Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
Hi! On Fri, Nov 30, 2012 at 2:09 PM, Naslund, Steve snasl...@medline.com wrote: Remember, they did not raid the Tor exit node. They raided the home of the guy running the Tor exit node. Way different. I can probably explain that. We were running a Tor exit node in Slovenia (neighboring country of Austria, EU too). We had Tor exit node on collocation at local ISP and the collocation was on friend's name (not on some legal entity). Twice they came to his home in early hours with warrant for all computer equipment he has at home. Once because somebody was using Tor for blackmailing, the second time for child pornography. Why they came to his home? I believe the reason is simple: they have IP, they write to ISP something like Who is your client who had that and that IP at that and that time? ISP responds: This is X Y, living there and there and + some other personal information they have on who this person is. Criminal investigators go to the judge and say We need a warrant for this and this person at this and this location. They get one and they come to visit you in early morning hours. In both cases he just had to explain that: 1) this IP is at collocation and not at that location and 2) that it is a Tor exit node and we do not keep any logs of activity through it. 1) tells makes their warrant invalid and you move from being a suspect (they had in mind that you are using your own home connection to do something illegal, this is the highest probability based on their information) to a witness (you are server admin and it is higher probability that some your user did something illegal). 2) tells them that even if you are a witness, you are worthless witness: you do not have typical users and services, and you are not even logging anything. For most services you are not really required to log anything. Running Tor is not illegal. Having logs for it also not required. They left without taking anything and he hasn't heard from them afterwards (this was few years ago). It might be because both cases were international (Interpol) so for local investigators it was the easiest to just write: it was Tor exit nodes, no logs possible to obtain, case closed. And move on with their lives. If it would be some local thing with a very motivated investigator they might not believe him and would still confiscate equipment. But from a point when they discover that their warrant is probably wrong they are on thin ice as obviously IP was physically somewhere else. It might be that in this case of a guy from Austria he didn't know that it raid is for Tor node but he thought that it might be for something else and just later on discovered that. Or that they simply didn't listen to or believe him. Probably it depends on how you communicate with investigators and your language skills. Mitar ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
Hi! On Sat, Dec 1, 2012 at 12:29 AM, Mitar mmi...@gmail.com wrote: It might be that in this case of a guy from Austria he didn't know that it raid is for Tor node but he thought that it might be for something else and just later on discovered that. Or that they simply didn't listen to or believe him. Probably it depends on how you communicate with investigators and your language skills. From this: http://raided4tor.cryto.net/ It seems that I had to have a co-worker get me the phone number of the lawyer, who advised me not to say anything was not the best advice given, according to what I wrote before. Mitar ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Sorry, you are not using Tor
There is a resource for which I need to be in Aus, so I put Exitnodes {au} in my torrc using the advanced settings editor (and can't get that line OUT of my torrc now). The ONLY exit node Tor could find was BGC. Hitting Use a New Identity kept giving me only the BGC exit node 202.189.69.158, and the checktor site kept saying, 'Sorry, you are not using Tor' BGC shows up in the Show the Network as a valid Tor node, but not at Checktor. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
OK, I get it. I think my BS detector is set to high today. I am just really suspicious that this guy that runs an large ISP can't at least wait until there are charges before all the uproar. I think if the cops came and seized my home PCs right now I would probably give them the time to look at them, realize there is nothing there, and give them back to me before freaking out completely. I would be wondering what was going on but probably not raising a defense fund. Steve -Original Message- From: Peter Kristolaitis [mailto:alte...@alter3d.ca] Sent: Friday, November 30, 2012 4:21 PM To: na...@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can. I didn't say anything about trying to run away. That probably won't accomplish a whole lot in the long run. But when all of your bank accounts and credit cards are frozen, and your house is a crime scene, at least you have the means to rent a hotel room, contact family/lawyers, etc. And no, I'm not OK with people keeping any money that was donated for a specific purpose in excess of what was actually used. You'd hope that he'd be a good guy about it and give back the portion that wasn't used, or clearly state that any excess will go to charity or something. However, there's no such guarantee (short of doing it through a trust fund with his lawyer), and just like any philanthropic venture, it's up to each donor choose when/if they'll help out. It's just like Kickstarter -- you hope to get something good out of it, but if it bombs, well... you pay your money and you take your chances. - Pete On 11/30/2012 05:02 PM, Naslund, Steve wrote: OK, there must be a lot more paranoid people out there than I thought there were. I personally don't have a runaway kit stashed away. I will get right on that. So when that mouth breather cop won't believe you are innocent, your answer is to grab your stuff and go on the lamb for awhile? I am sure he will let you out to go to the bank, get your stuff, and leave town. I think you have seen way to many movies. So if the cops show up at his door tomorrow and say Here's all your stuff back, there was no evidence of a crime., you are OK with this guys keeping the defense fund? Steve -Original Message- From: Peter Kristolaitis [mailto:alte...@alter3d.ca] Sent: Friday, November 30, 2012 3:53 PM To: na...@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can. On 11/30/2012 04:01 PM, Naslund, Steve wrote: I am a little concerned that this guy keeps a safe deposit box with a burner phone and cash around. Is he a CIA agent? :) Anyone who DOESN'T have such things stashed away somewhere is, IMHO, incredibly naive and taking on quite a large amount of risk. The likelihood (and hope) is that you'll never need it. But on the off chance that you get f***ed by the legal system because of some power hungry, mouth-breather cop who can't/won't understand that you've done nothing wrong -- or worse, that you're easily provably within the law, but he believes that you're not and drags you through the process anyways -- you'll be very happy that you stashed away that old unlocked cell phone, old laptop, change of clothes and cash. I'm a (legal) firearms owner... up here in Canada, where some previous governments enacted extreme anti-gun legislation, that pretty much means that if I so much as sneeze in a way that a cop doesn't like, I can have my life ruined pretty damned fast (not quite, but really close). I wouldn't bet against me having an excrement-hitting-the-oscillator stash like this guy does. ;) (Note: I don't mean to imply that all cops are power hungry mouth-breathers intent on destroying the lives of citizens. Most cops are fundamentally good people and do a great job. But like every other profession, there ARE bad cops out there, and it's within the realm of possibility that you'll deal with one of them one day.) Why would I donate to his legal defense when he has not been charged yet? A little premature, no? If you think that legal costs in a criminal case only start when you've been formally charged, you're grossly misinformed. At what point you personally decide to donate is one thing, but implying that someone doesn't need a defense fund prior to charges being laid is a bit naive about how the process works. - Pete ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
