RE: William was raided for running a Tor exit node. Please help if you can.

[Brandon Lehmann]

In any event, I'm pretty sure that I'd rather get hit with tampering with
evidence versus them retrieving data that may incriminate me. I believe
this may be a the lesser of two evils game.


 -Original Message-
 From: Kyle Creyts [mailto:kyle.cre...@gmail.com]
 Sent: Monday, December 17, 2012 2:52 PM
 To: Jeroen van Aart
 Cc: nanog@nanog.org
 Subject: Re: William was raided for running a Tor exit node. Please
 help if you can.
 
 In most jurisdictions, wouldn't using a de-gaussing ring in the door
 frame to wipe any equipment being removed constitute tampering with
 evidence or interfering with an investigation if the authority in
 question is in possession of a warrant/subpoena?
 
 On Mon, Dec 17, 2012 at 11:33 AM, Jeroen van Aart jer...@mompl.net
 wrote:
 
  On 11/30/2012 02:02 PM, Naslund, Steve wrote:
 
  OK, there must be a lot more paranoid people out there than I
 thought
 
 
   for awhile?  I am sure he will let you out to go to the bank, get
  your
  stuff, and leave town.  I think you have seen way to many movies.
 
 
   So if the cops show up at his door tomorrow and say Here's all your
  stuff back, there was no evidence of a crime., you are OK with this
  guys keeping the defense fund?
 
 
  I for one vote for installing a de-gauging ring in your door frame.
  any removal of equipment you don't approve of will be wiped. That and
  encryption possibly combined with hiding the real OS (truecrypt can
  do that).
 
  Greetings,
  Jeroen
 
  --
  Earthquake Magnitude: 5.1
  Date: Monday, December 17, 2012 17:46:48 UTC
  Location: central East Pacific Rise
  Latitude: -3.9682; Longitude: -104.0375
  Depth: 15.70 km
 
 
 
 
 --
 Kyle Creyts
 
 Information Assurance Professional
 BSidesDetroit Organizer


smime.p7s
Description: S/MIME cryptographic signature

Re: William was raided for running a Tor exit node. Please help if you can.

[Jeroen van Aart]

On 11/30/2012 02:02 PM, Naslund, Steve wrote:

OK, there must be a lot more paranoid people out there than I thought



for awhile?  I am sure he will let you out to go to the bank, get your
stuff, and leave town.  I think you have seen way to many movies.



So if the cops show up at his door tomorrow and say Here's all your
stuff back, there was no evidence of a crime., you are OK with this
guys keeping the defense fund?


I for one vote for installing a de-gauging ring in your door frame. any 
removal of equipment you don't approve of will be wiped. That and 
encryption possibly combined with hiding the real OS (truecrypt can do 
that).


Greetings,
Jeroen

--
Earthquake Magnitude: 5.1
Date: Monday, December 17, 2012 17:46:48 UTC
Location: central East Pacific Rise
Latitude: -3.9682; Longitude: -104.0375
Depth: 15.70 km

Re: William was raided for running a Tor exit node. Please help if you can.

[Kyle Creyts]

In most jurisdictions, wouldn't using a de-gaussing ring in the door frame
to wipe any equipment being removed constitute tampering with evidence or
interfering with an investigation if the authority in question is in
possession of a warrant/subpoena?

On Mon, Dec 17, 2012 at 11:33 AM, Jeroen van Aart jer...@mompl.net wrote:

 On 11/30/2012 02:02 PM, Naslund, Steve wrote:

 OK, there must be a lot more paranoid people out there than I thought


  for awhile?  I am sure he will let you out to go to the bank, get your
 stuff, and leave town.  I think you have seen way to many movies.


  So if the cops show up at his door tomorrow and say Here's all your
 stuff back, there was no evidence of a crime., you are OK with this
 guys keeping the defense fund?


 I for one vote for installing a de-gauging ring in your door frame. any
 removal of equipment you don't approve of will be wiped. That and
 encryption possibly combined with hiding the real OS (truecrypt can do
 that).

 Greetings,
 Jeroen

 --
 Earthquake Magnitude: 5.1
 Date: Monday, December 17, 2012 17:46:48 UTC
 Location: central East Pacific Rise
 Latitude: -3.9682; Longitude: -104.0375
 Depth: 15.70 km




-- 
Kyle Creyts

Information Assurance Professional
BSidesDetroit Organizer

Re: William was raided for running a Tor exit node. Please help if you can.

[Peter Kristolaitis]

Drifting a big off topic for NANOG (but hey, that happens every /pi/ 
days anyways!), but I'll toss this in...


Like every other legal incident, it would be unique to your own 
situation.  Keep in mind that, should any of the charges you mentioned 
go to court, the prosecution would have to prove /mens rea/ (intent).  
They would have to prove that you intended to cause the drives to be 
wiped specifically because you did not want them admitted as evidence.


If you weren't even home at the time the warrant was executed, the worst 
lawyer in the world would be able to argue that you have the system in 
place to prevent sensitive data from leaving in the event of common 
theft, and that it's not your fault the police triggered it (and suggest 
that maybe they should add scan for an intense EM field to their 
standard procedures when dealing with computer equipment :p ).


If you were home at the time (or knew that a warrant was being executed, 
e.g. if the police show up at your workplace to inform you), things 
would be a lot dicier.  Actively hitting the turn on the system button 
would definitely be bad news for you. However, simply not turning it off 
as the officers are walking out the door, well... it was a VERY 
stressful situation for you, with all the police running all over your 
house, and you simply forgot about the system until much later (or so 
your lawyer could argue).


There would definitely be some unhappy people with the situation 
regardless, and either way you'll be contributing to buying your lawyer 
a new car.  ;)


Now, having said all that... I'm not sure I'd want to pay the 
electricity bill for keeping that degausser running... :p


- Pete



On 12/17/2012 02:52 PM, Kyle Creyts wrote:

In most jurisdictions, wouldn't using a de-gaussing ring in the door frame
to wipe any equipment being removed constitute tampering with evidence or
interfering with an investigation if the authority in question is in
possession of a warrant/subpoena?

On Mon, Dec 17, 2012 at 11:33 AM, Jeroen van Aart jer...@mompl.net wrote:


On 11/30/2012 02:02 PM, Naslund, Steve wrote:


OK, there must be a lot more paranoid people out there than I thought


  for awhile?  I am sure he will let you out to go to the bank, get your

stuff, and leave town.  I think you have seen way to many movies.


  So if the cops show up at his door tomorrow and say Here's all your

stuff back, there was no evidence of a crime., you are OK with this
guys keeping the defense fund?


I for one vote for installing a de-gauging ring in your door frame. any
removal of equipment you don't approve of will be wiped. That and
encryption possibly combined with hiding the real OS (truecrypt can do
that).

Greetings,
Jeroen

--
Earthquake Magnitude: 5.1
Date: Monday, December 17, 2012 17:46:48 UTC
Location: central East Pacific Rise
Latitude: -3.9682; Longitude: -104.0375
Depth: 15.70 km

Re: William was raided for running a Tor exit node. Please help if you can.

[Valdis . Kletnieks]

On Mon, 17 Dec 2012 16:28:28 -0500, Peter Kristolaitis said:

 Now, having said all that... I'm not sure I'd want to pay the
 electricity bill for keeping that degausser running... :p

An EMP device doesn't have to chew power all the time...

And of course, there's this: http://www.youtube.com/watch?v=8vxEimC3HME


pgpm0HZGq5JYb.pgp
Description: PGP signature

Re: William was raided for running a Tor exit node. Please help if you can.

[Mark Andrews]

In message 34925.1355780...@turing-police.cc.vt.edu, valdis.kletni...@vt.edu 
writes:
 --==_Exmh_1355780734_2398P
 Content-Type: text/plain; charset=us-ascii
 
 On Mon, 17 Dec 2012 16:28:28 -0500, Peter Kristolaitis said:
 
  Now, having said all that... I'm not sure I'd want to pay the
  electricity bill for keeping that degausser running... :p
 
 An EMP device doesn't have to chew power all the time...
 
 And of course, there's this: http://www.youtube.com/watch?v=8vxEimC3HME

I suspect you would fine that such a ring would illegal as it is a
potential man trap.   There are reasons hospitals have big warning
signs around similar equipment used for medical imaging.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org

Re: William was raided for running a Tor exit node. Please help if you can.

[Jimmy Hess]

On 12/17/12, Mark Andrews ma...@isc.org wrote:
 In message 34925.1355780...@turing-police.cc.vt.edu,
 On Mon, 17 Dec 2012 16:28:28 -0500, Peter Kristolaitis said:

Yeah...  degaussing rings  consume a lot of energy you shouldn't need
to consume.   If you _must_  be able to protect data from extreme
physical threats:  keep it encrypted end to end at all times,and
concentrate on Information assurance for  the key itself,   and
making the equipment  tamper resistant, to prevent eavesdropping,  for
example:  by incorporating computer chassis into the support structure
of the building,  with, EM shielding, plate steel vault doors  and
relocking mechanisms;just as you'd want to safeguard other
physical valuables.

Encryption keys are short, and easy to store on small tamper-resistant
smartcards,   which can be burned up or erased in a second by a low
voltage circuit;   possibly one triggered automatically if the
incorrect PIN is entered,  or the  correct 3rd or 4th   (easily
accidentally lost,  or left at some other place) SIM Card/Micro-sim
shapped parts  containing enough other  shares  of the encryption key
 aren't inserted  in a partner module shortly after powerup.

As long as the crypto algorithm was sound,   reliable destruction of
the key should make the data as hard (or harder)  to be recovered,
than if media had been degaussed.


 And of course, there's this: http://www.youtube.com/watch?v=8vxEimC3HME

 I suspect you would fine that such a ring would illegal as it is a
 potential man trap.   There are reasons hospitals have big warning
 signs around similar equipment used for medical imaging.

 Mark
--
-JH

Re: William was raided for running a Tor exit node. Please help if you can.

[Jean-Francois Mezei]

On 12-12-17 21:45, Jimmy Hess wrote:

 Yeah...  degaussing rings  consume a lot of energy you shouldn't need
 to consume.  

Now now, you clearly have not watched enough scient fiction/action
movies... Clearly, you have a mechanism which triggers the degaussing
(or neutron bomb in the basement the minute a hard drive is disconnected
from the server/disk array :-)

And you just need to put up a sign warning, this building is protected
with a giant degaussing magnet to protect against data theft, remove all
rings from your body parts if you intend to steal from this building :-)

Note that they used this trick in Breaking Bad with a giant magnet in
a van parked right next to where evidence room and they managed to zap
the laptop that contained evidence against them. Of course, the laws of
physics don't apply in Hollywood so it is not clear whether this is
realistic or not.

Re: William was raided for running a Tor exit node. Please help if you can.

[Henry Yen]

On Mon, Dec 17, 2012 at 20:45:04AM -0600, Jimmy Hess wrote:
 If you _must_  be able to protect data from extreme
 physical threats:  keep it encrypted end to end at all times,

Physical threat is somewhat different than seizure by law enforcement, though.

Although mooted when authorities decrypted an evidentiary laptop themselves,
the idea of encryption as a shield against law enforcement is not yet a
settled issue in the US; see the Fricosu case.  A nice explanation:
   https://www.eff.org/deeplinks/2012/03/tale-two-encryption-cases

-- 
Henry Yen   Aegis Information Systems, Inc.
Senior Systems Programmer   Hicksville, New York

Re: William was raided for running a Tor exit node. Please help if you can.

[Jimmy Hess]

On 12/18/12, Henry Yen he...@aegisinfosys.com wrote:
 On Mon, Dec 17, 2012 at 20:45:04AM -0600, Jimmy Hess wrote:
 Physical threat is somewhat different than seizure by law enforcement,
 though.

I'm not so sure about that.   It's a kind of physical threat;  the set
of all physical threats includes a subset of threats that are LEO
threats involving authorities and are related to (quasi-)legal
threats.  The law enforcement personnel may have been paid off by a
rogue party in the first place,  to seize and misplace the data
(E.g.  deny the legitimate principal access to it  for the purposes of
competitive advantage),  or to seize and accidentally leak the data
to overseas entity attempting to gain the data for economic advantage,
by taking advantage of insufficient security controls of the law
enforcement entity.

 the idea of encryption as a shield against law enforcement is not yet a
 settled issue in the US; see the Fricosu case.  A nice explanation:
https://www.eff.org/deeplinks/2012/03/tale-two-encryption-cases

It obviously wouldn't work for all kinds of data, but;
even if it's not a 5th amendment issue;   E.g.  required to reveal
your keys and allow the data to be decrypted;the POSSIBILITY  has
to exist that that you can in fact know or recover the keys.

You can't testify against yourself, if you had your memory permanently
wiped in some manner,  so that you are incapable of ever recalling,
because there's nothing there to present ---   it doesn't matter if
there was no 5th amendment,  the fact your memory was wiped,  erased
the possibility of ever testifying.

If an automatic response to the security breach results in complete
reliable destruction of physical and logical devices absolutely
required to be fully intact to  recover the keys  and execute
decryption activity, then  there is inherently nothing to provide,
once that occured;  the remaining option would be for the LEO to
dedicate massive computing resources over a sufficient hundred years,
to  discover the key through brute force key space search  of  10^77+
keys.


That's assuming no backups of the key  devices.



 --
 Henry Yen   Aegis Information Systems,
--
-JH

Re: William was raided for running a Tor exit node. Please help if you can.

[Aled Morris]

On 3 December 2012 07:19, Joakim Aronius joa...@aronius.se wrote:

  I am all for providing anonymized access to help free speech. Perhaps its
 better with anon access to specific applications like twitter, fb etc and
 not general internet access. I suspect that the 'free speech' part of the
 total tor traffic volume is pretty small(?).



I agree.

I can understand that people need to be anonymous when they are going to
publicly stand against an oppressive regime, or expose corporate corruption
etc.  What I'm not sure I believe as strongly is the justification for
anonymity in private, closed communication - this is the use case for
paedophiles and terrorists organising their crimes.

So in my view, anonymous + public = OK, anonymous + private = doubtful.

This isn't a solution to the troll or hate crimes problem (anonymous people
making statements that are distasteful on public forums) but at least we
can all see this going on and develop other solutions.

Aled

Re: William was raided for running a Tor exit node. Please help if you can.

[Joel jaeggli]

On 11/29/12 23:18 , Joakim Aronius wrote:

 I am all for being anonymous on the net but I seriously believe that
 we still need to enforce the law when it comes to serious felonies
 like child pr0n, organized crime etc, we can't give them a free pass
 just by using Tor. I dont think it should be illegal to operate a Tor
 exit node but what just happened could be a consequence of doing it.

The seriousness of crimes that can be committed using anonymization
services should not be diminished. That said the motive I had for
running a tor exit when I did was that speech, and in particular
political organization (dare we call it sedition) are in fact very
serious crimes in many places. R.g. they can result in indefinite
imprisonment, torture, judicial or extra-legal execution and so forth, I
don't consider that unserious..

The internet is potentially quite a useful tool for getting your message
out so long as using it isn't  holding a gun to your own head. While we
site here with the convenient idea of some legal arbitrage which allows
me to do something which isn't illegal  in my own domain to facilitate
something that is quite illegal elsewhere, the fact of the matter is if
you run a service like this you don't get to pick and choose.

Re: William was raided for running a Tor exit node. Please help if you can.

[Michael Painter]

Joel jaeggli wrote:


The internet is potentially quite a useful tool for getting your message
out so long as using it isn't  holding a gun to your own head. While we
site here with the convenient idea of some legal arbitrage which allows
me to do something which isn't illegal  in my own domain to facilitate
something that is quite illegal elsewhere, the fact of the matter is if
you run a service like this you don't get to pick and choose.


In your opinion, would it make *any* kind of semse to engage in child pron AND 
run an exit node?
Thanks,
--Michael

Re: William was raided for running a Tor exit node. Please help if you can.

[Jima]

On 2012-12-02 22:44, Michael Painter wrote:

Joel jaeggli wrote:


The internet is potentially quite a useful tool for getting your message
out so long as using it isn't  holding a gun to your own head. While we
site here with the convenient idea of some legal arbitrage which allows
me to do something which isn't illegal  in my own domain to facilitate
something that is quite illegal elsewhere, the fact of the matter is if
you run a service like this you don't get to pick and choose.


In your opinion, would it make *any* kind of semse to engage in child
pron AND run an exit node?


 It makes a little.  Last I checked (granted: years ago), a user can 
steer their traffic to a given exit node; by doing so, they could pick 
one that they know to have no internal scrutiny (i.e., by the person 
managing the exit node), while maintaining plausible deniability as to 
whether the traffic originating from that exit node was theirs, in the 
event of external scrutiny (as was the case here).


 I suspect running a middle node (not an exit, not an entrance) would 
provide a similar or greater degree of plausible deniability, albeit 
without the assurance of no internal scrutiny of the exit node.


 Jima

Re: William was raided for running a Tor exit node. Please help if you can.

[Joakim Aronius]

* Joel jaeggli (joe...@bogus.com) wrote:
 On 11/29/12 23:18 , Joakim Aronius wrote:
 
  I am all for being anonymous on the net but I seriously believe that
  we still need to enforce the law when it comes to serious felonies
  like child pr0n, organized crime etc, we can't give them a free pass
  just by using Tor. I dont think it should be illegal to operate a Tor
  exit node but what just happened could be a consequence of doing it.
 
 The seriousness of crimes that can be committed using anonymization
 services should not be diminished. That said the motive I had for
 running a tor exit when I did was that speech, and in particular
 political organization (dare we call it sedition) are in fact very
 serious crimes in many places. R.g. they can result in indefinite
 imprisonment, torture, judicial or extra-legal execution and so forth, I
 don't consider that unserious..
 
