Slashdot Mirror
German TOR Servers Seized
mrogers writes "Servers participating in the TOR anonymizing network have been seized by public prosecutors during a child porn crackdown in Germany. TOR provides anonymity for clients and servers by redirecting traffic through a network of volunteer-operated relays; the German prosecutors may have been trying to locate an anonymous server by examining the logs of the captured relays."
On what legal basis?
0 693
---
http://world4.monstersgame.co.uk/?ac=vid&vid=4701
http://ebgp.net/ccc/
Just another fine example of why logging your customer activity can be a bad thing.
As far as I know and read the Tor documentation, Tor doesn't keep logs. So either the police is incompetent, doesn't know it and seizes the servers anyway (not unsurprising), or either they are irritated by an anonymous network they can't control and try to harrass as many people using it as they can, to try to break it down (also wouldn't surprise me). Or both options apply at the same time (most probable option IMO).
8 of 13 people found this answer helpful. Did you?
In other news, Slashdot is being suspended for letting adults read posts of minors. In response, Slashdot will be having an entry form where a poster needs to prove he is over eighteen, and then is driected to Digg.com instead.
Have you read my journal today?
I wonder how the law is worded in Germany - is the crime posession (in which case stray banner ads in your browser cache would be just as criminal), or is the crime the intentional act? The catch is that if the crime is over intentional act, then that law is a thought crime law, which is also bad - though it does protect against automatic guilt for detection.
Sexual crimes against children are some of the most monsterous things mankind can do - and they do occur with a very high frequency, and they are worth detecting and stopped at every opportunity. But like most conceptual wars on horrible things, it collateral damage can go out of control when unchecked. Here's hoping that this guy is innocent, and that his case can at least set some boundries on law are acceptable in this horrible issue.
Ryan Fenton
Not interesting
As far as I know and read the Tor documentation, Tor doesn't keep logs.
Read first, then post.
By default, Tor logs to the screen (it's called "standard out", or "stdout" for short) at log-level notice. However, some Tor packages (notably the ones for OS X, Debian, Red Hat, etc) change the default logging so it logs to a file, and then Tor runs in the background.
Because my school's network is prejudiced against IRC connections. They last maybe all of 5 seconds. IRC over SSL works fine, but unfortunately not all networks support it. Only downside to using tor for IRC is that some idiots have gone and gotten some tor nodes glined (ie banned).
Luckily tor servers are run by people from all over the world. It would have to take a very large cooperative international effort in order to bring down tor... hopefully the majority of governments realize that would be a stupid idea.
I find it ironic that you spent as much of this time that is oh-so-precious as you did to rant at people you've never met and, most likely, never will meet, to stop allegedly wasting their time.
Not your life, maybe.
So one would have to deliberately change several defaults to get logs with any data the cops might be interested in. From their point of view, worth a try, but unlikely to be fruitful.
1.2. I've answered why already twice, are you going to be making trouble?
Well said, Jeff.
qntm.org
Come on, man, Cowboy Bebop is so 20th century..... Get with the program and watch some Samurai Champloo already.
The point here is that certain 'freedoms' have costs and limits. Your demand to avoid the petty rules of your school about IRC is merely a matter of degree away from a child pornographers demand to view kiddie porn unmolested.
And meanwhile, with the current international paranoia, the powers that be will always be very interested in who doesn't want to be listened to.
init 11 - for when you need that edge.
These governments want total control and will do whatever is necessary to get it - including subverting their own laws, false flag attacks, manipulation of the public via mainstream corporate media distortions etc.
BY the time their goals are achieved the internet will probably be like an interactive version of MSNBC crossed with the home shopping network.
Anonymity and privacy online will be a thing of the past. All dissenting viewpoints will be monitored; no, wait, ALL viewpoints will be monitored.
Things like TOR which promote freedom and privacy will not be tolerated by these fasicsts, and they will find a way to subvert or desrtoy them - if the child porn argument doesn't work then they'll use the oldest trick in the book: There are terra-ists out there, they're gonna get us! We must take away your freedom to keep you safe. Give it up for safety, trust us, we know what's best and we have your best interest in mind.
This is a stereotype. Many Americans like myself are very concerned about the world's problems, the environment which is being destroyed, and many other things that are going wrong with this world. Some people will hide from the world and its problems. They choose alcohol, or drugs, or video games, or some other distraction to take their mind off of life. But we don't all do this.
I disagree heavily with the current administration's policies. I will do my part and vote against them in the Fall election. Hopefully if the Democrats can take control then Bush the madman will lose some of his power, but our superpower status as a country is being abused and ruined by a man who is waging his own holy war against muslims. I think everyone should be able to plainly see that the US needs another evil enemy to fight without Russia, so they decided the muslims of the world are the next big threat.
I think if we pulled our army out of every country, cut its funding dramatically and used money to help poor third world countries learn to become self sufficient and generate jobs for many of their citizens that this would go a lot further towards combating terrorism then taking over countries that we don't agree with and rebuilding 'democratic' governments for them. What if China took over countries for fun and made them 'communist' to make them better? We would cry foul pretty quickly.
Anyway, I know this is a long answer to your slam against Americans, and I'll probably get flagged as troll and/or offtopic too, but some of us are nice people who want our country to be noble again, the country other countries wished they could be. Now most of them hate us because of Bush and his policies.
They pulled that crap with a Usnet provider, but our legal system actually provided the provider with some recourse against the police that moderated their seizure of equipment. The root problem in these sorts of cases is that the police can't seem to get competent forensic techs for this sort of thing. I don't know how it is in Germany, but in the US it's not for lack of money in many jurisdictions. I'd blame it in general on the police culture.
