Seattle Police Raid Tor-Using Privacy Activists

Frosty Piss writes: Seattle police raided the home of two outspoken privacy activists early on March 30th. Jan Bultmann and David Robinson, a married couple and co-founders of the Seattle Privacy Coalition, were awakened at 6:15 a.m. by a team of six detectives from the Seattle Police Department who had a search warrant to examine their equipment. They claimed to be looking for child pornography, however Bultmann and Robinson believe the raid is because they run a Tor exit node out of their home. They said they operated the node as a service to dissidents in repressive countries, knowing full well that criminals might use it as well, much like any other communication tool. The Seattle Police Department acknowledged that no child porn was found, no assets were seized, and no arrests were made. Seattle's blog The Stranger notes that the FBI has conducted many other Tor raids across the country, and Friday quoted a tweet from the co-founder of Seattle's Center for Open Policing addressing the police. "You knew about the Tor node, but didn't mention it in warrant application. Y'all pulled a fast one on the judge... you knew the uploader could have been literally anyone in the world."

Standard tactics

[Calydor]

This is pretty much standard operating procedure. They can't outlaw anonymizing services, but they can make running them so much hassle that very, VERY few people want to get involved.

Re:Standard tactics

[Sax+Russell+5449D29A]

That's why organizations such as EFF need to be actively involved in promoting the technology and we need to be actively supporting them. They have also lobbying power to some degree, which is of course helpful for the cause.

Re:Standard tactics

[Etherwalk]

This is pretty much standard operating procedure. They can't outlaw anonymizing services, but they can make running them so much hassle that very, VERY few people want to get involved.

Things that backfire include pissing off judges. If they knew about the Tor exit node then they almost certainly lacked probable cause. Probable cause requires considering all of the facts, not *just* the ones favoring guilt. If, in fact, they knew about the exit node but failed to include it in the warrant application, they are going to have (1) pissed off a judge who finds out about it, and (2) they have probably opened up their department to a lawsuit for violating the constitutional rights of the people whose home they invaded. While they obtained a warrant, they did it by withholding information they knew to be relevant to the PC determination.

If they did not know, of course, that analysis changes.

Re:Standard tactics

[sumdumass]

How? I mean it doesn't matter if you run TOR or your neighbors use your WiFi, it is not a get out of jail free card so you can run something sleazy. Suppose they were the source of the kiddie porn ? Does the fact they run TOR mean that the cops cannot investigate?

No, this was handled properly. Suspected illegal activity was investigated and they were quickly found to not be part of it with minimal inconvenience. I'm not sure why this is even a story. Guess what, if you are around a store that gets robbed or some other crimes the cops will investigate also.

Re: Standard tactics

It's not about search by warrant that is the issue. It's the reasoning behind it and leaving out key information for the judge in deciding the warrant.

Imagine a warrant for a place that drugs passed through. Fine... Until you find out that it was true 6 years ago. Changes the thought process for the judge.

Re:Standard tactics

[Rick+Zeman]

This is pretty much standard operating procedure. They can't outlaw anonymizing services, but they can make running them so much hassle that very, VERY few people want to get involved.

Things that backfire include pissing off judges. If they knew about the Tor exit node then they almost certainly lacked probable cause.

And what was the probable cause for the kiddie porn?

Re: Standard tactics

[sumdumass]

What would be fundamentally different if the judge knew about the TOR node? I simply don't see it. You go to a judge and say we have evidence that this illegal post came from this ip address and tracked it to this physical address. We need to search for evidence of the illegal posting. So what does knowing of the TOR node change about that other than there is a valid reason evidence may not exist at the physical address? The fundamentals are still the same. The only difference is that they don't take the systems when they don't find something immediately.

Re: Standard tactics

[Etherwalk]

Evidence tending to show a lack of probable cause must be included in making a determination of whether PC exists. It's a "totality of the circumstances" test. The TOR exit node tends to show a lack of PC--it is much less likely that there will be evidence there of any kind.

Re: Standard tactics

[sumdumass]

There is no evidence of a lack of probable cause though. The problem is that there was still an illegal post made from that ip address which was assigned to a physical address and specific people. You still have probable cause to look for evidence that it was made from a computer at the physical address or through the TOR node. Nothing about the node changes that other than possibly clearing the person when the evidence doesn't exist.

Re:Standard tactics

[arth1]

No, this was handled properly. Suspected illegal activity was investigated and they were quickly found to not be part of it with minimal inconvenience. I'm not sure why this is even a story

Because to obtain a warrant, you need probable cause, not possible cause.
This difference is quite important to many of us who want to feel protected from our country turning into a police state.

Re:Standard tactics

[Nethead]

Exactly, how would they know there was a TOR exit node there? From a local radio report I heard one of the cops was a geek that knew what TOR was. That's why it was handled quickly. All the cops had was an IP and got the address from WaveG in a legal manor. The next thing was to get a warrant and go talk to the guy, that's what they did. The brought along a geek cop too to translate, so to speak. They had the warrant because it could have been a pedo. They brought the geek cop because it could have been an open WiFi and he could help them secure it, and then setup up a honeypot WiFi to catch the pedo which would have been near. Come to find out it's an exit node. Sorry to wake you, I hope you understand. The cops don't like TOR because it causes false hits like this and costs time and money.

Given the case, this went down just like it should. Sure it was early, but cops do that so they can talk to you before you get your coffee and your mind about you. That's standard.

They knocked, waited for him to come to the door. No pets were shot.

Given the description in the warrant there's some sick fuckers out there twiddlin' kids. Yes we want the cops to try to find them. Read the warrant (if you have the stomach) and see how much time has been put into the investigation. Of course they were unhappy that an exit node caused a dead end. But they did NOT take the computer or anything. They were professional about it.

Re: Standard tactics

What would be fundamentally different if the judge knew about the TOR node?

The fundamental difference is that the police tried to take the legal decision on whether that information mattered out of the judge's hands. And *that* is the kind of thing that does tend to honk off the judiciary even if they would still have approved the warrant.

Re: Standard tactics

[Etherwalk]

Computer using this IP address assigned to this physical address leased by this couple posted kiddie porn at this time. That is probable cause. Running an exit node doesn't remove suspicion, any more than does your 40 being in a paper bag. What it does give is reasonable doubt to the jury. Very different.

Maybe. But that's a call for a judge. (And before that, a call for an officer to decide whether it makes sense to spend the resources on this, or whether he just wants to knock on the door.)

Re:Standard tactics

[Etherwalk]

And what was the probable cause for the kiddie porn?

From the warrant, some pretty disgusting stuff posted on 4chan. Which is totally a legit basis for a warrant, standing on its own.

The only question is whether the cops knew about the TOR exit node and decided that raiding the house still made sense (which would be a very strange judgment call), or failed to disclose it to the judge (which would be really stupid and could open them up to a lawsuit).

Re:Standard tactics

[Tyr07]

Problem is dissidents in other countries could be targeted. If they allow governments to access tor exit node information, (I'd destroy the equipment after police raided it, probably infected with something now)

Takes just one friend in a political or police department to share information collected from the TOR node with authorities to have people with different opinions arrested.

Re:Standard tactics

[meadow]

Isn't there some way to Bayesian filter out pr0n and other garbage for people who want to run exit nodes? If e-mail apps can filter out garbage, why can't Tor nodes?

Another thing is this: If someone wants to run an exit node specifically to help people in certain countries, why not only allow IP's from those countries? Is it because - being Tor - the exit node actually doesn't/can't know what the country of the ultimate source IP is? Just wondering if there's some way around this. I guess there's no way to designate that an original packet came from country A without designating it, thus partically sacrificing anonymity, which is the whole point in the first place.

Still, would a partial anonymity such as that be more acceptable than full anonymity without the ability to block unwanted origin countries?

Re: the SPD - did they or did they not know it was an exit node? Following the informative comments on here about this...

Re:Standard tactics

[TechyImmigrant]

>Sure it was early, but cops do that so they can talk to you before you get your coffee and your mind about you. That's standard.

It's still a dick move of the highest order.

Re: Standard tactics

[sumdumass]

If the judiciary was honked off as you put it, we would be reading about it rather than a bunch of anonymous internet lawyers complaining about the possibility of it happening.

Nothing is fundamentally different with or without the information.

Re:Standard tactics

[sumdumass]

What in the hell are you talking about? No one ever said encrypted anonymous communication was the reason for suspicion. The message board gave the an IP, they followed the IP until they couldn't follow it any more. It is that simple.

