Raided For Running a Tor Exit Node

An anonymous reader writes "A Tor Exit node owner is being prosecuted in Austria. As part of the prosecution, all of his electronics have been held by the authorities, including over 20 computers, his cell phone and hard disks. 'During interview with police later on Wednesday, Weber said there was a "more friendly environment" once investigators understood the Polish server that transmitted the illegal images was used by Tor participants rather than by Weber himself. But he said he still faces the possibility of serious criminal penalties and the possibility of a precedent that Tor operators can be held liable if he's convicted.' This brings up the question: What backup plan, if any, should the average nerd have for something like this?"

Store your data someplace else

[bobstreo]

Cloud storage, and make the exit node a leech off your neighbors wifi.

Re:Store your data someplace else

[Zemran]

Sounds good to me :-)

Re:Store your data someplace else

[Lumpy]

Load balanced across the 40 unconfigured routers all named "linksys" I can see from here will work nicely.

Re:Store your data someplace else

[Lord+Byron+II]

The original question was how does a Tor-running geek prepare for a computer seizure by authorities. One answer is to backup your data to the cloud, so even after they have your computers, you can at least go buy a new beige box and keep working. That's what the GP was getting at.

Re:Store your data someplace else

[hairyfeet]

Or the more sensible thing is unless you have a couple hundred grand in the bank for the lawyer's fee don't be running Tor until we get better laws.

I know many want to do the whole "fight the power!" stance but the laws on kiddy porn are so messed up right now that frankly you don't have to look at squat, just the fact that your connection was used could be enough for you to be looking at 10-20 in PMITA prison.

The way I had it explained to me was thus: Imagine somebody gives you a safe to haul to somewhere, even though you don't actually have the keys to the safe if the cops stop you and open it and find drugs and CP, even though you had zero way of knowing they can still charge you with facilitation and distribution since what you were doing helped a criminal commit a crime.

So you can scream Tor and Freenet is about "freedom!" all you want, all a prosecutor has to do is say CP anymore and the odds of a jury having common sense and letting you off is virtually nil, and of course the judges don't understand dick when it comes to tech so either way you are screwed. If you have a family or anybody that counts on your paycheck? Then frankly you would be insane to run Tor, this guy is gonna have the next couple of years of his life tied up in court and God have mercy if he can't afford to lawyer up, because he's dead meat with a public pretender.

Re:Store your data someplace else

[Shoten]

The original question was how does a Tor-running geek prepare for a computer seizure by authorities. One answer is to backup your data to the cloud, so even after they have your computers, you can at least go buy a new beige box and keep working. That's what the GP was getting at.

Actually, the question had to do with running a Tor Exit Node...essentially, how to protect yourself in this situation.

"What backup plan, if any, should the average nerd have for something like this?"

...for an article about getting busted for running an exit node. And you can't have one, really. From a procedural perspective, that's the point. Half the intent of this kind of enforcement action is to utterly cripple the activity they suspect of taking place. If you're dealing in child porn, as was the trigger for this, they WANT to leave you without a backup plan. They deliberately do everything in their considerable power to leave you unable to send/receive/view/photoshop/make monopoly money out of the images/video/whatever. And they've had practice at it. They will take any computer you have, and demand access to any external storage you have as well. It's just like a physical search and seizure for physical evidence; the warrant covers all storage you own or have rights to, including your home, and even if you have a storage container they know about. And you can be absolutely sure that they will have watched your communications for a little while before raiding you, and would see if you're running backups to an external site. And the guy had dozens of storage devices...HP servers. Good luck backing that up to the cloud without it being incredibly obvious.

The other technical problem is this: your node will be seen as the point of origination for any traffic that goes to the Internet. You don't control that traffic, and don't have any insight into it before it arrives where you are. You're giving up control of your network, to some degree, to parties unknown with reason to hide. In some cases they have reason to hide because other people are bad, and in some cases they themselves are bad, which is why they want to hide. But you can't tell the difference without actually inspecting the content...all of it. (And if you have a way to do that reliably in a situation with no context please do let me know. I know a few VCs who will gladly fund you, because that level of automated content classification on-the-fly on a network is the holy grail of several aspects of information security.) There is no easy way to detect with any level of certainty that you are not actually involved in the activity you're facilitating without seizing your computers and validating that you're not actually running the software behind the traffic or storing the data that was sent to/from your node.