The rest of the unwashed masses are to be tagged and followed "for their own good" (according to the police).
If you listened to the police, they would jail everyone for their own good.
Are they just seizing exit nodes or what? If not then I'm even more worried.
If you run something like Tor, why keep logs at all?
activestudios web design
Why do anonymizers keep logs? A perfect anonymizer would keep no logs, be stateless, offer no sign of a transaction once closed. That probably wouldn't actually work, or be maintainable. But why not logs only to Flash, overwritten with random data after every transaction is completed? Transient encrypted logs useable only within the transaction, with the key deleted along with the rest of the log?
--
make install -not war
Is taking nude photos of a girl who is 17 years and 11 months old some of the most monsterous (sic) things mankind can do? According to Albert Gonzalez it is. Is it monstrous to take nude photos of a woman made up to look like a young girl? Maybe your age limit should be 21 years to be sure.
The current withchunt on pedophiles fails to make a distinction between act against a 5 year old, and those of a seventeen year old. A Seventeen year old can be accepted in the army and carry a gun, but is not mature enough to make decisions about their own bodies. Makes sense to me...
Oh yeah, we stopped searching for that murder. Ok, we got his fingerprints, but we would have to find a suspect to try a match on him, and that is pretty annoying.
Tibet, anyone?
"The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
The story teached me that you should not run a tor exit node (in Germany) on a server that you cannot walk out in thirty seconds flat if you spot the heat around the corner. [in style of http://en.wikipedia.org/wiki/Heat_(film) ]
If you don't want too much troule but want to donate: run a middleman only node.
This story reminds of TPB seizures. The real story is not that they were seized but rather what comes after the seizure. If they can't get any data from them they will only manage to credit TOR.
But as far as I remember TOR, it is built exactly to NOT monitor or log the traffic put through it. Or did that change? Or what could this accomplish? Besides spreading FUD?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
dude... Shredder cereal is awesome. Especially the turtle soup marshmallows.
I should note that there's also Americans like me, who, while appreciating the notion of the US becoming 'noble', realize that singing kumbaya as hard as your lungs will allow at gun-toting sociopathes isn't going to solve the world's problems.
Neither is throwing money at people who will use it to buy bigger palaces while their military kills their own people. If there's a 'sure way' to end the problems of the developing world, I'm pretty sure no one would actually want to carry it out, given that it won't be 'cute' or 'warm and fuzzy'. I'm open to suggestions, but 'throw more money at it' just comes across as naive to me.
Any particular reason that you think browsing disturbing images should be a crime? I agree, it'd make you a sick whacko, but since when did we decide to lock up all sick whackos even if they didn't actually do anything? I think I must have missed something while I was on safari in Iran...
I hate printers.
It's being assumed that the person running the Tor node has no malicious intent, isn't it?
If the administrator wanted to use a Tor node to gain info on surfers could they?
Is possible for a single Tor node to interecept meaningful data passing through their node/server?
If the police suspected that infomation was indeed being intercepted passing through a particular node then it would be logical for them to sieze the node, wouldn't it?
I ran an anonymous service for 5 years providing anonymous browsing and anonymous e-mail. Looking at this article and calming that it is being abused and should be shut down (As one person has done) is nuts! When I ran my server I maintained a count on the number of transactions. This is the number of anonymous e-mails and the number of anonymous http connections. We averaged 500,000 e-mails a day (15,000,000 per month) and over 25,000,000 http tractions per month. This generated an average of 324 emails to abuse/complaints per month. Less than 10% of the complaints were abuses of the system. I would not considered the posting of KKK material to the alt.white.power group an abuse of the system but it would generate complaints. I may not agree with there views but they have a right to them.
What you are seeing is one abuse of the system. This abuse is not put into prospective. If it were we would have an idea of the amount of traffic the Tor network handles and compare that to the number of abuses we see. We can not condom the network or servers based on a soul abuse of the system!
Recently the president condemned Anonymous E-mail and pay as you go Cell phones and announced that we need to pass laws to stop it. This is just wrong! It is like saying that be for you can publish anything, you must ID your self. This is against everything that the founding Fathers stood for! The Federalist papers are a great example of that!
The Federalist Papers were a series of articles written under
the pen name of Publius by Alexander Hamilton, James Madison,
and John Jay. Madison, widely recognized as the Father of
the Constitution, would later go on to become President of
the United States. Jay would become the first Chief Justice
of the US Supreme Court. Hamilton would serve in the Cabinet
and become a major force in setting economic policy for the US.
Our founding Fathers hid there identity behind a pen name! So next time you condemn anonymity, remember that it is the way to have unwanted political views heard with out being persecuted for your ideas.
submitted this at 1 am
BoingBoing picked up a report that German police has raided and seized TOR server rooms. TOR is a service that allows one to anonymize his or her internet experience (web, chat, etc). BoingBoing writes: “We need support, lots of people are chanting the same stupid arguments against anonymization over and over again... "You dont need to be afraid if you have nothing to hide" ... "Only criminals have the need for anonymity." [] AskMefi has a great list of responses to that infernal "if you have nothing to hide..." question.
soultcer.net : "According to an owner of one of the servers, who talked to a public prosecutor, the public prosecutors office knew that the server owners had nothing to do with the child pornography case. Regardless they confiscated some hard disks so that the TOR servers were unusable. As reason they stated that they wanted to scan for traces (e.g. log files). Even though TOR does not keep any logs? I dont really believe them...
