Path: g2news2.google.com!news3.google.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: Jeffrey Goldberg Newsgroups: alt.privacy.anon-server,alt.privacy,sci.crypt,alt.computer.security Subject: Re: Wizard, I Am Sick Of You Attacking Tor Date: Sat, 26 Mar 2011 17:55:25 -0500 Lines: 116 Message-ID: <8v796uFlpqU1@mid.individual.net> References: <4d8e3f87$0$1076$afc38c87@read01.usenet4all.se> <4d8e4013@news.x-privat.org> Reply-To: [REDACTED]@goldmark.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Trace: individual.net gCzre7hlfVEhcvsWpA0AMgCgxTd92L5Tp4SO+HrktrDGnWJKuD Cancel-Lock: sha1:ADhRxxV7lvcSs+tbFWbnN4FDYRs= User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.15) Gecko/20110303 Mnenhy/0.8.2 Thunderbird/3.1.9 In-Reply-To: <4d8e4013@news.x-privat.org> Xref: g2news2.google.com alt.privacy.anon-server:23716 alt.privacy:20000 sci.crypt:32570 alt.computer.security:6024 On 11-03-26 3:35 PM, Steve Topletz, Wizard wrote: > On Sat, 26 Mar 2011 15:33:29 -0500, chronomatic wrote: >> I know you have a profit motive for bashing Tor, so it's really not >> even worth engaging you on this topic, but I'll bite. > Settle down, li'l doggie (Texas talk ;0) ) !! > > What better way to find out what the "terrorists" are up to than > spying on the internet activities that TOR users voluntarily provide! > An intelligence agnecy's wet dream. I have actually had the FBI visit me and "advise" me to shutdown my tor node. I was running an exit node, and apparently someone was doing something with child pornography which they traced to my IP. (I had meant to configure it for HTTP and HTTPS out only, but I never got around to it, so this was IRC activity.) I had set the thing up during the Iran protest in June 2009 and then forgot about it. One Friday night in February 2010 I got a knock on the door. One local uniformed cop, one city detective who was also deputized by the FBI and one county marshal, deputized by the secret service. were at the door They had a warrant signed by a federal judge which would have allowed them to seize every bit of computing equipment in the house. They insist on talking to me separately from my family, but were slow to tell me what the accusation was. The often asked questions which I could have more easily answered if they'd let me on my computers, but they stood between me and my keyboard and asked me not to touch the computers. The local cop sent my wife and daughter upstairs. He was supposed to keep them away from computers, but didn't realize that there were computers upstairs as well. So there was a bit of an embarrassing bit for him when he heard my daughter watching stupid YouTube videos from her iMac. They asked me whether I used IRC (I did not) eventually told me what the accusation was. I explained that I had a Squid proxy open to Iranian IP address and that I had a tor exit node, but restricted to HTTP and HTTPS. (I was mistaken about the tor exit restrictions.) The lead detective had heard of squid but didn't know anything of tor. He scolded me about the squid proxy "why would you do something like that?!" and on several occasions reminded me about how nice they were to not make a big show for the neighbors of coming into my house. My wife was beginning to panic about all of our computers being confiscated. (There were times when the detectives sent me out of my office so they could consult with each other and probably look around my office.) They asked me to describe my machines, and when I pointed to Winky, the FreeBSD server on my DMZ that rant the tor and squid services, I had to explain that "FreeBSD was kind of like Linux". At this point, they had to call in an expert from the FBI offices in Dallas, while I tried to very politely explain the rationale enabling people (in particular Iranians) to reach the net without fear of government snooping. Eventually their expert showed up. He was someone I could talk to because he was familiar with tor, BSD, the whole net freedom movement. He apparently explained to the other detectives that everything I said made perfect sense and that what I was doing was perfectly legal. Anyway, these guys had an warrant, and could easily have taken my machines and backups, but they didn't. This, I find, as a fairly good indication that they could not trace the individual even though they had "after the fact" total access to the tor server and its backups along with backups of my firewall logs. (Because I wasn't using IRC at the time, my firewall did log outbound IRC traffic.) All they did was confirm in tor logs that there was an tor event at the date and time in question. They left me with a harsh warning that if they ever had to return to my house they would do so in a messy way. My wife, a native of Hungary, doesn't accept their kiddie porn story, but thinks that they were trying to shutdown tor nodes. (She also won't allow me to start it up again.) I do believe their story. They thought they were going to make a kiddie porn bust, and ended up with someone who was legally making it easy for people to do things anonymously. There are things that I should have done which I didn't. I was scared. I knew that what I did was legal, but I also knew that they could ruin my life. (I was a student teacher at the time, the accusation, even unfounded of child pornography, can destroy one's life.) And they did have a warrant to take all the computers. So I should have gotten a photocopy of their IDs. (They showed them to me, but I promptly forgot their names.) I did send off an email to the EFF about the incident immediately after wards, but never heard back. I didn't post about it at the time because I was still student teaching. The only way in which I wasn't fully cooperative was when they asked me whether I would be willing to take a lie detector test. I said I wouldn't. When they asked me why I said that I wouldn't like my fate tied to the result of consulting a Ouija board. Other than that I was exceedingly "cooperative" Oh, and one mildly amusing thing was the only book I found disturbed in my office was my copy of "The LaTeX Companion". They must have been disappointed in that. Anyway, one incident doesn't prove anything, but given that tor is open source, well reviewed, and in this case frustrated investigators, suggests to me that it is reasonably safe. Cheers, -j -- Jeffrey Goldberg http://goldmark.org/jeff/ I rarely read HTML or poorly quoting posts Reply-To address is valid