 The internet is potentially quite a useful tool for getting your message
 out so long as using it isn't  holding a gun to your own head. While we
 site here with the convenient idea of some legal arbitrage which allows
 me to do something which isn't illegal  in my own domain to facilitate
 something that is quite illegal elsewhere, the fact of the matter is if
 you run a service like this you don't get to pick and choose.

I agree. I was about to set up a tor node a few years ago but never got around 
to it. I send cash to orgs working for human rights in countries with 
oppressive regimes. I am all for providing anonymized access to help free 
speech. Perhaps its better with anon access to specific applications like 
twitter, fb etc and not general internet access. I suspect that the 'free 
speech' part of the total tor traffic volume is pretty small(?).

Cheers,
/Joakim 

Re: William was raided for running a Tor exit node. Please help if you can.

[Jean-Francois Mezei]

The BBC has an article about a similar issue on a Tor exit node in Austria:

Austrian police raid privacy network over child porn
http://www.bbc.co.uk/news/technology-20554788


##
Austrian police have seized servers that were part of a global anonymous
browsing system, after images showing child sex abuse were found passing
through them.

Many people use the Tor network to conceal their browsing activity.

Police raided the home of William Weber, who ran the servers, and
charged him with distributing illegal images.
##


It is unfortunate that systems in place to allow free speech end up
being abused for the wrong purposes. The same applies to anonymous
remailers which have been used to stalk and harass/bully people often
using forged email addresses (since those remailers allow one to forge
the sender's email address instead of forcing an Anonymous sender email.

If Tor servers are just glorified routers then they could be considered
more as transit providers and not responsible for content transiting
through them.

However, if a transit service goes out of its way to hide the identity
of the sender of a packet to make it untraceable, then it becomes more
than a simpler carrier.

Re: William was raided for running a Tor exit node. Please help if you can.

[Anne P. Mitchell, Esq.]

 Example of an actual warrant:
 
 
 https://www.eff.org/sites/default/files/filenode/inresearchBC/EXHIBIT-A.pdf

Please also keep in mind, if it's relevant, that *no warrant* is required for 
data that is stored by a third-party.  Data on a server, TOR or otherwise, 
would by definition be data that is stored by a third party.  Which means that 
if there is a person of interest (POI), it would not be terribly hard to get at 
personal information about the POI that is not on their own private machines.

(Here is an article we wrote about that:  
http://www.theinternetpatrol.com/no-warrant-necessary-for-law-enforcement-to-access-data-stored-in-the-cloud/
 )

 Not a lawyer.

Is a lawyer, but hasn't been following this thread.  That said, if there are 
specific questions, I'd be happy to answer them if I can.

Anne

Anne P. Mitchell, Esq
CEO/President
Institute for Social Internet Public Policy
http://www.ISIPP.com 
Member, Cal. Bar Cyberspace Law Committee

Re: William was raided for running a Tor exit node. Please help if you can.

[Jutta Zalud]

 The BBC has an article about a similar issue on a Tor exit node in Austria:

 Austrian police raid privacy network over child porn
 http://www.bbc.co.uk/news/technology-20554788

actually it is not a similar case but the case of William W. that
BBC reported. Though with some mistakes: the servers were not seized,
the hardware (drives etc) at his home was seized, William was not
charged (he says), police is just investigating.

http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses/p5

And so far only the police know if images showing child sex abuse
were actually found passing through them as BBC writes.

The warrent posted at arstechnica.net
http://cdn.arstechnica.net/wp-content/uploads/2012/11/Beschluss.png
mentions section 207a, para 2, 2nd case, and para 4 no 2, lit b of
Austrian Criminal Code, which would be possession of a a pornographic
depiction of a minor person over 14, showing their genitals in an
obscene manner. (the text of the relevant section in German:
http://www.ris.bka.gv.at/Dokumente/Bundesnormen/NOR40105143/NOR40105143.html)

The warrent does not mention anything that refers to distribution or
transport of pornographic images. So, either police and judge were not
aware that it was a TOR server or they have/had a suspicion
that's not related to running a TOR server. Or the made a
mistake and quoted the wrong section. We simply don't know at present.

regards,
jutta

am Samstag, 01. Dezember 2012 um 17:10 schrieb nanog@nanog.org:

 The BBC has an article about a similar issue on a Tor exit node in Austria:

 Austrian police raid privacy network over child porn
 http://www.bbc.co.uk/news/technology-20554788


 ##
 Austrian police have seized servers that were part of a global anonymous
 browsing system, after images showing child sex abuse were found passing
 through them.

...

Re: William was raided for running a Tor exit node. Please help if you can.

[Joakim Aronius]

* Will Hargrave (w...@harg.net) wrote:
 
 On 29 Nov 2012, at 20:53, George Herbert george.herb...@gmail.com wrote:
 
  The assertion being made here, that it's somehow illegal (or immoral,
  or scary) for there to be not-completely-traceable internet access in
  the US, is absurd.
 
 The real issue here is *not* the legality of the act of providing a Tor exit 
 node, or an open access point, or anything else. In sensible countries that 
 is perfectly legal. The problem here is the reality of undergoing a criminal 
 investigation. 

It could also be the case that they think the person running the Tor exit node 
is the actual perpetrator, i.e. its needed to seize all HW to get the kiddie 
pr0n. Is it even possible for a network sniffer to distinguish between Tor exit 
traffic and his own traffic?

Hopefully he will get it all back but it will most liklely cost both time and 
money to explain Tor to the Austrian judical system.

 
 Think carefully about the impact of having everything in your life which runs 
 an operating system taken away. Phones. Tablet. Laptop. Servers. All portable 
 drives, data. If you rely on that hardware for your income (and who 
 doesn't?) you're going to have to buy all of that again. And restore your 
 data, if you are able. 

Fully agree.

/J

Re: William was raided for running a Tor exit node. Please help if you can.

[Rich Kulawiec]

On Thu, Nov 29, 2012 at 08:04:02AM -0500, Chris quoted (William):
 Yes, it happened to me now as well - Yesterday i got raided for
 someone sharing child pornography over one of my Tor exits.

Question: what evidence has been published -- that is, placed somewhere
that we can all see it -- that substantiates the claim that child porn
traversed the node in question?

Followup question 1: if no such evidence has been produced, then
why should we believe that it exists?  Extraordinary claims require
extraordinary proof.

Followup question 2: if the goal is to identify and apprehend the
perpetrators of child porn (and that's a good goal) then why would
the police raid this operation?  Would it not make far more sense to
take advantage of the operator's knowledge and experience and quietly
ask for his/her cooperation *while leaving the node running*?

Followup question 3: what evidence in front of us allows us to clearly
discern that this is what it purports to be and not simply an attempt
to shut down a Tor node (and intimidate the operators of others)
by using a plausible excuse based on a universal hot-button issue?

---rsk

Re: William was raided for running a Tor exit node. Please help if you can.

[Jeroen Massar]

On 2012-11-30 13:51 , Joakim Aronius wrote:
 * Will Hargrave (w...@harg.net) wrote:
 
 On 29 Nov 2012, at 20:53, George Herbert george.herb...@gmail.com
 wrote:
 
 The assertion being made here, that it's somehow illegal (or
 immoral, or scary) for there to be not-completely-traceable
 internet access in the US, is absurd.
 
 The real issue here is *not* the legality of the act of providing a
 Tor exit node, or an open access point, or anything else. In
 sensible countries that is perfectly legal. The problem here is the
 reality of undergoing a criminal investigation.
 
 It could also be the case that they think the person running the Tor
 exit node is the actual perpetrator, i.e. its needed to seize all HW
 to get the kiddie pr0n. Is it even possible for a network sniffer to
 distinguish between Tor exit traffic and his own traffic?

Not easily, this as TCP connections originate from the box itself.

 Hopefully he will get it all back but it will most liklely cost both
 time and money to explain Tor to the Austrian judical system.

According to http://raided4tor.cryto.net/ he at least got a full list of
what was confiscated including the various weapons in his possession,
that in combo with the owning of a safe deposit box (which was not
searched) with amongst others cash is an interesting part in personal
security IMHO though ;)

 Think carefully about the impact of having everything in your life
 which runs an operating system taken away. Phones. Tablet. Laptop.
 Servers. All portable drives, data. If you rely on that hardware
 for your income (and who doesn't?) you're going to have to buy all
 of that again. And restore your data, if you are able.

Actually they did not take anything away that was really related to the
what was detected.

The IP that the connection to the (apparently monitored or owned by the
$investigators) CP website came from was a rented server in Poland.
He apparently was notified that that exit node was being used for abuse
and thus 'closed it because of the hacking through it' (which really is
not helping when you still run others and looks a lot like you have
something to hide to me...)

All the other servers he apparently runs in the US and Hong Kong etc are
still up and running too.

Thus the computer things confiscated where effectively unrelated to the
IP that triggered them to look at it.

On 2012-11-30 13:58 , Rich Kulawiec wrote: On Thu, Nov 29, 2012 at
08:04:02AM -0500, Chris quoted (William):
 Yes, it happened to me now as well - Yesterday i got raided for
 someone sharing child pornography over one of my Tor exits.

 Question: what evidence has been published -- that is, placed somewhere
 that we can all see it -- that substantiates the claim that child porn
 traversed the node in question?

The moment you can see that it is real CP you have seen CP.

Do not ask for that. There are special people who have legally signed
documents and agreements that investigate this.


 Followup question 1: if no such evidence has been produced, then
 why should we believe that it exists?  Extraordinary claims require
 extraordinary proof.

What likely is the case, from what I understand, is that the server
hosting the CP was being either monitored or operated by $investigators.

 Followup question 2: if the goal is to identify and apprehend the
 perpetrators of child porn (and that's a good goal) then why would
 the police raid this operation?

Because they maybe think he originated it, see also the note above of
closing the Tor exit that (allegedly) sourced the request(s).

 Would it not make far more sense to
 take advantage of the operator's knowledge and experience and quietly
 ask for his/her cooperation *while leaving the node running*?

He already closed the node, apparently due to hacking happening through it.

But that would not help anyway, as it is Tor, thus unless you are really
really good there is nothing to see there as you'll never find out who
originated the connection through Tor.

 Followup question 3: what evidence in front of us allows us to clearly
 discern that this is what it purports to be and not simply an attempt
 to shut down a Tor node (and intimidate the operators of others)
 by using a plausible excuse based on a universal hot-button issue?

The owner (the William person this is about) shut it down himself.

See the blog mentioned above for more details from his side.

Greets,
 Jeroen

Re: William was raided for running a Tor exit node. Please help if you can.

[Barry Shein]

On November 29, 2012 at 11:50 george.herb...@gmail.com (George Herbert) wrote:
  On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher tbeec...@localnet.com wrote:
   Assuming it's true, it was bound to happen. Running anything , TOR or
   otherwise, that allows strangers to do whatever they want is just folly.
  
  Such as, say, an Internet Service Provider business?

Or a wi-fi hotspot that only requires clicking Accept, no id involved?

-- 
-Barry Shein

The World  | b...@theworld.com   | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD| Dial-Up: US, PR, Canada
Software Tool  Die| Public Access Internet | SINCE 1989 *oo*

Re: William was raided for running a Tor exit node. Please help if you can.

[Barry Shein]

On November 30, 2012 at 08:18 joa...@aronius.se (Joakim Aronius) wrote:
  
  I am all for being anonymous on the net but I seriously believe that we 
  still need to enforce the law when it comes to serious felonies like child 
  pr0n, organized crime etc, we can't give them a free pass just by using Tor. 
  I dont think it should be illegal to operate a Tor exit node but what just 
  happened could be a consequence of doing it.

Yeah, next they'll let just anyone walk down the sidewalk without
identifying themselves. And those are public sidewalks paid for by tax
dollars!

Or drop a few coins in a public telephone (I know, a little dated, but
they exist) w/o id and commit some crime!

I think some here need to reflect on what they're saying.

Sure, it'd be better to stop bad guys, but this has always been the
problem in a free society, you can't just put draconian rules on
everyone else because otherwise some bad guy might not be immediately
and easily identified.

This was the sort of reasoning they used in the Soviet Union to make
it very difficult to get access to a photocopy machine (ask someone
who lived there, it was practically like buying a firearm in the US.)

We're all (well most of us) glad that law enforcement does its job,
but even the US Constitution (3rd amendment) bothered to state:

No Soldier shall, in time of peace be quartered in any house,
without the consent of the Owner, nor in time of war, but in a
manner to be prescribed by law.

It's only an analogy but I think it's clear, if we're protected from
being forced to provide food  shelter directly to soldiers presumably
defending our lives and country the principle as it pertains to being
required to do whatever law enforcement dreams up to catch bad guys is
pretty clear. As a principle -- Note: I am NOT making a legal point!

Ok, grab onto that manner prescribed by law, but remember that it
said in time of war. None of what we're discussing is relevant to
any war (except as politicians toss around the war on this or that.)

  Of course they might not know abot Tor and believes that it is Mr Williams 
  that is the bad guy. 
  
  /J

Sure, but I assume he told them that :-)

-- 
-Barry Shein

The World  | b...@theworld.com   | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD| Dial-Up: US, PR, Canada
Software Tool  Die| Public Access Internet | SINCE 1989 *oo*

Re: William was raided for running a Tor exit node. Please help if you can.

[Miles Fidelman]

Barry Shein wrote:

On November 30, 2012 at 08:18 joa...@aronius.se (Joakim Aronius) wrote:
  
   I am all for being anonymous on the net but I seriously believe that we 
still need to enforce the law when it comes to serious felonies like child pr0n, 
organized crime etc, we can't give them a free pass just by using Tor. I dont 
think it should be illegal to operate a Tor exit node but what just happened could 
be a consequence of doing it.

Yeah, next they'll let just anyone walk down the sidewalk without
identifying themselves. And those are public sidewalks paid for by tax
dollars!

Or drop a few coins in a public telephone (I know, a little dated, but
they exist) w/o id and commit some crime!

I think some here need to reflect on what they're saying.

Sure, it'd be better to stop bad guys, but this has always been the
problem in a free society, you can't just put draconian rules on
everyone else because otherwise some bad guy might not be immediately
and easily identified.

Well put Barry.  Or, as Ben Franklin put it: They who can give up 
essential liberty to obtain a little temporary safety, deserve neither 
liberty nor safety.


Miles Fidelman*
*

--
In theory, there is no difference between theory and practice.
In practice, there is.    Yogi Berra

Re: William was raided for running a Tor exit node. Please help if you can.

[William Herrin]

On Fri, Nov 30, 2012 at 12:48 PM, Barry Shein b...@world.std.com wrote:
 Yeah, next they'll let just anyone walk down the sidewalk without
 identifying themselves. And those are public sidewalks paid for by tax
 dollars!

If you hang out with criminals, sooner or later you'll encounter a
situation where there is a reasonable suspicion that you committed a
crime. Not because you hung out with criminals but because something
criminal happened while you were hanging out with the criminals and
with only a partial set of facts it appears likely that you did it.

It takes extraordinary diligence to hang out with criminals yet remain
personally above reproach. It's a tightrope many news reporters have
to walk. I have yet to see such diligence practiced in the operation
of a Tor node.

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

Re: William was raided for running a Tor exit node. Please help if you can.

[Owen DeLong]

On Nov 30, 2012, at 4:58 AM, Rich Kulawiec r...@gsp.org wrote:

 On Thu, Nov 29, 2012 at 08:04:02AM -0500, Chris quoted (William):
 Yes, it happened to me now as well - Yesterday i got raided for
 someone sharing child pornography over one of my Tor exits.
 
 Question: what evidence has been published -- that is, placed somewhere
 that we can all see it -- that substantiates the claim that child porn
 traversed the node in question?
 
 Followup question 1: if no such evidence has been produced, then
 why should we believe that it exists?  Extraordinary claims require
 extraordinary proof.
 

I don't find the claim all that extraordinary. I think it was only a
matter of time before the kiddie-pr0n distributors figured out TOR
as a perfect way to distribute anonymously.

 Followup question 2: if the goal is to identify and apprehend the
 perpetrators of child porn (and that's a good goal) then why would
 the police raid this operation?  Would it not make far more sense to
 take advantage of the operator's knowledge and experience and quietly
 ask for his/her cooperation *while leaving the node running*?

Sure, but law enforcement isn't exactly renowned for doing the smart
things in such situations. Especially during their rather extensive
learning curve.

 Followup question 3: what evidence in front of us allows us to clearly
 discern that this is what it purports to be and not simply an attempt
 to shut down a Tor node (and intimidate the operators of others)
 by using a plausible excuse based on a universal hot-button issue?
 

None whatsoever. It's an entirely plausible alternate explanation.
At this point, we can't rule either of them out. However, the basic
theory Never attribute to malice what can be adequately explained
by incompetence. says that the kiddie-pr0n story is more likely.

Owen

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

-Original Message-
From: Rich Kulawiec [mailto:r...@gsp.org] 
Sent: Friday, November 30, 2012 6:59 AM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please
help if you can.

 On Thu, Nov 29, 2012 at 08:04:02AM -0500, Chris quoted (William):
 Yes, it happened to me now as well - Yesterday i got raided for 
 someone sharing child pornography over one of my Tor exits.

 Question: what evidence has been published -- that is, placed
somewhere that we can all see it -- that substantiates the claim that
child porn 
 traversed the node in question?

The cops don't have to present evidence until there is a court case.
Since this guy was not arrested, they have apparently not decided to
charge him yet.  The apparently had some evidence to get the seizure
order.  They have to convince a judge, not the public.


 Followup question 1: if no such evidence has been produced, then why
should we believe that it exists?  Extraordinary claims require
extraordinary 
 proof.

Again, no evidence needed until a prosecution happens. Just enough for
the cops to convince a judge to allow the evidence seizure.

Followup question 2: if the goal is to identify and apprehend the
perpetrators of child porn (and that's a good goal) then why would the
police raid this operation?  Would it not make far more sense to take
advantage of the operator's knowledge and experience and quietly ask for
his/her cooperation *while leaving the node running*?