Re: Standard tactics

[chaboud]

Various organizations -cough- us government -cough- have done just such a thing with machine learning to reduce the frequency of human evaluation of pornographic images, or so I've heard through the grapevine.

We can ID dog breeds now, so it's not hard to imagine that we could begin filtering for age.

The training set must be horrific...

Re:Standard tactics

[qbast]

If they actually wanted to hassle the TOR operators, they would seize equipment for multi-month 'analysis' every time.

Re:Standard tactics

[sumdumass]

That is a valid concern but I fail to see how it is reason to not investigate illegal activity within your country.

Could you imagine if someone hacked your computer, stole your financial information then drained your bank account and charged up all your credit cards and the cops say we tracked it back to this person but aren't going to check because they run a tor exist node and it might cause strife for dissidents in other countries?

Those other countries could run the exit nodes themselves and cause more havoc than investigating a crime in the U.S..

Re: Standard tactics

[chaboud]

So we're going to gather and murder people who find other people sexually attractive? People they may or may not be able to legally have relationships with, depending on the state or country in which they reside? We're going to murder people who may never have harmed any other people?

Yeah, that sounds reasonable... Sign me up...

Idiot.

Re:Standard tactics

[ArsenneLupin]

This is assuming of course that the judge would be favorable to the (wrongly) accused. Which is rather unlikely, once the words "child pornography" are trotted out, especially if it is a female judge. I know a case here in Luxembourg where a guy got convicted for running dpkg --purge somepackage because the forensic "expert" convinced the (female) judge that this is a command used to hide child porn. Fortunately, his sentence got considerably reduced on appeal.

Re:Standard tactics

[ArsenneLupin]

No pets were shot.

Probably because the guy didn't have any...

Re: Standard tactics

[lgw]

There is no evidence of a lack of probable cause though.

Do you understand the difference between "probable" and "might possibly be"? It seems like you don't, but "probable" means "more than 50%". If you know it's a TOR exit node, what are the odds? Ultimately, it's the judge's call, but being a TOR exit node dramatically changes those odds.

Re: Standard tactics

[sumdumass]

If the ip address in question was used exclusively as a TOR exit node you would have a point. However it was not so your point is basically saying the cops couldn't follow the evidence in front of them because it might lead to a dead end. Sounds silly if you ask me.

Re:Standard tactics

[thegarbz]

No pets were shot.

Probably because the guy didn't have any...

Or because the police execute hundreds of search warrants every day but if you only ever get your opinions from the media you would think that fatal incidents are involved every damn time.

Re:Standard tactics

[Tyr07]

Yeah that's sadly the same old argument we've always had.

More security and less freedom / privacy, or more freedom and less security.
How safe do you want to be? The problem is like a corporation. Once they have everyone using their product
so that they have complete control of the market, they start doing terrible things. Invasion of privacy unecessary to the sale of 3rd parties etc.

So while the government protects us for now, once we no longer share the same direction, well, too late, they have full control and will do everything to remain in power. Prevent people from getting together to remove the current government. Slander, threats, policies and other things to make it just difficult in general.

Re: Standard tactics

[AmiMoJo]

We need to stop thinking that an IP address is a useful identifier in the real world. Actions like this create a chilling effect on people running open Wifi and TOR nodes.

Re:Standard tactics

[MitchDev]

Sad but true.

America is a failed experiment at this point. The citizens failed to keep the government under control.

Re: Standard tactics

[stealth_finger]

riveting

Re: Standard tactics

[mnemotronic]

Sorry, I disagree with the suggestion that we roll over to avoid getting butt-fucked by the jack-booted, or in this case elastic-waist Docker wearing, thugs . Fight back with all legal alternatives. Make the system better by challenging the SOP. To paraphrase Eldridge Cleaver: if you're not a part of the solution, you're a part of the problem.

Re:Standard tactics

No, just far more often than they should, and even more often to specific groups of people, and orders of magnitude more often than any other civilized country in the world.

Re: Standard tactics

[Holi]

Change that "might" to "probably" and the Judge will deny your warrant, and withholding that information from the judge puts you in the iffy part of the law.

Re:Standard tactics

[kheldan]

That's very troubling on very many levels. We (the U.S.) is supposed to be some sort of shining beacon of Freedom of Speech and Freedom in general to the rest of the world, but our police are at least as much assholes as police in any other country of the world, and 'Freedom of Speech' apparently is just being paid lip service more and more.

Re:Standard tactics

"minimal inconvenience"

A home invasion by 6 police detectives.
Being detained by the police.
Being denied access to your property.
Being made a public spectacle.
Being half-naked (in sleep-ware)
Being accused as a Sex Offender
Being "this close" to visiting a local jail, meeting jail personnel, meeting "other" alleged-criminals, losing your fingerprints to "The Man" (Local, State, Federal, International "Law enforcement")

Yeah, just a "minimal inconvenience".

Your /. handle of "sumdumbass" is appropriate but not entirely correct -- you rank right up there with "The Dumb Ass".

Re:Standard tactics

[budgenator]

How would they know, if I connect through HTTPS, only the two end point computers would ever know what was in the packets because it would be encrypted before they entered the TOR network.

Re:Standard tactics

[Alypius]

This is why it's important to remember that if LEOs are executing a search warrant, they are not your friends. They will be professional, even polite, but they will use every interrogation tactic available (eg coming before dawn, attempting to split up to search other parts of the house, etc). You will have to decide for yourself whether or not to answer questions in a situation like this without legal representation. The warrant is escalatory; this is an order of magnitude higher than a couple of detectives stopping by during "Price is Right" to ask a question or two about your node.

Re:Standard tactics

[Anubis+IV]

The police department itself answered some of your questions before you posted them here. From one of the links in the summary (emphasis mine):

[Seattle Police Department] spokesperson Sean Whitcomb said the department understands how Tor works and that before executing the search, officers knew that Bultmann and Robinson operated the Tor node out of their apartment.

As you said, they had done a thorough investigation in advance, which turned up the fact that the couple was running a TOR exit node. So, the question "how would they know there was a TOR exit node there?" is rather moot, given that the police did know the exit node was there (aside: TOR exit nodes are public info, easily searched online). As for the justification they provide for pursuing the application, despite knowing about the node:

"Knowing that [they are running a TOR exit node] doesn't automatically preclude the idea that the people running Tor are not also involved in child porn," Whitcomb told NPR. "It does offer a plausible alibi, but it's still something that we need to check out."

Ok, that's reasonable. A crime has been committed and it's their job to investigate it, which includes verifying alibis. I get that. But why hide the information from the judge? While it's the job of the police to investigate, they have boundaries they can't cross without permission, and it's the judge's job to determine if the police have provided a good enough justification for taking their investigation into someone's home. By failing to disclose known information that could potentially undermine their request, the police usurped the judge's ability to make an informed decision, meaning that this may have been an illegal search.

Regardless of how polite the detectives who knocked at 6am were, there is no such thing as a professionally conducted illegal search. The phrase itself is an oxymoron. This situation only "went down" because someone misled a judge, so it seems a bit disingenuous to suggest that "this went down just like it should", when the way it should have gone down is that they properly informed the judge of the relevant details. Had they done so, I'd have absolutely no complaint about the way that the rest of it shook out.

Re: Standard tactics

[Rakarra]

Evidence tending to show a lack of probable cause must be included in making a determination of whether PC exists. It's a "totality of the circumstances" test. The TOR exit node tends to show a lack of PC--it is much less likely that there will be evidence there of any kind.

"TOR" does not suddenly mean that you have no responsibility for things that go through your network, it doesn't mean they are suddenly immune from investigation, just as it doesn't mean no one will come knocking if your neighbor is using your unsecured Wi-Fi to hack banks or download kiddie porn or whatever. Otherwise, what's to stop someone from running a TOR exit node, then just doing whatever illegal activity they want, and they can just say "sorry, it must have been someone on TOR. No way could it have been me."

They absolutely had probable cause -- they knew that the child porn had come from the activist's network connection. This is something that TOR users are going to have to get used to, since the legal system hasn't caught up yet. In the offline world, there are statutes against providing a location for criminal activity, even if you aren't actively involved in such activity yourself. I'm not sure that those statutes apply directly to TOR exit nodes, but they're certainly close enough situations that investigators aren't going to have a difficult time getting investigatory warrants.

As the activists mentioned, they knew that criminal activity was likely to be routed through their network connection. I expect there will be searches a-plenty until a court case decides on the legality of TOR exit nodes, and you can look forward to it being decided in favor of law enforcement.

