

[swarsron]

The crime is posession. I know a case where police raided several homes because one picture of a cdrom full of porn pictures which you could order via internet was child porn. Most people didn't even notice it (several thousand pictures on one cd) but still got prosecuted for posessing child porn.

Re:legal basis

[Jason Hood]

This happens all the time! Fluid evidence can be seized in order to retain its state. Its unfortunate for the owners, but necessary for law inforcement.

Re:legal basis

[TheGreek]

The fewer people running TOR, the fewer people who can freely criticize governments--any governments, not just those in China.

I dunno where you live, but I don't need TOR to criticize my government.

Re:legal basis

[makomk]

Shame on them, investigating computers used to access child pornography.

Note that, due to the way Tor works, seizing the Tor exit nodes won't help track down the actual people responsible in any way. (Even if they had full access logs, which I somehow doubt, all each node knows is the previous step in the routing chain, not where the connection originated). It will, however, help scare people off running Tor nodes quite nicely.

Re:Automatic computer crime...

[CTachyon]

If "intentional act" equals "thoughtcrime", then all degrees of murder and manslaughter are equivalent. Law has a long basis of judging degree of guilt depending on intent, and for good reason: someone who did it intentionally is more likely do it again. This makes the most sense in the murder/manslaughter distinction, but also applies to e.g. 2nd degree murder (a crime of passion, unique to the situation) versus 1st degree murder (a planned murder, something that might become a pattern) versus 1st degree murder with a hate crime enhancement (a planned murder targeting an entire class of people, something that's clearly a pattern already). These details are specific to U.S. law and even then vary from state to state, but the principles apply broadly.

There is, of course, a key distinction between "intent" and "thoughtcrime": thoughtcrime is a thought that is illegal in itself; intent, while a thought, is only relevant if an actual physical crime has been committed beyond mere intent. (The line gets a bit blurry, of course, when you start dealing with charges like "Conspiracy to commit Foo", where the act of Foo was never actually carried out and might never have happened.)

Re:log(0)

[Darren Bane]

The information Tor logs is useless to police. Its stuff like daemon startup time, shutdown time, circuit changeover time. Nothing to do with the actual data passed.

Re:legal basis

[TheGreek]

That's obviously because you're not very good at it.

I'm quite good at criticism.

I just don't live in a country where the Gendarmes can say that certain public meetings (for example, to protest a new labor law) are illegal.

Nor do I live in a country where people think "riot" and "legitimate protest" are synonyms.

Maybe you should get your own affairs in order before you start slinging horseshit across the pond.

Abuse?

[Anon-Admin]

I ran an anonymous service for 5 years providing anonymous browsing and anonymous e-mail. Looking at this article and calming that it is being abused and should be shut down (As one person has done) is nuts! When I ran my server I maintained a count on the number of transactions. This is the number of anonymous e-mails and the number of anonymous http connections. We averaged 500,000 e-mails a day (15,000,000 per month) and over 25,000,000 http tractions per month. This generated an average of 324 emails to abuse/complaints per month. Less than 10% of the complaints were abuses of the system. I would not considered the posting of KKK material to the alt.white.power group an abuse of the system but it would generate complaints. I may not agree with there views but they have a right to them.

What you are seeing is one abuse of the system. This abuse is not put into prospective. If it were we would have an idea of the amount of traffic the Tor network handles and compare that to the number of abuses we see. We can not condom the network or servers based on a soul abuse of the system!

Recently the president condemned Anonymous E-mail and pay as you go Cell phones and announced that we need to pass laws to stop it. This is just wrong! It is like saying that be for you can publish anything, you must ID your self. This is against everything that the founding Fathers stood for! The Federalist papers are a great example of that!

The Federalist Papers were a series of articles written under
the pen name of Publius by Alexander Hamilton, James Madison,
and John Jay. Madison, widely recognized as the Father of
the Constitution, would later go on to become President of
the United States. Jay would become the first Chief Justice
of the US Supreme Court. Hamilton would serve in the Cabinet
and become a major force in setting economic policy for the US.

Our founding Fathers hid there identity behind a pen name! So next time you condemn anonymity, remember that it is the way to have unwanted political views heard with out being persecuted for your ideas.

Re:legal basis

[Beryllium Sphere(tm)]

Brett Bursey [scpronet.com]
Police dogs loosed on recruitment protestors [objector.org]
Other protestors arrested [washingtonpost.com]
Veteran arrested on Veteran's day for reading an editorial out loud [commondreams.org]
Not arrested, just confined behind barbed wire [washingtonpost.com]
Military treating Quakers like terrorists [csmonitor.com]
Grandmother arrested over "Investigate Florida Votergate" sign [aclufl.org]

Re:legal basis

[Anonymous Coward]

Please define 'child porn'.

Sure thing. Child pornography is a picture or video of children involved in sexual activity. Well, anyone under 18 that is. Er.. of course they don't actually have to be having sex, but still, sexual or nude images of anyone under 18. (Cough) Hrm... of course, they don't technically have to be nude or having sex, as long as there is a "lavacious exhibition of genitals". Basically, child porn is a picture or video of someone under 18, either having sex or not having sex, naked or clothed, and lavaciously exhibiting genitals, or appearing sexual in any way*.

One easy definition for child porn: any picture or image of someone under 18.

*also remember, it doesn't have to be a real child if the virtual or drawn image is "indistinguishable" from a real child.

Use of Tor

[iendedi]

I use Tor quite regularly and for a variety of reasons, none of them at all having to do with anonymity. The primary reason for running Tor is to avoid ISP man-in-the middle password phishing attacks while traveling in South East Asia (I started using Tor after having passwords stolen in this way while using my own laptop in a hotel in Manila). Tor encrypts traffic and bounces it around in Tor land until it bounces out, generally in Europe or the USA - and that brings me to the second reason for using it. Having my traffic coming from Europe or the USA while in South East Asia is beneficial.