Slashdot Mirror
Cops Are Raiding Homes of Innocent People Based Only On IP Addresses (fusion.net)
Kashmir Hill has a fascinating story today on what can go wrong when you solely rely on IP address in a crime investigation -- also highlighting how often police resort to IP addresses. In the story she follows a crime investigation that led police to raid a couple's house at 6am in the morning, because their IP address had been associated with the publication of child porn on notorious 4chan porn. The problem was, Hill writes: the couple -- David Robinson and Jan Bultmann -- weren't the ones who had uploaded the child porn. All they did was voluntarily use one of their old laptops as a Tor exit relay, a software used by activists, dissidents, privacy enthusiasts as well as criminals, so that people who want to stay anonymous when surfing the web could do so. Hill writes: Robinson and Bultmann had [...] specifically operated the riskiest node in the chain: the exit relay which provides the IP address ultimately associated with a user's activity. In this case, someone used Tor to make the porn post, and his or her traffic had been routed through the computer in Robinson and Bultmann's house. The couple wasn't pleased to have helped someone post child porn to the internet, but that's the thing about privacy-protective tools: They're going to be used for good and bad purposes, and to support one, you might have to support the other.Robinson added that he was a little let down because police didn't bother to look at the public list which details the IP addresses associated with Tor exit relays. Hill adds: The police asked Robinson to unlock one MacBook Air, and then seemed satisfied these weren't the criminals they were looking for and left. But months later, the case remains open with Robinson and Bultmann's names on police documents linking them to child pornography. "I haven't run an exit relay since. The police told me they'd be back if it happened again," Robinson said; he's still running a Tor node, just not the end point anymore. "I have to take the threat seriously because I don't want my wife or I to wake up with guns in our faces."Technologist Seth Schoen, and EFF Executive Director Cindy Cohn in a white paper aimed at courts and cops. "For many reasons, connecting an individual to a crime linked to an IP address, without any additional investigation, is irresponsible and threatens the civil liberties of innocent people."
You can't trust what the public will do with such a capability as an anonymizing onion router, so therefore running a Tor exit note is a ticket to having big legal problems, never mind the guns in your face. I wouldn't do it if my life depended on it. I have a wife and kids...
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
Makes sense, so long as you're also willing to charge every employee of every telecom company as being accessories to terrorism or child porn distribution.
Could smart criminals just also run a Tor exit node, and just use it to blame anything that they get caught on?
It's one thing for libraries and nonprofits to operate them, but as a private citizen running one? Your misguided attempt to help some people will almost certainly end up badly for you because of bad people using that goodwill to do bad things.
To be perfectly honest, reading the linked story I was quite surprised the end result of the police visit was as positive as it was. I fully expected the cops to not know or care what Tor was and just round everyone and everything up and let the courts deal with it, which has happened several other times. Which again reinforces my point that there are precedents that show running a Tor exit node is just bad news and if you are still doing it, you're playing with fire.
Tracking it back to you is fine.
Asking you if you know anything about the crime in question is fine.
Raiding your home at 0600 is not fine.
Threatening an innocent party not to participate in their legal activities is not fine
This signature is false.
Sure, so the cops rock up at the front door: "sir, do you own a black chevy impala", "yes sir I do", "were you driving it last night", "no sir, I lent it to a friend of mine", "can you tell us their name and contact details", "do I have to?", "by law, yes you do" [questionable, of course], "OK then sir, here they are, are we done?", "yes sir, have a nice evening", "you too".
Why would any of this require an armed response is absolutely insane. The entire scenario fabricated above can be applied equally to internet access.
Is this finally a legitimate car analogy?
Sure they are. They provide cellular service to "burner phones" that can be bought with cash and without ID. I see no ethical difference between that and running a Tor node: both are providing a means for somebody to obscure their identity, which can be used for both good and evil.
Poor analogy. Tor exit nodes don't store anything. It's a relay that people use in order to obscure the place they came from.
Here's a better analogy. Imagine if a wanted criminal ran inside an open-door city shop in order to dodge the police, and the police then charged the shop owners as an accessory to evading law enforcement.
Just like how a public storage facility lets random people store things?
Yes, like, three of them. The ratio of good vs bad going through Tor routers is abysmal.
Lame analogy.
Try you lend someone your phone and they use it to make a bomb threat.
Or Lend Someone your smart phone and they use it to watch child porn.
What does any of that have to do with police abuse against people doing nothing illegal?
Police are responsible for **investigating** crimes. Sometimes this means surprising people so that evidence can not be destroyed. From the summary it seems that the the residents told the police they operate a TOR exit node, the police looked at a laptop and left. The resident is a bit naive thinking that being on a public list of TOR exit nodes should have made the search unnecessary. Being on that list does not indicate that the resident is not the uploader the police are looking for, just that they are unlikely to be that person but it still needs to be **investigated** to rule them out. That what a lot of **investigation** is, ruling innocent people out as suspects.
Poor analogy. Tor exit nodes don't store anything. It's a relay that people use in order to obscure the place they came from.
Here's a better analogy. Imagine if a wanted criminal ran inside an open-door city shop in order to dodge the police, and the police then charged the shop owners as an accessory to evading law enforcement.
Poor analogy. Here is a better analogy.
Imagine if a wanted criminal ran inside an open-door city shop in order to dodge the police, and the police questioned the shop owners to confirm that they were the shop owners and not the criminal.
To many people, the word "pornography" does not carry the positive connotations you seem to think it has.
Breakfast served all day!
A nice improvement would be doing away with the "guns in your face" part. Even if this couple had been the perps that the cops were looking for, what part of of "posting child porn" necessitates an early morning armed raid? Do cops not know how to interact with the public at all anymore besides by kicking down doors and shooting their pets?
If you want a vision of the future, imagine a youtube comments section scrolling - forever.
The ratio of good to bad Anonymous Coward posts is abysmal too, yet we still allow you to speak here.
Good-bye