Re:Standard tactics

[Rakarra]

Sympathizers with the police need to be harassed by the federal agency that needs to be created to investigate local law enforcement independent of states.

Yeah, keep up with the stupid war, buddy. Fight the "good fight."

Re:Standard tactics

[Rakarra]

How would they know, if I connect through HTTPS, only the two end point computers would ever know what was in the packets because it would be encrypted before they entered the TOR network.

My guess is that the hosting website gave up the IP address which posted the images to law enforcement.

Re:Standard tactics

[jmcvetta]

While they obtained a warrant, they did it by withholding information they knew to be relevant to the PC determination.

Oh c'mon, we all know warrants are granted with a rubber stamp. Judicial review is nothing but a bad joke.

Re:Standard tactics

[budgenator]

Well the point was could the exit node filter based on content, the real answer is no, anybody using TOR is very likely to be using end to end encryption. In the particular case 4chan.org did in fact report the possible illegal upload, 4chan.org is the nexus of oppositional-defiant youth and mostly Not Workplace Safe anyway.

Re: Standard tactics

[KGIII]

Actually, you're an idiot but you're not too far off. They *should* block as the default. The default mode should be blocking and then whitelisting the needed services. You can never keep up with blacklisting, no matter how many people you employ. You can keep up with whitelisting and, with adequate staff and policies, you can add things to the whitelist efficiently and effectively.

So yes, you should block at the router. It's better to pick which packets you let in than it is to try to deal with them after they're already on the network.

Re: Standard tactics

[sumdumass]

I don't think that has as much impact as you want to think. Let's say a bank was robbed with someone getting seriously injured or killed and your car was used for the getaway. It was likely stolen so should the cops ignore you altogether because investigating you would probably be a dead end? Suppose you know who stole it but don't offer information of this person.

No- what will happen is they will get a warrant and search your house and likely arrest you until they determine you had nothing to do with it.

Re: Standard tactics

[KGIII]

You know... It's not about probability of guilt or innocence but the probability of finding evidence, right?

Re:Standard tactics

[KGIII]

Again, that's probability concerning there being evidence. Do not confuse a search warrant with an arrest warrant. Is there probable cause to believe that they'll be able to collect evidence that helps them determine guilt or innocence, find the guilty party, etc... An arrest warrant and a search warrant are entirely separate things. Was there a probability that they'd discover evidence there? The answer is yes. In fact, they did discover evidence. They discovered it was someone using TOR. I know it sounds odd but that is, indeed, evidence. In fact, it's evidence that shows that the people are less likely to be able to be proven guilty and thus subjected to an arrest warrant.

Re:Standard tactics

[partofthepuzzle]

> Does the fact they run TOR mean that the cops cannot investigate?

That is backwards. There is NOTHING illegal about running a TOR exit node. So, NO they cannot investigate based on that alone. They needed specific evidence or probable cause that there was a crime being committed or likely to be committed by these individuals and that the evidence was on the premises for which they requested the search warrant. Simply running a TOR exit node doesn't fir the bill. The couple could sue and would very likely win.

Re: Standard tactics

[KGIII]

Those training sets and the process can't help but impact the people who do it. I'm not really qualified to say *how* it will impact them so I won't speculate but I am reasonably sure that it will have an impact. I'm willing to speculate that it probably doesn't take much exposure before it starts having an impact. I've pondered this in the past and I've wondered if it might be acceptable to have those who are predisposed to such actually do the work. Obviously, certain protective measures would need to be taken to prevent data leakage. I'm pretty sure I don't want to know what they're doing during their work breaks. However, they might actually be the most suited to do that work or make those value calls - if done properly. I'm not so sure, and again not qualified to opine, if it wouldn't have a negative impact on them. It'd make an interesting study.

Re: Standard tactics

[lgw]

Are you seriously proposing that someone operating a TOR exit node would then go on to do something sketchy without using TOR?

Re:Standard tactics

[Rakarra]

Well the point was could the exit node filter based on content, the real answer is no, anybody using TOR is very likely to be using end to end encryption. In the particular case 4chan.org did in fact report the possible illegal upload, 4chan.org is the nexus of oppositional-defiant youth and mostly Not Workplace Safe anyway.

And 4chan has certainly been around the block enough and lived long enough to know that when someone posts child porn on their boards and the investigators give them a call, they cooperate.

Re:Standard tactics

[sumdumass]

I can tell right away that you don't have any grasp on reality here. You cannot even copy a moniker properly and you think that what happened was the end of the world or something.

Yes that was minimal inconvenience. They could have been arrested and charged. They could have had their equipment confiscated and reviewed for evidence in some proceedings that would take long enough for it to become obsolete.

Re:Standard tactics

[sumdumass]

Someone posted kiddie porn from their ip address. They had evidence of this and probable cause. The TOR node is ancillary because nothing precludes them from being part of the kiddie porn postings.

Re: Standard tactics

[david_thornley]

If my car were stolen and used in a crime, I'd expect the police to ask me questions. I wouldn't expect the police to get a search warrant for my place, and I'd expect arrest even less. There's a certain difference between asking me questions and tossing my place before hauling me off to jail.

Re: Standard tactics

[david_thornley]

A TOR node is effectively a facility open to the public that can be used for both laudable and despicable uses. I'm not aware that it's illegal to run such a facility if someone thinks the uses are likely to be partly illegal.

Re: Standard tactics

[sumdumass]

I think it is plausible and reasonable that someone can screw up in hiding their tracks so yes. It is how a lot of criminals get caught - making mistakes that lead back to themselves.

Do you think someone running a TOR node is infallible?

Re: Standard tactics

[sumdumass]

You will end up surprised then. Unless you are rich or out of town when it happened, you can most assuredly expect to be searched and at minimum detained which is about the same as arrested.

Re: Standard tactics

[sumdumass]

Do you seriously think every criminal makes no mistakes and never gets caught? Here is a news flash. Most criminals get caught because they screwed something up that ended up identifying themselves.

Re: Standard tactics

[lgw]

Possible, possible, possible, but not probable, which is the question.

Re: Standard tactics

[sumdumass]

Probable is the cause. You do not know what you are talking about.

Re: Standard tactics

[lgw]

No, you must have cause to believe that the specific person probably committed a specific crime for a constitutional search. Everyone might have done every crime, and "possible cause" is no bar at all to clear.

Re: Standard tactics

[sumdumass]

No you do not. Search warrants for places are issued all the time with absolutely no evidence or suspicion that the people at the location are even connected to any crimes. The person or place to be searched needs to be identified but the threshold is reasonable not probable. If it is not reasonable to search the ip address due to some TOR node it wouldn't be reasonable to search the isp for information identifying the ip address.

Re: Standard tactics

[lgw]

I did mention the constitution there, which everyone is so in the habit of ignoring. But even with a "reasonable" bar, this still wasn't a reasonable search: if the traffic could be tied to a TOR exit node, it's fanciful to imagine some non-TOR cause for the traffic.

Re: Standard tactics

[sumdumass]

It was entirely reasonable because the traffic could be tied to a device within the residence.

But lets assume you are correct. Can i then install a TOR exit node and proceed with a life of cyber crime because it would not be reasonable to search my computers when all the credit cards i exploited digitally points back to me? This is the standard you are pushing for because it would be unreasonable in your scenario to think i was behind the crimes.

More Information

[Frosty+Piss]

More about it here...

Re:More Information

[budgenator]

I got warm fussy feelings reading the cop's affidavit for the search warrant; there actually is someone who's spelling and grammar is worse than mine! If I were a Judge, I'd be tempted to hold him in contempt just for presenting such rubbish to me. If you can't even invest the time and effort to get the boilerplate correct, why should anything else be considered?

Re:Tor exit node

[Frosty+Piss]

Sorry, did you have a traumatic brain injury? I really cant understand your writing...

Re:Tor exit node

[110010001000]

He is a hacker. Goes by the name "Zero Cool"

Re:I wonder what they installed

[Frosty+Piss]

Presuming they don't have the remote access, maybe they use the opportunity to install some spy/otherware on all these nodes they are 'checking'...

Good point. Seattle Privacy Coalition took their servers off-line and replaced them from the hardware up. The Tor node is still down.

Yeah, so?

So the police trace an IP address located in their jurisdiction downloading kiddie porn. They're not suppose to investigate? The couple running the exit node weren't aware that their equipment could be used to facilitate criminal actions? Free speech is important. Activism is important. Thwarting government surveillance is important. But thinking you're going to be free from the consequences of doing any the above things is delusional.