Maybe the cops think he is a perpetrator.  It is not unthinkable that he
set up a network to hide his own activities.  Note that they seized his
HOME storage devices, not the Tor server.

Followup question 3: what evidence in front of us allows us to clearly
discern that this is what it purports to be and not simply an attempt to
shut down a Tor node (and intimidate the operators of others) by using
a plausible excuse based on a universal hot-button issue?

Since the individual indicates that the Tor node was already down and
the police did not seize it, what makes you think that it was the target
at all.  The individual only indicated that the police asked about the
IP address used by the Tor server during his questioning so it is
possible they did not know it was a Tor node and maybe thought it was at
his apartment.  I have yet to see anything indicating that he is not
allowed to bring his Tor node back online.  I am not assuming this is
only about the Tor node just because the cops asked him about it.  I am
a little concerned that this guy keeps a safe deposit box with a burner
phone and cash around.  Is he a CIA agent? :)

Why would I donate to his legal defense when he has not been charged
yet?  A little premature, no?


---rsk


Steven Naslund

Re: William was raided for running a Tor exit node. Please help if you can.

[Jimmy Hess]

On 11/29/12, William Herrin b...@herrin.us wrote:

 If the computer at IP:port:timestamp transmitted child porn, a warrant
 for all computers is also too broad. Computers which use said IP

As you know, there may always be some uncertainty about which computer
was using a certain IP address at a certain time --  the computer
assigned that address might have been off,  with a   deviant
individual spoofing MAC address and IP address of a certain computer,
using different equipment still attached to the same physical LAN.

Their warrant authors will probably not say all computers;  they
will more likely say something like all digital storage media,  and
equipment required for access.

Which includes all hard drives, SSDs,  CF cards, diskettes, CDRs,  and
all the computing equipment they are installed in  (keyboard, monitor,
mouse, etc)  normally used to access the media.


 address or which employ forensic countermeasures which prevent a ready
 determination whether they employed said IP address. And have a

DHCP?

 qualified technician on the search team, same as you would for any
 other material being searched.

If they had a qualified technician,  they probably wouldn't be raiding
a TOR exit node in the first place;   they would have investigated the
matter  more thoroughly, and saved precious time.

--
-JH

Re: William was raided for running a Tor exit node. Please help if you can.

[Peter Kristolaitis]

On 11/30/2012 04:01 PM, Naslund, Steve wrote:

   I am a little concerned that this guy keeps a safe deposit box with a burner
phone and cash around.  Is he a CIA agent? :)
Anyone who DOESN'T have such things stashed away somewhere is, IMHO, 
incredibly naive and taking on quite a large amount of risk.


The likelihood (and hope) is that you'll never need it.  But on the off 
chance that you get f***ed by the legal system because of some power 
hungry, mouth-breather cop who can't/won't understand that you've done 
nothing wrong -- or worse, that you're easily provably within the law, 
but he believes that you're not and drags you through the process 
anyways -- you'll be very happy that you stashed away that old unlocked 
cell phone, old laptop, change of clothes and cash.


I'm a (legal) firearms owner... up here in Canada, where some previous 
governments enacted extreme anti-gun legislation, that pretty much means 
that if I so much as sneeze in a way that a cop doesn't like, I can have 
my life ruined pretty damned fast (not quite, but really close).  I 
wouldn't bet against me having an excrement-hitting-the-oscillator stash 
like this guy does.  ;)


(Note:  I don't mean to imply that all cops are power hungry 
mouth-breathers intent on destroying the lives of citizens.   Most cops 
are fundamentally good people and do a great job.  But like every other 
profession, there ARE bad cops out there, and it's within the realm of 
possibility that you'll deal with one of them one day.)



Why would I donate to his legal defense when he has not been charged
yet?  A little premature, no?

If you think that legal costs in a criminal case only start when you've 
been formally charged, you're grossly misinformed.   At what point you 
personally decide to donate is one thing, but implying that someone 
doesn't need a defense fund prior to charges being laid is a bit naive 
about how the process works.


- Pete

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

As a network professional do I not have a duty to protect my companies
network from unauthorized access within my ability to do so?  I think I
do.  If you lost all of your credit card and identity data because I
left an open wifi hotspot on my network would you have a liability case?
I sure think so.
If I go into your building and plug in an open wifi hotspot that allows
a hacker to gain access to your stuff, is that illegal?  I think it is.

In this case we are not talking about a civil claim of negligence at
all.  It is not even a civil case.  Let's look at it more as the
credibility of deniability.  Grandma can claim in court that she had no
idea that the neighborhood was using her wifi and be believable.  I
can't make that claim because it is easy to prove that I know better.
Whether the act itself is legal is another matter, but the ability to
deny knowledge of the act is the question.  So, the way this translates
is Sir, did you know that a large percentage of Tor use is for illegal
activities?  How does this guy answer no when he supposedly runs a
large ISP?

As far as the anonymous remailer, at that time sending anonymous email
or spam was not yet illegal.  Many ISPs began cracking down on open mail
relays well before the CAN SPAM stuff came about because it was good
business and most of the industry agreed that open mail relay was bad.  

What I find really interesting is that the ISP (in general, there are a
few rogues) will immediately shut down access to an open mail relay
being hosted by their customer because it enables SPAM, but would allow
a Tor relay that allows lots of illegal activity.

I can tell you exactly why this happens.  Most network professionals
hate spam, its inconvenience, its clogging of the systems we maintain,
and we declared war on the spammers.  Tor however enables a whole lot of
gray area activities like media piracy, warez, and lots of other stuff
that some of us are less concerned about (and some of us actually use).
If the ISPs and engineers get concerned about any of this stuff, we are
capable of killing it off easier than the law enforcement channels.  We
never eliminated SPAM but it was made a lot tougher.  Unfortunately, the
history of the public Internet shows that one of the technology drivers
of higher and better connections are for things like media sharing and
distribution which includes some not so savory or legal sharing and
distribution and some not so nice media.

Steven Naslund



-Original Message-
From: Michael Froomkin - U.Miami School of Law
[mailto:froom...@law.miami.edu] 
Sent: Thursday, November 29, 2012 6:30 PM
To: Naslund, Steve
Cc: NANOG
Subject: RE: William was raided for running a Tor exit node. Please help
if you can.

On Thu, 29 Nov 2012, Naslund, Steve wrote:

[...]

 When it comes to running an open access point, I think the legal issue

 would be negligence.  Is it negligence for the 90 year old grandma to 
 have an open AP (probably not, just didn't know better)?  Is it 
 negligence for me to have an open AP (probably, I am a network 
 professional and know how to secure a network).


In order for there to be a civil claim of negligence there must be,
inter alia, a breach of duty.

What duty has been breached in your scenario?  None.

[...]

 This is certainly an interesting discussion and I think there are not 
 a lot of concrete answers since this is on the edge of technology law.

 I

Actually some of us have been teaching and writing about this stuff
since the mid 1990s.  These issues are far from new; we went through
them in the early anonymous remailer days.

relurk

--
A. Michael Froomkin, http://www.law.tm Blog: http://www.discourse.net
Laurie Silvers  Mitchell Rubenstein Distinguished Professor of Law
Editor, Jotwell: The Journal of Things We Like (Lots),  jotwell.com U.
Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA
+1 (305) 284-4285  |+1 (305) 284-6506 (fax)  |  froom...@law.tm
--It's warm here.--

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

OK, there must be a lot more paranoid people out there than I thought
there were.  I personally don't have a runaway kit stashed away.  I
will get right on that. So when that mouth breather cop won't believe
you are innocent, your answer is to grab your stuff and go on the lamb
for awhile?  I am sure he will let you out to go to the bank, get your
stuff, and leave town.  I think you have seen way to many movies.

So if the cops show up at his door tomorrow and say Here's all your
stuff back, there was no evidence of a crime., you are OK with this
guys keeping the defense fund?

Steve

-Original Message-
From: Peter Kristolaitis [mailto:alte...@alter3d.ca] 
Sent: Friday, November 30, 2012 3:53 PM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.


On 11/30/2012 04:01 PM, Naslund, Steve wrote:
I am a little concerned that this guy keeps a safe deposit box with

 a burner phone and cash around.  Is he a CIA agent? :)
Anyone who DOESN'T have such things stashed away somewhere is, IMHO,
incredibly naive and taking on quite a large amount of risk.

The likelihood (and hope) is that you'll never need it.  But on the off
chance that you get f***ed by the legal system because of some power
hungry, mouth-breather cop who can't/won't understand that you've done
nothing wrong -- or worse, that you're easily provably within the law,
but he believes that you're not and drags you through the process
anyways -- you'll be very happy that you stashed away that old unlocked
cell phone, old laptop, change of clothes and cash.

I'm a (legal) firearms owner... up here in Canada, where some previous
governments enacted extreme anti-gun legislation, that pretty much means
that if I so much as sneeze in a way that a cop doesn't like, I can have
my life ruined pretty damned fast (not quite, but really close).  I
wouldn't bet against me having an excrement-hitting-the-oscillator stash
like this guy does.  ;)

(Note:  I don't mean to imply that all cops are power hungry 
mouth-breathers intent on destroying the lives of citizens.   Most cops 
are fundamentally good people and do a great job.  But like every other
profession, there ARE bad cops out there, and it's within the realm of
possibility that you'll deal with one of them one day.)

 Why would I donate to his legal defense when he has not been charged 
 yet?  A little premature, no?

If you think that legal costs in a criminal case only start when you've 
been formally charged, you're grossly misinformed.   At what point you 
personally decide to donate is one thing, but implying that someone
doesn't need a defense fund prior to charges being laid is a bit naive
about how the process works.

- Pete

Re: William was raided for running a Tor exit node. Please help if you can.

[Rayson Ho]

On Fri, Nov 30, 2012 at 4:46 PM, Jimmy Hess mysi...@gmail.com wrote:
 If they had a qualified technician,  they probably wouldn't be raiding
 a TOR exit node in the first place;   they would have investigated the
 matter  more thoroughly, and saved precious time.

And what if the TOR exit node was in the cloud? Are they going to
confiscate millions of servers just because a few of them were hosting
child pornography??

(I am a believer of Cloud Computing, and in fact earlier this month we
had a 10,000-node Grid Engine HPC cluster running in Amazon EC2:
http://blogs.scalablelogic.com/2012/11/running-1-node-grid-engine-cluster.html
)

I believe most Cloud providers (Google, Amazon, IBM, etc) have some
sort of disclaimer clause... but then one can get a VPN account easily
too (there are many free ones as well)! So how could VPN, local coffee
shops, and cloud providers protect themselves from this kind of
non-sense??

Rayson

==
Open Grid Scheduler - The Official Open Source Grid Engine
http://gridscheduler.sourceforge.net/



 --
 -JH

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

From: Jimmy Hess [mailto:mysi...@gmail.com] 
Sent: Friday, November 30, 2012 3:47 PM
To: William Herrin
Cc: NANOG list
Subject: Re: William was raided for running a Tor exit node. Please
help if you can.

On 11/29/12, William Herrin b...@herrin.us wrote:

 If the computer at IP:port:timestamp transmitted child porn, a
warrant 
 for all computers is also too broad. Computers which use said IP

As you know, there may always be some uncertainty about which computer
was using a certain IP address at a certain time --  the computer
assigned that address might have been off,  with a   deviant
individual spoofing MAC address and IP address of a certain computer,
using different equipment still attached to the same physical LAN.

Their warrant authors will probably not say all computers;  they will
more likely say something like all digital storage media,  and equipment
required for access.

Funny thing is they hit his residence, not the location where
the Tor server was located.  Most likely they tracked the Tor server's
IP to anaccount at the ISP that hosted it, that pointed at his
residence.  Strange that they did not seize the server itself according
to the interview of the guy involved.


Which includes all hard drives, SSDs,  CF cards, diskettes, CDRs,  and
all the computing equipment they are installed in  (keyboard, monitor,
mouse, etc)  normally used to access the media.

Probably said all computing equipment and media on the premise.
That is extremely common language for these warrants.  I have never,
ever, heard of a seizure that only involved a single IP address.  The
cops know that media moves around.


 address or which employ forensic countermeasures which prevent a
ready 
 determination whether they employed said IP address. And have a

DHCP?

 qualified technician on the search team, same as you would for any 
 other material being searched.

If they had a qualified technician,  they probably wouldn't be raiding
a TOR exit node in the first place;   they would have investigated the
matter  more thoroughly, and saved precious time.


Remember, they did not raid the Tor exit node.  They raided the home of
the guy running the Tor exit node.  Way different.


--
-JH


Steven Naslund

RE: William was raided for running a Tor exit node. Please help if you can.

[Eric Wieling]

-Original Message-
From: Peter Kristolaitis [mailto:alte...@alter3d.ca] 
Sent: Friday, November 30, 2012 4:53 PM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help if 
you can.

 (Note:  I don't mean to imply that all cops are power hungry 
mouth-breathers intent on destroying the lives of citizens.   Most cops 
are fundamentally good people and do a great job.  But like every other 
profession, there ARE bad cops out there, and it's within the realm of 
possibility that you'll deal with one of them one day.)

Power corrupts and cops have power.What scares me is that there is no way 
*I* can tell the difference between a cop who accepts free coffee from the 
local café and a cop who will lie to get what they want.

Re: William was raided for running a Tor exit node. Please help if you can.

[Peter Kristolaitis]

I didn't say anything about trying to run away.  That probably won't 
accomplish a whole lot in the long run.   But when all of your bank 
accounts and credit cards are frozen, and your house is a crime scene, 
at least you have the means to rent a hotel room, contact 
family/lawyers, etc.


And no, I'm not OK with people keeping any money that was donated for a 
specific purpose in excess of what was actually used.  You'd hope that 
he'd be a good guy about it and give back the portion that wasn't used, 
or clearly state that any excess will go to charity or something.  
However, there's no such guarantee (short of doing it through a trust 
fund with his lawyer), and just like any philanthropic venture, it's up 
to each donor choose when/if they'll help out.   It's just like 
Kickstarter -- you hope to get something good out of it, but if it 
bombs, well... you pay your money and you take your chances.


- Pete



On 11/30/2012 05:02 PM, Naslund, Steve wrote:

OK, there must be a lot more paranoid people out there than I thought
there were.  I personally don't have a runaway kit stashed away.  I
will get right on that. So when that mouth breather cop won't believe
you are innocent, your answer is to grab your stuff and go on the lamb
for awhile?  I am sure he will let you out to go to the bank, get your
stuff, and leave town.  I think you have seen way to many movies.

So if the cops show up at his door tomorrow and say Here's all your
stuff back, there was no evidence of a crime., you are OK with this
guys keeping the defense fund?

Steve

-Original Message-
From: Peter Kristolaitis [mailto:alte...@alter3d.ca]
Sent: Friday, November 30, 2012 3:53 PM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.


On 11/30/2012 04:01 PM, Naslund, Steve wrote:

I am a little concerned that this guy keeps a safe deposit box with
a burner phone and cash around.  Is he a CIA agent? :)

Anyone who DOESN'T have such things stashed away somewhere is, IMHO,
incredibly naive and taking on quite a large amount of risk.

The likelihood (and hope) is that you'll never need it.  But on the off
chance that you get f***ed by the legal system because of some power
hungry, mouth-breather cop who can't/won't understand that you've done
nothing wrong -- or worse, that you're easily provably within the law,
but he believes that you're not and drags you through the process
anyways -- you'll be very happy that you stashed away that old unlocked
cell phone, old laptop, change of clothes and cash.

I'm a (legal) firearms owner... up here in Canada, where some previous
governments enacted extreme anti-gun legislation, that pretty much means
that if I so much as sneeze in a way that a cop doesn't like, I can have
my life ruined pretty damned fast (not quite, but really close).  I
wouldn't bet against me having an excrement-hitting-the-oscillator stash
like this guy does.  ;)

(Note:  I don't mean to imply that all cops are power hungry
mouth-breathers intent on destroying the lives of citizens.   Most cops
are fundamentally good people and do a great job.  But like every other
profession, there ARE bad cops out there, and it's within the realm of
possibility that you'll deal with one of them one day.)


Why would I donate to his legal defense when he has not been charged
yet?  A little premature, no?


If you think that legal costs in a criminal case only start when you've
been formally charged, you're grossly misinformed.   At what point you
personally decide to donate is one thing, but implying that someone
doesn't need a defense fund prior to charges being laid is a bit naive
about how the process works.

- Pete

Re: William was raided for running a Tor exit node. Please help if you can.

[William Herrin]

On Fri, Nov 30, 2012 at 4:46 PM, Jimmy Hess mysi...@gmail.com wrote:
 On 11/29/12, William Herrin b...@herrin.us wrote:
 If the computer at IP:port:timestamp transmitted child porn, a warrant
 for all computers is also too broad. Computers which use said IP

 As you know, there may always be some uncertainty about which computer
 was using a certain IP address at a certain time --  the computer
 assigned that address might have been off,  with a   deviant

Or more likely behind a NAT device where the address which presents is
the NAT device. But the police won't know that until they search.
Until they search they have no factual basis for the presumptions
either that more than one computer was associated with the activity or
that it isn't possible to readily identify which computer was
involved. That Tor node was probably on a static IP address and was
probably  on the same static IP address at the time of the alleged
activity.

Reasonable suspicion doesn't mean Bob thinks you did it, it means
that there's a trail of facts which lead *directly* to the evidence
you seek permission to seize. The trail to child porn doesn't include
the right to seize the stack of John Denver music and while it might
include the right to search the shelf of DVDs it doesn't include the
right to seize the ones produced by Disney. The right to search your
computer and the right to seize it are not at all the same thing.

Practically speaking, right now the police are going to seize all your
computers. But keep watching. Some time in the next decade or two
warrants will start to get quashed for failing to specify (by
parameters) *which* computer they were looking for. As computers
become more central to our lives it will probably come out that they
have the right to duplicate your hard drives and other read/write
media but don't have a right to take the originals unless they observe
warrant-covered material *on* the computer while searching.