I might be reading this the wrong way but it looked to me like the cops raided his home and the Tor server is hosted off site with an ISP. That is what is bugging me so much. The cops raided his house, not the location of the server. If they had tracked the server by its IP it would have led to the hoster, not his home. They could have gotten his address as the account holder but the ISP would have known that the Tor server was at their site not his home. The IP would not track to his residence. Something is not the full story here or I am misreading his interview. I have seen some of the warrants due to child porn cases. They tend to be very sweeping and usually specify recordable media and data processing equipment. That is admittedly broad but the cops usually do not have forensic computer guys on site so they try to grab it all. It is not right but that is how it currently works. Anything else requires the expertise on site to search the equipment where it is. Most cops don't know a PC from a router, from a switch. It all goes. Steven Naslund -Original Message- From: William Herrin [mailto:b...@herrin.us] Sent: Friday, November 30, 2012 4:21 PM To: Jimmy Hess Cc: NANOG list Subject: Re: William was raided for running a Tor exit node. Please help if you can. On Fri, Nov 30, 2012 at 4:46 PM, Jimmy Hess mysi...@gmail.com wrote: On 11/29/12, William Herrin b...@herrin.us wrote: If the computer at IP:port:timestamp transmitted child porn, a warrant for all computers is also too broad. Computers which use said IP As you know, there may always be some uncertainty about which computer was using a certain IP address at a certain time -- the computer assigned that address might have been off, with a deviant Or more likely behind a NAT device where the address which presents is the NAT device. But the police won't know that until they search. Until they search they have no factual basis for the presumptions either that more than one computer was associated with the activity or that it isn't possible to readily identify which computer was involved. That Tor node was probably on a static IP address and was probably on the same static IP address at the time of the alleged activity. Reasonable suspicion doesn't mean Bob thinks you did it, it means that there's a trail of facts which lead *directly* to the evidence you seek permission to seize. The trail to child porn doesn't include the right to seize the stack of John Denver music and while it might include the right to search the shelf of DVDs it doesn't include the right to seize the ones produced by Disney. The right to search your computer and the right to seize it are not at all the same thing. Practically speaking, right now the police are going to seize all your computers. But keep watching. Some time in the next decade or two warrants will start to get quashed for failing to specify (by parameters) *which* computer they were looking for. As computers become more central to our lives it will probably come out that they have the right to duplicate your hard drives and other read/write media but don't have a right to take the originals unless they observe warrant-covered material *on* the computer while searching. Regards, Bill Herrin -- William D. Herrin her...@dirtside.com b...@herrin.us 3005 Crane Dr. .. Web: http://bill.herrin.us/ Falls Church, VA 22042-3004 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] tor based website
I would like to find a helping hand in giving me step by step instructions on how to build a Tor based Simple Machines Forum w/ 3D-Cart and other flattering domain building software for my vendors product description pages with pictures if the service provides a picture. my site specializes in all types of products from encrypted multi-phone number cell phones to wholesale hewlett packard products. Everything from computers and scanners to medical office supplies. i also found grreat suliers for IBM, DELL, Asus, Toshibi, Samsung and Apple products. We sell satelllites which can send and receive data. 8000 channells in total alongside a dvd burner to burn your favorite shows and movies. The satellites come in multiple sizes. also specialize in trading goods and other goods you can think of. Any product and we probably have it. This is why I need to maintain anonymous here. are there any servers you can think of besides apache which cover encryption, VPN cabiliities, TOR ready and proxy-chain compatibalities... i need enough storage for my web traffic which i think will be high. i was reading one Onion site which offered a private service and they mentioned that they have more than one server. Should i get two, one for incoming traffic and the other for outgoing data all onto my server or servers. I want one thats easy to configure once i get its software up on the computer screen. i cannot risk my anonymity being broken here as of all the products and services i provide on the site and thread. I'd say its a 18-21 plus site so its invite only i just don't know where to get started with the TOR part, hence why I haven't even started to build my forum incase i need to put the URLs into the tor config so it can turn it into its famous onion codex. where should i start. Also, should i purchase a 5 dollar VPN for my laptop. My laptop is running slow but will still remain completely working after tomorrow when I get it fixed up from a microsoft windows specialist... i need someone whose had exerience with seeing this done first hand in the past. there's a marketplace online called Silk Road Anonymous Marketplace which grossed 22 million dollars in sales in just one year. also, as the forum owner and administrator how do i make money if im not vending. Like, how do the guys who made Silk Road get their income? commission with each of their reliable vendors? is 25% commission the right amount to ask for? isnt that average? anyways, I'll keep it this short for now and write you more once i get a better idea! can't wait to start creating! best regards, - Ed Sullivan p.S. Sorry bout all the spelling errors and capitals, etc... I'm using a 2003 LG Lotus to write up this e-mail so i didn't put full effort into editing as you can see. :) hope to hear from you today or soon, thanks again... ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
- Original Message - From: Barry Shein Sent: 12/01/12 12:48 AM To: Joakim Aronius Subject: Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can. On November 30, 2012 at 08:18 joa...@aronius.se (Joakim Aronius) wrote: I am all for being anonymous on the net but I seriously believe that we still need to enforce the law when it comes to serious felonies like child pr0n, organized crime etc, we can't give them a free pass just by using Tor. I dont think it should be illegal to operate a Tor exit node but what just happened could be a consequence of doing it. Yeah, next they'll let just anyone walk down the sidewalk without identifying themselves. And those are public sidewalks paid for by tax dollars! Or drop a few coins in a public telephone (I know, a little dated, but they exist) w/o id and commit some crime! I think some here need to reflect on what they're saying. Sure, it'd be better to stop bad guys, but this has always been the problem in a free society, you can't just put draconian rules on everyone else because otherwise some bad guy might not be immediately and easily identified. This was the sort of reaso ning they used in the Soviet Union to make it very difficult to get access to a photocopy machine (ask someone who lived there, it was practically like buying a firearm in the US.) We're all (well most of us) glad that law enforcement does its job, but even the US Constitution (3rd amendment) bothered to state: No Soldier shall, in time of peace be quartered in any house, without the consent of the Owner, nor in time of war, but in a manner to be prescribed by law. It's only an analogy but I think it's clear, if we're protected from being forced to provide food shelter directly to soldiers presumably defending our lives and country the principle as it pertains to being required to do whatever law enforcement dreams up to catch bad guys is pretty clear. As a principle -- Note: I am NOT making a legal point! Ok, grab onto that manner prescribed by law, but remember that it said in time of war. None of what we're discussing is relevant to any war (except as politicians to ss around the war on this or that.) Of course they might not know abot Tor and believes that it is Mr Williams that is the bad guy. /J Sure, but I assume he told them that :-) -- -Barry Shein The World | b...