Why have the hard disks really been confiscated??"
citizen428.net: :Don’t get me wrong, child pornography is one of the worst crimes I can think of, and I wish the German authorities all the best in finding the people they are after. I do however feel that the route taken here wasn’t ideal, as it may well lead to a negative perception of Tor in the general public."
itnomad: "One operator whose server was seized as well wrote a letter to all the TOR-operators in Germany he was aware of, reaching me as well; he wrote that he is not aware of any charges pressed against him at the moment and that his provider, whose server-room was raided, was not avilable for a real comment on the weekend."
Just because I don't care, it doesn't mean I don't understand. Homer J. Simpson
Note that, due to the way Tor works, seizing the Tor exit nodes won't help track down the actual people responsible in any way. [...] It will, however, help scare people off running Tor nodes quite nicely.
Devil's Advocate:
If TOR helps protect child pornographers from the grip of the law, and you think that capturing pedophiles is a greater good than all the other uses of TOR or that TOR's uses are primarily negative, then isn't attempting to scare people off running TOR nodes a legitimate tactic? Thus, wouldn't seizing these machines under any allowable legal pretext be perfectly in line with the goals of law enforcement?
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
Under traditional US law, "worth a try" isn't enough reason to break someone's door down and seize their equipment. The standard is "probable cause", an idea the Founders considered so important that it's enshrined in the Constitution where even "guilty beyond a reasonable doubt" isn't explicit ("due process" probably implies it). Some senior US officials, however, don't understand the idea of probable cause
They choose alcohol, or drugs, or video games, or some other distraction to take their mind off of life.
In defending one stereotype you have perpetuated another. Those of us who drink & take drugs aren't all doing it "to escape" - that's an argument used by people who demonise drink & drugs, not a truth. Drinking can focus the mind wonderfully on the problem at hand, or take your mind off it for a few hours so you can come back with a fresh perspective. Many of the world's greatest military and political thinkers and leaders were also the greatest drinkers and drug-takers; Churchill and General Grant, for example, and a whole host of drug-taking philosphers.
You can drink beer and still care about politics and the environment, and I think most of the world understands that many American people disagree with Bush. Just not of you to get him out of office, unfortunately.
Would it help if a TOR-equivalent were created that couldn't do images? For most legitimate uses (eg. anti-oppressive government, paranoid citizen), text should be enough. (are there any uses for which other formats are necessary?). Would it be feasible for a TOR-like system to restrict traffic to text only (i.e. stop/limit Base64 or whatever encoding)?
If this worked, it would certainly free up the networks for legitimate use... Could we make it work?
If you assume "good faith" on the part of both police and Tor operators (I can't, but for the sake of argument...) then the police should have siezed merely a copy of the logs. I don't know German law, but there is no decision that the operators have committed a crime or caused any damage, so stopping their operation seems unjustified. There seems to be enough reason for police to investigate, therefore get log copies, but not to stop anything. Until a judge makes a decision on laws + evidence - if German law is "justice".
BTW, what's "tyYtKuVz"?
--
make install -not war
"Servers .. have been seized .. during a child porn crackdown"
Where's mention of terrorism and money laundering, the other two jolt words guaranteed to elicid the politically correct response. After all who would object to going after such low life. I'm curious as to why they don't just check the credit card receipts. As if there wasn't money to be made out of this no one would do it.
davecb5620@gmail.com
I suppose the difference is that:
1) Telcos let you get the CP.
2) TOR lets you get away with it.
ISPs don't anonymize your traffic and are complicit in government surveillance of it.
That said, I do most of my surfing through TOR just because I intrinsically hate the NSA spying on me. I use TOR for the sake of using TOR even though there are sites I can't go to anymore because of bans on TOR IPs thanks to bad actors. I've never liked people looking over my shoulder even when I'm doing absolutely nothing wrong. I'd rather be thought of as hiding something wrong than be known for sure to be doing nothing wrong just for the peace of mind of having my privacy.
The only things I don't do through TOR are things where I sign-in, like Slashdot, where anonymity is pointless and, in fact, running with an identity through TOR is possibly harmful since it makes it easier to identify each end of the TOR tunnel. It sure is slow-going, though.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
I'm not a privacy freak (I don't care about my cookies and I'm not bothered enough to encrypt anything other than passwords and monetary transactions) but I can think of more than a few legitimate reasons why a resident of a "free" country would want to do this without even taxing my brain (for what it's worth, I live in the UK and am applying the below to that country). Bear in mind that I too doubt that these are the primary uses of the system but you can't just say that anonymity means you're doing evil, no more than you can say that saying "No comment" means you did it.
- Whistleblowing on your government, politicians, large organisations etc. - not something that you want them to be able to easily trace back to you. We've had MI5 agents who needed to whistleblow on their own governments, we've had soldiers whistleblow on things like prisoner treatment, weapons failures, etc. These sorts of things are in the news regularly and without a guaranteed anonymous channel, they could not occur and we would not know they were going on.
- Posting about your employer - I have lovely employers and still I come across situations which I consider to be inappropriate or hazardous. If I want to publicly display these concerns, anonymity is there for me to do so freely without risking my job. I want to be able to tell a funny story of someone's stupidity without getting sacked just because it was traced back to me. I have made comments on Slashdot when logged in as Anonymous Coward. Not all sites are as careful about who sees the poster's information.
- Posting ABOUT censorship. How would we know that China censored webpages if it wasn't for people IN China or who have visited China being able to tell us without fear of persecution? This is how human rights violations come to the news, not by the perpetrators, but by the victims.
- Anonymously reporting crimes, such as the mentioned child pornography. Many people are in sensitive careers but feel strongly enough to report sites/incidents/people when they accidentally stumble across them, and they should be able to. Although the police will almost certainly guarantee your anonymity (there are things like the Internet Watch Foundation etc. for just this purpose), so much the better if you can guarantee your own anonymity FIRST.