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

Guess who has power over the networks and Internet.  We do and power corrupts 
us too.  There are some bad guy ISPs and engineers out there too.  Just because 
you are running a Tor server to allow for privacy protection does not mean 
you were never doing anything illegal through it.  I know this is not true in 
all cases but a lot of times the guy who screams the most about privacy has 
something to hide.  Do you like getting phone calls with blocked callerID?  Do 
you like getting anonymous SPAM?  Do you mind having anonymously sourced pics 
of your kids going out over the internet?  One guys privacy is sometimes an 
invasion of mine.  

If this guy is so distraught over this case maybe he should have ensured that 
he had the resources to defend himself before he put up the multiple exit 
nodes.  There are test cases all the time, but if you want to be the test case 
you should be prepared.  

How many of us have killed an open mail relay (did you have a warrant before 
you interrupted that good Samaritan providing that free mail server to the poor 
downtrodden email-less masses...you are not even a cop and did not have a judge 
review your actions..how dare you...)?

Steven Naslund

-Original Message-
From: Eric Wieling [mailto:ewiel...@nyigc.com] 
Sent: Friday, November 30, 2012 4:12 PM
To: nanog@nanog.org
Subject: RE: William was raided for running a Tor exit node. Please help if you 
can.

-Original Message-
From: Peter Kristolaitis [mailto:alte...@alter3d.ca] 
Sent: Friday, November 30, 2012 4:53 PM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help if 
you can.

 (Note:  I don't mean to imply that all cops are power hungry 
mouth-breathers intent on destroying the lives of citizens.   Most cops 
are fundamentally good people and do a great job.  But like every other 
profession, there ARE bad cops out there, and it's within the realm of 
possibility that you'll deal with one of them one day.)

Power corrupts and cops have power.What scares me is that there is no way 
*I* can tell the difference between a cop who accepts free coffee from the 
local café and a cop who will lie to get what they want.

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

OK, I get it.  I think my BS detector is set to high today.  I am just
really suspicious that this guy that runs an large ISP can't at least
wait until there are charges before all the uproar.  I think if the cops
came and seized my home PCs right now I would probably give them the
time to look at them, realize there is nothing there, and give them back
to me before freaking out completely.  I would be wondering what was
going on but probably not raising a defense fund.

Steve

-Original Message-
From: Peter Kristolaitis [mailto:alte...@alter3d.ca] 
Sent: Friday, November 30, 2012 4:21 PM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.

I didn't say anything about trying to run away.  That probably won't 
accomplish a whole lot in the long run.   But when all of your bank 
accounts and credit cards are frozen, and your house is a crime scene,
at least you have the means to rent a hotel room, contact
family/lawyers, etc.

And no, I'm not OK with people keeping any money that was donated for a
specific purpose in excess of what was actually used.  You'd hope that
he'd be a good guy about it and give back the portion that wasn't used,
or clearly state that any excess will go to charity or something.  
However, there's no such guarantee (short of doing it through a trust
fund with his lawyer), and just like any philanthropic venture, it's up 
to each donor choose when/if they'll help out.   It's just like 
Kickstarter -- you hope to get something good out of it, but if it
bombs, well... you pay your money and you take your chances.

- Pete



On 11/30/2012 05:02 PM, Naslund, Steve wrote:
 OK, there must be a lot more paranoid people out there than I thought 
 there were.  I personally don't have a runaway kit stashed away.  I 
 will get right on that. So when that mouth breather cop won't 
 believe you are innocent, your answer is to grab your stuff and go on 
 the lamb for awhile?  I am sure he will let you out to go to the bank,

 get your stuff, and leave town.  I think you have seen way to many
movies.

 So if the cops show up at his door tomorrow and say Here's all your 
 stuff back, there was no evidence of a crime., you are OK with this 
 guys keeping the defense fund?

 Steve

 -Original Message-
 From: Peter Kristolaitis [mailto:alte...@alter3d.ca]
 Sent: Friday, November 30, 2012 3:53 PM
 To: nanog@nanog.org
 Subject: Re: William was raided for running a Tor exit node. Please 
 help if you can.


 On 11/30/2012 04:01 PM, Naslund, Steve wrote:
 I am a little concerned that this guy keeps a safe deposit box 
 with a burner phone and cash around.  Is he a CIA agent? :)
 Anyone who DOESN'T have such things stashed away somewhere is, IMHO, 
 incredibly naive and taking on quite a large amount of risk.

 The likelihood (and hope) is that you'll never need it.  But on the 
 off chance that you get f***ed by the legal system because of some 
 power hungry, mouth-breather cop who can't/won't understand that 
 you've done nothing wrong -- or worse, that you're easily provably 
 within the law, but he believes that you're not and drags you 
 through the process anyways -- you'll be very happy that you stashed 
 away that old unlocked cell phone, old laptop, change of clothes and
cash.

 I'm a (legal) firearms owner... up here in Canada, where some previous

 governments enacted extreme anti-gun legislation, that pretty much 
 means that if I so much as sneeze in a way that a cop doesn't like, I 
 can have my life ruined pretty damned fast (not quite, but really 
 close).  I wouldn't bet against me having an 
 excrement-hitting-the-oscillator stash like this guy does.  ;)

 (Note:  I don't mean to imply that all cops are power hungry
 mouth-breathers intent on destroying the lives of citizens.   Most
cops
 are fundamentally good people and do a great job.  But like every 
 other profession, there ARE bad cops out there, and it's within the 
 realm of possibility that you'll deal with one of them one day.)

 Why would I donate to his legal defense when he has not been charged 
 yet?  A little premature, no?

 If you think that legal costs in a criminal case only start when
you've
 been formally charged, you're grossly misinformed.   At what point you
 personally decide to donate is one thing, but implying that someone 
 doesn't need a defense fund prior to charges being laid is a bit naive

 about how the process works.

 - Pete

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

I might be reading this the wrong way but it looked to me like the cops
raided his home and the Tor server is hosted off site with an ISP.  That
is what is bugging me so much.  The cops raided his house, not the
location of the server.  If they had tracked the server by its IP it
would have led to the hoster, not his home.  They could have gotten his
address as the account holder but the ISP would have known that the Tor
server was at their site not his home.  The IP would not track to his
residence.  Something is not the full story here or I am misreading his
interview.

I have seen some of the warrants due to child porn cases.  They tend to
be very sweeping and usually specify recordable media and data
processing equipment.  That is admittedly broad but the cops usually do
not have forensic computer guys on site so they try to grab it all.  It
is not right but that is how it currently works.  Anything else requires
the expertise on site to search the equipment where it is.  Most cops
don't know a PC from a router, from a switch.  It all goes.


Steven Naslund

-Original Message-
From: William Herrin [mailto:b...@herrin.us] 
Sent: Friday, November 30, 2012 4:21 PM
To: Jimmy Hess
Cc: NANOG list
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.

On Fri, Nov 30, 2012 at 4:46 PM, Jimmy Hess mysi...@gmail.com wrote:
 On 11/29/12, William Herrin b...@herrin.us wrote:
 If the computer at IP:port:timestamp transmitted child porn, a 
 warrant for all computers is also too broad. Computers which use 
 said IP

 As you know, there may always be some uncertainty about which computer

 was using a certain IP address at a certain time --  the computer
 assigned that address might have been off,  with a   deviant

Or more likely behind a NAT device where the address which presents is
the NAT device. But the police won't know that until they search.
Until they search they have no factual basis for the presumptions either
that more than one computer was associated with the activity or that it
isn't possible to readily identify which computer was involved. That Tor
node was probably on a static IP address and was probably  on the same
static IP address at the time of the alleged activity.

Reasonable suspicion doesn't mean Bob thinks you did it, it means that
there's a trail of facts which lead *directly* to the evidence you seek
permission to seize. The trail to child porn doesn't include the right
to seize the stack of John Denver music and while it might include the
right to search the shelf of DVDs it doesn't include the right to seize
the ones produced by Disney. The right to search your computer and the
right to seize it are not at all the same thing.

Practically speaking, right now the police are going to seize all your
computers. But keep watching. Some time in the next decade or two
warrants will start to get quashed for failing to specify (by
parameters) *which* computer they were looking for. As computers become
more central to our lives it will probably come out that they have the
right to duplicate your hard drives and other read/write media but don't
have a right to take the originals unless they observe warrant-covered
material *on* the computer while searching.

Regards,
Bill Herrin


--
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

Re: William was raided for running a Tor exit node. Please help if you can.

[Jason Baugher]

I can't help but wonder who would send money to same random person based on
a story that may or may not be true. Were these people sucked in by Nigeria
scams as well?

Not only that, but the list of people who proclaimed their innocence only
to be proven guilty is very long. I can't vouch for countries outside of
the USA, but here at least we don't get subpoenas on a whim. They are
usually part of a very long drawn-out investigation, and they usually are
for a very good reason.

Jason

On Fri, Nov 30, 2012 at 4:37 PM, Naslund, Steve snasl...@medline.comwrote:

 OK, I get it.  I think my BS detector is set to high today.  I am just
 really suspicious that this guy that runs an large ISP can't at least
 wait until there are charges before all the uproar.  I think if the cops
 came and seized my home PCs right now I would probably give them the
 time to look at them, realize there is nothing there, and give them back
 to me before freaking out completely.  I would be wondering what was
 going on but probably not raising a defense fund.

 Steve

 -Original Message-
 From: Peter Kristolaitis [mailto:alte...@alter3d.ca]
 Sent: Friday, November 30, 2012 4:21 PM
 To: nanog@nanog.org
 Subject: Re: William was raided for running a Tor exit node. Please help
 if you can.

 I didn't say anything about trying to run away.  That probably won't
 accomplish a whole lot in the long run.   But when all of your bank
 accounts and credit cards are frozen, and your house is a crime scene,
 at least you have the means to rent a hotel room, contact
 family/lawyers, etc.

 And no, I'm not OK with people keeping any money that was donated for a
 specific purpose in excess of what was actually used.  You'd hope that
 he'd be a good guy about it and give back the portion that wasn't used,
 or clearly state that any excess will go to charity or something.
 However, there's no such guarantee (short of doing it through a trust
 fund with his lawyer), and just like any philanthropic venture, it's up
 to each donor choose when/if they'll help out.   It's just like
 Kickstarter -- you hope to get something good out of it, but if it
 bombs, well... you pay your money and you take your chances.

 - Pete



 On 11/30/2012 05:02 PM, Naslund, Steve wrote:
  OK, there must be a lot more paranoid people out there than I thought
  there were.  I personally don't have a runaway kit stashed away.  I
  will get right on that. So when that mouth breather cop won't
  believe you are innocent, your answer is to grab your stuff and go on
  the lamb for awhile?  I am sure he will let you out to go to the bank,

  get your stuff, and leave town.  I think you have seen way to many
 movies.
 
  So if the cops show up at his door tomorrow and say Here's all your
  stuff back, there was no evidence of a crime., you are OK with this
  guys keeping the defense fund?
 
  Steve
 
  -Original Message-
  From: Peter Kristolaitis [mailto:alte...@alter3d.ca]
  Sent: Friday, November 30, 2012 3:53 PM
  To: nanog@nanog.org
  Subject: Re: William was raided for running a Tor exit node. Please
  help if you can.
 
 
  On 11/30/2012 04:01 PM, Naslund, Steve wrote:
  I am a little concerned that this guy keeps a safe deposit box
  with a burner phone and cash around.  Is he a CIA agent? :)
  Anyone who DOESN'T have such things stashed away somewhere is, IMHO,
  incredibly naive and taking on quite a large amount of risk.
 
  The likelihood (and hope) is that you'll never need it.  But on the
  off chance that you get f***ed by the legal system because of some
  power hungry, mouth-breather cop who can't/won't understand that
  you've done nothing wrong -- or worse, that you're easily provably
  within the law, but he believes that you're not and drags you
  through the process anyways -- you'll be very happy that you stashed
  away that old unlocked cell phone, old laptop, change of clothes and
 cash.
 
  I'm a (legal) firearms owner... up here in Canada, where some previous

  governments enacted extreme anti-gun legislation, that pretty much
  means that if I so much as sneeze in a way that a cop doesn't like, I
  can have my life ruined pretty damned fast (not quite, but really
  close).  I wouldn't bet against me having an
  excrement-hitting-the-oscillator stash like this guy does.  ;)
 
  (Note:  I don't mean to imply that all cops are power hungry
  mouth-breathers intent on destroying the lives of citizens.   Most
 cops
  are fundamentally good people and do a great job.  But like every
  other profession, there ARE bad cops out there, and it's within the
  realm of possibility that you'll deal with one of them one day.)
 
  Why would I donate to his legal defense when he has not been charged
  yet?  A little premature, no?
 
  If you think that legal costs in a criminal case only start when
 you've
  been formally charged, you're grossly misinformed.   At what point you
  personally decide to donate is one thing, but implying that someone
  

Re: William was raided for running a Tor exit node. Please help if you can.

[Michael Painter]

Naslund, Steve wrote:

I might be reading this the wrong way but it looked to me like the cops
raided his home and the Tor server is hosted off site with an ISP.  That
is what is bugging me so much.  The cops raided his house, not the
location of the server.  If they had tracked the server by its IP it
would have led to the hoster, not his home.  They could have gotten his
address as the account holder but the ISP would have known that the Tor
server was at their site not his home.  The IP would not track to his
residence.  Something is not the full story here or I am misreading his
interview.


How about:

Police have seen CP and have logs from Additionally, I was accused of sharing (and possibly producing) child pornography 
on a clearnet forum via an image hosting site that was probably tapped.

Police look at IP addresses that have accessed the images for those that are 
within their jurisdiction.
Police find an address within a block that is registered to Wiliam.
Police raid William and receive an education on TOR exit nodes on servers in 
Poland.

Maybe?
Why wouldn't the IP address have led to William?

--Michael 

Re: William was raided for running a Tor exit node. Please help if you can.

[b.g. white]

PROCEDURE FOR SEIZURE OF COMPUTERS AND RELATED DEVICES

 This search warrant covers and controls the procedure for searching:  (1)
electronic or computer devices, related equipment or media which has been
authorized to be seized pursuant to this warrant on the basis that it is
contraband or a direct instrumentality used to commit the crime, and (2)
electronic or computer devices, related equipment or media for which
seizure has not been specifically authorized.  Agents are authorized to
seize and remove from the premises such electronic or computer device,
including computer system input/output (I/O) peripheral devices, software
and media so that a qualified computer expert can accurately search for and
retrieve the data in a laboratory or other controlled environment when this
is necessary in order to search and retrieve the data or information
authorized to be searched for and seized pursuant to this warrant.


  Agents and computer experts working with agents are authorized to
seize the relevant system software (operating systems, interfaces and
hardware drivers), any applications software which may have been used to
create the data (whether stored on hard drives or on external media), as
well as all related instruction manuals or other documentation and data
security devices (including but not limited to passwords, keycards and
dongles) in order to facilitate the authorized search.  In addition, if
necessary for data retrieval, they are authorized to reconfigure the system
in order to accurately search for and retrieve the evidence stored therein.
 If, after inspecting the I/O devices, software, documentation and data
security devices, the analyst determines that these items are no longer
necessary to search for, retrieve and preserve the data, and if the
software, documentation and devices have not been seized pursuant to the
warrant as contraband or instrumentalities of the crime, the items shall be
returned within a reasonable time.


https://webcache.googleusercontent.com/search?q=cache:HJ9PtsbdL3kJ:www.fjc.gov/public/pdf.nsf/lookup/ElecDi31.rtf/%24file/ElecDi31.rtf+cd=1hl=enct=clnkgl=us


Example of an actual warrant:


https://www.eff.org/sites/default/files/filenode/inresearchBC/EXHIBIT-A.pdf


Not a lawyer.



On Fri, Nov 30, 2012 at 6:25 PM, Randy Bush ra...@psg.com wrote:

 as this thread has moved firmly to legal opinions, i now scan it for
 postings by folk i know are actual lawyers and whack the rest.  if you
 are a lawyer, but not well known as such, please say so right up front
 in your message.

 randy

Re: William was raided for running a Tor exit node. Please help if you can.

[Randy Bush]

 Not a lawyer.

than stfu with the legal crap

Re: William was raided for running a Tor exit node. Please help if you can.

[Owen DeLong]

 
 Not only that, but the list of people who proclaimed their innocence only
 to be proven guilty is very long. I can't vouch for countries outside of
 the USA, but here at least we don't get subpoenas on a whim. They are
 usually part of a very long drawn-out investigation, and they usually are
 for a very good reason.

Usually, but not always. I've seen a number of subpoenas and a few search
warrants that were:

Ridiculously broad
Overreaching
Really stretched the concept of probable cause

As in all else, not all LEOs are good actors.

Owen

Re: William was raided for running a Tor exit node. Please help if you can.

[Ray Soucy]

If you run Tor, then you should probably accept that it might be used
for activity that you don't approve of or even is in violation of the
law.

I'm not saying Tor is good or bad, just that if you're using it you
probably know what you're getting into.

In order to catch someone in a criminal case, most law enforcement
will certainly take whatever they think could be used as evidence,
perform forensic analysis on it, and retain it as long as they think
necessary.

Depending on how well your laws are written, you might be not be
protected from them discovering other activity that is outside the
scope and bringing a separate criminal case against you directly.

Got any pirated music or movies?




On Thu, Nov 29, 2012 at 8:04 AM, Chris cal...@gmail.com wrote:
 I'm not William and a friend pasted a link on IRC to me. I'm going to
 send him a few bucks because I know how it feels to get blindsided by
 the police on one random day and your world is turned upside down.