@theworld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool Die | Public Access Internet | SINCE 1989 *oo* ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk You need to get rid of a helluva ton of laws before you begin allowing LEA to go out in-FORCING. Check out Louisiana and its status as the state with the highest rate of incarcerating its citizens. But more importantly, check out the lobbying that goes on to defeat almost every measure that would cut crime, so that crime increases. Private business prisons, need customers. One easy way to get more, is to pass more laws that can effectively, and easily make it possible for more people to become criminals, by law! That, is what Obama and Romney both mean when they say, America, a country that lives by the rule of law! The hot-button of CP is akin to suspending gravity because one child falls off a roof. If you suspend it for one, then everyone else falls off the planet, or in this case through the cracks and into the hands of the law, who are always breaking the law! Thus, you take away the rights of everyone, for one example, which in a way, is a one time affair. But the loss of liberties is forever. Control your children and stop controlling or trying to control everyone else. See what kind of monster you have begat when your controlled children can finally leave home! Some will immediately go to war, killing other poor people for a paycheck. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if
OK, I get it. I think my BS detector is set to high today. I am just really suspicious that this guy that runs an large ISP can't at least wait until there are charges before all the uproar. I think if the cops came and seized my home PCs right now I would probably give them the time to look at them, realize there is nothing there, and give them back to me before freaking out completely. I would be wondering what was going on but probably not raising a defense fund. You do realize that it is completely common for looking at them to take months. This is a big thing to people in this community, because the police will happily come and confiscate the tools you need to do your job, and not return them for months, years, or sometimes even ever, even in cases where it seems fairly straightforward to identify that the person has done nothing wrong. The police, and many of the policies surrounding this issue, often assume that the party is guilty, and also assume that seizure isn't a significant professional issue. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if
I understand that they could look at them for many months. In the meantime, my life will go on. I don't believe there is a whole lot you can do about it. If they take too long, I will consider asking a lawyer to look into getting my stuff back but it would have to be expensive stuff to make the lawyer worthwhile. I am guessing I would buy a new PC (they did not seize this guys bank account or credit cards), I probably don't need 100 Terabytes of storage so my costs are not so bad. My message to the cops and my lawyer would be charge me or lets clear this up. There are laws to protect you from the government from taking your stuff in an unfair manner if you want to go that route. If there is a misunderstanding I will talk to the cops all they want. If I feel I need representation, I will get some. If I am really innocent, I doubt they could ask me too much that would upset me. My guess is they would rather move on in their case instead of spinning their wheels with me. I have thought it was rough on people to have all their stuff seized and I suppose you could try and collect some damages if you bought new gear while your stuff was being held (if for no reason) but I think that very often the cops seize the right stuff. I would really like a poll since we have a lot of network professionals on here, exactly how many of us have had something seized by the cops with NO CAUSE. Anybody, I would like to hear from a real life case. Sorry people...most cops want to put the right people in jail and are not trying to violate your rights. There are bad eggs but that is why we have judges. When I hear someone I don't know say they are innocent and the cops say they are guilty, I tend to believe the cop. Everyone in jail says he is innocent too. BTW - in this case, the cops have not even said this guy is guilty of anything yet. Steven Naslund -Original Message- From: Joe Greco [mailto:jgr...@ns.sol.net] Sent: Friday, November 30, 2012 4:49 PM To: Naslund, Steve Cc: na...@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if OK, I get it. I think my BS detector is set to high today. I am just really suspicious that this guy that runs an large ISP can't at least wait until there are charges before all the uproar. I think if the cops came and seized my home PCs right now I would probably give them the time to look at them, realize there is nothing there, and give them back to me before freaking out completely. I would be wondering what was going on but probably not raising a defense fund. You do realize that it is completely common for looking at them to take months. This is a big thing to people in this community, because the police will happily come and confiscate the tools you need to do your job, and not return them for months, years, or sometimes even ever, even in cases where it seems fairly straightforward to identify that the person has done nothing wrong. The police, and many of the policies surrounding this issue, often assume that the party is guilty, and also assume that seizure isn't a significant professional issue. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
If he is claiming that the traffic to the forum came through the Tor node, that IP would lead them to the hosting company of the Tor node. Not his residence. If they had an IP that led to his home, that would have to mean that the traffic did not come from his Tor node at the ISP. I suppose you could get your own block of addresses and get the ISP to advertise them for you to host your server but I don't think you would. If they got his address from the hosting company, I suppose that might lead them to his house but it also would have told them that the Tor node was not AT his house. Why go there? I think they have something else. There are lots of terabytes for them to look at. Who wants to bet what is there? Steven Naslund -Original Message- From: Michael Painter [mailto:tvhaw...@flex.com] On Behalf Of Michael Painter Sent: Friday, November 30, 2012 5:37 PM To: Naslund, Steve; NANOG list Subject: Re: William was raided for running a Tor exit node. Please help if you can. Naslund, Steve wrote: I might be reading this the wrong way but it looked to me like the cops raided his home and the Tor server is hosted off site with an ISP. That is what is bugging me so much. The cops raided his house, not the location of the server. If they had tracked the server by its IP it would have led to the hoster, not his home. They could have gotten his address as the account holder but the ISP would have known that the Tor server was at their site not his home. The IP would not track to his residence. Something is not the full story here or I am misreading his interview. How about: Police have seen CP and have logs from Additionally, I was accused of sharing (and possibly producing) child pornography on a clearnet forum via an image hosting site that was probably tapped. Police look at IP addresses that have accessed the images for those that are within their jurisdiction. Police find an address within a block that is registered to Wiliam. Police raid William and receive an education on TOR exit nodes on servers in Poland. Maybe? Why wouldn't the IP address have led to William? --Michael ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