- Downloading from "foreign" IP's for test purposes. Many's the time I've had features work on my own servers but only from particular netblocks (either deliberately or accidentally) and the only way to test that is to access it via a remote proxy. Similarly for blocking cookies etc. if you want to "pretend" to be a real visitor without the baggage that your development machines will no doubt have on them.
- Use of "foreign" IP's to bypass Spam blacklists (which, no matter what you say, cannot be accurate - my ISP has been blocked temporarily before because of a mistake and I fortunately had other email providers to use, if not Tor could have helped), geo-location restrictions etc.
I imagine that most of the traffic on Tor (by number of bytes) is probably filesharing, spamming, hacking etc. But I should think that the majority of the CONNECTIONS are people who just browse through Tor constantly because then they "feel safe", and don't bother to turn it off when they are browing non-sensitive material.
Dude. Critisizing government is one thing. But your rant is bordering on a conspiracy theory.
Of course helping people in the third world is important. That's why the German government spent 4 billion Euros on developmental aid last year. (Sorry, German link, but we write in arabic numbers, too). How much do you think a hundred cops searching for child pornography cost? Policing is one of the most important tasks of the State, and I am actually rather pleased with the performance of the German police. (And yes, I have actually met quite a few of them. I've even worked with them on a daily basis, although not with the internet crime division.)
Now, concerning Tor: Anyone who runs a Tor node on his or her machine knows what they are doing (it's way too complicated for non-nerds) and that their machine can be used by malicious users as a safe gateway to illegal content. That's the problem with Tor. Of course it is annoying or embarrassing for the Tor providers if they thence happen to get caught in the web of the police, but, as an earlier poster noted: None of the Tor providers has been sued. Their machines have simply been seized and will most likely be returned to their owners. It's not like they were arrested and treated as enemy combattants or something.
Finally, regarding the right to critisize government: It's not like the German government was without opposition. Thanks to the heroic actions of the American, Russian and British nations during the second world war, Germany is not a dictatorship any more. If Germans wish to critisize their government, they can write blogs and open letters, publish articles or, goodness me, simply go out into the streets of Berlin and shout out their criticism at any passing politician. All without having to fear _any_ consequences what so ever (as long as their speech isn't racist, attacking the constitution or denying the Holocaust). This is what we call `Free Speech' over here. Fortunately, the term 'UnAmerican' has not been translated into our language, yet.
A clever persecutor can claim that they have evidence that CP data went to a certain computer. Now, the court doesn't know how TOR works, neither do they know that a TOR server is running there in the first place. So yes, this can lead to a warrant. The TOR exit node requested CP, so it's the immediate "culprit".
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
My feelings exactly. This is why I'll never use Tor. The thought of aiding and abetting purveyors of child pornography is almost enough to make me vomit.
Anonymous speech is every American's right, but child pornography is clearly not protected by that right.
The theory is (you're talking about child porn right?) that the consumers of it create demand. Going after them reduces demand and helps keep this from happening to kids. I don't know if it works or not, but if it does it's certainly an appropriate strategy IMO.
Thinking about it, all a government, a cult, or a business has to do now to bring down any network is to slip some kiddie porn into the cloud. Instant shutdown, confiscation and imprisonment of anyone who moved a packet.
Orwell was too optimistic. No prison was ever this monitored.
huh?
The Muslims have sworn to destroy the freedom of the west? The Muslims took down the WTC? That's like saying the Christians have sworn to rape all Muslim children just because the American soldiers who raped children in Abu Ghraib happened to be Christians. Your logic is fundamentally flawed.
Anonymously reporting crimes, such as the mentioned child pornography. Many people are in sensitive careers but feel strongly enough to report sites/incidents/people when they accidentally stumble across them, and they should be able to. Although the police will almost certainly guarantee your anonymity (there are things like the Internet Watch Foundation etc. for just this purpose), so much the better if you can guarantee your own anonymity FIRST.
I'm in exactly this situation. We're doing forensics, and we're usually locked down by TIGHT NDAs, with a hefty price tag attached should we rat to anyone. Yes, if we hand over a customer who happens to have "illegal" content on his HD to the authorities, we do the right thing, but in return we'd get sued over sums that will effectively force us to shut our service down. Yes, just because you're convicted of a crime doesn't mean you cannot press charges on a different subject.
In other words, if there are no anonymous services, the choice would be to either let a criminal go unharmed or to kill my job.
Take a wild guess which road I'd go down. Yes, I'm selfish, I enjoy eating and having a home.
So far it was never necessary. So far, we didn't find anything incriminating on a computer. But what if?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
How about making our own country self sufficient?
I often have trouble remembering which way is out of bed in the morning.
true , it's not all muslims . But the religion is being abused by some power hungry individuals who hate The West , and incite their people to hate them too . And many of them believe it off course .
I don't think there is an easy solution to the problem though .
And i must say this is way off topic ( though i understand it considering it's 11/09 )
Slipping shoelaces ?
Maybe you should start whining about privocrats, too. I mean, how dare people try to be secure in their persons, houses, papers, and effects, right?
But to really drive your point home, you need to bring in the other "Horsement of the Infocalypse"---terrorists, money launderers and drug dealers. Now, if you tell us all that we're in bed with the terrorists, money launderers and drug dealers, why, then we'll be certain to joyfully welcome the cops to whatever they'd like to seize.