 Source: 
 http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses

 From the URL:

 Yes, it happened to me now as well - Yesterday i got raided for
 someone sharing child pornography over one of my Tor exits.
 I'm good so far, not in jail, but all my computers and hardware have
 been confiscated.
 (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)

 If convicted i could face up to 6 years in jail, of course i do not
 want that and i also want to try to set a legal base for running Tor
 exit nodes in Austria or even the EU.

 Sadly we have nothing like the EFF here that could help me in this
 case by legal assistance, so i'm on my own and require a good lawyer.
 Thus i'm accepting donations for my legal expenses which i expect to
 be around 5000-1 EUR.

 If you can i would appreciate if you could donate a bit (every amount
 helps, even the smallest) either by PayPal (any currency is ok):
 https://paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=2Q4LZNBBD7EH4

 Or by Bank Transfer (EUR only please):

 Holder: William Weber
 Bank: EasyBank AG (Vienna, Austria)
 Account: 20011351213
 Bank sort number: 14200
 IBAN: AT031420020011351213
 BIC: EASYATW1

 I will try to pay them back when i'm out of this (or even before) but
 i can obviously not guarantee this, please keep this in mind.
 This money will only be used for legal expenses related to this case.

 If you have any questions or want to donate by another way
 (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free
 to send me a mail (will...@william.si) or a PM, or contact me in LET
 IRC.

 Thanks!
 William




 --
 --C

 The dumber people think you are, the more surprised they're going to
 be when you kill them. - Sir William Clayton




-- 
Ray Patrick Soucy
Network Engineer
University of Maine System

T: 207-561-3526
F: 207-561-3531

MaineREN, Maine's Research and Education Network
www.maineren.net

Re: William was raided for running a Tor exit node. Please help if you can.

[Barry Shein]

Back in the early days of the public internet we didn't require any id
to create an account, just that you found a way to pay us. We had
anonymous accts some of whom dropped by personally to pay their bill,
some said hello but I usually didn't know their names and that's how
they wanted it, I'd answer hello ACCOUNT, whatever their login was
if I recognized them. Some mailed in something, a mail order, even
currency tho that was rare but it did happen, or had someone else drop
by to pay in cash (that is, no idea if they were local.)

LEO occasionally served a warrant for information, usually child porn
biz (more than just accessing child porn, selling it) tho I don't
remember any anonymous accts being involved.

I never expected to be held accountable for anyone's behavior unless I
was knowingly involved somehow (just the usual caveat.) LEO never
showed any particular interest in the fact that we were ok with
anonymous accounts. If I was made aware of illegal activities we'd
shut them off, didn't really happen much, maybe some credible
hacking complaint on occasion.

It's funny, it's all illusion like show business. It's not hard to set
up anonymous service, crap, just drop in at any wi-fi hotspot, many
just ask you to click that you accept their TCs and you're on. Would
they raid them, I was just using one at a major hospital this week
that was just like that, if someone used that for child porn etc? But
I guess stick your nose out and say you're specifically offering anon
accts and watch out I guess.

-- 
-Barry Shein

The World  | b...@theworld.com   | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD| Dial-Up: US, PR, Canada
Software Tool  Die| Public Access Internet | SINCE 1989 *oo*

Re: William was raided for running a Tor exit node. Please help if you can.

[Patrick W. Gilmore]

On Nov 29, 2012, at 11:17 , Barry Shein b...@world.std.com wrote:

 Back in the early days of the public internet we didn't require any id
 to create an account, just that you found a way to pay us. We had
 anonymous accts some of whom dropped by personally to pay their bill,
 some said hello but I usually didn't know their names and that's how
 they wanted it, I'd answer hello ACCOUNT, whatever their login was
 if I recognized them. Some mailed in something, a mail order, even
 currency tho that was rare but it did happen, or had someone else drop
 by to pay in cash (that is, no idea if they were local.)
 
 LEO occasionally served a warrant for information, usually child porn
 biz (more than just accessing child porn, selling it) tho I don't
 remember any anonymous accts being involved.

Mere conduit defense.  (Please do not anyone mention common carrier status 
or the like, ISPs are _not_ common carriers.)


 I never expected to be held accountable for anyone's behavior unless I
 was knowingly involved somehow (just the usual caveat.) LEO never
 showed any particular interest in the fact that we were ok with
 anonymous accounts. If I was made aware of illegal activities we'd
 shut them off, didn't really happen much, maybe some credible
 hacking complaint on occasion.

How do you shut off a Tor account?


 It's funny, it's all illusion like show business. It's not hard to set
 up anonymous service, crap, just drop in at any wi-fi hotspot, many
 just ask you to click that you accept their TCs and you're on. Would
 they raid them, I was just using one at a major hospital this week
 that was just like that, if someone used that for child porn etc? But
 I guess stick your nose out and say you're specifically offering anon
 accts and watch out I guess.

Do you think if the police found out child pr0n was being served from a starbux 
they wouldn't confiscate the equipment from that store?

-- 
TTFN,
patrick

Re: William was raided for running a Tor exit node. Please help if you can.

[Barry Shein]

On November 29, 2012 at 11:45 patr...@ianai.net (Patrick W. Gilmore) wrote:
  On Nov 29, 2012, at 11:17 , Barry Shein b...@world.std.com wrote:
  
   It's funny, it's all illusion like show business. It's not hard to set
   up anonymous service, crap, just drop in at any wi-fi hotspot, many
   just ask you to click that you accept their TCs and you're on. Would
   they raid them, I was just using one at a major hospital this week
   that was just like that, if someone used that for child porn etc? But
   I guess stick your nose out and say you're specifically offering anon
   accts and watch out I guess.
  
  Do you think if the police found out child pr0n was being served from a 
  starbux they wouldn't confiscate the equipment from that store?

I dunno, has it ever happened? I mean confiscated the store's
equipment, I assume that's what you mean. Is that because no one has
ever been involved with child porn etc from a Starbucks? Does that
seem likely? I don't know, really.

And why would confiscating it from one location address the issue if
they offer anonymous hotspots (I don't know if they do but whatever,
there are plenty of others) at all locations and they're one company?

It would seem like they'd have to confiscate the equipment at every
Starbucks in their jurisdiction, which could be every one in the US
for example.

   -b

Re: William was raided for running a Tor exit node. Please help if you can.

[Patrick W. Gilmore]

On Nov 29, 2012, at 12:58 , Barry Shein b...@world.std.com wrote:
 On November 29, 2012 at 11:45 patr...@ianai.net (Patrick W. Gilmore) wrote:
 On Nov 29, 2012, at 11:17 , Barry Shein b...@world.std.com wrote:
 
 It's funny, it's all illusion like show business. It's not hard to set
 up anonymous service, crap, just drop in at any wi-fi hotspot, many
 just ask you to click that you accept their TCs and you're on. Would
 they raid them, I was just using one at a major hospital this week
 that was just like that, if someone used that for child porn etc? But
 I guess stick your nose out and say you're specifically offering anon
 accts and watch out I guess.
 
 Do you think if the police found out child pr0n was being served from a 
 starbux they wouldn't confiscate the equipment from that store?
 
 I dunno, has it ever happened?

No idea.  However, I would not be the least bit surprised.  In fact, I would be 
surprised if they failed to do so, after having proof that child pr0n was 
served from one.


 I mean confiscated the store's
 equipment, I assume that's what you mean. Is that because no one has
 ever been involved with child porn etc from a Starbucks? Does that
 seem likely? I don't know, really.
 
 And why would confiscating it from one location address the issue if
 they offer anonymous hotspots (I don't know if they do but whatever,
 there are plenty of others) at all locations and they're one company?
 
 It would seem like they'd have to confiscate the equipment at every
 Starbucks in their jurisdiction, which could be every one in the US
 for example.

They didn't confiscate every Tor exit node in the US once they found something 
nefarious emanating from one.

-- 
TTFN,
patrick

Re: William was raided for running a Tor exit node. Please help if you can.

[Emily Ozols]

Hi,

I gotta ask and I'm sure someone would if I didn't, but how do we know
this guy is legit?
He's jumped up on a forum saying, Hey, police raided me, help. gib
mone plz and failed to provide and reason as to how he's real and not
just making it up.

Maybe if there's a way to know this guy is legit, I'll help out if
possible, but until then I'm just going to watch others with caution
and I suggest others do as well.

On Fri, Nov 30, 2012 at 12:04 AM, Chris cal...@gmail.com wrote:
 I'm not William and a friend pasted a link on IRC to me. I'm going to
 send him a few bucks because I know how it feels to get blindsided by
 the police on one random day and your world is turned upside down.

 Source: 
 http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses

 From the URL:

 Yes, it happened to me now as well - Yesterday i got raided for
 someone sharing child pornography over one of my Tor exits.
 I'm good so far, not in jail, but all my computers and hardware have
 been confiscated.
 (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)

 If convicted i could face up to 6 years in jail, of course i do not
 want that and i also want to try to set a legal base for running Tor
 exit nodes in Austria or even the EU.

 Sadly we have nothing like the EFF here that could help me in this
 case by legal assistance, so i'm on my own and require a good lawyer.
 Thus i'm accepting donations for my legal expenses which i expect to
 be around 5000-1 EUR.

 If you can i would appreciate if you could donate a bit (every amount
 helps, even the smallest) either by PayPal (any currency is ok):
 https://paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=2Q4LZNBBD7EH4

 Or by Bank Transfer (EUR only please):

 Holder: William Weber
 Bank: EasyBank AG (Vienna, Austria)
 Account: 20011351213
 Bank sort number: 14200
 IBAN: AT031420020011351213
 BIC: EASYATW1

 I will try to pay them back when i'm out of this (or even before) but
 i can obviously not guarantee this, please keep this in mind.
 This money will only be used for legal expenses related to this case.

 If you have any questions or want to donate by another way
 (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free
 to send me a mail (will...@william.si) or a PM, or contact me in LET
 IRC.

 Thanks!
 William




 --
 --C

 The dumber people think you are, the more surprised they're going to
 be when you kill them. - Sir William Clayton




-- 
~Em

Re: William was raided for running a Tor exit node. Please help if you can.

[William Herrin]

On Thu, Nov 29, 2012 at 11:45 AM, Patrick W. Gilmore patr...@ianai.net wrote:
 Do you think if the police found out child pr0n was
 being served from a starbux they wouldn't
 confiscate the equipment from that store?

I think if they took the cash registers too the Starbucks lawyer would
be in court an hour later with a motion to quash in one hand and an
offer of full cooperation in the other.

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

Re: William was raided for running a Tor exit node. Please help if you can.

[Warren Bailey]

It's difficult to compare a guy in Austria to a multi-billion dollar
corporation. Here in the US, the fed has charged 3 men with involuntary
manslaughter for their parts in the Gulf of Mexico Rig explosion. BP
received a slap on the wrist, and a decent (to us, not them) sized fine.

On 11/29/12 10:57 AM, William Herrin b...@herrin.us wrote:

On Thu, Nov 29, 2012 at 11:45 AM, Patrick W. Gilmore patr...@ianai.net
wrote:
 Do you think if the police found out child pr0n was
 being served from a starbux they wouldn't
 confiscate the equipment from that store?

I think if they took the cash registers too the Starbucks lawyer would
be in court an hour later with a motion to quash in one hand and an
offer of full cooperation in the other.

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

Re: William was raided for running a Tor exit node. Please help if you can.

[Patrick W. Gilmore]

On Nov 29, 2012, at 13:57 , William Herrin b...@herrin.us wrote:
 On Thu, Nov 29, 2012 at 11:45 AM, Patrick W. Gilmore patr...@ianai.net 
 wrote:
 Do you think if the police found out child pr0n was
 being served from a starbux they wouldn't
 confiscate the equipment from that store?
 
 I think if they took the cash registers too the Starbucks lawyer would
 be in court an hour later with a motion to quash in one hand and an
 offer of full cooperation in the other.

And if the sky were orange

Any other non-sequitors? :)

-- 
TTFN,
patrick

P.S. I can come up with some examples where the cash registers would be fair 
game, such as when the manager was charging the hosting provider extra to sit 
in the corner and host the 'bad content'.  But it is still a non-sequitor w/r/t 
this thread.

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

How would this be legally different than receiving the illegal content
in an envelope and anonymously forwarding the envelope via the post
office?  I am pretty sure you are still liable since you were the
sender.  I realize that there are special postal regulations but I think
that agreeing to forward anything for anyone sight unseen is pretty
risky and I think you will have a hard time pulling of the service
provider defense if you are not selling services and are not licensed
as a carrier.

Steven Naslund

-Original Message-
From: Patrick W. Gilmore [mailto:patr...@ianai.net] 
Sent: Thursday, November 29, 2012 10:45 AM
To: NANOG list
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.

On Nov 29, 2012, at 11:17 , Barry Shein b...@world.std.com wrote:

 Back in the early days of the public internet we didn't require any 
 id to create an account, just that you found a way to pay us. We had 
 anonymous accts some of whom dropped by personally to pay their bill, 
 some said hello but I usually didn't know their names and that's how 
 they wanted it, I'd answer hello ACCOUNT, whatever their login was

 if I recognized them. Some mailed in something, a mail order, even 
 currency tho that was rare but it did happen, or had someone else drop

 by to pay in cash (that is, no idea if they were local.)
 
 LEO occasionally served a warrant for information, usually child porn 
 biz (more than just accessing child porn, selling it) tho I don't 
 remember any anonymous accts being involved.

Mere conduit defense.  (Please do not anyone mention common carrier
status or the like, ISPs are _not_ common carriers.)


 I never expected to be held accountable for anyone's behavior unless I

 was knowingly involved somehow (just the usual caveat.) LEO never 
 showed any particular interest in the fact that we were ok with 
 anonymous accounts. If I was made aware of illegal activities we'd 
 shut them off, didn't really happen much, maybe some credible 
 hacking complaint on occasion.

How do you shut off a Tor account?


 It's funny, it's all illusion like show business. It's not hard to set

 up anonymous service, crap, just drop in at any wi-fi hotspot, many 
 just ask you to click that you accept their TCs and you're on. Would 
 they raid them, I was just using one at a major hospital this week 
 that was just like that, if someone used that for child porn etc? But 
 I guess stick your nose out and say you're specifically offering anon 
 accts and watch out I guess.

Do you think if the police found out child pr0n was being served from a
starbux they wouldn't confiscate the equipment from that store?

--
TTFN,
patrick

Re: William was raided for running a Tor exit node. Please help if you can.

[Tom Beecher]

Assuming it's true, it was bound to happen. Running anything , TOR or 
otherwise, that allows strangers to do whatever they want is just folly.


People will spend time and money securing their home wireless so their 
neighbor can't steal their internet, but willingly allow strangers from 
anywhere in the world to use their connections no strings attached. It's 
hilarious.


On 11/29/2012 8:04 AM, Chris wrote:

I'm not William and a friend pasted a link on IRC to me. I'm going to
send him a few bucks because I know how it feels to get blindsided by
the police on one random day and your world is turned upside down.

Source: 
http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses

 From the URL:

Yes, it happened to me now as well - Yesterday i got raided for
someone sharing child pornography over one of my Tor exits.
I'm good so far, not in jail, but all my computers and hardware have
been confiscated.
(20 computers, 100TB+ storage, My Tablets/Consoles/Phones)

If convicted i could face up to 6 years in jail, of course i do not
want that and i also want to try to set a legal base for running Tor
exit nodes in Austria or even the EU.

Sadly we have nothing like the EFF here that could help me in this
case by legal assistance, so i'm on my own and require a good lawyer.
Thus i'm accepting donations for my legal expenses which i expect to
be around 5000-1 EUR.

If you can i would appreciate if you could donate a bit (every amount
helps, even the smallest) either by PayPal (any currency is ok):
https://paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=2Q4LZNBBD7EH4

Or by Bank Transfer (EUR only please):

Holder: William Weber
Bank: EasyBank AG (Vienna, Austria)
Account: 20011351213
Bank sort number: 14200
IBAN: AT031420020011351213
BIC: EASYATW1

I will try to pay them back when i'm out of this (or even before) but
i can obviously not guarantee this, please keep this in mind.
This money will only be used for legal expenses related to this case.

If you have any questions or want to donate by another way
(MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free
to send me a mail (will...@william.si) or a PM, or contact me in LET
IRC.

Thanks!
William




--
--C

The dumber people think you are, the more surprised they're going to
be when you kill them. - Sir William Clayton

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

I think the best analogy I would use in defense is something like the
pre-paid cellular phones that are sold.  That is about the only
anonymous communications service I can think of off the top of my head.
Problem is that most people are not licensed carriers and may not be
able to hide behind that protection.  

I can see an argument both ways with the feds saying that you are
running a service for the express service of concealing the identity of
a person allowing them to avoid law enforcement (among other uses).  On
the other hand, the makers of guns do not get charged with murder even
though their tool enabled a criminal.  Could go either way but the
problem is that in any case it will be expensive to defend so win or
lose, you lose.  I guess you can't run a Tor exit unless you have a
legal defense fund set up.  I understand the legit uses of Tor but
wonder what the actual percentage of good vs. evil use really is.

Steven Naslund

-Original Message-
From: Barry Shein [mailto:b...@world.std.com] 
Sent: Thursday, November 29, 2012 10:17 AM
To: NANOG list
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.


Back in the early days of the public internet we didn't require any id
to create an account, just that you found a way to pay us. We had
anonymous accts some of whom dropped by personally to pay their bill,
some said hello but I usually didn't know their names and that's how
they wanted it, I'd answer hello ACCOUNT, whatever their login was
if I recognized them. Some mailed in something, a mail order, even
currency tho that was rare but it did happen, or had someone else drop
by to pay in cash (that is, no idea if they were local.)

LEO occasionally served a warrant for information, usually child porn
biz (more than just accessing child porn, selling it) tho I don't
remember any anonymous accts being involved.

I never expected to be held accountable for anyone's behavior unless I
was knowingly involved somehow (just the usual caveat.) LEO never showed
any particular interest in the fact that we were ok with anonymous
accounts. If I was made aware of illegal activities we'd shut them off,
didn't really happen much, maybe some credible hacking complaint on
occasion.