PROCEDURE FOR SEIZURE OF COMPUTERS AND RELATED DEVICES This search warrant covers and controls the procedure for searching: (1) electronic or computer devices, related equipment or media which has been authorized to be seized pursuant to this warrant on the basis that it is contraband or a direct instrumentality used to commit the crime, and (2) electronic or computer devices, related equipment or media for which seizure has not been specifically authorized. Agents are authorized to seize and remove from the premises such electronic or computer device, including computer system input/output (I/O) peripheral devices, software and media so that a qualified computer expert can accurately search for and retrieve the data in a laboratory or other controlled environment when this is necessary in order to search and retrieve the data or information authorized to be searched for and seized pursuant to this warrant. Agents and computer experts working with agents are authorized to seize the relevant system software (operating systems, interfaces and hardware drivers), any applications software which may have been used to create the data (whether stored on hard drives or on external media), as well as all related instruction manuals or other documentation and data security devices (including but not limited to passwords, keycards and dongles) in order to facilitate the authorized search. In addition, if necessary for data retrieval, they are authorized to reconfigure the system in order to accurately search for and retrieve the evidence stored therein. If, after inspecting the I/O devices, software, documentation and data security devices, the analyst determines that these items are no longer necessary to search for, retrieve and preserve the data, and if the software, documentation and devices have not been seized pursuant to the warrant as contraband or instrumentalities of the crime, the items shall be returned within a reasonable time. https://webcache.googleusercontent.com/search?q=cache:HJ9PtsbdL3kJ:www.fjc.gov/public/pdf.nsf/lookup/ElecDi31.rtf/%24file/ElecDi31.rtf+cd=1hl=enct=clnkgl=us Example of an actual warrant: https://www.eff.org/sites/default/files/filenode/inresearchBC/EXHIBIT-A.pdf Not a lawyer. On Fri, Nov 30, 2012 at 6:25 PM, Randy Bush ra...@psg.com wrote: as this thread has moved firmly to legal opinions, i now scan it for postings by folk i know are actual lawyers and whack the rest. if you are a lawyer, but not well known as such, please say so right up front in your message. randy ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if
Is it possible to configure the tor-talk mailing list to discard messages not explicitly addressed to it? Like this nanog discussion. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
Not only that, but the list of people who proclaimed their innocence only to be proven guilty is very long. I can't vouch for countries outside of the USA, but here at least we don't get subpoenas on a whim. They are usually part of a very long drawn-out investigation, and they usually are for a very good reason. Usually, but not always. I've seen a number of subpoenas and a few search warrants that were: Ridiculously broad Overreaching Really stretched the concept of probable cause As in all else, not all LEOs are good actors. Owen ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
On 11/30/12 5:15 PM, Naslund, Steve wrote: Well, in that case I am really worried that the cops might charge me with a crime. They took my computers and are looking at them. I did not do anything wrong but just in case they decide to charge me with a crime, please send me some money. As well you could be, because you appear to have the same name as a registered sex offender: http://www.sexoffenderin.com/reg110698/steven_w_naslundmugshot.htm On 11/29/12 6:39 PM, Naslund, Steve wrote: # As a long time service provider ... # # my many years of experience in engineering ARPANET, MILNET, and the # Internet I would have to guess that most Tor servers are used for no # good much more than they are protecting anyone's privacy. I'm surprised that medline.com is offering network access as an ISP? Admittedly, you began posting to NANOG in 2002 as: Network Engineering Manager Hosting.com - Chicago While I was involved in engineering NSFnet and the Internet and was an original member of NANOG, but I don't remember you. Of course, I'm notoriously bad with names. OTOH, I have met, remember, and greatly respect the Tor engineers. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if
On Sat, Dec 01, 2012 at 02:37:30PM +0200, Maxim Kammerer wrote: Is it possible to configure the tor-talk mailing list to discard messages not explicitly addressed to it? Like this nanog discussion. I was chewed out for losing the threading info when I forwarded, now Maxim dislikes bounces. You just can't make it right for some people. The thread is simmering down already, so the crossposts will will stop soon enough. I think the content of the thread was quite apropos, since it shows the mindset of netops, there was some crosspollination (with the result that some readers here also now read nanog) and it did remind nanog that Tor et al. are around, and for a good reason. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
On 1/12/2012 10:49 AM, Naslund, Steve wrote: If he is claiming that the traffic to the forum came through the Tor node, that IP would lead them to the hosting company of the Tor node. Not his residence. If they had an IP that led to his home, that would have to mean that the traffic did not come from his Tor node at the ISP. I suppose you could get your own block of addresses and get the ISP to advertise them for you to host your server but I don't think you would. If they got his address from the hosting company, I suppose that might lead them to his house but it also would have told them that the Tor node was not AT his house. Why go there? I think they have something else. There are lots of terabytes for them to look at. Who wants to bet what is there? Steven Naslund The only information I've read about the matter is what's on http://raided4tor.cryto.net/ , and it doesn't provide much regarding the length or complexity of the investigation. From that webpage, the information I find relevant is: (1-1) the exit node was located in Poland, and therefore outside the jurisdiction of the LKA; (1-2) William had already been questioned by Polish LEA about activities coming from the exit node; (1-3) the exit node was moved to a different ISP after the troubles with the Polish LEA; (1-4) the exit node wasn't turned back on. What we _do_not_ know is: (2-1) what country the clearnet forum (that the child porn was posted to) is located in; (2-2) who reported the child porn to LEA, or if LEA was already monitoring for the child porn; (2-3) if Polish and Austrian LEA are cooperating on the investigation; (2-4) when the investigation was initiated; (2-5) which LEA initiated the investigation. Given the information above, it's a completely reasonable scenario that the child porn was reported by the clearnet forum owner, or discovered by some LEA, at which time the offending forum user's IP was determined to belong to the Polish host of the exit node. When compelled, the Polish host provided the details of William Weber. The LKA are then able to raid William on the suspicion of child porn distribution, and they seize everything that could be used to store the material. You (Steven Naslund) question why no LEA seized the exit node. This is explained by the fact that the exit node was moved from the Polish host _after_ the child porn was posted to the clearnet forum. It's completely reasonable that LEA may not have been able to determine where the server was moved to. You also question the reasons for the LKA to raid his private residence when the exit node's last known location was a Polish host. Surely you aren't suggesting that LEA shouldn't raid a suspect's private residence because the last known location of a (missing) server (that is confirmed to belong to the suspect) wasn't the same address? Your opposition to this matter is moving into land of the crazy conspiracy-theorist. You're looking so hard for something more sinister to the story that you're ignoring reason. We should only take positions on the evidence we have, not the evidence we don't have. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if