Re:Yeah, so?

[Frosty+Piss]

They're not suppose to investigate? The couple running the exit node weren't aware that their equipment could be used to facilitate criminal actions?

Let me paraphrase your comment: THINK OF THE CHILDREN! AND TERRORISTS! WHAT ABOUT THE TERRORISTS!

Re:Yeah, so?

[U2xhc2hkb3QgU3Vja3M]

THINK OF THE CHILDREN!

Is that not what people downloading kiddie porn are doing?

Re:Yeah, so?

[Frosty+Piss]

Why, who would have known that the person known pseudonymously on slashdot.org as "Frosty Piss" (id 770223 ) is PRO CHILD PORN AND A TERRORIST SUPPORTER. I mean, that is really surprising that "Frosty Piss" (id 770223 ) LIKES CHILD PORN AND A ROOTS FOR TERRORISTS.

Wow. Just wow.

Re:Yeah, so?

[Sarten-X]

This is a standard (for Slashdot) hit piece against a legitimate police action. Consider a few key details from TFS:

The Seattle Police Department acknowledged that no child porn was found, no assets were seized, and no arrests were made.

In other words, an officer had a reasonable suspicion that something illegal happened that required a search, and convinced a judge of such, which is the entirety of Fourth Amendment protection. The police don't have to convince the public that a search is reasonable. They only have to convince a judge. The judge (and his views on privacy and other issues) is elected in a general election.

In this case, the search ensued, and it's determined that there's no justification for further action (at this time). That's the entirety of the legal process so far. The server operators then chose to buy new hardware and build a new server, but that's their own paranoia, and the police aren't responsible for that.

"You knew about the Tor node, but didn't mention it in warrant application. Y'all pulled a fast one on the judge... you knew the uploader could have been literally anyone in the world."

According to the second (heavily biased) TFA, the detectives learned about the exit node between requesting the warrant and executing the search. Even if known, it doesn't necessarily have to be mentioned in the search warrant. It could be exculpatory, but just as there's no evidence the server operators were responsible for the crime, there's no evidence they weren't.. Are we now assuming that people running Tor exit nodes are now above suspicion? Are they the next group to be unaccountable to the law?

Despite the outrage by the privacy community, and the anti-police bias in TFAs, it looks like everything here happened exactly as it's supposed to, given the current state of the law.

Re:Yeah, so?

[rmdingler]

FTA: They didn't find anything. Bultmann and Robinson, both board members of the Seattle Privacy Coalition, were released after being detained in a van, but they were left shaken and upset.

This is the electronic surveillance equivalent of being dragged off in cuffs at a sit-in.

If the aforementioned Bultmann and Robinson are unable to convert this high profile police action into activist capital, I'll have composite metal foam pancakes for breakfast.

Re:Yeah, so?

[tipo159]

In other words, an officer had a reasonable suspicion that something illegal happened that required a search, and convinced a judge of such, which is the entirety of Fourth Amendment protection. The police don't have to convince the public that a search is reasonable. They only have to convince a judge. The judge (and his views on privacy and other issues) is elected in a general election.

And it it is perfectly reasonable for six detectives to act on a warrant and conduct a search at 6:15am. That isn't harassment at all.

Re:Yeah, so?

[Frosty+Piss]

And it it is perfectly reasonable for six detectives to act on a warrant and conduct a search at 6:15am. That isn't harassment at all.

For the most part, no. Conducting a raid when your target is not expecting it is the way it's done. This issue here is that the raid itself was pure harassment for running a Tor node, not because the very well educated detectives actually thought they would find porn.

Re:Yeah, so?

[JoeMerchant]

And it it is perfectly reasonable for six detectives to act on a warrant and conduct a search at 6:15am. That isn't harassment at all.

For the most part, no. Conducting a raid when your target is not expecting it is the way it's done. This issue here is that the raid itself was pure harassment for running a Tor node, not because the very well educated detectives actually thought they would find porn.

Why don't you prove it?

Lucius Malfoy

Re: Yeah, so?

[skywire]

Don't feed the troll.

Re:Yeah, so?

According to the second (heavily biased) TFA, the detectives learned about the exit node between requesting the warrant and executing the search.

The list of TOR exit nodes is public information. The TOR project publishes it. The police were "investigating" an upload of child pornography, and the IP address was all they had. If they didn't know it was a TOR exit node, then they didn't do their job. Knowing that something was uploaded from an IP address which was assigned to a subscriber when that IP address is also a known TOR exit node does not give you reasonable suspicion that the subscriber was the uploader. The job of the judge is to evaluate if there is reasonable suspicion based on the facts of the investigation. Improper investigation which hides important facts from the judge is lying through omission and not acceptable. It is absolutely not happening "exactly as it's supposed to". A warrant obtained that way isn't carte blanche, like a permit that you obtained through bribery isn't carte blanche.

Re:Yeah, so?

[gweihir]

Law enforcement in this area has zero excuses these days to not know what a TOR exit node is. Seriously. Intent to ignore facts is required on their side and then lying by omission to a judge, because the judge may know...

Re: Yeah, so?

No, you should not be immune from search warrants, but an IP address is hardly enough evidence to justify a search warrant in the general case. It certainly isn't enough evidence in the case of a TOR exit node.

Re:Yeah, so?

[Rakarra]

They're not suppose to investigate? The couple running the exit node weren't aware that their equipment could be used to facilitate criminal actions?

Let me paraphrase your comment: THINK OF THE CHILDREN! AND TERRORISTS! WHAT ABOUT THE TERRORISTS!

You know, shouting THINK OF THE CHILDREN doesn't mean that one shouldn't actually investigate crimes involving real children. The story isn't about TOR being banned because it COULD be used for child porn. It's not about how the police bashed open the front door, threw in a flash grenade, killed a few pets, and hauled away the computers.

It seems like everything went down just about the way it should have.

Re:Tor exit node

[NotInHere]

Imagine if nobody ran it from their house, and everybody used a hosting provider. Then all it would need to take over the TOR network would be to subpoena the five most popular hosting providers that control 90% of the market share (I suppose there is such a market share distribution here...).

Meh

In the police's defense it would be pretty trivial to run a tor exit node, do evil stuff on the internet, then blame tor for any of the evils. And since they 'acknowledged that no child porn was found, no assets were seized, and no arrests were made' this doesn't seem like it was much a of problem in the end expect the cops wasting a bit of their time on a dead end. If you don't want to deal with issues associated with a hosting a service... don't host a service.

Not the first time in seattle for Police Spying

[Frosty+Piss]

This is not the first time the Seattle Police have made forays into spying on the citizenry.

Re:Tor exit node

[Gravis+Zero]

He is a hacker. Goes by the name "Zero Cool"

A hacker wouldn't have chosen that name because "Zero Cool" is equivalent to "Not Cool".

Re:Tor exit node

[U2xhc2hkb3QgU3Vja3M]

https://en.wikipedia.org/wiki/...

Re: Tor exit node

Google "zero cool", come back when your done

Re:Tor exit node

[wirefarm]

Maybe his real name is "Kelvin"?

Surprised

[duke_cheetah2003]

I'm rather shocked and surprised equipment wasn't seized. Isn't that pretty much standard operating procedure when it comes to computer crime? Seize the equipment and examine it elsewhere. Something isn't right here. Are police sophisticated enough to do in-home examination of computer equipment to see if it contains 'contraband' data?

Something doesn't add up here, if you asked me. There is no way a 'higher up' would trust goons in the field to make an exhaustive search of the equipment for 'contraband' data. Not saying I'm upset the equipment wasn't seized, I'm happy for the people (though I'd never run anything like that out of my home, that's what cloud services are for!), just SHOCKED the stuff wasn't taken back to a lab for forensic examinations.

Re:Surprised

[Frosty+Piss]

I'm rather shocked and surprised equipment wasn't seized. Isn't that pretty much standard operating procedure when it comes to computer crime? Seize the equipment and examine it elsewhere. Something isn't right here. Are police sophisticated enough to do in-home examination of computer equipment to see if it contains 'contraband' data? Something doesn't add up here, if you asked me.

Exactly. This is why the privacy guys shit-canned the servers and brought in new equipment.

Re:Surprised

[currently_awake]

An external hard drive and a boot USB and you can copy everything for examination later. That's a rather powerful exemption from copyright laws, letting the police make trillions of dollars (RIAA accounting) in copies, with no oversight at all. I would think those copies would count as expropriation of assets if they keep them.