It's funny, it's all illusion like show business. It's not hard to set
up anonymous service, crap, just drop in at any wi-fi hotspot, many just
ask you to click that you accept their TCs and you're on. Would they
raid them, I was just using one at a major hospital this week that was
just like that, if someone used that for child porn etc? But I guess
stick your nose out and say you're specifically offering anon accts and
watch out I guess.

-- 
-Barry Shein

The World  | b...@theworld.com   |
http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD| Dial-Up: US, PR,
Canada
Software Tool  Die| Public Access Internet | SINCE 1989
*oo*

Re: William was raided for running a Tor exit node. Please help if you can.

[Eugen Leitl]

On Fri, Nov 30, 2012 at 01:14:08AM +1100, Emily Ozols wrote:
 Hi,
 
 I gotta ask and I'm sure someone would if I didn't, but how do we know
 this guy is legit?
 He's jumped up on a forum saying, Hey, police raided me, help. gib
 mone plz and failed to provide and reason as to how he's real and not
 just making it up.
 
 Maybe if there's a way to know this guy is legit, I'll help out if
 possible, but until then I'm just going to watch others with caution
 and I suggest others do as well.

This matter is being investigated by the Tor developers.
It looks legitimate, so far. 
 
 On Fri, Nov 30, 2012 at 12:04 AM, Chris cal...@gmail.com wrote:
  I'm not William and a friend pasted a link on IRC to me. I'm going to
  send him a few bucks because I know how it feels to get blindsided by
  the police on one random day and your world is turned upside down.
 
  Source: 
  http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses
 
  From the URL:
 
  Yes, it happened to me now as well - Yesterday i got raided for
  someone sharing child pornography over one of my Tor exits.
  I'm good so far, not in jail, but all my computers and hardware have
  been confiscated.
  (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)
 
  If convicted i could face up to 6 years in jail, of course i do not
  want that and i also want to try to set a legal base for running Tor
  exit nodes in Austria or even the EU.
 
  Sadly we have nothing like the EFF here that could help me in this
  case by legal assistance, so i'm on my own and require a good lawyer.
  Thus i'm accepting donations for my legal expenses which i expect to
  be around 5000-1 EUR.
 
  If you can i would appreciate if you could donate a bit (every amount
  helps, even the smallest) either by PayPal (any currency is ok):
  https://paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=2Q4LZNBBD7EH4
 
  Or by Bank Transfer (EUR only please):
 
  Holder: William Weber
  Bank: EasyBank AG (Vienna, Austria)
  Account: 20011351213
  Bank sort number: 14200
  IBAN: AT031420020011351213
  BIC: EASYATW1
 
  I will try to pay them back when i'm out of this (or even before) but
  i can obviously not guarantee this, please keep this in mind.
  This money will only be used for legal expenses related to this case.
 
  If you have any questions or want to donate by another way
  (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free
  to send me a mail (will...@william.si) or a PM, or contact me in LET
  IRC.
 
  Thanks!
  William
 
 
 
 
  --
  --C
 
  The dumber people think you are, the more surprised they're going to
  be when you kill them. - Sir William Clayton
 
 
 
 
 -- 
 ~Em
-- 
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

RE: William was raided for running a Tor exit node. Please help if you can.

[Scott Berkman]

Not sure if there is a legal precedent for this, but logically the
difference is that there are no robots that I know of that can automatically
receive and parse postal mail, then re-address and forward it.  For a human
to forward a letter takes a conscious manual action, even if they choose not
to look inside.

Having a Tor node for no specific purpose, having a hacked server/pc that is
then compromised for some nefarious purpose, etc. are not necessarily
purposeful actions that one could be held accountable for without other
proof.  I'd think the LEA would have to establish motive, like in any other
crime, to make that jump.  Perhaps in this case they believe they have, and
that would end up in the courts, where you'd have to hope the Judge and or
Jury sees that difference.

Don't see this as very different either from when an agency confiscates a
whole rack of shared servers because one user was suspected of some bad
action, and we all know that does happen.

-Scott 

-Original Message-
From: Naslund, Steve [mailto:snasl...@medline.com] 
Sent: Thursday, November 29, 2012 2:07 PM
To: nanog@nanog.org
Subject: RE: William was raided for running a Tor exit node. Please help if
you can.

How would this be legally different than receiving the illegal content in an
envelope and anonymously forwarding the envelope via the post office?  I am
pretty sure you are still liable since you were the sender.  I realize that
there are special postal regulations but I think that agreeing to forward
anything for anyone sight unseen is pretty risky and I think you will have a
hard time pulling of the service provider defense if you are not selling
services and are not licensed as a carrier.

Steven Naslund

-Original Message-
From: Patrick W. Gilmore [mailto:patr...@ianai.net]
Sent: Thursday, November 29, 2012 10:45 AM
To: NANOG list
Subject: Re: William was raided for running a Tor exit node. Please help if
you can.

On Nov 29, 2012, at 11:17 , Barry Shein b...@world.std.com wrote:

 Back in the early days of the public internet we didn't require any 
 id to create an account, just that you found a way to pay us. We had 
 anonymous accts some of whom dropped by personally to pay their bill, 
 some said hello but I usually didn't know their names and that's how 
 they wanted it, I'd answer hello ACCOUNT, whatever their login was

 if I recognized them. Some mailed in something, a mail order, even 
 currency tho that was rare but it did happen, or had someone else drop

 by to pay in cash (that is, no idea if they were local.)
 
 LEO occasionally served a warrant for information, usually child porn 
 biz (more than just accessing child porn, selling it) tho I don't 
 remember any anonymous accts being involved.

Mere conduit defense.  (Please do not anyone mention common carrier
status or the like, ISPs are _not_ common carriers.)


 I never expected to be held accountable for anyone's behavior unless I

 was knowingly involved somehow (just the usual caveat.) LEO never 
 showed any particular interest in the fact that we were ok with 
 anonymous accounts. If I was made aware of illegal activities we'd 
 shut them off, didn't really happen much, maybe some credible 
 hacking complaint on occasion.

How do you shut off a Tor account?


 It's funny, it's all illusion like show business. It's not hard to set

 up anonymous service, crap, just drop in at any wi-fi hotspot, many 
 just ask you to click that you accept their TCs and you're on. Would 
 they raid them, I was just using one at a major hospital this week 
 that was just like that, if someone used that for child porn etc? But 
 I guess stick your nose out and say you're specifically offering anon 
 accts and watch out I guess.

Do you think if the police found out child pr0n was being served from a
starbux they wouldn't confiscate the equipment from that store?

--
TTFN,
patrick

Re: William was raided for running a Tor exit node. Please help if you can.

[elijah wright]

We had a guy (aka potential customer) inquire the other day about hosting a
Tor exit on our infrastructure the other day;  he disappeared fairly
quickly when he figured out that we weren't just going to give him an
endless supply of unmetered 10G bandwidth.  I was looking forward to
billing him.  :-)

I'm not sure that armchair lawyering, here, actually helps anyone.  Also,
spel-chek, sequitur.

best,

--e



On Thu, Nov 29, 2012 at 1:22 PM, Eugen Leitl eu...@leitl.org wrote:

 On Fri, Nov 30, 2012 at 01:14:08AM +1100, Emily Ozols wrote:
  Hi,
 
  I gotta ask and I'm sure someone would if I didn't, but how do we know
  this guy is legit?
  He's jumped up on a forum saying, Hey, police raided me, help. gib
  mone plz and failed to provide and reason as to how he's real and not
  just making it up.
 
  Maybe if there's a way to know this guy is legit, I'll help out if
  possible, but until then I'm just going to watch others with caution
  and I suggest others do as well.

 This matter is being investigated by the Tor developers.
 It looks legitimate, so far.

  On Fri, Nov 30, 2012 at 12:04 AM, Chris cal...@gmail.com wrote:
   I'm not William and a friend pasted a link on IRC to me. I'm going to
   send him a few bucks because I know how it feels to get blindsided by
   the police on one random day and your world is turned upside down.
  
   Source:
 http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses
  
   From the URL:
  
   Yes, it happened to me now as well - Yesterday i got raided for
   someone sharing child pornography over one of my Tor exits.
   I'm good so far, not in jail, but all my computers and hardware have
   been confiscated.
   (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)
  
   If convicted i could face up to 6 years in jail, of course i do not
   want that and i also want to try to set a legal base for running Tor
   exit nodes in Austria or even the EU.
  
   Sadly we have nothing like the EFF here that could help me in this
   case by legal assistance, so i'm on my own and require a good lawyer.
   Thus i'm accepting donations for my legal expenses which i expect to
   be around 5000-1 EUR.
  
   If you can i would appreciate if you could donate a bit (every amount
   helps, even the smallest) either by PayPal (any currency is ok):
  
 https://paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=2Q4LZNBBD7EH4
  
   Or by Bank Transfer (EUR only please):
  
   Holder: William Weber
   Bank: EasyBank AG (Vienna, Austria)
   Account: 20011351213
   Bank sort number: 14200
   IBAN: AT031420020011351213
   BIC: EASYATW1
  
   I will try to pay them back when i'm out of this (or even before) but
   i can obviously not guarantee this, please keep this in mind.
   This money will only be used for legal expenses related to this case.
  
   If you have any questions or want to donate by another way
   (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free
   to send me a mail (will...@william.si) or a PM, or contact me in LET
   IRC.
  
   Thanks!
   William
  
  
  
  
   --
   --C
  
   The dumber people think you are, the more surprised they're going to
   be when you kill them. - Sir William Clayton
  
 
 
 
  --
  ~Em
 --
 Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
 __
 ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
 8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

Re: William was raided for running a Tor exit node. Please help if you can.

[William Herrin]

On Thu, Nov 29, 2012 at 2:06 PM, Patrick W. Gilmore patr...@ianai.net wrote:
 On Nov 29, 2012, at 13:57 , William Herrin b...@herrin.us wrote:
  On Thu, Nov 29, 2012 at 11:45 AM, Patrick W. Gilmore patr...@ianai.net 
 wrote:
 Do you think if the police found out child pr0n was
 being served from a starbux they wouldn't
 confiscate the equipment from that store?

 I think if they took the cash registers too the Starbucks lawyer would
 be in court an hour later with a motion to quash in one hand and an
 offer of full cooperation in the other.

 And if the sky were orange
 Any other non-sequitors? :)

All of Mr. Weber's equipment was seized. Last I checked the cash
registers at Starbucks were networked computers too. Maybe your
Starbucks is different.

Mr. Weber lives in another jurisdiction, but in the U.S. the warrant
is limited to material plausibly connected to the alleged crime. If
the guy was shot with a 9mm and the warrant says all firearms, it's
unlawfully broad. The most it should be is small calliber handguns
and not even that much if they know for sure it's a 9mm. If the police
seize a shotgun and a couple of knives, they've overstepped.

If the computer at IP:port:timestamp transmitted child porn, a warrant
for all computers is also too broad. Computers which use said IP
address or which employ forensic countermeasures which prevent a ready
determination whether they employed said IP address. And have a
qualified technician on the search team, same as you would for any
other material being searched.


On the flip side, I think that if you're running a Tor node you'd
better hope the police *want* your cooperation. If they don't your
activity falls somewhere between criminal recklessness and criminal
facilitation. Seriously, who do you think uses your Tor node? Whistle
blowers exposing corruption and freedom loving libertarians? Fool.



-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

Re: William was raided for running a Tor exit node. Please help if you can.

[Jay Ashworth]

- Original Message -
 From: Patrick W. Gilmore patr...@ianai.net

 Mere conduit defense. (Please do not anyone mention common carrier
 status or the like, ISPs are _not_ common carriers.)

 Do you think if the police found out child pr0n was being served from
 a starbux they wouldn't confiscate the equipment from that store?

Well, pursuant to the mere conduit defense, I believe (IANAL) a defensible
case could be made that the (people operating) Tor nodes are not servers as
that term is generally understood in the industry, in the same way that web
browser/caches are not copies as IP law understands *that* term.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth  Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA   #natog  +1 727 647 1274

Re: William was raided for running a Tor exit node. Please help if you can.

[Jay Ashworth]

- Original Message -
 From: Patrick W. Gilmore patr...@ianai.net

  I think if they took the cash registers too the Starbucks lawyer would
  be in court an hour later with a motion to quash in one hand and an
  offer of full cooperation in the other.
 
 And if the sky were orange
 
 Any other non-sequitors? :)

 P.S. I can come up with some examples where the cash registers would
 be fair game, such as when the manager was charging the hosting
 provider extra to sit in the corner and host the 'bad content'. But it
 is still a non-sequitor w/r/t this thread.

The hell it is: cops sieze things which are not only not related to a crime, 
but cannot *possibly be* relevant to that crime *all the effing time*, Patrick.

You know this, I'm sure.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth  Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA   #natog  +1 727 647 1274

Re: William was raided for running a Tor exit node. Please help if you can.

[George Herbert]

On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher tbeec...@localnet.com wrote:
 Assuming it's true, it was bound to happen. Running anything , TOR or
 otherwise, that allows strangers to do whatever they want is just folly.

Such as, say, an Internet Service Provider business?

...

-- 
-george william herbert
george.herb...@gmail.com

Re: William was raided for running a Tor exit node. Please help if you can.

[Tom Beecher]

Not really comparable.

Speaking from a US point of view, ISPs has strong legal protections 
isolating them from culpability for the actions of their customers. I 
know internationally things are different, but here in the US the ISP 
doesn't get dinged, except in certain cases where they are legally 
required to remove access to material and don't.


End users have no such protections that I'm aware of that cover them 
similarly.


On 11/29/2012 2:50 PM, George Herbert wrote:

On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher tbeec...@localnet.com wrote:

Assuming it's true, it was bound to happen. Running anything , TOR or
otherwise, that allows strangers to do whatever they want is just folly.

Such as, say, an Internet Service Provider business?

...

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

I think service providers are afforded special protections because the
law recognizes their utility and the inability of the service provider
to be responsible for the actions of all of their customers.  The major
problem is that not every individual has the same protections.  A lot of
ISPs are actually also CLECs or LECs that are protected as licensed
telecom carriers.

ISPs also do not allow strangers to do whatever they want  ISPs have
responsibilities to act on DCMA notices and CALEA requests from law
enforcement.  These are things that Tor exit nodes are not capable of
doing.  If you were an ISP and could not respond to CALEA requests, you
will find yourself out of business in a big hurry.

Steven Naslund

-Original Message-
From: George Herbert [mailto:george.herb...@gmail.com] 
Sent: Thursday, November 29, 2012 1:51 PM
To: Tom Beecher; NANOG
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.

On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher tbeec...@localnet.com
wrote:
 Assuming it's true, it was bound to happen. Running anything , TOR or 
 otherwise, that allows strangers to do whatever they want is just
folly.

Such as, say, an Internet Service Provider business?

...

--
-george william herbert
george.herb...@gmail.com

Re: William was raided for running a Tor exit node. Please help if you can.

[George Herbert]

On Thu, Nov 29, 2012 at 11:58 AM, Tom Beecher tbeec...@localnet.com wrote:
 Not really comparable.

 Speaking from a US point of view, ISPs has strong legal protections
 isolating them from culpability for the actions of their customers. I know
 internationally things are different, but here in the US the ISP doesn't get
 dinged, except in certain cases where they are legally required to remove
 access to material and don't.

 End users have no such protections that I'm aware of that cover them
 similarly.


 On 11/29/2012 2:50 PM, George Herbert wrote:

 On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher tbeec...@localnet.com
 wrote:

 Assuming it's true, it was bound to happen. Running anything , TOR or
 otherwise, that allows strangers to do whatever they want is just folly.

 Such as, say, an Internet Service Provider business?

There are plenty of ISPs with no or little customer contracts; anyone
running open access wireless.  Plenty of open access sites with free
accounts.

And any but the largest ISPs are end users of upstream bandwidth.

The analogy of a small free access ISP and a Tor exit node is legally
defensible.  I know of five, six, seven that I can think of off the
top of my head that are run by people I know, one of whom has started
and/or been architect or operations lead for 5 or more commercial
ISPs.

Even more, ISP like protections are extended in the US to many end
user sites such as blogging sites, Wikis, etc; where the site is
publishing content but not creating it or exerting control over it,
etc.

This is US specific, and the case of a user in Austria is entirely
unrelated to US law, but I don't know that this type of response would
hold up in US court for these reasons.  I am going to ping my internet
law contacts in the US and see what they think, as IANAL.


-- 
-george william herbert
george.herb...@gmail.com

Re: William was raided for running a Tor exit node. Please help if you can.

[George Herbert]

On Thu, Nov 29, 2012 at 12:00 PM, Naslund, Steve snasl...@medline.com wrote:
 ISPs also do not allow strangers to do whatever they want  ISPs have
 responsibilities to act on DCMA notices and CALEA requests from law
 enforcement.  These are things that Tor exit nodes are not capable of
 doing.  If you were an ISP and could not respond to CALEA requests, you
 will find yourself out of business in a big hurry.

Sure, Tor exit nodes are 'capable of doing' those things if a report
is generated that someone's using it to source child porn or terrorist
communications or DMCA violations.  At the most extreme the owner can
shut down a node; they might also put egress filters in place pursuant
to notifications.

Plenty of small ISPs in one sense or another don't comply with CALEA
because they own systems not networks (open access sites, etc).  CALEA
goes to the network providers in those cases, as I understand it.

The Tor owner also might chose to fight it and leave it completely
open, but an ISP might chose to do that in response to certain notices
as well.

This presumes that law enforcement deems them the right place to go
investigating an incident, and notifies them.  But if they seem to be
aware of what Tor is in the US and be generally reasonable in
responding to issues with it, that I know of.


-- 
-george william herbert
george.herb...@gmail.com

Re: William was raided for running a Tor exit node. Please help if you can.