Laws do not persuade just because they threaten. --Seneca
Someone needs to commercialize a hard drive+interface intended for use as home NAS. It should use Tor to distribute one's data, encrypted, across the Tor network with redundancy, so that if one's personal drive disappears (is ripped off by police), one's data isn't gone with it.
It'll be like the torrent-capable routers: make 'em so end-user stupid-easy that anyone and everyone will want it. There'll be so many of these devices connected to the net as to render it impossible to shut down.
--
Don't like it? Respond with words, not karma.
There are two views about "bad" information:
AFAIK, every government in the world, presumably in accordance with the will of the people, has laws that suggest their policy is based on the first view.
They differ in how they stress the details. Some might be more concerned with kiddie porn, some more concerned with copyright infringement, maybe some(?) are concerned about nuclear bomb plans or other classified information. Whatever. I haven't heard of any government that completely and absolutely protects all free speech (though counter-examples are welcome).
So let's think about what policies should exist, if we postulate that the first view (some kinds of information is "bad") represents "our" opinion. (If you disagree with this view, then you're going to hate the policy below.) Law Enforcement, civil lawyers, etc, are going to want some way to hold someone responsible when "bad" information gets spread.
The simplest approach is for The Man to get on the net and search for "bad" information and find someone to serve it to Him, and then go after whoever served it. Then either they get held responsible, or else they show how they're just a middleman and they point to who sent it to them. If they can't pass the buck, then the buck stops with them.
In the case of these pseudo-anonymous virtual networks, that means that if your TOR node passes packets containing kiddie porn (or copyrighted materials, or nuclear bomb plans, or an opinion piece about how the Nazi party should return to power in Germany) to an investigator and they come after you, then you are responsible for what your computer, acting as your agent, did. You're not a common carrier, unless you can show you were just a router and you can identify who sent you the packet so the investigator can continue to trace it back to the source.
So that's why TOR either needs to log, or else TOR operators need to deal with the fact that sometimes The Man is going to attack them. Are you going to pass the buck, or are you going to take responsibility?
What if you hold the second view, that information can't be bad and therefore no one ever has the right to try to prevent its spread? Well, you're in trouble. You live inside a legal environment that, frankly, does not agree with you. You can try to change that, but you're going to have an uphill battle against reality. So I recommend you lobby hard. If you're going to operate a TOR node prior to the lobbying completing its goal, be ready for when they take your computer and possibly press charges against you. Running a TOR node is dangerous and pisses off people who are more powerful than you, and it appears that the majority of people support the idea of this power being used against you. You understand what you're up against, right?
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
I am CERTAINLY not saying that. My point is i find it odd when people start making out that this was NOT the right thing to do (seize the server)
You feel sleepy. Close your eyes. The opinions stated above are yours. You cannot imagine why you ever felt otherwise.
Tibet, anyone?
Yes, but is China overthrowing governments RIGHT NOW? Tibet was what, almost 50 years ago? Now I'm not saying China is perfect by any means, but would you draw the same comparison with the Japanese? Their behavior during WWII (similar amount of time ago) was completely atrocious, yet you didn't pick on them. Why? I wonder if it has to do with your personal biases about the particular styles of government these countries now use.
In contrast, the US invasion of Iraq is a current event, which is still ongoing. Your comparison is bogus.
everyone *should* protect their privacy because everyone is doing something that someone could consider "wrong".
if more people took steps to protect themselves then protecting yourself wouldn't carry the stigma that it currently carries.
no matter who you are or what you do, there is *someone* out there who will think you are doing something wrong. the less everyone knows about you, the easier it will be to get through the day.
examples:
1) if your boss/co-workers are not religious and you are, then your "inspiration of the day" and WWJD surfing could be considered wrong even though it's harmless in the legal sense. the same could be said for secular people in a religious setting.
2) if you are in to [instert ethinicity here] power, your parents/spouse/employer/local govt. may not approve and you would naturally want to protect yourself. in the united states, you could be mistaken for a terrorist.
the question isn't whether or not you are doing something wrong, because we are all doing something wrong according someone else's moral compass.
the questions is why aren't you doing more to protect yourself?
sarcasm:
-noun
1. harsh or bitter derision or irony.
I never said to sing kumbaya or to throw money at their governments. We need a new strategy we've never done before to help these other countries so they can be self sustainable. That would show the US has good will again and is a beneficial superpower, rather than a hostile one.
I spend a lot of time thinking about this, but can't come up with a good solution. I know there must be a way, though.
If you have any ideas that would work, I know I'd like to hear about them.
I use this all the time at work. I'm a web developer and the rules here are pretty lax, so people are allowed to browse the web, use IRC, etc., as long as their work gets done.
But: I still put everything through an SSH tunnel to my Linux server. I'm still not doing anything wrong, but I don't see any reason for me to let the network admins sniff everything I do on the network.
By the way; I use the Privoxy HTTP proxy on my linux server, so I get the added benefit of that as well. Privoxy rocks. (o:
Love sees no species.
It's kinda ironic that you were able to post all that tripe anonymously.
The eternal struggle of good vs. evil begins within one's self.
We have people in key positions that don't even know, understand, or care about what is probably the most important document produced in our nation's history. For those interested:
http://www.youtube.com/watch?v=6qX_BjzUJmg
Watch in earnest as General Michael Hayden revises the 4th Amendment.
Not sure exactly how TOR works but it seems to me like a node could choose to deny connections to certain sites. It this not possible? Or does everyone running a node not care who they are helping?
I started to use TOR when I realised my 500 user large ISP's admin was using tail -f access.log on the transparent proxy, running sarg with all output switches and tcpdump. Don't answer me that I should sue him, it is not that easy here to sue someone or worth the settlement. I used TOR to keep my gmail and even slashdot comments private. Futher, do you close your curtains when it gets dark? Even when you are doing nothing 'interesting'? Am sure you want some measure of privacy.