Re:Surprised

Let's just hope that new equipment was not intercepted NSA style.

Hard to guard against something like that.

Re:Surprised

[budgenator]

Obviously the Cop's knew the allegations were bogus, but if they didn't go through the motions to make it look good, they'd either get some federal grants yanked or get smeared for not "protecting children". If they thought there was really any child porn there, it would have been a full-on SWAT roll-out between 3 and 4 AM and every thing with an electrical plug would have undergone forensic analysis, and held from years to forever as evidence.

Re:Surprised

[david_thornley]

AIUI, the authorities maintain a list of checksums or similar of child pornography images, and the typical search method is to checksum or hash every file on the system and compare it with the list. It's hardly definitive, but it's quick and easy to do in the field.

I hate to be the one...

[JThundley]

I hate to be the one defending the cops, but it really sounds like they did things the right way here. They raided a little early, but not in the middle of the night. They knocked on the door instead of ramming it down, they didn't throw flashbangs, they didn't shoot any dogs or anything else for that matter. The cops didn't steal a bunch of unrelated stuff and there were no bullshit charges leveled against the couple.

The real test will be seeing what they do next. If they learned from this raid and generally leave them alone, I have no complaints. If they do this every other week when someone else uses their Tor node for child porn, then and only then is it harassment.

Re:I hate to be the one...

The problem is how do you tell the difference between tor traffic and the couple personally browsing. So it seems like a clever cover if you are participating in illegal activities to run a tor node, get on a legal white list and act with impunity.

Re:I hate to be the one...

[phantomfive]

I hate to be the one defending the cops, but it really sounds like they did things the right way here. They raided a little early, but not in the middle of the night. They knocked on the door instead of ramming it down, they didn't throw flashbangs, they didn't shoot any dogs or anything else for that matter. The cops didn't steal a bunch of unrelated stuff and there were no bullshit charges leveled against the couple.

That's a really low standard for "did the right thing."

Re:I hate to be the one...

[flopsquad]

common logic = troll

slashdot = stagnated

Burma-Shave?

Re:I hate to be the one...

[PopeRatzo]

That's a really low standard for "did the right thing."

"Good for the police for not shooting any one."

We really have lowered the bar, haven't we.

Re:I hate to be the one...

[PopeRatzo]

Good for the police trying to find an active pedo. They had no way of knowing it was a TOR exit node.

Did you read the article? They knew it was a TOR exit mode when they applied for the warrant.

Re:I hate to be the one...

[ArsenneLupin]

they didn't shoot any dogs

. Maybe because there weren't any?

Could be, they just don't understand how TOR works

[wirefarm]

I read the warrant affidavit (https://www.seattleprivacy.org/wp-content/uploads/2016/04/154-AFFIDAVITCONDOINTERENTWAVEG401PARKPLACECEN.pdf) and they were not just "searching for child porn" but searching for the uploader of a specific file to a specific post on 4chan.
This specificity makes me think that they sincerely thought they could find the uploader of the child porn clip in question, but didn't understand how TOR works, or how exit nodes work, at least.

If you run an exit node, there's the chance that some pedo is going to use it and their actions are going to be stamped with your IP address.

Given the level of technical knowledge required to understand the technologies involved, I can't even chalk this up to incompetence on the part of the law enforcement officers.

Tor exit nodes could use white lists.

[dsmatthews9379]

Is the problem with Tor that the exit node can be used to interact with any web site and that is the problem, the "any" part? Because there could be a Tor like network that only allowed for connection to a very large list of white-listed sites. Given the nodes are all over the world no single government could control the white-list contents therefore genuine users can be provided with a secure channel for legitimate activities without compromising their privacy while drastically limiting the amount of abuse possible using the network. Good and Bad are abstraction that only gain meaning from a consensus, so why not use one to protect the integrity of Tor?

Re:Tor exit nodes could use white lists.

[frovingslosh]

I'm sure that you have a list of the known CP sites, but not everyone does. In a sick world where it is illegal to post lists of torrent sites even when you don't host any of the torrent content yourself, wouldn't it be at least as illegal to distribute such a list of CP sites?

Re: Tor exit nodes could use white lists.

[johnsmithperson123]

Actually they should be publicly posted in my opinion. The number of people willing to donate a few Kbits of DDoS power is astounding- and since it's over Tor you can't really stop it from coming.

Re:Tor exit nodes could use white lists.

No, it's not illegal, and in fact such lists of IP ranges are commonly distributed with various iptables or other block lists that one can install to block the address ranges. You can apt-get install such blocking lists on Linux, even. The purpose is to block those IP ranges if you are running various types of servers.

Again, not a perfect answer, but better than nothing.

next step, people using sealed envelopes

[frovingslosh]

God damn privacy advocates. They are probably a bunch of paranoids who think the government is after them too. This should teach them a lesson.

Re:Could be, they just don't understand how TOR wo

[fustakrakich]

It doesn't matter how Tor works. As long as the exit nodes stand out like little flashing lighthouses, it will attract unwanted attention.

Re:Real reason

[fluffernutter]

In other words, if you run a TOR relay, fill all USB ports with glue. Even better, destroy all USB pins on the motherboard.

Omission is lying

[BrookHarty]

They knew it was a tor node and knew the warrant was used for harassment only.

Seems like an easy 4th amendment lawsuit. Pre-filled form warrant, Knew it was a tor node, Expert lied to filled out the warrant.

But I guess society lets them do it, over and over and over.

Re: Omission is lying

[Narcocide]

It doesn't, but its irrelevant to the issue. Obtaining the warrant in the first place would have required that they establish probable cause.

Re: Omission is lying

There seems to be a lot of comments like this with that kind of retarded reasoning. The simple fact is that a warrant should never be issued (or exercised) without sufficient evidence to justify it. The simple matter that an IP address is known to be a TOR exit node means that the IP address is no longer sufficient to pinpoint a 'suspect' and therefore insufficient to execute a meaningful search of the server it points to.

Re:Omission is lying

[thegarbz]

They knew it was a tor node and knew the warrant was used for harassment only.

Seems like an easy 4th amendment lawsuit. Pre-filled form warrant, Knew it was a tor node, Expert lied to filled out the warrant.

But I guess society lets them do it, over and over and over.

We knew about Hitler, so why didn't we kill him at birth?

There's this thing called a "timeline" that needs to be put together with all the "evidence". TFA does not state that they knew about the TOR node before executing the search, that's just one random tweet by one person not involved in the process in any way. TFA also has some other wonderfully biased tidbits like quotes about a bunch of people being served a legitimate warrant signed by a judge somehow having their 4th rights violate. Cry me a fucking river.

Don't believe everything you read on the internet.

p.s. the chemtrails are coming to get you.

Re:Omission is lying

[houghi]

Their defense will be a little bit different. They will have to change the words 'shot a running person in th back' to something else.

Similar to last month's "Free Talk Live" search?

[Nonesuch]

This sounds similar to the search of Free Talk Live in Keene, NH about 2 weeks ago. Early on a Sunday morning, the FBI served a warrant , under which FBI agents walked off with anything with a USB or SATA interface.

Take that, you, you Americans!

[BrendaEM]

That will teach you believing in the U.S. Constitution or the Bill of Rights, or anything our founding fathers fought and died for.

Re:Tor exit node

[FatdogHaiku]

Maybe his real name is "Kelvin"?

Didn't he used to have a stuffed tiger with whom he shared many adventures?

Knock, Knock.. Who's there?

[thexfile]

Welcome to the American Police State.

Re:Could be, they just don't understand how TOR wo

[Nethead]

A local report I heard on the radio (KIRO or KPLU, can't find it now) says that one of the cops was enough of a geek to know what TOR was and that is why the issue was cleared up so quickly. I mean how were they going to find out it was an exit node anyway? They got an IP and an location, got a warrant and then went to talk to the guy. Should they have tapped his connection first to find out it was an exit node? How would you tell just from the exit traffic anyway? I suspect they weren't thinking TOR but an unsecured WiFi or a pedo, if the latter then that's why they had the warrant. If an unsecured WiFi then the geek cop could figure that out quickly enough but it would also mean that they were close to the pedo's location and then may have setup their own honeypot WiFi.

Cops don't like TOR because it give false hits like this and take up a lot of time and money.

Re:Real reason

[ArchieBunker]

I would run it from a non x86/64 architecture. Good luck with their USB on PA-RISC or SPARC.

Re: Tor exit node

[penix1]

with a 28.8 modem from a payphone

They were using acoustic couplers taped to the phones in the movie. 28.8 baud modems were too new for that. I know, I had a 300 baud acoustic modem way back when...