[Tom Beecher]

Communications Decency Act, 47 U.S.C. §230 is the US law that has been 
interpreted to provide immunity to ISP for the actions of their users.


Zeran v. America Online, Inc., 4th Circuit, 1997
Jane Doe v. America Online, Inc., 5th Circuit, 1997
Blumenthal v. Drudge, DC District, 1998
Green v. AOL, 3rd Circuit, 2003
Gentry v. eBay, Inc, California Appeals, 2002
Delfino v. Agilent Technologies, California Appeals, 2006

The ISP ones are most relevant here, but look at these cases.

The situation would be complicated if the ISP ran the TOR exit node 
themselves, and that would be a messy legal battle I'm sure.


Either way, that doesn't change the fact that running a TOR exit on a 
home PC on a residential internet connection is silly. You might legally 
not be held responsible at the end of the day, but it just may cost you 
a lot in legal fees to get there.


Personally, I have better things to spend money on.

On 11/29/2012 3:06 PM, George Herbert wrote:

On Thu, Nov 29, 2012 at 11:58 AM, Tom Beecher tbeec...@localnet.com wrote:

Not really comparable.

Speaking from a US point of view, ISPs has strong legal protections
isolating them from culpability for the actions of their customers. I know
internationally things are different, but here in the US the ISP doesn't get
dinged, except in certain cases where they are legally required to remove
access to material and don't.

End users have no such protections that I'm aware of that cover them
similarly.


On 11/29/2012 2:50 PM, George Herbert wrote:

On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher tbeec...@localnet.com
wrote:

Assuming it's true, it was bound to happen. Running anything , TOR or
otherwise, that allows strangers to do whatever they want is just folly.

Such as, say, an Internet Service Provider business?

There are plenty of ISPs with no or little customer contracts; anyone
running open access wireless.  Plenty of open access sites with free
accounts.

And any but the largest ISPs are end users of upstream bandwidth.

The analogy of a small free access ISP and a Tor exit node is legally
defensible.  I know of five, six, seven that I can think of off the
top of my head that are run by people I know, one of whom has started
and/or been architect or operations lead for 5 or more commercial
ISPs.

Even more, ISP like protections are extended in the US to many end
user sites such as blogging sites, Wikis, etc; where the site is
publishing content but not creating it or exerting control over it,
etc.

This is US specific, and the case of a user in Austria is entirely
unrelated to US law, but I don't know that this type of response would
hold up in US court for these reasons.  I am going to ping my internet
law contacts in the US and see what they think, as IANAL.




--
Thomas Beecher II
Senior Network Administrator
LocalNet Corp.
CoreComm Internet Services
716-799-8881
tbeec...@localnet.com

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

The entire point of Tor is to be untraceable back to the source.  Egress
filters can prevent future abuse but do not provide for tracing back to
the original source of offending conduct. They are not trying to stop
the flow of the data in this case, they want the source in jail.  If law
enforcement comes to you and asks you to show them the source or
destination on a case like the one in question, you cannot comply and if
law enforcement asks you to trap this data in the future you will also
have a problem complying because I think you cannot identify the
original source. 

You ARE providing a network if you are running a Tor exit node just the
same as someone who builds a MPLS VPN would be responsible for
responding to law enforcement requests for data inside the secure
network.  A licensed LEC and CLEC has very specific requirements in
terms of CALEA and DCMA.  It is not something they optionally comply
with. An ISP that does not respond to CALEA and DCMA can become liable
for events that happen after their non-response.  Their safe harbor
protection ends the moment they do not act in good faith to comply with
the law.  

Even a small ISP that does not own their own network can be subpoenaed
to provide logs, sniffer traces, and file dumps from any system they
own.  I know this for a fact and have provided this data under court
orders.  CALEA applies just as well to servers and data as it does to
the communication circuits themselves.  If you have a server on the
network, it has a communications circuit into it and you can be required
to provide access to that circuit.  You can also be required to tap
email accounts or data directories as well.  This data may not fall
strictly under CALEA but a court order can compel you to provide any
data you are in possession of.  That is why law enforcement can grab a
server or PC.  ISPs and carriers are often given the benefit of the
doubt and law enforcement accepts copies of data they want.  If they
view you as an adversary or have any inclination of hiding data, they
will seize the machine.  If they view a Tor exit node owner as an
accessory, they are not going to be nicey nice about it.

The main problem with Tor is that it purposefully attempts to make this
data obscure which could be construed as obstruction.  As far as US law
enforcement attitudes on Tor, those can and will change as the
government sees fit.  It is all a matter of the greater good in their
eyes and whether they think the fight is worthwhile.  You better believe
that as soon as it becomes a national security threat it is coming
down.

Steven Naslund





-Original Message-
From: George Herbert [mailto:george.herb...@gmail.com] 
Sent: Thursday, November 29, 2012 2:14 PM
To: Naslund, Steve
Cc: NANOG
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.

On Thu, Nov 29, 2012 at 12:00 PM, Naslund, Steve snasl...@medline.com
wrote:
 ISPs also do not allow strangers to do whatever they want  ISPs have

 responsibilities to act on DCMA notices and CALEA requests from law 
 enforcement.  These are things that Tor exit nodes are not capable of 
 doing.  If you were an ISP and could not respond to CALEA requests, 
 you will find yourself out of business in a big hurry.

Sure, Tor exit nodes are 'capable of doing' those things if a report is
generated that someone's using it to source child porn or terrorist
communications or DMCA violations.  At the most extreme the owner can
shut down a node; they might also put egress filters in place pursuant
to notifications.

Plenty of small ISPs in one sense or another don't comply with CALEA
because they own systems not networks (open access sites, etc).  CALEA
goes to the network providers in those cases, as I understand it.

The Tor owner also might chose to fight it and leave it completely open,
but an ISP might chose to do that in response to certain notices as
well.

This presumes that law enforcement deems them the right place to go
investigating an incident, and notifies them.  But if they seem to be
aware of what Tor is in the US and be generally reasonable in responding
to issues with it, that I know of.


--
-george william herbert
george.herb...@gmail.com

Re: William was raided for running a Tor exit node. Please help if you can.

[George Herbert]

On Thu, Nov 29, 2012 at 12:42 PM, Naslund, Steve snasl...@medline.com wrote:
 The entire point of Tor is to be untraceable back to the source.  Egress
 filters can prevent future abuse but do not provide for tracing back to
 the original source of offending conduct. They are not trying to stop
 the flow of the data in this case, they want the source in jail.  If law
 enforcement comes to you and asks you to show them the source or
 destination on a case like the one in question, you cannot comply and if
 law enforcement asks you to trap this data in the future you will also
 have a problem complying because I think you cannot identify the
 original source.

If you run an open wireless access point and don't log MACs / MAC to
IP DHCP assignments, you are in similar straights.

If they come to you 31 days after the data flow and you retain logs
for 30, you are in similar straights.

If someone faked their wireless MAC and the data in your log is not
definitive, everyone's stymied.

If someone went into a Library and used an open access computer,
there's often no log of who / when.


The assertion being made here, that it's somehow illegal (or immoral,
or scary) for there to be not-completely-traceable internet access in
the US, is absurd.

CALEA doesn't say what you're asserting.  From the First Report and Order:

24. In this section, we find that facilities-based providers of any
type of broadband Internet access
service, including but not limited to wireline, cable modem,
satellite, wireless, fixed wireless, and
broadband access via powerline are subject to CALEA  (
http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-05-153A1.pdf  )

If you're not a facilities-based provider, you aren't covered.



-- 
-george william herbert
george.herb...@gmail.com

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

1. Running open access wireless does not make you legally an ISP and if
your open wireless is used to commit a crime you could be criminally
negligent if you did not take reasonable care in the eyes of the
court.

2. If I provide access to four or five friends, I am not an ISP and in
fact I am responsible if they use my connection to do something illegal
since I am the customer of record.  If you loan your car to an
unlicensed driver and he kills someone, you are on the hook.

3. I guarantee you that if your blogging site, wiki or whatever is
publishing content like child porn, you are going to jail.  There is no
ISP like protections for that.  If you do not take action as soon as
you know a crime is being committed, you are going to get nailed. 

The question in this case would be all about whether the Tor exit node
is viewed as a device specifically enabling a criminal or something that
was incidentally used to commit a crime.  For example, if I give you a
hammer and you break into someone's house with it, I am probably not
criminally negligent.  If I provided you with lock picking equipment and
you are not a locksmith, I might be criminally negligent.  This is not
so clear cut a case that there would not be a fight about it.

Steven Naslund



-Original Message-
From: George Herbert [mailto:george.herb...@gmail.com] 
Sent: Thursday, November 29, 2012 2:06 PM
To: Tom Beecher
Cc: NANOG
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.

On Thu, Nov 29, 2012 at 11:58 AM, Tom Beecher tbeec...@localnet.com
wrote:
 Not really comparable.

 Speaking from a US point of view, ISPs has strong legal protections 
 isolating them from culpability for the actions of their customers. I 
 know internationally things are different, but here in the US the ISP 
 doesn't get dinged, except in certain cases where they are legally 
 required to remove access to material and don't.

 End users have no such protections that I'm aware of that cover them 
 similarly.


 On 11/29/2012 2:50 PM, George Herbert wrote:

 On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher tbeec...@localnet.com
 wrote:

 Assuming it's true, it was bound to happen. Running anything , TOR 
 or otherwise, that allows strangers to do whatever they want is just
folly.

 Such as, say, an Internet Service Provider business?

There are plenty of ISPs with no or little customer contracts; anyone
running open access wireless.  Plenty of open access sites with free
accounts.

And any but the largest ISPs are end users of upstream bandwidth.

The analogy of a small free access ISP and a Tor exit node is legally
defensible.  I know of five, six, seven that I can think of off the top
of my head that are run by people I know, one of whom has started and/or
been architect or operations lead for 5 or more commercial ISPs.

Even more, ISP like protections are extended in the US to many end
user sites such as blogging sites, Wikis, etc; where the site is
publishing content but not creating it or exerting control over it,
etc.

This is US specific, and the case of a user in Austria is entirely
unrelated to US law, but I don't know that this type of response would
hold up in US court for these reasons.  I am going to ping my internet
law contacts in the US and see what they think, as IANAL.


--
-george william herbert
george.herb...@gmail.com

Re: William was raided for running a Tor exit node. Please help if you can.

[George Herbert]

The entire question here is whether CALEA's covered entities
definition and ISP common carrier (not exactly, but the commonly
used term for CDA protections available, see earlier discussion)
definitions overlap.

The answer is no.  It always has been no.  Plenty of publishers and
access providers do not fall under CALEA.  The FCC and law enforcement
are aware of that.  The conflation of the two in this conversation has
not been useful or educational.

What the future might hold is an open question, but for the time
being, CDA protections are available (at least theoretically, or
arguably) for a lot of people for whom CALEA clearly is not
applicable.

CDA protections are available whether you log commenters' IP addresses
on your blog, keep long lasting web acces logs, allow unrestricted
wireless access point access without logging, or what.  Responsibility
under it does not kick in unless you're aware of or notified of an
issue, with some exceptions.  Plenty of sites do not keep logs long
and some do not log.


-george

On Thu, Nov 29, 2012 at 12:59 PM, Naslund, Steve snasl...@medline.com wrote:
 1. Running open access wireless does not make you legally an ISP and if
 your open wireless is used to commit a crime you could be criminally
 negligent if you did not take reasonable care in the eyes of the
 court.

 2. If I provide access to four or five friends, I am not an ISP and in
 fact I am responsible if they use my connection to do something illegal
 since I am the customer of record.  If you loan your car to an
 unlicensed driver and he kills someone, you are on the hook.

 3. I guarantee you that if your blogging site, wiki or whatever is
 publishing content like child porn, you are going to jail.  There is no
 ISP like protections for that.  If you do not take action as soon as
 you know a crime is being committed, you are going to get nailed.

 The question in this case would be all about whether the Tor exit node
 is viewed as a device specifically enabling a criminal or something that
 was incidentally used to commit a crime.  For example, if I give you a
 hammer and you break into someone's house with it, I am probably not
 criminally negligent.  If I provided you with lock picking equipment and
 you are not a locksmith, I might be criminally negligent.  This is not
 so clear cut a case that there would not be a fight about it.

 Steven Naslund



 -Original Message-
 From: George Herbert [mailto:george.herb...@gmail.com]
 Sent: Thursday, November 29, 2012 2:06 PM
 To: Tom Beecher
 Cc: NANOG
 Subject: Re: William was raided for running a Tor exit node. Please help
 if you can.

 On Thu, Nov 29, 2012 at 11:58 AM, Tom Beecher tbeec...@localnet.com
 wrote:
 Not really comparable.

 Speaking from a US point of view, ISPs has strong legal protections
 isolating them from culpability for the actions of their customers. I
 know internationally things are different, but here in the US the ISP
 doesn't get dinged, except in certain cases where they are legally
 required to remove access to material and don't.

 End users have no such protections that I'm aware of that cover them
 similarly.


 On 11/29/2012 2:50 PM, George Herbert wrote:

 On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher tbeec...@localnet.com
 wrote:

 Assuming it's true, it was bound to happen. Running anything , TOR
 or otherwise, that allows strangers to do whatever they want is just
 folly.

 Such as, say, an Internet Service Provider business?

 There are plenty of ISPs with no or little customer contracts; anyone
 running open access wireless.  Plenty of open access sites with free
 accounts.

 And any but the largest ISPs are end users of upstream bandwidth.

 The analogy of a small free access ISP and a Tor exit node is legally
 defensible.  I know of five, six, seven that I can think of off the top
 of my head that are run by people I know, one of whom has started and/or
 been architect or operations lead for 5 or more commercial ISPs.

 Even more, ISP like protections are extended in the US to many end
 user sites such as blogging sites, Wikis, etc; where the site is
 publishing content but not creating it or exerting control over it,
 etc.

 This is US specific, and the case of a user in Austria is entirely
 unrelated to US law, but I don't know that this type of response would
 hold up in US court for these reasons.  I am going to ping my internet
 law contacts in the US and see what they think, as IANAL.


 --
 -george william herbert
 george.herb...@gmail.com




-- 
-george william herbert
george.herb...@gmail.com

Re: William was raided for running a Tor exit node. Please help if you can.

[Jim Mercer]

On Thu, Nov 29, 2012 at 01:19:19PM -0600, Naslund, Steve wrote:
 I think the best analogy I would use in defense is something like the
 pre-paid cellular phones that are sold.  That is about the only
 anonymous communications service I can think of off the top of my head.
 Problem is that most people are not licensed carriers and may not be
 able to hide behind that protection.  

if your phone is stolen and used by a drug dealer, i'm pretty sure the cops
would not be after you for anything the dealer did.

if you stand on the corner with a sign saying free cell phone airtime,
just ask me, they might take a different view on things.

now, whether you are guilty of anything or not, by standing there with a sign
you are certainly opening yourself to legal inquiry, delay and hassle.

i wouldn't be surprised if the cops didn't accept your i'm just letting
people use my phone, i've got nothing to do with their activities defence,
at least not without poking about for a bit, which might include looking
at your cellphone, your home phone, your bank records, and anything else
they think (and a judge agrees) might need viewing to clear you.

-- 
Jim Mercer Reptilian Research  j...@reptiles.org+1 416 410-5633
He who dies with the most toys is nonetheless dead

Re: William was raided for running a Tor exit node. Please help if you can.

[Robert Bonomi]

 Date: Thu, 29 Nov 2012 15:26:57 -0500
 From: Tom Beecher tbeec...@localnet.com
 Subject: Re: William was raided for running a Tor exit node. Please help if
  you can.

 Communications Decency Act, 47 U.S.C.  230 is the US law that has been 
 interpreted to provide immunity to ISP for the actions of their users.

It is worth noting that 47 U.S.C. 230 provides _limited_ protections, only.
Broad protection, but limited.  It says that a provider shall not 'be 
treated as author' for material provided by someone else.

This of little-to-no help with regard to kiddie porn, since distribution, 
and even 'mere' possession,  are crimes -- independant of authorship.

Re: William was raided for running a Tor exit node. Please help if you can.

[Tom Beecher]

47 U.S.C. 230 doesn't do much for child porn, no. However, PROTECT does.

PROTECT spells out reporting, but also contains safe harbor provisions such 
that an ISP who didn't know that child porn was being transmitted across their 
network cannot be prosecuted for not knowing, only for not taking the required 
reporting/preservation/destruction actions as required by law.

And in practice, the process is:
On 11/29/2012 5:06 PM, Robert Bonomi wrote:

Date: Thu, 29 Nov 2012 15:26:57 -0500
From: Tom Beecher tbeec...@localnet.com
Subject: Re: William was raided for running a Tor exit node. Please help if
  you can.

Communications Decency Act, 47 U.S.C.  230 is the US law that has been
interpreted to provide immunity to ISP for the actions of their users.

It is worth noting that 47 U.S.C. 230 provides _limited_ protections, only.
Broad protection, but limited.  It says that a provider shall not 'be
treated as author' for material provided by someone else.

This of little-to-no help with regard to kiddie porn, since distribution,
and even 'mere' possession,  are crimes -- independant of authorship.

RE: William was raided for running a Tor exit node. Please help if you can.

[Michael Froomkin - U.Miami School of Law]

On Thu, 29 Nov 2012, Naslund, Steve wrote:


1. Running open access wireless does not make you legally an ISP and if

OK.


your open wireless is used to commit a crime you could be criminally
negligent if you did not take reasonable care in the eyes of the
court.

I believe this is incorrect under US law.  Do you have any support, 
statutory or case law, for this claim?



2. If I provide access to four or five friends, I am not an ISP and in
fact I am responsible if they use my connection to do something illegal
since I am the customer of record.  If you loan your car to an
unlicensed driver and he kills someone, you are on the hook.