This is my sig.
Last week, a few Tor exit-node servers were seized by the German police in a massive sting against child pornography. From our friends on the ground in Germany, we hear that dozens and dozens of machines may have been seized.
So far as we know only six of those were Tor servers. We have heard from the server operators. None of them has been charged.
This is not a "crackdown" on Tor, as has been widely reported. We expect and hope that the volunteer Tor server operators in Germany will get their equipment back after this has blown over, and there will be no action against Tor.
Please contact me for more information at my work --
Shava Nerad
executive director
The Tor Project
shava -at- freehaven -dot- net
kiddie porn, terrorism and copyright aside:
as far as I understand TOR - this whole network exists for users to remain absolutely anonymous. because of many many many proxies there should nowhere be evidence for who did what (correct me if I'm wrong)
SO if there is no evidence at all for any special activity, then this must mean that the police seized the servers just because they suspected the owners of doing illegal activities, based on nothing but the fact that they used anonymization software...
BUT in germany it is illegal for the police to raid a house without a strong suspicion (and I don't think "using anonymization software" is a strong reason - yepp, asked my lawyer, using anonymization software wouldn't even hold as indication
SO I'd say this whole raid was illegal...
and it's just another reason for me to vote the german pirate-party next time http://piratenpartei.de/
The MAFIAA is a bunch of mindless jerks who will be the first up against the wall when the revolution comes
alright, this looks like it was heading for flaming...
stop it, let's concentrate on the main point:
if someone uses tor, this doesn't automatically mean he is breaking any rules!
otherwise I'd have to raid your house for chatlogs, because you must have connections to al-quaeda, because why else wouldn't you do your cybersex with your girlfriend on public IRC chatrooms?
The MAFIAA is a bunch of mindless jerks who will be the first up against the wall when the revolution comes
Only this time, "power hungry individuals" = GWB + his gang and "The West" = The Middle-East.
Bullish Machine Tzar
And while they are checking, be sure to run across any pirated music or software or 'banned information' ( which varies from country to country ) that might just happen to be on their drive. Chalk it up to collateral damage.
And dont tell me that the average TOR user is 100% innocent.. Sounds like its mostly an excuse for a fishing expedition.
---- Booth was a patriot ----
The only parallel is that GWB is doing the same thing . The difference is that you don't blindly believe what he says . And I'm glad for that . Otherwise it would be much worse .
Slipping shoelaces ?
I guess it comes down to the same thing . Religion is a means to control the people . And that's a global thing . Bush also ends his speeches with 'God bless America'. Wich means like : God says it's ok to do it . I guess the difference is that we don't buy it . Religion is still a very important part of life in most Middle East countries . So they have more power over their people . If Bush would say the same thing about muslims as some of muslim leaders say about America , Bush wouldn't last another day .
Slipping shoelaces ?
That's a great question. I can't really help you, because I'm a lawyer in America and not in Germany. Plus, it looks like everyone who has replied to your question has tried to forge some kind of bizarre, hackneyed connection between a property seizure in Germany, from Germans, by Germans, to what little they know about American jurisprudence (as if the U.S. Constitution has anything to do with this whatsoever). It's shameful that American xenophobia after 9/11 has grown to the extent that most can't even fathom that other countries might be governed by different laws. But hey, they're getting modded way up for it, so I guess now it's acceptable to post things that are way, way off-topic? The only thing I can think of is that David Hasselhoff is somehow involved. I have it on good authority that Germans love him, and as an American of German anscestry, he might very well provide the necessary causal link.
So anyways, you're really on your own here. What you need is input from someone in Germany who has more than a passing familiarity with German law. What won't help you are rants by Scalia or Breyer groupies, respectively, who have used your innocent question as pretext to drag out the same old tired arguments over how to interpret U.S. law.
Parent sed: "Don't get me wrong. In principle I do believe in freedom of speech and freedom to surf."
No you don't not with an attitude like that you believe some people should be allowed to see some images and words. Now that may be all well and good but don't LIE and proclaim your great love of freedom like some modern day Benjamin Franklin when in fact you value safety over freedom. Lack of freedom and the chilling of free speech ALSO tears peoples lives apart If you don't believe me just read a biography of the beat writers like William Burroughs who were persecuted for their sexually explicit writings in the 50s. Ditto for James Joyce in the 20s.
http://pers-www.wlv.ac.uk/~bu1895/EN3016_text.htm
Real life often offers hard choices with no clear cut guidelines to make those choices. In those cases I believe we are best served by erring on the side of freedom even at the risk that some people may be hurt on occasion. Are we really so cowardly that we have gone from being a nation willing to die for freedom to one willing to destroy freedom because of the mere hypothetical risk something bad may happen? And yes this article may be abut Germany but I suspect a majority of the responders are Americans so this action is relevant to us to as these sorts of actions set bad precedents.
Also keep in mind eliminating TOR is NOT going to end child pornography or terrorism. If TOR is gone these people will just switch to steganography, or coded phone calls, or secret drop spots. The bottom line is that if people want to do bad things they will most likely do them and the best we can do is clean up the mess afterwards. The alternative is quite literally 1984.
Tired of all the isms, don't exploit people as an employer, or a government, mmmmK?
I imagine that most of the traffic on Tor (by number of bytes) is probably filesharing, spamming, hacking etc.
One important note: The same characteristic that makes Tor difficult to attack (requirement of coverage of majority of exit nodes in order to bypass the enciphering) makes it very hard to empirically determine the proportions of the different types of traffic.