From:

https://en.wikipedia.org/wiki/...

The practical upper limit for acoustic-coupled modems was 1200-baud, first made available in 1973 by Vadic and 1977 by AT&T. It became widespread in 1985 with advent of the Hayes Smartmodem 1200A. Such devices facilitated the creation of dial-up bulletin board systems, a forerunner of modern internet chat rooms, message boards, and e-mail.

Fair

[fluffernutter]

So say I leave my wifi public and open to the entire neighborhood. Why would I be surprised if the police gave me a visit to investigate something that was downloaded to my house?

Re:Fair

[rmdingler]

If you have relatives of few resources, children and brother-in-laws for example, chances are pretty good your wifi has already been turned into a public one.

If they need something incriminating to justify kicking the door in, prior to administering some department-approved strikes, I suspect they have it.

Re:Fair

[fluffernutter]

But those are people who have a certain level of trust in one another. This is not just inviting public use, but any kind of hiding. Some of it will be bad.

Re:Could be, they just don't understand how TOR wo

[bigfinger76]

Ohh, so that's why cops don't like TOR. Gotcha!

No Feds+Locals

No it was a coordinated thing between Feds and Locals and so they totally knew what a Tor exit node is. The article makes the point that this is not a one-off thing, they've been doing it systematically.

The compromised exit node hardware is likely the point. Once that hardware has been seized and returned, its compromised and is likely running a bit of NSA extra code.

Dude...

The founding fathers fucked over the revolutionary soldier within the first 10 years of the country's founding. Their first tax was a liquor tax that cost the moonshiners more than the 'big city folk', and thanks to the merchants extravagant loans to 'win the war', they decided to call in all those debts against the subsistence farmers who had served during the war. Look up the Whiskey Rebellion and Shay's Rebellion and ask yourself if the people who died, or the people who fought actually got justice thanks to the actions of the 'Founding Fathers', or if it was just one oligarchy replacing another.

Re:Could be, they just don't understand how TOR wo

[Nethead]

Yep. Cases they are working go cold. Now in a less free society the things cops may be looking for are what we call human rights, why TOR was invented. But the downside is that when cops are working valid cases trying to protect kids human rights of not getting fiddled with, it hampers the investigation. The cops spent a lot of time on the case and because it turned out to be TOR, they are unhappy. But in the US and the rest of the free world, that is the price we pay for trying to protect those that don't have our rights.

Re:Depends on the spin

[Tokolosh]

You, and many others, are not getting it. The police had suspicion (we give them the benefit of the doubt that they were not simply trying to harass). The police must then present their suspicion, together with all relevant information, to the judge. It is the judge's job to decide whether the suspicion is reasonable. If so, then to issue a warrant. But if the judge is deliberately not told everything about the case, he does not have complete information to make the determination. The judge is the one who gets to decide what is relevant, and on that basis, what is reasonable. The police do not have that discretion - they must provide everything, even if it is exculpatory.

Re:Wait a minute...

[Tokolosh]

One thing we do know for sure - nobody is going to get in any trouble whatsoever over this, except the luckless couple.

What did they plant?

[JustAnotherOldGuy]

And what malware or monitoring software did they plant on the computer while they were "searching for child porn"? Hmmmm?

Re:Could be, they just don't understand how TOR wo

[bigfinger76]

I'm sooo grateful to live in a free society, where the authorities are only interested in protecting us. All of us, equally.

Re:Depends on the spin

[mi]

It is the judge's job to decide whether the suspicion is reasonable. If so, then to issue a warrant.

Which is exactly, what happened:

a team of six detectives from the Seattle Police Department who had a search warrant [emphasis mine -mi] to examine their equipment

must provide everything, even if it is exculpatory

Are you claiming, police deliberately withheld the "it could also be a tor-node" information from the judge? First of all, there is no way to even determine that the traffic is coming through Tor with any certainty. And second, even may be coming through Tor — and the judge knows, what it is — how is that "exculpatory"? Do distributors of child pornography become immune to prosecution by simply hosting a tor node on one of their computers?

Re:Depends on the spin

[BronsCon]

Do distributors of child pornography become immune to prosecution by simply hosting a tor node on one of their computers?

No, but defense attorneys raise issues like these sorts of details being left out of warrant paperwork and judges typically don't like being left in the dark and manipulated. Even if the judge's decision would have been the same either way, they tend to get pissed and find in favor of the defense when they feel LE and prosecution are manipulating them, and rightly so; how else are they trying to manipulate? And that's how criminals go free.

Re:Could be, they just don't understand how TOR wo

[bigfinger76]

Part of 'making the US better' involves not buying into the cop-drama bullshit you seem to believe. Read the news sometime.

Planted evidence

[Sibko]

Supposing the police were to plant evidence;
What could you even do to prove in court that the police planted evidence on your computer after it left your custody and entered theirs?

Full encryption and locking them out might work until you're forced to disclose passwords by a judge, granting them access.
Perhaps running your own "snapshot" system via backups similar to a git repository?
Maybe some sort of hardware/software checksum?

It just seems like a really simple and easy way for pretty much anyone (not just police) to incriminate you without much/any effort on their own part.

Re:Planted evidence

[david_thornley]

There's a lot of rules on how hard drives and the like can be handled. Obviously, this won't protect you against a sufficiently corrupt system, but a sufficiently corrupt system isn't going to be stopped by lawyers in any case.

I'd be more worried about someone depositing child pornography on my storage without benefit of forensic techniques.

Typical fascist Republicans!!!

[Vinegar+Joe]

Oh wait. The Democratic Party has run Seattle since 1969. Forget this post.

https://en.wikipedia.org/wiki/...

No evidence

[Etherwalk]

There is no evidence of a lack of probable cause though. The problem is that there was still an illegal post made from that ip address which was assigned to a physical address and specific people. You still have probable cause to look for evidence that it was made from a computer at the physical address or through the TOR node. Nothing about the node changes that other than possibly clearing the person when the evidence doesn't exist.

The Node highly changes the likelihood that there is evidence of the crime there. Tor exit nodes are designed not to know anything about the sender. This was about posts made from that node. While it is hypothetically possible for a research institution or government agency to modify an exit node, add sniffers, etc..., there is no reason to expect a civilian running an exit node to be doing that. While it is also possible for someone who owns a machine at that address to be the guilty party, the fact that an exit node is present makes it much, much, much less likely. It has a direct impact on the totality-of-the-circumstances analysis someone should use in determining whether PC exists.

Re: No evidence

[chaboud]

Odd that they would feel compelled to leave it out, then...

The fact that you two can even have this argument is reason enough to *let the judge decide*... Which, of course, is only possible if he has the evidence.

Re:No evidence

[Calydor]

So if evidence points to the public wifi at the local McDonalds, does the police go do a raid there as well?

Re:No evidence

[sumdumass]

If by raid you mean get a warrant and go on site looking for evidence of a crime without confiscating computers or equipment when it becomes apparent that another user other than the user the ip was assigned to - yes they should. Nothing about a public hotspot or a TOR exit node precludes a local and identifiable user from being the culprit.

Re: No evidence

[sumdumass]

My understanding is that the officer getting the warrant wasn't aware of the TOR node or it's capabilities until after applying for the warrant. I don't think compelled had anything to do with it. Most likely incompetence or ignorance was the driver behind not listing it.

And no, that still doesn't change anything fundamental about the legitimacy of the warrant. The IP address was still used privately by the residents.

Re: No evidence

Bullshit. It changes everything and you know it. If the officer applying for the warrant was unaware that publicly proclaimed privacy advocates are running an exit node (totally detectable because the list of nodes is public) then that officer is incompetent. It is more likely that the police chose to omit material facts from the warrant application, which is beyond wrong.

This isn't about that particular kind of content, it's about harassing anti surveillance people.

Re:No evidence

[Holi]

Well considering all raids have warrants, and the raid happens regardless of whether they find evidence of a crime, then yes raid is the correct term.

Re:No evidence

[slinches]

These days... Yeah, they probably do.

Re:No evidence

[KGIII]

Actually, yes. Yes they will and do. They'll go grab the APs and search them for logs. Additionally, they'll include security footage in their search to see if they can identify *anyone* who was using a computer in the area at the time of the offense.

You don't think that they just say, "Well, the access could have been by any member of the public. Guess we gotta stop." Do you?

Re:No evidence

[KGIII]

Right or wrong, the answer is that if you're equipment was used in the commission of a crime, they're going to want to look at it. It's actually a rather basic concept and no different just because it is "on a computer."