But you know what? None of that matters...because the problem is about running the exit node, not being the one with something to hide. It's not your traffic that got their attention, just the fact that you're the only person they could find who was associated with it. So your options are to take the risk, or don't be an exit node. And again, this is something the article pretty much states outright, so if you've read it, you'd know that.

Backup Plan

[Sigvatr]

Lots of money.

Re:Backup Plan

[MightyYar]

Instead of trying to run a TOR server yourself, and needing to defend yourself, let a charity take care of it for you. Your money will end up being pre-tax dollars and will then go farther, and if you really want to be more hands-on you could probably volunteer.

For EU residents, there is a tax-deductible German charity of the same ilk.

Re:Backup Plan

I can see this. The investigators turn up to take his servers, only to be met with a massive impenetrable container made of steel and lead. It humms menacingly at them with intermittent whirrs and bleeps, no obvious way to even begin dismantling the plating of this computational hulk. They quickly locate the power supply in the form of a firehose-sized cable leading directly into the floor and from there to the power main, multiple secondary cables extending from the same hermetically sealed orifice. They ask the power company to cut the power, which immediately makes this horror of technology fall silent. While they begin to ponder how to move this monstrosity it suddenly begins to make clunking sounds that quickly escalate in both speed and volume. A heavy "chunk-chunk-chunk-chunk" begin to dominate the soundscape, while the outer plating begins to vibrate almost imperceptibly. The power company calls them to inform them of a massive spike in their grid as the outlet seem to be receiving power equivalent to that of a minor power plant. Meanwhile the servers have begin to relocate digitally, jumping IPs and updating them on various shady sites.

Three hours later the nukes begin to fall.

There is no preparation for this.

Look at Kim Dotcom.

Re:There is no preparation for this.

[rtfa-troll]

Look at Kim Dotcom.

I think Kim is, a definite lesson here. What he was doing is really similar to running a Tor exit node but his attitude to it was almost guaranteed to get him into trouble. If you do plan to run one, you want to do a bunch of things differently from the way he does it. Here are some ideas, but remember that some of them might be a really bad idea in one place and a fine idea in a different one. Talk to not just a lawyer, but a lawyer who is actually working for you (more later).

Make sure you, yourself are squeaky clean. Don't break other laws even if you disagree with them. For example, I'm deeply opposed to the media industry (RIAA & MPAA) but I don't consider it a terrible life threatening hardship to go without their products. Thus, if I actually for some sick reason or other found myself wanting to listen to Lady Gaga I would go out and buy a DRM free CD. I would rip it, however that is legal where I live so it's not a legal risk. Make sure that all your media, software etc. is 100% legal.

Secondly; Kim seems to have been setting out to tweak the whiskers of big media. His moral case was never very strong. Make very sure that the reason that you are involved is strongly about protected free speech. Make your views clear; make sure that they are openly registered somewhere.

Thirdly; People in Kim's organisation seem to have been caught supporting piracy and so on. You might want to see when you can identify pirating connections and block them. Nice is to show a little page telling them you identified them (e.g. from the identifiers in their traffic) and explaining why they are overloading the system. You want to be really active in blocking or even hunting down users that are invovled in things like child pornography. This is a bit difficult; merely reporting something might make you of interest; however if you are active in combatting child pornographers this makes it difficult to accuse you of supporting them.

Forthly; Kim was trying to make a profitable service; this makes it easy to portray him as greedy sponger. Make sure you don't accept any money for your work; not even expenses.

Fifthly; where Kim was all about personality and basically painted a big target sign on himself, consider hiding behind an association. Get together as a group of people who believe in tor, and have a leadership of people who are not actively involved in any way in the day to day running of the service (best if they have no practical knowledge of where the servers are and who owns them. )

Having an association will also allow you to do a bunch of legal things; e.g. hiring a lawyer as a group; which would be difficult otherwise. You will be able to talk to the government as a group. If they say that what you are doing is illegal, you will be able to take them to court without any particular individual having to risk taking the stand for what they are already doing.