On Sat, Dec 01, 2012 at 04:20:38PM +0200, Maxim Kammerer wrote: On Sat, Dec 1, 2012 at 3:00 PM, Eugen Leitl eu...@leitl.org wrote: I was chewed out for losing the threading info when I forwarded, now Maxim dislikes bounces. You just can't make it right for some people. Well, to be sure, I was only objecting to messages not being properly labeled when filtered by To/CC headers. Maybe I should invest more in my filtering setup. Probably no need. I'll try to keep it down to a dull roar, in future. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
As much as I'm not sure I want to add to this, and while I recognize that this is not the USA, do recall that in my own country of the USA, where the right to justice is explicit in the constitution, it is routinely ignored by judges who say that they run courts of law, not of justice. I'll also remind you of people who were railroaded because politicians wanted to prove a point -- and there's the recent publicity over a group of 5 that were interrogated without lawyers at the age of 15, forced to confess, and then spent 25 years in jail, partially because their appointed lawyers were horrible. We've learned that if the people in power want to make an example of you, nothing matters except being so rich that you can afford the best lawyers. O.J. Simpson's lawyers were skilled enough -- and could afford everything involved -- to demonstrate that police procedures were iffy at best, and down-right rotten -- and these were the procedures that were standard behavior at worst, and best case, high profile case at best. Out of that whole thing came a federal government report that forensic science had little to no science in it, was full of holes, and a long list of cases where an expert had testified to stuff that was impossible -- including at least one case where a bitemark could not have been a match -- the person investigated was missing two teeth, the bite mark was only missing one, and on the basis of the testimony of an expert that He could have twisted his mouth while biting to make that mark, an innocent person was sentenced. We've learned that Fingerprints, that absolute match that can send you away as an absolute conviction, are so unreliable that the report all but said that they are completely unreliable with the current technology. Do we have lots of people sentenced improperly? Yes. We can prove it. We are doing nothing to fix this. Heck, do you remember a few years ago where it was discovered that we had a juvenile judge routinely sending juveniles to what was basically a work camp that he was profiting from? Even when innocent? Now it turns out that we are putting adult prisoners to work, at a cost of around $4 per hour, and outsourcing that to any company in the country that wants cheap labor (previously outsourced to federal agencies, as it turns out, for years -- and in some cases, those federal agencies were required to use this labor source). That's right -- we were putting innocent people to forced labor in prison while taking jobs away from ordinary people out of prison. And you're expecting that If he's not charged, he doesn't have to worry. If he's innocent, he's safe? I used to think that. I don't any more. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor based website
On 12/1/2012 5:08 AM, electricsinkh...@gmail.com wrote: I would like to find a helping hand in giving me step by step instructions on how to build a Tor based Simple Machines Forum w/ 3D-Cart and other flattering domain building software for my vendors product description pages with pictures if the service provides a picture. my site specializes in all types of products from encrypted multi-phone number cell phones to wholesale hewlett packard products. Everything from computers and scanners to medical office supplies. i also found grreat suliers for IBM, DELL, Asus, Toshibi, Samsung and Apple products. We sell satelllites which can send and receive data. 8000 channells in total alongside a dvd burner to burn your favorite shows and movies. The satellites come in multiple sizes. also specialize in trading goods and other goods you can think of. Any product and we probably have it. This is why I need to maintain anonymous here. are there any servers you can think of besides apache which cover encryption, VPN cabiliities, TOR ready and proxy-chain compatibalities... i need enough storage for my web traffic which i think will be high. i was reading one Onion site which offered a private service and they mentioned that they have more than one server. Should i get two, one for incoming traffic and the other for outgoing data all onto my server or servers. I want one thats easy to configure once i get its software up on the computer screen. i cannot risk my anonymity being broken here as of all the products and services i provide on the site and thread. I'd say its a 18-21 plus site so its invite only i just don't know where to get started with the TOR part, hence why I haven't even started to build my forum incase i need to put the URLs into the tor config so it can turn it into its famous onion codex. where should i start. Also, should i purchase a 5 dollar VPN for my laptop. My laptop is running slow but will still remain completely working after tomorrow when I get it fixed up from a microsoft windows specialist... i need someone whose had exerience with seeing this done first hand in the past. there's a marketplace online called Silk Road Anonymous Marketplace which grossed 22 million dollars in sales in just one year. also, as the forum owner and administrator how do i make money if im not vending. Like, how do the guys who made Silk Road get their income? commission with each of their reliable vendors? is 25% commission the right amount to ask for? isnt that average? anyways, I'll keep it this short for now and write you more once i get a better idea! can't wait to start creating! best regards, - Ed Sullivan p.S. Sorry bout all the spelling errors and capitals, etc... I'm using a 2003 LG Lotus to write up this e-mail so i didn't put full effort into editing as you can see. :) hope to hear from you today or soon, thanks again... ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk You will certainly catch the attention of law enforcement agencies world wide with emails like that one. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
The BBC has an article about a similar issue on a Tor exit node in Austria: Austrian police raid privacy network over child porn http://www.bbc.co.uk/news/technology-20554788 ## Austrian police have seized servers that were part of a global anonymous browsing system, after images showing child sex abuse were found passing through them. Many people use the Tor network to conceal their browsing activity. Police raided the home of William Weber, who ran the servers, and charged him with distributing illegal images. ## It is unfortunate that systems in place to allow free speech end up being abused for the wrong purposes. The same applies to anonymous remailers which have been used to stalk and harass/bully people often using forged email addresses (since those remailers allow one to forge the sender's email address instead of forcing an Anonymous sender email. If Tor servers are just glorified routers then they could be considered more as transit providers and not responsible for content transiting through them. However, if a transit service goes out of its way to hide the identity of the sender of a packet to make it untraceable, then it becomes more than a simpler carrier. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] how tails sync the clock afer network connection ?