Re:No evidence

[sumdumass]

So that is why the ISP gave up the user's name and address?

Re:No evidence

[sumdumass]

Sigh.. you need to cite that. I could agree if the ip address was exclusively used for the TOR node but it wasn't and your supposition falls apart when there are real and traceable people using the ip address. All the node does is create plausible deniability which is more of a defense than pertinent information seeing how it is known real people outside of the TOR node regularly access internet from there.

Re: No evidence

[sumdumass]

Lol.. It changes nothing.

And yes, I already suggested incompetence or ignorance was at play.

And this is about a specific type of content else there is no reason for the actions you claim are harassment to take place. Just because you are paranoid and can dream it, It doesn't mean it is real.

Re:No evidence

[sumdumass]

I need a cite for this 99.995% number you invented.

Also, It doesn't fundamentally change anything. It is very little different from getting the warrant to get the logs and ip information from the website the illegal material was posted to or even the isp which led to the address in question. Do you expect them to do this without a warrant?

Re:No evidence

[david_thornley]

Warrants are based on probable cause. If I'm just running my own little system, it's likely that all the IP traffic is caused by me or someone on my system. If I'm running a Tor node, it's much less likely that any illegal traffic is due to me. In the first case, illegal traffic is probably mine, and in the second case the probability that it's mine is a lot less. Whatever the probability is required for "probable cause" (which is qualitative, not quantitative), it takes more evidence in the case of a Tor exit node.

Re:No evidence

[Sir+Holo]

So if evidence points to the public wifi at the local McDonalds, does the police go do a raid there as well?

No. But if it is at a Dunkin Donuts, then yes, they will raid it. . . just after they finish their FREE serving of coffee and donuts.

Minimal Inconvenience

[Etherwalk]

No, this was handled properly. Suspected illegal activity was investigated and they were quickly found to not be part of it with minimal inconvenience. I'm not sure why this is even a story. Guess what, if you are around a store that gets robbed or some other crimes the cops will investigate also.

Also, "Minimal Inconvenience" compared to what? The guy had six cops show up at his home at 6:15, barge in, intimidate him, watch as he got dressed, etc...

Yes, it's a minimal inconvenience compared to them arresting him or sending him to federal prison. And it's GREAT that somebody on-scene had the good sense to say they don't even have to seize any assets. But it's still a MASSIVE intrusion into his life, one that the Constitution exists to protect him from.

Most cops are trying to go a good job, so when an officer and a judge sign off on this kind of intrusion without better cause, it makes them all look bad, because it means they wind up hurting the community, hurting the trust between the community and the police, and wasting resources that could be spent going after actual criminals.

Re:Minimal Inconvenience

[sumdumass]

They don't need better cause just probable cause. They had plenty of probable cause as the totality of the evidence to that point correctly shows the post in question came from that address. They followed the trail from the message board to the provider to the people who provisioned it. The presence of tor changes nothing until after they check the person who provisioned the ip.

Re:Minimal Inconvenience

[budgenator]

Everybody is quick to criticise the Police and the Judge but :

SPD says it "served a warrant at the home while investigating information received from the National Center for Missing and Exploiting Children" involving the possible distribution of child pornography.

once again we see a NGO Advocacy group involved; you would think that a specialized group would be more astute about doing through due diligence before filing a complaint. In the future when SPD de-prioritises their complaints and tips, whos fault will it be?

Re:Tor exit node

[Gravis+Zero]

there were no hackers in that movie, only actors. it's a little something we call "fiction".

Re:Depends on the spin

[rossz]

we give them the benefit of the doubt that they were not simply trying to harass.

There's your mistake. You are giving the police the benefit of the doubt. Never do that. Cops lie. Cops are trained to lie. Cops are encouraged to lie. When judges catch them lying, they sometimes scold them, but it's rare that anything serious happens. The next time, the cops will just go to a different judge. One who is more flexible in his thinking when it comes to rights.

Re: Tor is for Child Pornography

[chaboud]

No. That's a false dichotomy.

The alternative in this case is that the police appropriately inform the judge of all of the relevant (even exculpatory) evidence that they have gathered. If they're aware of a Tor node, the judge should be, too. How hard would it be to mention?

Think of it this way:

Who is more a probable uploader of kiddie porn?

1) The IP detected uploading it, with no Tor node running.
2) The IP detected uploading it, a known Tor exit node.

So we know that case 2 is less probable as a suspect, though there may still be probable cause. Whether or not there is probable cause is for a *judge* to decide. Keep them in the dark at your own peril. There are 6 more detectives who will need to shop for a new judge next time.

Penalties?

Shouldn't the penalties for misleading a judge into granting a search-warrant, and then executing that warrant, be, as a minimum, the same as an illegal search, i.e., without a warrant, in violation of the Fourth Amendment, and possibly other applicable laws, if (of course,) that is indeed what happened?

Will the people responsible for this egregious violation of the law be held responsible? I'm betting they won't. Raiding TOR node-hosts makes as much sense as raiding package-stores because someone suspects an underage person somehow got hold of some hooch. It isn't right, it isn't fair, it isn't what a government does when it is truly governing with the consent of the governed... RIP, freedom.

Re:Tor exit node

[gweihir]

You must be a hacker as well, because you seem to be humor-impaired.

Pissed off judge or sympathetic judge?

[swb]

(1) pissed off a judge who finds out about it,
I don't know about the state level courts in Washington, but close to half of Federal judges are former prosecutors.

I'm not sure how "pissed off" these judges would be if their origin is anything like Federal court. More likely, as former prosecutors, they are sympathetic to the police and are willing to accept whatever reasoning the police have for probable cause.

Plus the warrant was handled with kid gloves by police standards -- no flashbangs, nothing taken arbitrarily, no pets shot, etc.

Re:Good

> Stop pretending you're fighting for freedom of speech when you're only aiding and abetting criminals.

I use TOR all the time, because I live in a country where all 'metadata' of my/our browsing has to be retained by the ISP for months. And, as far as I know, I do not engage in any criminal activity whatsoever. So I will use my freedom of speech to say, Go And Fuck Yourself! Over TOR, of course! ;-)

I don't know.

[lancejjj]

I don't trust the police. But I don't trust anyone else either.

If Bultmann or Robinson have any suspected history in terms of dealing with child porn, it seems quite possible that the police are targeting them based on the totality of evidence and not exclusively the idea of "TOR".

Re:Could be, they just don't understand how TOR wo

[AmiMoJo]

Were they actually trying to protect a child being abused here? The link above to affidavit is broken, and it's an important distinction because if they were trying to save a child being actively abused by the poster that carries a lot more weight than trying to hunt down a troll re-posting illegal stuff they downloaded elsewhere to 4chan for the lulz.

Re:Real reason

[0100010001010011]

How about an OS that doesn't care what you plug in but doesn't do anything with it?

I'd be interested in what the USB would show up as and do in my FreeBSD machines.

Re:Depends on the spin

[mi]

how else are they trying to manipulate? And that's how criminals go free

That's a very good argument. What remains to show is that in this case the warrant-issuing judge was indeed "left in the dark". The write-up does not even allege that. Nor does TFA.

Heck, TFA implicitly admits, this was not the case — when it laments the judge's possible ignorance of Tor-technology:

It's worth noting that judges sometimes don't understand the technology behind the warrants they are asked to approve by police.

Police have done their work most professionally and there is no cause for outrage whatsoever.

Worse! The unfounded outrage dripping off this page's "insightful" comments cheapens and devalues the justified outrage in other cases.

Unless you are prepared to state, that something even stronger than the 4th Amendment protects our homes, I can't see, how you can fault Seattle cops in this case.

Re:Depends on the spin

[BronsCon]

First of all, your UID is too low to have actually read the article; I know you're not new here. Second, it is precisely due to the lack of facts in the case (including details we will never truly know, such as whether or not the cops knew of the Tor node or if the judge knew what a Tor node was at the time) that I did not assign blame to or express outrage at the actions of the cops. It's hard to tell from the text of your post (tone doesn't carry through text) of your post whether you were calling me out for (perceived, not real) unfouned outrage, or simply adding additional details to the conversation, so I'll err on the side of caution and assume it was the latter.

Police have done their work most professionally and there is no cause for outrage whatsoever.