Be prepared for the concequences

[xtal]

If you're running Tor, or FreeNet, or anything else with the possibility of pissing off the man - be prepared for the concequences. The authorities repsonse here is pretty standard across the board.

Any Freenet nodes get raided? That's a good test for how secure the system is.

Re:Be prepared for the concequences

[SuricouRaven]

Freenet should be safe, as it has no gateway functionality to the wider internet. It's self-contained.

Re:Be prepared for the concequences

[Applekid]

As usual, the global population spans the entire spectrum from massive government censorship and oppression and from relatively free communication. Tor enables those in free countries to operate exit nodes for the benefit of those in oppressed areas. Those operators are basically modern-day information Robin Hoods.

That your government is willing to raid you is a sign that you live in one of those oppressed areas and should not be running an exit node. So, you should prepare to face the consequences if the reach of The Man can grab you.

ISPs as well?

[grahamm]

If a TOR exit node can be prosecuted for traffic passing through it, should the ISP and backbone router owners not also be held responsible for traffic passing through their nodes? If the ISP and network operators are not held responsible then neither should the TOR node owner.

Re:ISPs as well?

Just like the mail service can be held responsible if they deliver a package with drugs in it? It's basically the same thing as bringing a bag full of drugs that a stranger gave you while on holidays... right?
No.
Common Carrier vs Doing a Favour for a Stranger.
Totally different.

Re:ISPs as well?

[tilante]

Well, here's a couple of differences....

Your ISP has an acceptable use policy that you are required to agree to in order to get service from them, which most likely states that you're not allowed to do anything illegal, and that if you do use their network to do something illegal, you agree that you are wholly responsible for it. It also keeps records, so that it can cooperate with the authorities in tracking down people who are using their network for illegal purposes.

A Tor operator, on the other hand, by design does not know who is using their connection, and thus, cannot enforce that their users must agree to any policy. Further, and again by design, a Tor node does not keep any records that can be used to help authorities track down people using that connection for illegal purposes.

Much of the law operates on the basis of what a 'reasonable person' would understand. A reasonable person would understand that, given their policies and practices, a typical ISP is not attempting to shield people performing illegal activities. On the other hand, a reasonable person who knows what a Tor exit node is and sets one up should understand that there is a high chance that there will be illegal activities being funneled through their node.

So, from a legal point of view, there's a big difference. Now, ethics and morals... those are different things. But honestly, if you're not willing to go to jail to defend the principle that people should be able to anonymously use the Internet, then maybe operating a Tor exit node isn't something you should be doing.

Re:ISPs as well?

[buchner.johannes]

I just read up the law (TKG, should be similar to the European law). I learned two things

  - Anyone can become a ISP/telecom. You have to register, but the gov doesn't stop you.
  - Participants have the right to taken into records (written or electronic, to be made available to other ISPs/telecoms+gov) of each participant: Family name, name, academic title, address, ID, and, if the participant wants, occupation. (18 p1-1, 69 p3)
      But apparently, this is only a right of the participants, so it does not say anywhere that you are not allowed to provide anonymous services. In fact, participants have the right to have their records deleted too.

Solution: Register your Tor exit node as a communication service. If records are requested, say that your participants all don't want their records stored.
Caveat: You have to provide your services to anyone, and people who insist on having their names stored have a right on that. Why anyone would want to use Tor and be identified is beyond me though.
Finally, you may have to comply with data retention laws, i.e. store connection data (not records) for 6 months. Since nobody will be able to use this data anyways, with Tor nodes overseas, that's not a killer.

Re:ISPs as well?

We (including the very smart lawyers at the EFF) believe Tor nodes qualify as transmission providers under DMCA 512(a), not 512(c). This makes them exempt from "notice and takedown" procedures, including the need to issue "putback" responses. The EFF has even prepared a template response for improper DMCA 512(c) takedown notices.