Hi, charlie.mail wrote (01 Dec 2012 06:07:49 GMT) : I have seen tails sync the clock with UTC just after a network connection and start browser. How does it do so. It is the ntpupdate ? Please direct questions about Tails to the Tails communication channels. Anyhow: https://tails.boum.org/contribute/design/Time_syncing/ ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] tails suppport channels
On Sat, 01 Dec 2012 14:31:15 +0100 intrigeri intrig...@boum.org wrote: Please direct questions about Tails to the Tails communication channels. which are listed at https://tails.boum.org/support/ ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Legal Crap [was: William was raided for running a Tor exit node. Please help if you can.]
On 12/1/12, Patrick W. Gilmore patr...@ianai.net wrote: On Nov 30, 2012, at 20:25 , Randy Bush ra...@psg.com wrote: As for the legal crap, most of what is posted is not on-topic here. There are laws legal implications which are operational, though. And even though I am not a lawyer, I need to understand them or I cannot do my job. My lawyer is not going to pick which datacenter to lease, even if he knows a Laws and legal ramifications are a driving force impacting design and policy for network operations, because they have financial implications, and finance matters. For example, if you or your orgs' staff are denied access to your equipment or data and critical servers are seized or offlined, while a police investigation is ongoing, due to a breach of PII confidentiality (eg Stolen social security numbers of staff members used by an ID thief), for example, there is possible hardship for the org, even if you or your org fully exercised due care and went well beyond the minimum: with a responsible well-thought security program, and the offender is an outsider,you might soon not have a network, due to bankruptcy. In this case you might not have any liability or guilt for the breach, but you have major costs, regardless. Anyone, including people off the street, can have opinions about the Law, and opinions about networks. Would you be willing to rely some stranger off the street, with no qualifications, or positive background whatsoever, to start recommending a new network design, or give them a CLI with directions that they can start making whatever changes they like to your core router? Would you ask how to configure an AP to be secure, on a network law discussion list? Opinions are one thing; but a large amount of legal mumbo jumbo, and attempting to suggest you have exactly what a court would find, or what the exact and only issues are, that list members can't responsibly rely on anyways (DUE to its importance not its non-importance), is a waste of bits,and there might be a more appropriate place to discuss law itself. :) -- -JH ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
Example of an actual warrant: https://www.eff.org/sites/default/files/filenode/inresearchBC/EXHIBIT-A.pdf Please also keep in mind, if it's relevant, that *no warrant* is required for data that is stored by a third-party. Data on a server, TOR or otherwise, would by definition be data that is stored by a third party. Which means that if there is a person of interest (POI), it would not be terribly hard to get at personal information about the POI that is not on their own private machines. (Here is an article we wrote about that: http://www.theinternetpatrol.com/no-warrant-necessary-for-law-enforcement-to-access-data-stored-in-the-cloud/ ) Not a lawyer. Is a lawyer, but hasn't been following this thread. That said, if there are specific questions, I'd be happy to answer them if I can. Anne Anne P. Mitchell, Esq CEO/President Institute for Social Internet Public Policy http://www.ISIPP.com Member, Cal. Bar Cyberspace Law Committee ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
The BBC has an article about a similar issue on a Tor exit node in Austria: Austrian police raid privacy network over child porn http://www.bbc.co.uk/news/technology-20554788 actually it is not a similar case but the case of William W. that BBC reported. Though with some mistakes: the servers were not seized, the hardware (drives etc) at his home was seized, William was not charged (he says), police is just investigating. http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses/p5 And so far only the police know if images showing child sex abuse were actually found passing through them as BBC writes. The warrent posted at arstechnica.net http://cdn.arstechnica.net/wp-content/uploads/2012/11/Beschluss.png mentions section 207a, para 2, 2nd case, and para 4 no 2, lit b of Austrian Criminal Code, which would be possession of a a pornographic depiction of a minor person over 14, showing their genitals in an obscene manner. (the text of the relevant section in German: http://www.ris.bka.gv.at/Dokumente/Bundesnormen/NOR40105143/NOR40105143.html) The warrent does not mention anything that refers to distribution or transport of pornographic images. So, either police and judge were not aware that it was a TOR server or they have/had a suspicion that's not related to running a TOR server. Or the made a mistake and quoted the wrong section. We simply don't know at present. regards, jutta am Samstag, 01. Dezember 2012 um 17:10 schrieb na...@nanog.org: The BBC has an article about a similar issue on a Tor exit node in Austria: Austrian police raid privacy network over child porn http://www.bbc.co.uk/news/technology-20554788 ## Austrian police have seized servers that were part of a global anonymous browsing system, after images showing child sex abuse were found passing through them. ... ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if
Sorry people...most cops want to put the right people in jail and are not trying to violate your rights. Ha ha ha. You are clueless, or worse. There are bad eggs but that is why we have judges. When I hear someone I don't know say they are innocent and the cops say they are guilty, I tend to believe the cop. Trolling? Everyone in jail says he is innocent too. BTW - in this case, the cops have not even said this guy is guilty of anything yet. Steven Naslund ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] does tor browse bundle really work on UNIX, BSD, etc
On Fri, 30 Nov 2012 19:50:50 -0600 John Thompson j...@stolat.os2.dhs.org wrote: I haven't run TBB on BSD, but FreeBSD (and presumably other variants) have a very capable linux compatibility mode. Perhaps TBB runs in this compatibility mode? That's not actually a reasonable presumption, as Linux ABI support was added some time after the BSDs split (think about it: Linux was a newborn at that point). However as it happens NetBSD, OpenBSD ( its daughter MirOS) and Dragonfly BSD all do support Linux binaries. Whether that means they can run TBB is of course a separate question. My BSD of choice is NetBSD, and I don't think I've ever managed to run TBB; certainly when I tested just now Vidalia and tor are both fine, but Firefox isn't happy. I've not worked out why yet. It's not something I've put much time into so I may just be missing something obvious. Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me signature.asc Description: PGP signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor based website