"The Devil does not know a lot because He's the Devil, He knows a lot because he's old." -- unknown
So, it's the old "save the earth; destroy all humans!" argument, eh? Fun stuff...
Here's one. Consumers of money create demand for it. Going after them reduces demand and helps keep politicians from becoming corrupted by money. I don't know if it works or not, but if it does it's certainly an appropriate strategy IMO.
I have to disagree with you completely here. True freedom should *never* hinder other people's freedom. If you use your freedom to take away other people's freedom, you cannot claim you have true freedom. There is a very clear distinction.
Those sickies who posted kiddie porn on the net, they took away freedom of those girls -- the freedom to live a life of their choice without shadows of childhood sexual abuse. The offenders exercised their so-called freedom to do what they want in this case. However, is this a real freedom?
Similarly, for those terrorists took up the liberty to kill innocent people, they destroyed their victims and families. Yes, the terrorists owned their freedom -- but is it a freedom from your point of view? Think about it.
What I was refering to is this paragraph here: "Think about it: do kiddie porn and terrorism really affect more people in the world than say, domestic violence, or alcohol abuse, or even theft? Do kiddie porn and terrorism affect more people than lack of food, lack of sanitary water, low wages, or disease? Do kiddie porn and terrorism affect more people than hurricanes and tsunamis? Do kiddie porn and terrorism affect more people than war, cluster bombs, or unexploded mines?" . -- It is presumptuous in quantifying the influence of crime/mishap/misfortune against another as they are all perceived differently by individuals.
Also keep in mind eliminating TOR is NOT going to end child pornography or terrorism. If TOR is gone these people will just switch to steganography, or coded phone calls, or secret drop spots. The bottom line is that if people want to do bad things they will most likely do them and the best we can do is clean up the mess afterwards. The alternative is quite literally 1984.
Yes. Eliminating TOR will not solve the crimes. What was shown in the news -- is the complete lack of understanding of TOR technology by the German authorities.
Dumbass. I wasn't defending the terrorists or child porn people I was defending all the other innocent users of TOR who have their freedoms taken away because the govt. uses the excuse it is used by those bad people to shut it down in Germany. This action is totally hypocritical on the govts part because terrorists and child porn sickos also use telephones and roads yet you don't see the govt. shutting those things down, do you? TOR is shut down because geeks who believe in freedom of speech are weak, and the technologies they use are hard for ordinary people to understand. How nice of you back the crushing of weak freedom fighters by the govt.
Tired of all the isms, don't exploit people as an employer, or a government, mmmmK?
I use Tor quite regularly and for a variety of reasons, none of them at all having to do with anonymity. The primary reason for running Tor is to avoid ISP man-in-the middle password phishing attacks while traveling in South East Asia (I started using Tor after having passwords stolen in this way while using my own laptop in a hotel in Manila). Tor encrypts traffic and bounces it around in Tor land until it bounces out, generally in Europe or the USA - and that brings me to the second reason for using it. Having my traffic coming from Europe or the USA while in South East Asia is beneficial.
It is your personal duty to fight for what is right on a daily basis. Ignoring injustice is identical to approving
Legislating against the symptoms of a problem is like a band aid on a broken arm. Save the money and catch the guys who make it in the first place. Such a move would a) be more effective b) cheaper and c) not involve giving up civil liberties.
Besides, do you actually swallow that crap about the legislature caring about kids?
But I can see your precedent. Terrorists are killing us because we have freedoms. So the answer is to take them away! Then they don't have to kill because of our freedoms, because they'll have been taken away! Yipee! Republican logic at its giddy highs.
I hate printers.
I agree with 1 ( actually this was point ) However , that 'minority' of Muslims is quite big . I have seen like 10 thousand people shouting 'death to America' It may not be a danger that will 'destroy civilization' . but it will harm a lot of people . I do believe violence is not the way to solve this . I'm hoping for better ways ( perhaps through education about the dangers of religion ? )
Slipping shoelaces ?
Okay, I follow your arguments about whether or not the machine should have been siezed.
Can anyone answer what the possibilites are of info leakage when an administrator of a Tor node doesn't have good faith? For example, if the police were to set up a Tor node for themselves could they comprise the system for snooping?
[p.s. Doc Ruby: tyYtKuVz is meaningless]
There are very few arguments against anonymity on the Internet. In fact, the only argument that I can even invoke is that anonymity interferes with the ability of powerful organizations to track down individuals who have moved data around in a manner that they do not like. Those "move data around" activities could include hacking, distribution of illicit or illegal data, pirated or copyrighted material, etc...
While it is true that online anonymity does interfere with the ability of powerful organizations to track down individuals, the crucial question that needs to be examined is "Does the greater good get better served by maintaining a mechanism for free-speach with no possible reprisal" at the expense of tracking down hackers and peddlers of illegal and copyrighted content?
If we destroy anonymity on the Internet, are we not simply sacrificing another of our freedoms for a perceived security? Certainly people will still hack, distribute illegal and copyrighted content and all of the other things. The bad guys will just steal someone else's identity to do their trash. But meanwhile, law abiding citizens are stripped of the ability to complain about the evils of the world without shouting, "Hey! This is John Smith and I saw a mafia hit last night! I want to report it to the police! Again, my name is John Smith!!!! EVERYONE!!!!".
It is your personal duty to fight for what is right on a daily basis. Ignoring injustice is identical to approving
I do, however, believe that eliminating anonymizing networks like Tor will not stop such criminal behavior. However, it will stop dead the ability of legitimate citizens to securely publish information that has the potential to save lives or advance civilization in profound and unmeasurable ways.