Question: What are the criteria a service provider must satisfy in order to qualify for safe harbor protection under Subsection 512(a) of the Digital Millennium Copyright Act?

Answer: Subsection 512(a) provides a safe harbor for service providers in regard to communications that do not reside on the service provider?s system or network, but merely pass ?through? the system or network. Any copies of the communications on the system must be temporary, i.e., ?intermediate or transient.?

A service provider must satisfy the following critical elements in order to qualify for the ?safe harbor? or protection from liability provided by subsection 512(a) (note that subsection 512(k)(1)(A) defines ?service provider? as used in subsection 512(a)):

(a) The service provider is an entity offering the transmission, routing, or providing of connections for digital online communications [512(k)(1)(A)];
(b) The service provider did not initiated the transmission of the material [512(a)(1)]
(b) The transmission, routing, provision of connections, or storage is carried out by an automatic technical process [512(a)(2)];
(c) The Internet user, not the service provider, must select the origination and destination points of the communication [512(a)(3) and 512(k)(1)(A)];
(e) The service provider must not modify the communication selected by the Internet user [512(a)(5)];
(f) The communication is transmitted ?through? the system or network of the service provider [512(a)(2)];
(f) No copy of the communication is maintained on the system or network in a manner ordinarily accessible to anyone other than anticipated recipients [512(a)(4)]; and
(g) No copy is maintained on the system or network in a manner ordinarily accessible to anticipated recipients for a longer period than is reasonably necessary for the transmission, routing, and provision of connections [512(a)(4)].

https://www.torproject.org/eff/tor-dmca-response.html

Re:ISPs as well?

[Intropy]

Since you asked. Real-world analogies where you wouldn't be held responsible:

You deliberately have no fence around your yard so that anyone who likes can walk across it from one side to the other. You will not be charged if someone flees from the police through your yard.

You and your neighbors pool various gardening tools and keep them in an unlocked tool shed so that anyone can use them with a policy being that you trust people to bring the tools back. You will not be charged if someone steal a shovel and uses it to kill someone.

You are zip car. Someone uses one to commit any of the ten million crimes you can commit with cars. You will not be charged.

The backup plan.

[NettiWelho]

"What backup plan, if any, should the average nerd have for something like this?"

Select a new exit node, duh.

thermite

[WillgasM]

You mean to tell me you guys don't have your cases rigged with thermite?

Shipping analogy

[LaminatorX]

If you ship contraband via FedEx, is FedEx a criminal?

Re:Shipping analogy

[squiggleslash]

If FedEx actively advertises the fact that shipping via them prevents law enforcement from prying into what it is you're shipping, then... may be.

The problem with Tor is its advertised application. It's a network designed to prevent you from being snooped upon, but by and large the (work of mouth) advertising isn't "And this way Google will never be able to select ads that are of interest to you" or "You don't have to worry that your affair will be discovered by your spouse" (to use two extremes) but "The government will not be able to snoop on you!"

And while, yes, there are occasions that the government snoops on people maliciously and illegally, it remains the case, today, that the primary reason why the government snoops on people is, well, because they're enforcing laws. Joe Sheriff doesn't care that much about the fact you voted for Obama or believe Bradly Manning is being treated unfairly, but he sure as hell cares about people sending each other child pornography, or orders for illegal drugs, or even getting copyrighted movies without the permission of the copyright holders and not paying for them, or whatever.

And so you have idealistic nerds saying "I know, let's be the next Amnesty International and provide a way for dissidents to swap messages about how terrible the regimes are that they live under", and you get the idealistic nerds using it, because they know it's not going to work otherwise and, sure, maybe one or two of those dissidents using it, and a few paranoid rednecks who are convinced Obama will take their guns away if they talk about them in public.... and you also get a lot of people using this network that's secure against government snooping for doing the things that governments actually legitimately snoop on, you know, doing stuff illegally. Did I say "A lot of people"? Maybe most, I don't know. It would not exactly be surprising if most Tor users are actually using it for illegal stuff, even if the majority of those Tor users are using it for stuff nerds don't see as wrong, such as trading copyrighted movies without the permission of the copyright holder.