For once; and that's the problem. If, instead of covering each other when they screw up (a form of corruption IMO), they police would police themselves, they wouldn't have the public image of a bunch of corrupt thugs who flaunt the very laws they're supposed to be upholding. Justified in this case, or not, the outrage you see in this page's "insightful" comments is directly fed by that image. It's hard to imagine cops doing the right thing when they know they can get away with breaking the law.

And I get it, cops don't want to out bad cops because that gives the bad cops publicity and there is a fear that doing so will hurt the public image of all police; that's wrong thinking, but I understand it. The reality is that outing bad cops would show the public (A) that there are good cops out there, (B) that it is not and should not be acceptable for cops to break the law or be lazy at their jobs, and (C) that bad cops are removed from the police force, thereby improving the overall quality of the force, along with the public's perception of them. As it stands now, every time it comes out that a bad cop has gotten away with something because other (bad) cops covered for them, it make all cops look bad and pushes public opinion against them, leading to a general assumption that they did not do their jobs properly in cases like this, where we simply don't have the facts. Why? Because it's more likely that they didn't than it is that they did; and that's actually a correct way of thinking when you do not have and can not get (emphasis important) all the facts.

All of that being said, I only have so much outrage in me. While I assume they cops left information out of the warrant paperwork in order to more easily obtain the warrant, because there is so much history of things like that being done and so little history of good cops standing up to put a stop to it, I refuse to waste my preciously limited outrage on the matter until facts come to light that prove my position. And I certainly don't agree with anyone who thinks it's proper to assign fault based on intuition rather than facts; if that becomes acceptable, screw RADAR and LIDAR devices (which you can call into question to get out of a ticket), the cop only has to say he thinks you were speeding and that ticket stands; or, worse, the prosecutor thinks you killed that guy, and there is a lack of evidence (because why look at that point?) pointing to anyone else. Seriously, people; this guy is right (aside from a superfluous comma): I can't see how you can fault Seattle cops in this case. Go ahead and assume they did it, but save the blame and outrage for cases where you have actual facts and not just gut feelings; don't let judgment without facts become the norm or you might find yourself on the wrong side of it someday.

Re:Similar to last month's "Free Talk Live" search

[gustygolf]

Oh, cool. I'll just store all the contraband I have on IDE disks then.

Re:Real reason

[budgenator]

A bootable USB stick with Linux on it can analyse the disk with tripwire, if you can get something past that, your dealing with NSA/CIA level skills at a minimum.

Re:Depends on the spin

[mi]

whether you were calling me out for (perceived, not real) unfouned outrage

You may not have expressed outrage, but the highly moderated post, to which I first replied, did.

And it is this upmodding — coupled with the downmodding of my reply — that proves, how misguided the sentiment of the "silent majority" of Slashdot readers is.

For once; and that's the problem.

So, the cause for outrage this time is that there is no cause for outrage?

Seriously, people; this guy is right

Thanks...

(aside from a superfluous comma)

There must be a comma there in both Ukrainian and Russian, which were my first two languages, and I am too old to change...

Re:Depends on the spin

[BronsCon]

You may not have expressed outrage, but the highly moderated post [slashdot.org], to which I first replied, did.

Indeed, and I was simply making it clear that I did not. I even went on to explain that it was my intent to assume that you were not calling me out.

And it is this upmodding — coupled with the downmodding of my reply — that proves, how misguided the sentiment of the "silent majority" of Slashdot readers is.

Please don't tell me you're just now realizing this. ;)

So, the cause for outrage this time is that there is no cause for outrage?

We don't have all the facts we need to determine whether or not there is cause for outrage. In absence of facts, we must make assumptions; the problem (and I think we can both agree) is that a seeming majority of the population is all too ready to base their outrage on assumptions rather than facts. I explain this in more detail in what follows the snippet you quoted.

There must be a comma there in both Ukrainian and Russian

Understood; it's just fun to point these things out sometimes (and I have a former boss - of 5 years - who used commas like salt and pepper, they went literally everywhere; as long as there as at least one word between them they were fair game, so I might be a bit more sensitive to it than others).

Re:Tor is for Child Pornography

[budgenator]

By that logic, Comcast is in trouble, the police should confiscate their whole network whenever some dirtbag looks at some kiddie porn while connected to them.

Re:Could be, they just don't understand how TOR wo

[budgenator]

affidavit

Re:I wonder what they installed

[BlueStrat]

Presuming they don't have the remote access, maybe they use the opportunity to install some spy/otherware on all these nodes they are 'checking'...

Sue SPD/City of Seattle for hardware replacement costs.

That's one way to dis-incentivize these sorts of harassment/fishing expedition raids by SPD. Make it cost them money.

-1 Troll? I see SPD has mod points!

Strat

What if a bad guy was a TOR node

[MooseTick]

Just because it was a TOR node doesn't automatically mean the people weren't up to no good. If running a TOR node got you a free pass then the first thing all the bad people would do is set up a TOR node and claim they weren't doing whatever they were doing. I don't know the solution, but as people have said, they didn't go in gun a blazing and confiscate all their equipment. That's what I think of when I hear there was a raid. This sounds more like they knocked on the door, questions the people, looked at their setup, and left.

Re:What if a bad guy was a TOR node

[pmocek]

Just because it was a TOR node doesn't automatically mean the people weren't up to no good.

Just because you posted a comment on Slashdot doesn't automatically mean you weren't up to no good.

Just because it was a Wave G (ISP) circuit doesn't mean the people at the Wave G office weren't up to no good.

It sounds like you are looking at this backward. Traffic exiting the Tor network to the open Internet is not indication that the operator of the Tor node generated that traffic. Based on such alone, there is no reason to suspect to find evidence of related crime at the operator's home. If Detective Gill had fully informed the judge in her application for warrant, the judge would likely not have issued warrant to search Jan's and David's home, because the fact that an IP address assigned to them by Wave G was on the list of Tor exit nodes means that there was no reason to suspect to find evidence related to that IP address at their home.

SPD's ICAC unit are trained on Tor. They know this stuff. They misled the judge and went on a fishing expedition.

Re:Tor exit node

[Rakarra]

A hacker wouldn't have chosen that name because "Zero Cool" is equivalent to "Not Cool".

He's a hipster hacker. It's ironic, and therefore, it's even more cool.

Re:Tor exit node

[Rakarra]

The stuffed tiger in this case was a creation of Bill Watterson, who already decided that pursuing people for copyright infringement (really, trademark infringement) was more trouble than it was worth for him.

Re: Tor exit node

[rvw14]

The day I went from 300 baud to 1200 was amazing, it no longer took ages to load a single page of text. The jump to 2400 enabled me to actually play some of the bbs door games without hogging the phone line for hours at a time.

Re:Could be, they just don't understand how TOR wo

[KGIII]

Read this thread. Look at the *many* incorrect statements about Tor and the onion network. This site is populated by people who self-identify as being into tech. These people don't understand the tech. It might actually be expecting a bit much for cops to know about it. They're expected to know many things. I imagine that Tor is pretty low on the list of things to expect them to know about - though it appears one of them realized this during the execution of the warrant. There's some speculation that they knew about it beforehand but that appears to be speculation that's assumed to be factual.

No surprise

[allo]

There is no surprise, they should have known this. And there is no evil opression going on. See it the other way round: Run a tor node and download cp (without using tor) and you're having the best excuse ever. So they can come even when they know about tor, just to be sure it was the tor node.
Most tor FAQ have answers about the risks of running a node. The best solution is to run not from your home. Which doesn't neccessarily protect you, as there were cases when homes were raided, while the node kept running in the data center. So it will always be a risk to run a tor node under some ip which is associated with your name.

Re:No surprise

[pmocek]

Run a tor node and download cp (without using tor) and you're having the best excuse ever.

Why would people do that when they could just use Tor Browser?

Become an ISP and you have a pretty good excuse, as well.

Regardless of all that, this isn't about an alibi. It's about the fact that he police had no reason to suspect the targets of their search, but they left out information the judge should have received, got a warrant, and searched anyway.

Re:Wait a minute...

[pmocek]

nobody is going to get in any trouble whatsoever over this, except the luckless couple.

That seems likely, but keep an eye on complaint 2016OPA-0288, filed earlier this week with Seattle Police Department's Office of Professional accountability.

This can happen to anyone...

[nult]

It happened to me in October (in Richmond,Va) and basically wrecked my life; I'm still currently putting the pieces back together. I had 5 years invested working for a large bank and teleworked from home; needless to say when the FBI confiscated every piece of electronic equipment I owned (including my work laptop) and called the bank asking them to un-encrypt my confiscated laptop, I was let go without any explanation . This kinda sh*t needs to stop.