Perhaps the focus should shift in discussions like this one to "How can we encode exit policies in the Tor network to minimize or altogether limit criminal behavior without sacrificing it's noble principle of maximizing free speech?"
It is irresponsible and foolish to demonize a valuable tool because that tool may be used for evil. A Knife can take human life (and does so rather regularly), but we do not blame the knife and criminalize ownership of them. The same can be said about guns, but it is understood (at least in America) that the right to bear arms is more important than the threat of their misuse.
At any rate, back to "What can be done to correct this issue with Tor?". I can envision an OSS type of project that, through a mixture of automatic classification and an online database could enhance exit-policies on Tor nodes to massively curb the types of offenses listed in this article. Hell, I would rather see Tor go to a white-list scheme (can only access approved sites) than dissappear completely.
Whether we like it or not, the technology behind Tor is already in the public domain. The cat is out of the proverbial bag. Big business and government may try to scare those that run Tor nodes into turning off their nodes, but there will always be a people who will not be intimidated. And, lest I forget to mention, Tor was originally conceived of by the U.S. Navy. Clearly, the US military seems to believe that such technologies are important.
It is your personal duty to fight for what is right on a daily basis. Ignoring injustice is identical to approving
Is that supposed to be an acutal counterargument, or are you just messing around? I don't even know how to respond.
It doesn't matter what the legislators cared about when they passed the law IMO. What matters is what effect the law has.
You realize the two arguments are not equivalent, and the invalidity of one does not imply the same about the other. Right?
How it got modded +5, I couldn't say but I suppose there are plenty of Slahdotters who are ignorant about Tor.
1. The very code on those servers prove they are acting in a common-carrier role.
2. Code notwithstanding, the police could only prove that the Tor node accessed (but not supplied) the CP anyway. This is where you got it backwards.
3. From what I recall, it is possession and specific trafficking of CP that's illegal, which doesn't apply to services like Tor (see above). Otherwise, anyone who builds anything that conveys objects or information anonymously is a criminal. Sidewalks don't require ID logging, and have been used to convey CP anonymously, so concrete-pourers and townships are liable for CP? I don't think so.
4. No way are Tor operators going to make a habbit out of logging IPs. They won't do it for the Communist Party in China, nor will they do it for the oh-so-legitimate thugs of capitalism.
I deplore CP, but the advice you're offering is doing no one a favor except perhaps for the grandstanding. twisted public officials who like to prove they are ""doing something"" to protect the community.
b) While not equivalent, I was making the point that the stated intention of the government action is completely removed from the actual intent of the government action. So there is a parallel.
I hate printers.
What the hell are you talking about? In what country is it legal to have an NDA over illegal activities?
In any country I'm familiar with teh law (New Zealand and to a lesser extent Germany and Australia), if you know about a criminal act, it is illegal to not disclose it to the relevant authorities, the corrollary[sic] of that is that a contract is invalid if it requires you to break the law.
Hence the NDA is invalid in relation to disclosing illegal activities, and any sane court would throw out any lawsuit against you.
However with the USA's totally screwed legal system this may not apply...
What could be better than a jet powered motorcycle? http://www.youtube.com/watch?v=u8l6GTHLSWE
Basically, the NDA covers disclosure in any way. Yes, we would most likely win, given that the disclosure was over illegal material and to the authorities, but we can still get sued and given the amount of money involved, it's a costy suit that you first of all have to fight. Having a few millions tied down for months or even years, even if it's not 'lost' it is still not available, is nothing we can easily swallow, we ain't MS.
Besides, the loss of trust involved also doesn't really look good, and might discourage others from choosing us as their partner. Yes, the US ain't the only country where people implicitly distrust their government.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Well, I guess it depends on what you are covering. If it's software piracy then you'd be an idiot to report it, because even though you're doing the right thing by the law, most customers won't see it that way. On the other hand if they have kiddie-porn or terrorist plots on their computer I would call the cops straight away, especiallly since if you knew about it and did nothing and it later came to the attention of law enforcement that you knew about it and id nothing, you could be in a shit-tornado very soon...
What could be better than a jet powered motorcycle? http://www.youtube.com/watch?v=u8l6GTHLSWE
Bullish Machine Tzar
Since this is South-Africa we have limited options when it comes to wireless ISPs. In our town, there is only, one. Landlines are very expensive, $100 for a 3G hard cap. Telkom, the monopoly phone operator, charges R50, around $10 per gig an ISP sells to their clients. After markups ect there are no real alternatives. The wireless option was a good deal, though because of their business practices I'm back to a land line.
This is my sig.
The technition who installed our wireless hardware, AP, told me the admin is a Linux wizard, bragged that he has 3 screens, 3 keyboards ofcourse, he went on to explain the whole setup to me. He then explained how they manage to identify clients using excessive P2P and clients subletting their connection to other users by using tcpdump. The business contract did not allow more than 5 PCs on the network. We had 3 PCs, all had 2 network cards, plugged in to the LAN, a day passed and the admin told us to get rid of the extra PC, he looked at the MACs. We were told not to run P2P because it made the wireless network slow and used too much bandwidth. When we called him and discussed our problem with him 'breaking' the contract we signed (there was not clause concerning usage) and that we did not want him running tcpdump on our connection. He admited to it and said he was not violating our privacy. Over the course of 2 months we exchanged emails about our 'excessive' use, like downloading 12 Linux ISOs when Ubuntu Dapper came out, since I tested RCs, from the discussions it was clear he knew exactly what we accessed as we browsed, he also sent us sarg reports. Am not witht he ISP anymore.
This is my sig.