I don't think Tor can work as is. It's a nice, idealistic, concept, but...

Plausible Deniability

[Maximum+Prophet]

It's hard for the average nerd, you either have to be so small and invisible that you can take off at a moment's notice, or maintain shell corporations that own all the stuff that might get taken. If you own a house, or have a family that you care about, fugetaboutit.

Wondered From Day One

I've wondered, from day one, why anyone would be crazy enough to run a TOR exit node. Why would you willing serve as the front man for someone else's unknown but likely illegal activity? It's just crazy.

Running an exit node is just begging to get arrested for child porn. I'm positively amazed that it doesn't happen a LOT more often.

Re:non-destructive backup plan

[pipatron]

The problem is not the exit node, no information of any value contains there, and nothing that can incriminate you will be on the exit node.

The problem is the complete raid of everything of value you own and depend on that had no part in the exit node, no matter what is stored on the machines. Likely keeping them for months, even years depending on how far they want to go with the case.

I actually have 2 plans

[slashmydots]

What backup plan, if any, should the average nerd have for something like this?

1. Don't run an exit node
2. if 1 fails, fly to Belize and live blog my evasion of the local police

Re:Don't run an exit node.

[Ceriel+Nosforit]

A mesh network isn't far away. Wireless APs are becoming redundant in homes so with a bit of community spirit and recycling you can establish a darknet like that. That community spirit is most easily found in hackerspaces and the Pirate Party, and since the latter type has the ability to support the former type you can get the message into people's homes without coming off as a lunatic fringe.

A lot of people don't understand why you want to build this and assume it's for child porn. I have learned that the appropriate response to crap isn't logic nor debate since it is just lazy rhetoric, but instead instant anger or suggesting 'that's what you'd use it for, isn't it'. Then assuming an air of accepting their apology you can move on with the issue. - As a partisan you should never for any reason permit discussion of child porn in what is a discussion about freedom online. Even throwing a tantrum is much more constructive.

So quit whining and start advocating!

Re:The Simple Truth?

[tilante]

You can tell them that... but they're not going to buy it. First off, ISPs operate under legally-established safe harbor provisions, which require them to do certain things. If you haven't also done those things, then you're not operating under the safe harbor provisions, and thus, the rules that apply to you aren't the same as those that apply to the ISPs. It's not simply a matter of not knowing what data goes through your network - there are other things you have to do, which include keeping certain types of records about your users... and TOR by design does not do that.

Second, prosecutors have leeway to choose which cases they will prosecute - so your "you must also prosecute" is simply not true, and the prosecution and judge both know this. So they'll simply ignore your speech, and instruct the jury to do so as well.

Now, whether these things are right is a separate question - but there are definite legal differences between an ISP and you, if you're operating a TOR node.

Re:With that logic

[Dishwasha]

No, in both cases the pawn shop owner (or Tor node operator in this case) wasn't explicitly aware that their business (or Tor node) was being used to steal goods (or illegal online activity). The pawn shop owner (or Tor node operator) is likely aware that running a pawn shop (or Tor node) carries the risk that illegal goods (or illegal online activity) will be filtered through, though predictive knowledge itself is not a crime. Rather than seeking the assistance of the business owner (or Tor node operator) in tracking down the perpetrator, the authorities chose to instead implicate the business owner (or Tor node operator) directly for the illegal activities of the perpetrator who utilized the business owner's (or Tor node operator's) property to carry out those illegal activities.

See how that analogy works there? If they arrested all pawn shop owners who had facilitated the stealing of stolen goods without explicit knowledge then likely all pawn shop owners would be arrested.

Deadman's Switch

[CanHasDIY]

Set it up so that if a certain encrypted file isn't updated manually at certain intervals, the entire system self-immolates.

Realistically, though, I've been thinking about building inconspicuous, low-power Tor exit servers that I can dead-drop in places with open wifi. That way, exits can be operated with a minimal threat of legal ramifications for anyone (plausible deniability on the part of the wifi provider).

To that end - anybody know where I can bulk order small form factor, inexpensive low-power computers that are battery pack/solar power friendly?