On Sat, 01 Dec 2012 10:12:35 -0600 David Carlson carlson...@sbcglobal.net wrote: You will certainly catch the attention of law enforcement agencies world wide with emails like that one. Maybe he is law enforcement, looking for someone to ensnare. -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me signature.asc Description: PGP signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
On Sat, 01 Dec 2012 16:00:00 +0100 Fabio Pietrosanti (naif) li...@infosecurity.ch wrote: This would probably be something *very valuable* for any Tor Exit Node maintainer if Tor software would provide such kind of facility to facilitate: - understanding of a third party - drive the abuse/more information request actions There is the DirPortFrontPage config option. It's probably most useful if your DirPort is port 80, of course. Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me signature.asc Description: PGP signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
On Fri, 30 Nov 2012 20:42:45 -0600 Joe Btfsplk joebtfs...@gmx.com wrote: [Load of US-centred rubbish] Seriously, you need to realise that most of the world is not the States, and things work differently over here. Some parts of Europe are safer than others, and some (including UK) are distinctly unsafe, despite external appearances. You can bet if I was served a warrant relating to an alleged child sex offence I'd be opening a defence fund, because the police here are very fond of reminding you who's in charge. It's not about whether you did the crime, it's about whether you want to spend months on remand (and potentially losing your job, home, partner etc) before eventually being acquitted. Never mind that the tabloids will splash your picture all over their front pages with headlines that will tarnish your name forever. You need money to fight that, too. And that's Europe. If he was in most African countries he'd be totally screwed. How much is 10,000 EU anyway - $100 USD? You seem to have the wrong idea about which is the weaker currency. The Euro and Sterling have certainly taken a battering, but the Dollar isn't exactly the safest investment either. Really, childish xenophobia isn't constructive. Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me signature.asc Description: PGP signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] torsocks is broken and unmaintained
On Fri, 2 Nov 2012, grarpamp wrote: I don't agree. torsocks is still useful to prevent identity correlation through circuit sharing. Pushing all traffic through Trans- and DnsPort is not the answer. Also, I don't want all of my applications using Tor -- just some of them. Using Tails or TransPort wouldn't allow me to do this. Some people do run multiple Tor's, jails, packet filters, and apps. Largely to get around current Tor limitations. Those people don't have this singularity problem/position that you assume. Torsocks is not required in that instance. There has to be a better way to simply make an ssh connection over ToR. I don't want to run all of tails just to make a single ssh connection (2 minutes to properly fire up vmware, massive cpu use, laptop gets hot, fans running, everything else comes to a crawl). I don't want to run a full-blown tor relay installation with all the bells and whistles and then maintain that full blown environment, watch advisories, run periodic tests, test for dns leakage, blah blah. I want this: cd /usr/ports/net/torssh make install torssh u...@host.com Am I the only person that wants/needs this ? I understand that you can't go down the road of make a custom tor app for everry possible client app that people want to run, but come on ... ssh ? If there was just a single app to do this for, it would be that, right ? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] torsocks is broken and unmaintained
I wanted this too. According to the documentation (ssh_config) you can use the ProxyCommand option and nc (netcat) to accomplish this. I haven't really used it yet though or audited it to make sure it doesn't leak. On 12/1/2012 15:14, John Case wrote: On Fri, 2 Nov 2012, grarpamp wrote: I don't agree. torsocks is still useful to prevent identity correlation through circuit sharing. Pushing all traffic through Trans- and DnsPort is not the answer. Also, I don't want all of my applications using Tor -- just some of them. Using Tails or TransPort wouldn't allow me to do this. Some people do run multiple Tor's, jails, packet filters, and apps. Largely to get around current Tor limitations. Those people don't have this singularity problem/position that you assume. Torsocks is not required in that instance. There has to be a better way to simply make an ssh connection over ToR. I don't want to run all of tails just to make a single ssh connection (2 minutes to properly fire up vmware, massive cpu use, laptop gets hot, fans running, everything else comes to a crawl). I don't want to run a full-blown tor relay installation with all the bells and whistles and then maintain that full blown environment, watch advisories, run periodic tests, test for dns leakage, blah blah. I want this: cd /usr/ports/net/torssh make install torssh u...@host.com Am I the only person that wants/needs this ? I understand that you can't go down the road of make a custom tor app for everry possible client app that people want to run, but come on ... ssh ? If there was just a single app to do this for, it would be that, right ? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] torsocks is broken and unmaintained
On Sat, 2012-12-01 at 23:14 +, John Case wrote: On Fri, 2 Nov 2012, grarpamp wrote: I don't agree. torsocks is still useful to prevent identity correlation through circuit sharing. Pushing all traffic through Trans- and DnsPort is not the answer. Also, I don't want all of my applications using Tor -- just some of them. Using Tails or TransPort wouldn't allow me to do this. Some people do run multiple Tor's, jails, packet filters, and apps. Largely to get around current Tor limitations. Those people don't have this singularity problem/position that you assume. Torsocks is not required in that instance. There has to be a better way to simply make an ssh connection over ToR. I don't want to run all of tails just to make a single ssh connection (2 minutes to properly fire up vmware, massive cpu use, laptop gets hot, fans running, everything else comes to a crawl). I don't want to run a full-blown tor relay installation with all the bells and whistles and then maintain that full blown environment, watch advisories, run periodic tests, test for dns leakage, blah blah. I want this: cd /usr/ports/net/torssh make install torssh u...@host.com Am I the only person that wants/needs this ? I understand that you can't go down the road of make a custom tor app for everry possible client app that people want to run, but come on ... ssh ? If there was just a single app to do this for, it would be that, right ? Just put this in your .ssh/config: ProxyCommand socat STDIO SOCKS4A:localhost:%h:%p,socksport=9050 You do need to run the Tor daemon as a client, which I'm not sure if you're okay with. -- Sent from Ubuntu ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