The key word above is unlicensed.  And the other key word -- not present 
-- is knowingly.  But the analogy breaks down because you don't need a 
license to use the Internet.  Consequently, in most cases you will not 
know, and cannot reasonably be expected to know, about legal 
violations.   If you let your buddy use your home wireless while he's 
staying with you for the weekend, and he commits, say, a fraud, or 
blackmails someone, you are not legally responsible for any of it unless 
you participated knowingly in some way.  Of course, that you didn't know 
may be hard and expensive and unpleasant to try to prove, but that's a 
different question.



3. I guarantee you that if your blogging site, wiki or whatever is
publishing content like child porn, you are going to jail.  There is no


Child porn is an unusual strict liability crime.  If you publish or possess 
it, even unknowingly, you face real risks.  As a practical matter most 
prosecutors do not bring cases against innocent victims (e.g. someone on 
AOL who gets an evil popup unexpectedly).  In theory maybe they could, but 
I suspect they don't really want the test case.



ISP like protections for that.  If you do not take action as soon as
you know a crime is being committed, you are going to get nailed.

The question in this case would be all about whether the Tor exit node
is viewed as a device specifically enabling a criminal or something that


I do not think that would be the analysis under US law at all. The first 
question is mens rea.  We do not charge the car rental company with 
something if its car is used to rob a bank -- unless they knew in advance 
that was the plan.  Cars enable criminals too.



was incidentally used to commit a crime.  For example, if I give you a
hammer and you break into someone's house with it, I am probably not
criminally negligent.  If I provided you with lock picking equipment and
you are not a locksmith, I might be criminally negligent.  This is not


The term criminally negligent really has no role here.  Negligence is in 
most cases a civil not a criminal offense.  There are specific crimes. 
There is aiding and abetting.  There may be criminal negligence in 
unrelated cases where you have a duty to secure something or protect (or 
not harm) someone and fail to do so (e.g. you leave your car in a position 
to roll downhill and it hurts someone, or you are willfully blind to a 
danger to child for whom you should be caring, or you act with such 
inattention so as to kill someone).  But in the USA ***you have no legal 
duty to secure your wireless***.  None.  You can leave it open, just as 
you can leave your window open and let people enjoy what you are playing 
on your stereo (modulo public nuisance law, and copyright rules against 
some types of unlicensed public performance).  Thus there can be no 
negligence in leaving it open, at least absent specific knowledge that a 
person intends to do a specific thing.



so clear cut a case that there would not be a fight about it.

Steven Naslund



[...]

--
A. Michael Froomkin, http://www.law.tm Blog: http://www.discourse.net
Laurie Silvers  Mitchell Rubenstein Distinguished Professor of Law
Editor, Jotwell: The Journal of Things We Like (Lots),  jotwell.com
U. Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA
+1 (305) 284-4285  |+1 (305) 284-6506 (fax)  |  froom...@law.tm
   --It's warm here.--

Re: William was raided for running a Tor exit node. Please help if you can.

[Miles Fidelman]

Michael Froomkin - U.Miami School of Law wrote:



2. If I provide access to four or five friends, I am not an ISP and in
fact I am responsible if they use my connection to do something illegal
since I am the customer of record.  If you loan your car to an
unlicensed driver and he kills someone, you are on the hook.



The key word above is unlicensed.  And the other key word -- not 
present -- is knowingly.  But the analogy breaks down because you 
don't need a license to use the Internet.  Consequently, in most cases 
you will not know, and cannot reasonably be expected to know, about 
legal violations.   If you let your buddy use your home wireless while 
he's staying with you for the weekend, and he commits, say, a fraud, 
or blackmails someone, you are not legally responsible for any of it 
unless you participated knowingly in some way.  Of course, that you 
didn't know may be hard and expensive and unpleasant to try to prove, 
but that's a different question.


Ummm... you might be liable under your service agreement with your ISP.  
Most of these have all kinds of restrictive clauses re. not letting 
others use your connection, copyright infringement, assumption of 
liability, yada, yada, yada.  We all violate these, all the time, but 
there are times when that might catch up with someone.


The term criminally negligent really has no role here. Negligence is 
in most cases a civil not a criminal offense.  There are specific 
crimes. There is aiding and abetting.  There may be criminal 
negligence in unrelated cases where you have a duty to secure 
something or protect (or not harm) someone and fail to do so (e.g. you 
leave your car in a position to roll downhill and it hurts someone, or 
you are willfully blind to a danger to child for whom you should be 
caring, or you act with such inattention so as to kill someone).  But 
in the USA ***you have no legal duty to secure your wireless***.  
None.  You can leave it open, just as you can leave your window open 
and let people enjoy what you are playing on your stereo (modulo 
public nuisance law, and copyright rules against some types of 
unlicensed public performance).  Thus there can be no negligence in 
leaving it open, at least absent specific knowledge that a person 
intends to do a specific thing.




You may have a civil liability to secure your wireless under the 
terms-of-service agreement with your Internet provider.  Well, maybe not 
to secure your wireless but to prevent unauthorized use of your 
connection to the service provider - which could be accomplished in 
other ways.


Miles Fidelman



--
In theory, there is no difference between theory and practice.
In practice, there is.    Yogi Berra

Re: William was raided for running a Tor exit node. Please help if you can.

[Michael Painter]

Naslund, Steve wrote:

1. Running open access wireless does not make you legally an ISP and if
your open wireless is used to commit a crime you could be criminally
negligent if you did not take reasonable care in the eyes of the
court.


Related:

https://www.eff.org/deeplinks/2012/07/judge-copyright-troll-cant-bully-internet-subscriber-bogus-legal-theory 

http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2035633 

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

You are correct about most people not falling under CALEA.  That also
means that they do not have the safe harbor provisions provided to
facilities based providers (however an open wireless hotspot MIGHT just
make you a wireless facilities based provider).  You are not under an
obligation to provide data under CALEA but a court can order you collect
that data going forward, allow LE to tap a device, or just seize the
server to study it anytime they feel you may have evidence of a crime.
A court can seize almost anything from anyone as long as a judge thinks
it is a reasonable search and seizure.  If you provide someone with any
kind of tools or services (free or not) you are opening yourself up to a
liability.  If you are in physical possession of a server that contains
kiddie porn you are likely to go to jail.  I am not saying this Tor
server has data like that onboard (but I suppose there could be caches,
temp files, and such) but they are going to look until they understand
it.  You may very well be able to defend your right to a Tor server but
it is certainly going to cost you a lot of money and I am sure it is
going to be uncomfortable to explain why you want to have one to a judge
when LE explains all the evil uses for one.

When it comes to running an open access point, I think the legal issue
would be negligence.  Is it negligence for the 90 year old grandma to
have an open AP (probably not, just didn't know better)?  Is it
negligence for me to have an open AP (probably, I am a network
professional and know how to secure a network).

As a long time service provider I can tell you that a lot of CALEA
enforcement has to do with good faith more than the letter of the law.
If your policy is to delete logs after 30 days and the cops show up on
day 31, no big deal.  If they show up at day 5 and you say you dump your
logs at day 4, expect to get grilled.  They can tell real quick if you
are cooperating to the best of your ability.  In the early Internet
days, before the CALEA applied to ISPs I had to try to work with LE to
comply with court orders and often we explained the technology and
limitations of it to the FBI.  We were even involved in expert testimony
to explain how this Internet Stuff worked.  Often we did not have the
data they wanted but there were ways to get it for an ongoing
investigation.  Our policy was to not provide specific data without a
court order but we would begin collecting it as soon as a LE agent told
us they were going to try to obtain it.  It was just a professional
courtesy to them.  I know there is a big counter-culture, no big
brother, no regulation attitude toward a lot of Internet issues but I
have seen some sick cases involving emailed threats (later carried out)
and kids that made me give the law the benefit of the doubt in a lot of
cases.  There are lots of evil people out there and the Internet is a
big tool for them.

I have no statistics to back this up (and no one probably does) but with
my many years of experience in engineering ARPANET, MILNET, and the
Internet I would have to guess that most Tor servers are used for no
good much more than they are protecting anyone's privacy.  I am guessing
that a ton of the Tor traffic is likely to be BitTorrent that is just as
likely copyrighted material.  That does not mean that Tor or BitTorrent
is evil but as network professionals we all know (wink, wink) what that
kind of stuff is really mainly used for. That probably does not affect
your legal rights to have a Tor server but certainly affects my decision
to donate to your defense if you get in a legal case.

This is certainly an interesting discussion and I think there are not a
lot of concrete answers since this is on the edge of technology law.  I
do think history shows us that while the government lags behind, they
will eventually find a way to control this if it suits them and becomes
a source of pain for them.

Done with this subject, sorry for the long windedness 

Steven Naslund



-Original Message-
From: George Herbert [mailto:george.herb...@gmail.com] 
Sent: Thursday, November 29, 2012 2:53 PM
To: Naslund, Steve
Cc: NANOG
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.

On Thu, Nov 29, 2012 at 12:42 PM, Naslund, Steve snasl...@medline.com
wrote:
 The entire point of Tor is to be untraceable back to the source.  
 Egress filters can prevent future abuse but do not provide for tracing

 back to the original source of offending conduct. They are not trying 
 to stop the flow of the data in this case, they want the source in 
 jail.  If law enforcement comes to you and asks you to show them the 
 source or destination on a case like the one in question, you cannot 
 comply and if law enforcement asks you to trap this data in the future

 you will also have a problem complying because I think you cannot 
 identify the original source.

If you run an open wireless access point and don't log MACs / MAC to IP
DHCP 

RE: William was raided for running a Tor exit node. Please help if you can.

[Michael Froomkin - U.Miami School of Law]

On Thu, 29 Nov 2012, Naslund, Steve wrote:

[...]


When it comes to running an open access point, I think the legal issue
would be negligence.  Is it negligence for the 90 year old grandma to
have an open AP (probably not, just didn't know better)?  Is it
negligence for me to have an open AP (probably, I am a network
professional and know how to secure a network).



In order for there to be a civil claim of negligence there must be, inter 
alia, a breach of duty.


What duty has been breached in your scenario?  None.

[...]


This is certainly an interesting discussion and I think there are not a
lot of concrete answers since this is on the edge of technology law.  I


Actually some of us have been teaching and writing about this stuff since 
the mid 1990s.  These issues are far from new; we went through them in the 
early anonymous remailer days.


relurk

--
A. Michael Froomkin, http://www.law.tm Blog: http://www.discourse.net
Laurie Silvers  Mitchell Rubenstein Distinguished Professor of Law
Editor, Jotwell: The Journal of Things We Like (Lots),  jotwell.com
U. Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA
+1 (305) 284-4285  |+1 (305) 284-6506 (fax)  |  froom...@law.tm
   --It's warm here.--

Re: William was raided for running a Tor exit node. Please help if you can.

[Will Hargrave]

On 29 Nov 2012, at 20:53, George Herbert george.herb...@gmail.com wrote:

 The assertion being made here, that it's somehow illegal (or immoral,
 or scary) for there to be not-completely-traceable internet access in
 the US, is absurd.

The real issue here is *not* the legality of the act of providing a Tor exit 
node, or an open access point, or anything else. In sensible countries that is 
perfectly legal. The problem here is the reality of undergoing a criminal 
investigation. 

Think carefully about the impact of having everything in your life which runs 
an operating system taken away. Phones. Tablet. Laptop. Servers. All portable 
drives, data. If you rely on that hardware for your income (and who doesn't?) 
you're going to have to buy all of that again. And restore your data, if you 
are able. 


-- 
Will

Re: William was raided for running a Tor exit node. Please help if you can.

[Kyle Creyts]

On Thu, Nov 29, 2012 at 2:00 PM, Jim Mercer j...@reptiles.org wrote:
 On Thu, Nov 29, 2012 at 01:19:19PM -0600, Naslund, Steve wrote:
 I think the best analogy I would use in defense is something like the
 pre-paid cellular phones that are sold.  That is about the only
 anonymous communications service I can think of off the top of my head.
 Problem is that most people are not licensed carriers and may not be
 able to hide behind that protection.

 if your phone is stolen and used by a drug dealer, i'm pretty sure the cops
 would not be after you for anything the dealer did.

 if you stand on the corner with a sign saying free cell phone airtime,
 just ask me, they might take a different view on things.

 now, whether you are guilty of anything or not, by standing there with a sign
 you are certainly opening yourself to legal inquiry, delay and hassle.

 i wouldn't be surprised if the cops didn't accept your i'm just letting
 people use my phone, i've got nothing to do with their activities defence,
 at least not without poking about for a bit, which might include looking
 at your cellphone, your home phone, your bank records, and anything else
 they think (and a judge agrees) might need viewing to clear you.

A few questions this thread raises for me: you are a very trusting
person, and frequently let people borrow your things. A friend
frequently borrows your phone, which he explains is because he:

 a) frequently lets his phone die, or has run close to using too many minutes.

  You frequently allow him (and other people) to borrow your phone. At
some point, it becomes clear that his life has taken a turn for the
worse, and he has become involved in activities of which you do not
approve. You stop allowing him to use your phone. During a criminal
investigation of your friend's activities, it later becomes clear that
for some time he was using it for illegal activities.

  At what point did allowing him to use your phone become illegal, and
how should a responsible citizen rationally realize or identify this
point?

  How can one be reasonably sure that one knows another person well
enough to allow them to use one's equipment/resources? When do you
become responsible for the activity of someone else on your equipment?
Clearly always is not correct; similarly, never is also not
correct.


 b) (most analogous to the actual situation) has a [legitimate?]
reason for wanting to avoid the entity he calls having, being able to
predict, see, or otherwise link some information he wishes to give
them with some information he does not wish to give them (for example,
his phone number [1])

  Upon this pretense, which seems fairly reasonable, you allow him
access to your phone. In order to enable this pursuit (so that this
phone number cannot be attached to a pattern of activity), you also
allow others to use your phone for similar reasons. You consider such
activity correlation/tracking and data mining to be a violation of
privacy (explicitly with regard to data-mining and activity tracking
performed in pursuit of selling this data for profit).


Now arguably, in the second case, you are operating this service
with an explicitly altruistic intent. IF you are not informed about
the mechanics of this process, and you are unaware of the issues this
creates for law enforcement entities in identifying criminals, what
constitutes wrongdoing? If you are not aware of criminal uses of your
service which is entirely free and only intended for avoiding
data-miners, are you still accountable for the activities of those
using it? Why? At what point do you accept or acquire this
responsibility? How is this different from operating a party line
shared by an apartment building or phone bridge with external calling
ability?


I am curious about the impact of the nuances of each of these situations.

[1] he is paranoid, and doesn't like the pizza place associating his
address with his phone number, or perhaps he is calling someone who
collects marketing data and attempts to data-mine his activity, or
some other more legitimate, applicable and realistic take on
appropriate cases for desiring anonymity in such a transaction


 --
 Jim Mercer Reptilian Research  j...@reptiles.org+1 416 410-5633
 He who dies with the most toys is nonetheless dead




-- 
Kyle Creyts

Information Assurance Professional
BSidesDetroit Organizer

Re: William was raided for running a Tor exit node. Please help if you can.

[Owen DeLong]

Yes, but if you are operating a TOR node, it's not entirely clear to me that 
you are not actually an ISP (whether you
realize that or not).

You are, after all, providing a form of internet access to non-paying customers.

Owen

On Nov 29, 2012, at 11:58 , Tom Beecher tbeec...@localnet.com wrote:

 Not really comparable.
 
 Speaking from a US point of view, ISPs has strong legal protections isolating 
 them from culpability for the actions of their customers. I know 
 internationally things are different, but here in the US the ISP doesn't get 
 dinged, except in certain cases where they are legally required to remove 
 access to material and don't.
 
 End users have no such protections that I'm aware of that cover them 
 similarly.
 
 On 11/29/2012 2:50 PM, George Herbert wrote:
 On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher tbeec...@localnet.com wrote:
 Assuming it's true, it was bound to happen. Running anything , TOR or
 otherwise, that allows strangers to do whatever they want is just folly.
 Such as, say, an Internet Service Provider business?
 
 ...
 
 

Re: William was raided for running a Tor exit node. Please help if you can.

[Joakim Aronius]

* Patrick W. Gilmore (patr...@ianai.net) wrote:
 On Nov 29, 2012, at 12:58 , Barry Shein b...@world.std.com wrote:
  It would seem like they'd have to confiscate the equipment at every
  Starbucks in their jurisdiction, which could be every one in the US
  for example.
 
 They didn't confiscate every Tor exit node in the US once they found 
 something nefarious emanating from one.
 
Lets assume that some child pr0n dealer used this Tor exit node, is it not 
reasonable if the police wants to see if there are logs that make it possible 
to catch the sleazebag? Should LE ignore crime if it originates from a network 
which operates a Tor exit node? 

I am all for being anonymous on the net but I seriously believe that we still 
need to enforce the law when it comes to serious felonies like child pr0n, 
organized crime etc, we can't give them a free pass just by using Tor. I dont 
think it should be illegal to operate a Tor exit node but what just happened 
could be a consequence of doing it.

Of course they might not know abot Tor and believes that it is Mr Williams that 
is the bad guy. 

/J

Re: William was raided for running a Tor exit node. Please help if you can.

[Michael Painter]

Joakim Aronius wrote:
Lets assume that some child pr0n dealer used this Tor exit node, is it not reasonable if the police wants to see if 
there are
logs that make it possible to catch the sleazebag? Should LE ignore crime if it originates from a network which operates 
a Tor

exit node?

I am all for being anonymous on the net but I seriously believe that we still need to enforce the law when it comes to 
serious
felonies like child pr0n, organized crime etc, we can't give them a free pass just by using Tor. I dont think it should 
be

illegal to operate a Tor exit node but what just happened could be a 
consequence of doing it.

Of course they might not know abot Tor and believes that it is Mr Williams that 
is the bad guy.

/J


Wouldn't Austrian LEA need possession/knowledge of this pr0n site in order to determine the exit node that was using it?