On 12/1/2012 10:10 AM, Jean-Francois Mezei wrote: If Tor servers are just glorified routers then they could be considered more as transit providers and not responsible for content transiting through them. However, if a transit service goes out of its way to hide the identity of the sender of a packet to make it untraceable, then it becomes more than a simpler carrier. I think I understand your point, but if Tor (or anything else) isn't really anonymous, there's no point in advertising it as anonymous. Unless you're selling snake oil. If gov'ts (or other groups) can get what they want, when they want, out of an ISP, exit relays, etc., then it's only anonymous as long as no one's interested in what you're saying or doing. Meaning, it's not really anonymous at all. If being anonymous, or more specifically, having anonymous communication is outlawed ( it almost is, in practice), then there will be no Tor. The conundrum: if every thing that has some useful purpose is outlawed because someone can also use it maliciously, or LEAs make so no one wants to touch it, then most everything could be be banned - by that line of thinking. gasoline - gone. 2 x 4 lumber - can be used as weapon - gone. baby diapers - can be used to smother someone - gone. kitchen or butcher knives injure / kill thousands around the world each year? They're not trying to outlaw knives over 5 inches, because they pose no threat to a gov't. Bottom line is, no gov'ts want their law abiding or criminal citizens to communicate anonymously, because it takes away power. Yes, they want to catch criminals ( we want them to). No, they're not concerned in the least if 90 - 99% (or what ever) of Tor users don't break the law. If they catch criminals AND stop people from using Tor, running exits - out of fear, they killed 2 birds w/ one stone. The internet is really the best thing invented to allow gov'ts of the world to keep tabs on all citizens ( though they say they're only after criminals). When people still wrote letters, (most) gov'ts couldn't scan EVERY letter, just to see what popped up. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
On 12/1/2012 1:28 PM, Anne P. Mitchell, Esq. wrote: Please also keep in mind, if it's relevant, that *no warrant* is required for data that is stored by a third-party. Data on a server, TOR or otherwise, would by definition be data that is stored by a third party. Which means that if there is a person of interest (POI), it would not be terribly hard to get at personal information about the POI that is not on their own private machines. (Here is an article we wrote about that: http://www.theinternetpatrol.com/no-warrant-necessary-for-law-enforcement-to-access-data-stored-in-the-cloud/ ) Is a lawyer, but hasn't been following this thread. That said, if there are specific questions, I'd be happy to answer them if I can. Anne Anne P. Mitchell, Esq CEO/President Institute for Social Internet Public Policy http://www.ISIPP.com Member, Cal. Bar Cyberspace Law Committee Thanks Anne. Laws in virtually every state (U.S.) country are different - yes? I think I understand what you said, but not sure why it'd be so (in U.S.) In a situation that LEAs SAY they suspect a crime, one's personal data (say, credit card info / transactions) stored on 3rd party servers - (say, Amazon.com) is not protected in any shape form or fashion, from Boss Hogg (aka, an LEA) saying, Amazon - I want Daisy Duke's credit card info. I don't have a warrant, but give it to me, anyway. And Amazon has to say, Sure,... because of why?? Any business like that storing info would be a 3rd party server - yes? So no LEA would ever need warrants to get financial / purchase transactions, email, ISP browsing records - ad nauseum, Habeas Corpus, defacto, oreo. Because it's your info, NOT stored on your personal equipment. Is that correct? Doctors storing patients' medical info, for back up purposes, off site, would be storing it on a 3rd party server. So, does it become public information? Or at least Deputy Fife could walk into the back up storage facility say, I want medical records on a guy that's been sniffing around Thelma Lou, cause he ran a stop sign. And they must give it to him w/o a warrant? I think we must have skipped over a few details. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
On 12/1/2012 4:22 PM, Julian Yon wrote: On Fri, 30 Nov 2012 20:42:45 -0600 Joe Btfsplk joebtfs...@gmx.com wrote: How much is 10,000 EU anyway - $100 USD? I knew I shouldn't have written that - too many people don't get satire / comedic sarcasm. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] torsocks is broken and unmaintained
On 12/01/2012 06:14 PM, John Case wrote: On Fri, 2 Nov 2012, grarpamp wrote: I don't agree. torsocks is still useful to prevent identity correlation through circuit sharing. Pushing all traffic through Trans- and DnsPort is not the answer. Also, I don't want all of my applications using Tor -- just some of them. Using Tails or TransPort wouldn't allow me to do this. Some people do run multiple Tor's, jails, packet filters, and apps. Largely to get around current Tor limitations. Those people don't have this singularity problem/position that you assume. Torsocks is not required in that instance. There has to be a better way to simply make an ssh connection over ToR. I don't want to run all of tails just to make a single ssh connection (2 minutes to properly fire up vmware, massive cpu use, laptop gets hot, fans running, everything else comes to a crawl). I don't want to run a full-blown tor relay installation with all the bells and whistles and then maintain that full blown environment, watch advisories, run periodic tests, test for dns leakage, blah blah. I want this: cd /usr/ports/net/torssh make install torssh u...@host.com Am I the only person that wants/needs this ? I understand that you can't go down the road of make a custom tor app for everry possible client app that people want to run, but come on ... ssh ? If there was just a single app to do this for, it would be that, right ? The real issue is that once they start providing torified-forks of certain projects where do they draw the line? torFirefox for TBB, sure (which may be coming down the pipe anyway)! torssh, why not? Tor Project is already stretched thin which means third party devs would have to implement most of the work and who would be able to audit all of them? Torification integrated into these projects would be a usability god-send for most people. But that would ultimately be its undoing. At this point many users don't understand that anonymity is not as simple as flipping a switch, it's so much more complex than that. One possible advantage of Tor being a little complex is that it makes people realize that ensuring ones safety/privacy online is *not* easy and it's possible that increasing the usability too much could put more people at risk. In addition to this, if different projects have tor integrated then that would mean each one would have to keep state separately and each would most likely have different guard nodes and such. The result, again, would be putting the users more at risk. I understand the appeal of such packages, but if you think about this then you'll see that running a single daemon and channeling connections through it probably is the best and most resource efficient way. Just think, if x number of programs you wanted to run were torified than you would essentially being running x instances of tor, not ideal. For now, using built-in proxy support for an application, or torsocks if it doesn't have it, is the best option we have and we still need to be careful when we use any built-in proxy option. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk