RE: William was raided for running a Tor exit node. Please help if you can.

[Brandon Lehmann]

In any event, I'm pretty sure that I'd rather get hit with tampering with
evidence versus them retrieving data that may incriminate me. I believe
this may be a the lesser of two evils game.


 -Original Message-
 From: Kyle Creyts [mailto:kyle.cre...@gmail.com]
 Sent: Monday, December 17, 2012 2:52 PM
 To: Jeroen van Aart
 Cc: nanog@nanog.org
 Subject: Re: William was raided for running a Tor exit node. Please
 help if you can.
 
 In most jurisdictions, wouldn't using a de-gaussing ring in the door
 frame to wipe any equipment being removed constitute tampering with
 evidence or interfering with an investigation if the authority in
 question is in possession of a warrant/subpoena?
 
 On Mon, Dec 17, 2012 at 11:33 AM, Jeroen van Aart jer...@mompl.net
 wrote:
 
  On 11/30/2012 02:02 PM, Naslund, Steve wrote:
 
  OK, there must be a lot more paranoid people out there than I
 thought
 
 
   for awhile?  I am sure he will let you out to go to the bank, get
  your
  stuff, and leave town.  I think you have seen way to many movies.
 
 
   So if the cops show up at his door tomorrow and say Here's all your
  stuff back, there was no evidence of a crime., you are OK with this
  guys keeping the defense fund?
 
 
  I for one vote for installing a de-gauging ring in your door frame.
  any removal of equipment you don't approve of will be wiped. That and
  encryption possibly combined with hiding the real OS (truecrypt can
  do that).
 
  Greetings,
  Jeroen
 
  --
  Earthquake Magnitude: 5.1
  Date: Monday, December 17, 2012 17:46:48 UTC
  Location: central East Pacific Rise
  Latitude: -3.9682; Longitude: -104.0375
  Depth: 15.70 km
 
 
 
 
 --
 Kyle Creyts
 
 Information Assurance Professional
 BSidesDetroit Organizer


smime.p7s
Description: S/MIME cryptographic signature

Re: William was raided for running a Tor exit node. Please help if you can.

[Jeroen van Aart]

On 11/30/2012 02:02 PM, Naslund, Steve wrote:

OK, there must be a lot more paranoid people out there than I thought



for awhile?  I am sure he will let you out to go to the bank, get your
stuff, and leave town.  I think you have seen way to many movies.



So if the cops show up at his door tomorrow and say Here's all your
stuff back, there was no evidence of a crime., you are OK with this
guys keeping the defense fund?


I for one vote for installing a de-gauging ring in your door frame. any 
removal of equipment you don't approve of will be wiped. That and 
encryption possibly combined with hiding the real OS (truecrypt can do 
that).


Greetings,
Jeroen

--
Earthquake Magnitude: 5.1
Date: Monday, December 17, 2012 17:46:48 UTC
Location: central East Pacific Rise
Latitude: -3.9682; Longitude: -104.0375
Depth: 15.70 km

Re: William was raided for running a Tor exit node. Please help if you can.

[Kyle Creyts]

In most jurisdictions, wouldn't using a de-gaussing ring in the door frame
to wipe any equipment being removed constitute tampering with evidence or
interfering with an investigation if the authority in question is in
possession of a warrant/subpoena?

On Mon, Dec 17, 2012 at 11:33 AM, Jeroen van Aart jer...@mompl.net wrote:

 On 11/30/2012 02:02 PM, Naslund, Steve wrote:

 OK, there must be a lot more paranoid people out there than I thought


  for awhile?  I am sure he will let you out to go to the bank, get your
 stuff, and leave town.  I think you have seen way to many movies.


  So if the cops show up at his door tomorrow and say Here's all your
 stuff back, there was no evidence of a crime., you are OK with this
 guys keeping the defense fund?


 I for one vote for installing a de-gauging ring in your door frame. any
 removal of equipment you don't approve of will be wiped. That and
 encryption possibly combined with hiding the real OS (truecrypt can do
 that).

 Greetings,
 Jeroen

 --
 Earthquake Magnitude: 5.1
 Date: Monday, December 17, 2012 17:46:48 UTC
 Location: central East Pacific Rise
 Latitude: -3.9682; Longitude: -104.0375
 Depth: 15.70 km




-- 
Kyle Creyts

Information Assurance Professional
BSidesDetroit Organizer

Re: William was raided for running a Tor exit node. Please help if you can.

[Peter Kristolaitis]

Drifting a big off topic for NANOG (but hey, that happens every /pi/ 
days anyways!), but I'll toss this in...


Like every other legal incident, it would be unique to your own 
situation.  Keep in mind that, should any of the charges you mentioned 
go to court, the prosecution would have to prove /mens rea/ (intent).  
They would have to prove that you intended to cause the drives to be 
wiped specifically because you did not want them admitted as evidence.


If you weren't even home at the time the warrant was executed, the worst 
lawyer in the world would be able to argue that you have the system in 
place to prevent sensitive data from leaving in the event of common 
theft, and that it's not your fault the police triggered it (and suggest 
that maybe they should add scan for an intense EM field to their 
standard procedures when dealing with computer equipment :p ).


If you were home at the time (or knew that a warrant was being executed, 
e.g. if the police show up at your workplace to inform you), things 
would be a lot dicier.  Actively hitting the turn on the system button 
would definitely be bad news for you. However, simply not turning it off 
as the officers are walking out the door, well... it was a VERY 
stressful situation for you, with all the police running all over your 
house, and you simply forgot about the system until much later (or so 
your lawyer could argue).


There would definitely be some unhappy people with the situation 
regardless, and either way you'll be contributing to buying your lawyer 
a new car.  ;)


Now, having said all that... I'm not sure I'd want to pay the 
electricity bill for keeping that degausser running... :p


- Pete



On 12/17/2012 02:52 PM, Kyle Creyts wrote:

In most jurisdictions, wouldn't using a de-gaussing ring in the door frame
to wipe any equipment being removed constitute tampering with evidence or
interfering with an investigation if the authority in question is in
possession of a warrant/subpoena?

On Mon, Dec 17, 2012 at 11:33 AM, Jeroen van Aart jer...@mompl.net wrote:


On 11/30/2012 02:02 PM, Naslund, Steve wrote:


OK, there must be a lot more paranoid people out there than I thought


  for awhile?  I am sure he will let you out to go to the bank, get your

stuff, and leave town.  I think you have seen way to many movies.


  So if the cops show up at his door tomorrow and say Here's all your

stuff back, there was no evidence of a crime., you are OK with this
guys keeping the defense fund?


I for one vote for installing a de-gauging ring in your door frame. any
removal of equipment you don't approve of will be wiped. That and
encryption possibly combined with hiding the real OS (truecrypt can do
that).

Greetings,
Jeroen

--
Earthquake Magnitude: 5.1
Date: Monday, December 17, 2012 17:46:48 UTC
Location: central East Pacific Rise
Latitude: -3.9682; Longitude: -104.0375
Depth: 15.70 km

Re: William was raided for running a Tor exit node. Please help if you can.

[Valdis . Kletnieks]

On Mon, 17 Dec 2012 16:28:28 -0500, Peter Kristolaitis said:

 Now, having said all that... I'm not sure I'd want to pay the
 electricity bill for keeping that degausser running... :p

An EMP device doesn't have to chew power all the time...

And of course, there's this: http://www.youtube.com/watch?v=8vxEimC3HME


pgpm0HZGq5JYb.pgp
Description: PGP signature

Re: William was raided for running a Tor exit node. Please help if you can.

[Mark Andrews]

In message 34925.1355780...@turing-police.cc.vt.edu, valdis.kletni...@vt.edu 
writes:
 --==_Exmh_1355780734_2398P
 Content-Type: text/plain; charset=us-ascii
 
 On Mon, 17 Dec 2012 16:28:28 -0500, Peter Kristolaitis said:
 
  Now, having said all that... I'm not sure I'd want to pay the
  electricity bill for keeping that degausser running... :p
 
 An EMP device doesn't have to chew power all the time...
 
 And of course, there's this: http://www.youtube.com/watch?v=8vxEimC3HME

I suspect you would fine that such a ring would illegal as it is a
potential man trap.   There are reasons hospitals have big warning
signs around similar equipment used for medical imaging.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org

Re: William was raided for running a Tor exit node. Please help if you can.

[Jimmy Hess]

On 12/17/12, Mark Andrews ma...@isc.org wrote:
 In message 34925.1355780...@turing-police.cc.vt.edu,
 On Mon, 17 Dec 2012 16:28:28 -0500, Peter Kristolaitis said:

Yeah...  degaussing rings  consume a lot of energy you shouldn't need
to consume.   If you _must_  be able to protect data from extreme
physical threats:  keep it encrypted end to end at all times,and
concentrate on Information assurance for  the key itself,   and
making the equipment  tamper resistant, to prevent eavesdropping,  for
example:  by incorporating computer chassis into the support structure
of the building,  with, EM shielding, plate steel vault doors  and
relocking mechanisms;just as you'd want to safeguard other
physical valuables.

Encryption keys are short, and easy to store on small tamper-resistant
smartcards,   which can be burned up or erased in a second by a low
voltage circuit;   possibly one triggered automatically if the
incorrect PIN is entered,  or the  correct 3rd or 4th   (easily
accidentally lost,  or left at some other place) SIM Card/Micro-sim
shapped parts  containing enough other  shares  of the encryption key
 aren't inserted  in a partner module shortly after powerup.

As long as the crypto algorithm was sound,   reliable destruction of
the key should make the data as hard (or harder)  to be recovered,
than if media had been degaussed.


 And of course, there's this: http://www.youtube.com/watch?v=8vxEimC3HME

 I suspect you would fine that such a ring would illegal as it is a
 potential man trap.   There are reasons hospitals have big warning
 signs around similar equipment used for medical imaging.

 Mark
--
-JH

Re: William was raided for running a Tor exit node. Please help if you can.

[Jean-Francois Mezei]

On 12-12-17 21:45, Jimmy Hess wrote:

 Yeah...  degaussing rings  consume a lot of energy you shouldn't need
 to consume.  

Now now, you clearly have not watched enough scient fiction/action
movies... Clearly, you have a mechanism which triggers the degaussing
(or neutron bomb in the basement the minute a hard drive is disconnected
from the server/disk array :-)

And you just need to put up a sign warning, this building is protected
with a giant degaussing magnet to protect against data theft, remove all
rings from your body parts if you intend to steal from this building :-)

Note that they used this trick in Breaking Bad with a giant magnet in
a van parked right next to where evidence room and they managed to zap
the laptop that contained evidence against them. Of course, the laws of
physics don't apply in Hollywood so it is not clear whether this is
realistic or not.

Re: William was raided for running a Tor exit node. Please help if you can.

[Henry Yen]

On Mon, Dec 17, 2012 at 20:45:04AM -0600, Jimmy Hess wrote:
 If you _must_  be able to protect data from extreme
 physical threats:  keep it encrypted end to end at all times,

Physical threat is somewhat different than seizure by law enforcement, though.

Although mooted when authorities decrypted an evidentiary laptop themselves,
the idea of encryption as a shield against law enforcement is not yet a
settled issue in the US; see the Fricosu case.  A nice explanation:
   https://www.eff.org/deeplinks/2012/03/tale-two-encryption-cases

-- 
Henry Yen   Aegis Information Systems, Inc.
Senior Systems Programmer   Hicksville, New York

Re: William was raided for running a Tor exit node. Please help if you can.

[Jimmy Hess]

On 12/18/12, Henry Yen he...@aegisinfosys.com wrote:
 On Mon, Dec 17, 2012 at 20:45:04AM -0600, Jimmy Hess wrote:
 Physical threat is somewhat different than seizure by law enforcement,
 though.

I'm not so sure about that.   It's a kind of physical threat;  the set
of all physical threats includes a subset of threats that are LEO
threats involving authorities and are related to (quasi-)legal
threats.  The law enforcement personnel may have been paid off by a
rogue party in the first place,  to seize and misplace the data
(E.g.  deny the legitimate principal access to it  for the purposes of
competitive advantage),  or to seize and accidentally leak the data
to overseas entity attempting to gain the data for economic advantage,
by taking advantage of insufficient security controls of the law
enforcement entity.

 the idea of encryption as a shield against law enforcement is not yet a
 settled issue in the US; see the Fricosu case.  A nice explanation:
https://www.eff.org/deeplinks/2012/03/tale-two-encryption-cases

It obviously wouldn't work for all kinds of data, but;
even if it's not a 5th amendment issue;   E.g.  required to reveal
your keys and allow the data to be decrypted;the POSSIBILITY  has
to exist that that you can in fact know or recover the keys.

You can't testify against yourself, if you had your memory permanently
wiped in some manner,  so that you are incapable of ever recalling,
because there's nothing there to present ---   it doesn't matter if
there was no 5th amendment,  the fact your memory was wiped,  erased
the possibility of ever testifying.

If an automatic response to the security breach results in complete
reliable destruction of physical and logical devices absolutely
required to be fully intact to  recover the keys  and execute
decryption activity, then  there is inherently nothing to provide,
once that occured;  the remaining option would be for the LEO to
dedicate massive computing resources over a sufficient hundred years,
to  discover the key through brute force key space search  of  10^77+
keys.


That's assuming no backups of the key  devices.



 --
 Henry Yen   Aegis Information Systems,
--
-JH

Re: William was raided for running a Tor exit node. Please help if

[Jimmy Hess]

On 12/5/12, Jutta Zalud j...@netzwerklabor.at wrote:
 Technically you are right. But then: what is the difference to ISPs?
 They offer routing- and DNS- and mail- and other services on
 various infrastructure.

ISPs typically have a customer.They know their customer, they
retain  sufficient information to identify  their customer,  such as
name, billing address, physical location,  telephone number,  and have
a signed agreement to provide the service.
They collect consideration from their customer; usually in the form of cash.

The customer of an ISP is normally expected to adhere to some sort of
AUP or TOU,  providing terms of their use of the service.   Typically
including some provisions,  such as  'customer is responsible for
activities that are performed while dialed into their account', 'no
illegal activities',   '  no sending spam',  conducting other network
abuses.

For consumer ISPs,  sometimes activities such as running internet
servers, reselling,  or  providing ISP access to 3rd parties,  might
be restricted
(restrictions incompatible with running a TOR exit node on that service).


An end user operating a TOR exit node, or  wide open Wireless AP,
intentionally allows other people to connect  to their infrastructure
and the internet  whom  they have no relationship with or prior
dealings with, in spite of the possibility of network abuse or illegal
activities,they choose to allow connectivity  without  first
gathering  information  required to hold the 3rd party responsible for
their activity.

An intentional anonymizer which is in contrast to what an ISP does.
The operator of an ordinary anonymizer service is subject to the
possibility of court-ordered intercept  upon future use.

If the operator of the Tor node believes that criminal intent is the
most likely use of the TOR exit node.the degree of intentional
ignorance might be considered so severe,   that it becomes a situation
in which they are considered culpable.

E.g.  the Tor exit node operator might possibly be considered an
accessory, to the activity occuring on their node,  that they are
harboring / allowing to occur anonymously.


Not to say  whether Tor node operators are possibly guilty of anything or not.
But they are definitely different from ISPs  in  a number of important ways.

Any similarity between Open AP/Tor Exit node operator and ISP   are
highly superficial.

 jutta
--
-JH

Re: William was raided for running a Tor exit node. Please help if

[Owen DeLong]

On Dec 5, 2012, at 12:38 AM, Jimmy Hess mysi...@gmail.com wrote:

 On 12/5/12, Jutta Zalud j...@netzwerklabor.at wrote:
 Technically you are right. But then: what is the difference to ISPs?
 They offer routing- and DNS- and mail- and other services on
 various infrastructure.
 
 ISPs typically have a customer.They know their customer, they
 retain  sufficient information to identify  their customer,  such as
 name, billing address, physical location,  telephone number,  and have
 a signed agreement to provide the service.
 They collect consideration from their customer; usually in the form of cash.
 

What if it's a free open wireless ISP where all you have to do is click
an assent to a basic TOS agreement?

What if it's a free open wireless ISP (such as any Apple store) where
all you have to do is get within range and connect? No contract or
click-thru at all?

 The customer of an ISP is normally expected to adhere to some sort of
 AUP or TOU,  providing terms of their use of the service.   Typically
 including some provisions,  such as  'customer is responsible for
 activities that are performed while dialed into their account', 'no
 illegal activities',   '  no sending spam',  conducting other network
 abuses.
 

In many cases, but not all. However I do have to wonder what makes you
think a civil contract would be a deterrent to someone willing to
commit a criminal act?

 For consumer ISPs,  sometimes activities such as running internet
 servers, reselling,  or  providing ISP access to 3rd parties,  might
 be restricted
 (restrictions incompatible with running a TOR exit node on that service).
 

But such restrictions are not all that common and aren't particularly
relevant to this discussion.

 An end user operating a TOR exit node, or  wide open Wireless AP,
 intentionally allows other people to connect  to their infrastructure
 and the internet  whom  they have no relationship with or prior
 dealings with, in spite of the possibility of network abuse or illegal
 activities,they choose to allow connectivity  without  first
 gathering  information  required to hold the 3rd party responsible for
 their activity.

I find it amusing that you feel the need to continuously repeat an
end user operating a TOR exit node. Is there some reason that it makes
a difference whether the entity operating the TOR exit node or open
Wireless AP is an end user or an ISP? Of course, I would argue that
operating an open Wireless AP or a TOR node makes you a form of ISP
whether you recognize the fact or not.

 An intentional anonymizer which is in contrast to what an ISP does.
 The operator of an ordinary anonymizer service is subject to the
 possibility of court-ordered intercept  upon future use.

So is the operator of a TOR node. The primary difference being that
TOR is specifically engineered to make such an intercept virtually
useless. So it seems your real criticism here is simply that TOR
is a more effective anonymizer.

 If the operator of the Tor node believes that criminal intent is the
 most likely use of the TOR exit node.the degree of intentional
 ignorance might be considered so severe,   that it becomes a situation
 in which they are considered culpable.

This assumes a whole lot of facts not in evidence. If I were to put
up a TOR exit node, I would assume that the most likely intent would
be free speech which is not illegal in my jurisdiction. I don't
consider that I am responsible for the myriad jurisdictions that
may exist at the entry and/or transit points prior to reaching
said exit node.

Do you have any data to support your conclusion that criminal intent is
the most likely use of TOR exit nodes?

 E.g.  the Tor exit node operator might possibly be considered an
 accessory, to the activity occuring on their node,  that they are
 harboring / allowing to occur anonymously.

Very hard to prove that intent beyond a reasonable doubt in my opinion.

 Not to say  whether Tor node operators are possibly guilty of anything or not.
 But they are definitely different from ISPs  in  a number of important ways.

You have yet to show one yet. You've shown how they're different from some
ISPs, but there are many ISPs operating today which don't fit your model
of what constitutes an ISP, so I remain unconvinced.

I'm further unconvinced that your proposed distinctions are actually
meaningful from a legal perspective. Perhaps the lawyer that chimed
in earlier will come back and address this question.

 Any similarity between Open AP/Tor Exit node operator and ISP   are
 highly superficial.

I guess this depends almost entirely on what properties it is that
you believe define an ISP.

Given the number of ISPs that don't have customers, don't collect
data on their customers, and operate free open public access networks,
I don't think that the properties you suggest above can be used in
said definition.

As I said, given that Apple Computer operates such networks quite
intentionally in all of their stores as 

Re: William was raided for running a Tor exit node. Please help if

[Joe Greco]

 An end user operating a TOR exit node, or  wide open Wireless AP,
 intentionally allows other people to connect  to their infrastructure
 and the internet  whom  they have no relationship with or prior
 dealings with, in spite of the possibility of network abuse or illegal
 activities,they choose to allow connectivity  without  first
 gathering  information  required to hold the 3rd party responsible for
 their activity.

Oh please.  I don't know where you've been hiding out for the last half
a decade or so, but around here, every McDonalds, Starbucks, Sam's Club,
Home Depot, Lowe's, and most libraries, hotels, hospitals, and 
laundromats offer WiFi, and those are just the ones I can readily 
think of.

The level of wishful-thinking implied by the quoted text about how the
Internet works is mind-boggling.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: William was raided for running a Tor exit node. Please help if

[Peter Kristolaitis]

On 12/5/2012 8:35 AM, Joe Greco wrote:

An end user operating a TOR exit node, or  wide open Wireless AP,
intentionally allows other people to connect  to their infrastructure
and the internet  whom  they have no relationship with or prior
dealings with, in spite of the possibility of network abuse or illegal
activities,they choose to allow connectivity  without  first
gathering  information  required to hold the 3rd party responsible for
their activity.

Oh please.  I don't know where you've been hiding out for the last half
a decade or so, but around here, every McDonalds, Starbucks, Sam's Club,
Home Depot, Lowe's, and most libraries, hotels, hospitals, and
laundromats offer WiFi, and those are just the ones I can readily
think of.

The level of wishful-thinking implied by the quoted text about how the
Internet works is mind-boggling.

... JG


Yes, but THAT free WiFi is offered by responsible businesses.  We 
certainly can't trust lowly citizens with such things.  It would be 
chaos!  The sky would fall, the world would end, and puppies would be 
kicked.  No, such power should only be in the hands of those we trust.


- Pete




smime.p7s
Description: S/MIME Cryptographic Signature

Re: William was raided for running a Tor exit node. Please help if

[Jean-Francois Mezei]

Does it matter if an anomysing service advertises itself as allowing
free speech to users in countries where free speech is censored,
compared to a service that advertises itself as catering to the mafias
of the world, ensuring their crimes are untraceable ?

In the later case, it makes it very easy to think of the sercice
operator as an accomplice to crime.

But if the primary purpose of a service is legitimate, should the
service operator be held liable if there is *some* misuse which cannot
be prevented by the service operator ?

In my opinion, the operator should remain immune until the police shows
up with a warrant and the operator refuses to cooperate.

Tor exit nodes are not that different from payphones or disposable
pre-paid cellular service where the wireless operator has no verifiable
identity/address for the purchasor of the service.


Are phone companies held liable because the mafia uses a payphone to
plan their crimes  knowing that they can't trace calls to an individual ?

Re: William was raided for running a Tor exit node. Please help if

[Nick B]

I seriously doubt many TOR exit nodes have the political clout to be
considered a common carrier.
In a related note, I wonder if the six-strike rule would violate the ISP's
safe harbor, as it's clearly content inspection.
Nick


On Mon, Dec 3, 2012 at 2:44 PM, Jordan Michaels jor...@viviotech.netwrote:

 On 12/03/2012 03:31 AM, Rich Kulawiec wrote:

 On Mon, Dec 03, 2012 at 08:49:24AM +, Warren Bailey wrote:

 Can you imagine an email thread that lasted longer than an entire
 weekend?


 Yes, I can.  I've participated in some that went on for months.  It's
 simply
 a matter of effectiveness and attention span.

  This email needs to be murdered, because it is completely out of control.


 I disagree, strongly, as this is an issue of unfortunate timely
 relevance to the community.


 +1 I strongly disagree as well. I am very interested to see how this case
 evolves in and out of court. Are Tor exit-node operators going to be given
 the same rights as ISP's who's networks are used for illegal purposes? I
 would hope so, but it doesn't seem like that has happened in this case, so
 I am very interested to hear how the situation pans out.

 It is extremely relevant to the Internet community and to free speech in
 general.

 Kind regards,
 Jordan Michaels
 Vivio Technologies

RE: [tor-talk] William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

Already dealt with that at an airport once.  One look at my picture and
his cleared that right up and they put a note in the entry system that
says I am not this guy.  High tech huh.  Sometimes the system works.  By
the way we have different middle initials and different SSNs.

I have an original DDN TAC Access card, installed BBN nodes for the US
Air Force, and worked for quite a few ISPs, and now work for large
global corporation.  Sorry I did not meet you at NSF net, I worked more
on the DoD side of things.

Steven Naslund

-Original Message-
From: William Allen Simpson [mailto:william.allen.simp...@gmail.com] 
Sent: Friday, November 30, 2012 9:20 PM
To: nanog@nanog.org
Subject: Re: [tor-talk] William was raided for running a Tor exit node.
Please help if you can.

On 11/30/12 5:15 PM, Naslund, Steve wrote:
 Well, in that case  I am really worried that the cops might charge

 me with a crime.  They took my computers and are looking at them.  I 
 did not do anything wrong but just in case they decide to charge me 
 with a crime, please send me some money.

As well you could be, because you appear to have the same name as a
registered sex offender:

   http://www.sexoffenderin.com/reg110698/steven_w_naslundmugshot.htm

On 11/29/12 6:39 PM, Naslund, Steve wrote:
# As a long time service provider ...
#
# my many years of experience in engineering ARPANET, MILNET, and the #
Internet I would have to guess that most Tor servers are used for no #
good much more than they are protecting anyone's privacy.

I'm surprised that medline.com is offering network access as an ISP?
Admittedly, you began posting to NANOG in 2002 as:

   Network Engineering Manager
   Hosting.com - Chicago

While I was involved in engineering NSFnet and the Internet and was an
original member of NANOG, but I don't remember you.  Of course, I'm
notoriously bad with names.

OTOH, I have met, remember, and greatly respect the Tor engineers.

Re: William was raided for running a Tor exit node. Please help if

[Jean-Francois Mezei]

On 12-12-03 14:44, Jordan Michaels wrote:

 case evolves in and out of court. Are Tor exit-node operators going to 
 be given the same rights as ISP's who's networks are used for illegal 
 purposes? 

Perhaps if Tor exit node were called Tor exit Router,
politicians/policemen would have a better understanding that this
service provides no indexing of data, no storage of data and is just a
networking service that is agnostic to whatever data flows through it.

If they declare illegal any part of the internet which makes police
investigations hard  due to lack of traceability/logs  then they can go
after any NAT router, Tor exit nodes, VPN servers etc.

RE: William was raided for running a Tor exit node. Please help if

[Brian Johnson]

I know I'm going to get flamed and excoriated, but here goes

snip
 case evolves in and out of court. Are Tor exit-node operators going to
 be given the same rights as ISP's who's networks are used for illegal
 purposes? I would hope so, but it doesn't seem like that has happened in
 this case, so I am very interested to hear how the situation pans out.

This is a misleading statement. ISP's (Common carriers) do not provide a 
knowingly illegal offering, AND they do provide the PHYSICAL infrastructure for 
packets to be passed and interconnected to other PHYSICAL networks. TOR 
exit/entrance nodes provide only the former. The lack of providing a physical 
infrastructure is crucial. Also, most ISP's (US specifically) are required by 
Law (under subpoena) to provide details to law enforcement.

I really hate this idea of privacy on the Internet. If you really think you 
have the right to use the public infrastructure (to whatever extent you want 
to label the Internet as such) and be completely anonymous, I have a bridge to 
sell you. Network operators may treat your packets to whatever level of 
scrutiny that they may find necessary to determine if they want to pass your 
packets, keeping in mind that good operators want the Internet to work.

I'm waiting for the next hot application to use a widely known bad port and 
see what happens. :)

 
 It is extremely relevant to the Internet community and to free speech in
 general.

I'm actually in agreement that law enforcement may have overstepped here if the 
only reason was the TOR exit point, but having a TOR exit point to me, seems to 
be condoning the actions/statements/packets used through the exit point. You 
are knowingly hiding information that your local government may require you to 
disclose.

Short answer... don't use TOR. It's not a bad thing, but it's not a good thing 
either.

- Brian

Re: William was raided for running a Tor exit node. Please help if

[Valdis . Kletnieks]

On Tue, 04 Dec 2012 17:32:01 +, Brian Johnson said:

 This is a misleading statement. ISP's (Common carriers) do not provide a 
 knowingly
 illegal offering, ... TOR  exit/entrance nodes provide only the former.

This is also a misleading statement.  Explain the difference between
a consumer ISP selling you a cable Internet plan knowing that NN% of
the traffic will be data with questionable copyright status, and
1 of of 5 or so will be a botted box doing other illegal stuff,
and a TOR node providing transit knowing that NN% will be similarly
questionable etc etc etc.

In other words, if TOR exit nodes provide a knowingly illegal offering,
then Comcast is doing exactly the same thing...

(Also, feel free to cite actual statute or case law that says TOR is
by *definition* or finding of fact, a knowingly illegal offering in
and of itself - distinct from what uses the user thereof may do with it.
Absent that, it's not  a knowingly illegal offering the same way that
some sites have ended up in court for contributory copyright infringement.)


pgp20OHLScWaW.pgp
Description: PGP signature

Re: William was raided for running a Tor exit node. Please help if

[Joe Greco]

  This is a misleading statement. ISP's (Common carriers) do not provide a 
  knowingly

I'm trying to remember when ISP's became common carriers...

  illegal offering, ... TOR  exit/entrance nodes provide only the former.
 
 This is also a misleading statement.  Explain the difference between
 a consumer ISP selling you a cable Internet plan knowing that NN% of
 the traffic will be data with questionable copyright status, and
 1 of of 5 or so will be a botted box doing other illegal stuff,
 and a TOR node providing transit knowing that NN% will be similarly
 questionable etc etc etc.

Great point.

The question might also revolve around this issue, restored from the
previous msg:

  AND they do provide the PHYSICAL infrastructure for
  packets to be passed and interconnected to other PHYSICAL networks.

Well, an ISP does do that, but so does an end user's network.  So if
I put a Tor node on an ethernet (PHYSICAL infrastructure) and then
connect that to an ISP (other PHYSICAL networks), that doesn't make
for a real good way to differentiate between an ISP, a commercial ISP
customer who gets routed IP networks via BGP, or an end user who has
an ethernet behind a NAT gateway.  

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: William was raided for running a Tor exit node. Please help if

[Owen DeLong]

On Dec 4, 2012, at 09:32 , Brian Johnson bjohn...@drtel.com wrote:

 I know I'm going to get flamed and excoriated, but here goes
 
 snip
 case evolves in and out of court. Are Tor exit-node operators going to
 be given the same rights as ISP's who's networks are used for illegal
 purposes? I would hope so, but it doesn't seem like that has happened in
 this case, so I am very interested to hear how the situation pans out.
 
 This is a misleading statement. ISP's (Common carriers) do not provide a 
 knowingly illegal offering, AND they do provide the PHYSICAL infrastructure 
 for packets to be passed and interconnected to other PHYSICAL networks. TOR 
 exit/entrance nodes provide only the former. The lack of providing a physical 
 infrastructure is crucial. Also, most ISP's (US specifically) are required by 
 Law (under subpoena) to provide details to law enforcement.
 

I strongly disagree with you.

TOR exit nodes provide a vital physical infrastructure to free speech advocates 
who live in jurisdictions where strong forces are aligned against free speech. 
I'm sure most TOR exit node operators would happily provide all the details 
they have if presented with an appropriate subpoena.

 I really hate this idea of privacy on the Internet. If you really think you 
 have the right to use the public infrastructure (to whatever extent you 
 want to label the Internet as such) and be completely anonymous, I have a 
 bridge to sell you. Network operators may treat your packets to whatever 
 level of scrutiny that they may find necessary to determine if they want to 
 pass your packets, keeping in mind that good operators want the Internet to 
 work.
 

I really cherish this idea of privacy on the internet. It's a strong tool for 
enabling democracy and freedom of speech.

First, the internet hasn't been public infrastructure for a very long time. 
It's a loose collection of privately owned networks with very few pieces still 
owned by government institutions. I don't think anyone has asserted a right 
to use that infrastructure, but, I certainly value that there are people who 
choose to provide it. I think society benefits from having such infrastructure 
available.

I like free speech. I like that there are people making free speech possible in 
places where it is strongly discouraged. While I think it is a shame that child 
pornographers and other nefarious users are able to abuse this infrastructure 
to the detriment of society, the reality is that it is like any other tool. It 
has beneficial uses and harmful uses. Going after the tool is counterproductive 
and harmful.

 I'm waiting for the next hot application to use a widely known bad port 
 and see what happens. :)

What's a bad port? 80? 443? 25? 587? Most of the malware these days uses one 
or more of those.

 
 
 It is extremely relevant to the Internet community and to free speech in
 general.
 
 I'm actually in agreement that law enforcement may have overstepped here if 
 the only reason was the TOR exit point, but having a TOR exit point to me, 
 seems to be condoning the actions/statements/packets used through the exit 
 point. You are knowingly hiding information that your local government may 
 require you to disclose.

Having a TOR exit point is making an effort to provide a service. It doesn't 
condone the nefarious uses of the service any more than running an ISP condones 
running a warez site that happens to get transit services from said ISP.

Running a TOR exit node isn't hiding any information. It's simply not 
collecting the information in the first place. You can't hide information you 
never had.

 
 Short answer... don't use TOR. It's not a bad thing, but it's not a good 
 thing either.

I strongly disagree. TOR is a tool. It's a very good thing in its ability to 
enable democratization of communications and freedom of speech. It also has 
some nefarious uses. Guess what... So do hammers. I don't see anyone calling 
for a ban on the sale of hammers or encouraging carpenters to stop using them.

Owen

Re: William was raided for running a Tor exit node. Please help if

[Jean-Francois Mezei]

In countries where the law does not dictate that all carriers maintain
extensive logs, this is fairly simple. Whether you are a Tor node or a
normal ISP, you do nothig until you get a court ordered warrant, at
which point you  collect information passing through your network and
hand it over to authorities.

So the Tor service remain anonymous until the police suspect illegal
data passing through it, at which point they snoop what passes through
and work they way up to find the true origin of the data.

In countries where log files must be created and retained by law, this
is less simple. Is a Tor node covered by the law ? If so, then it is non
compliant of it fails to colect the law mandated logs.

If the Tor node is not covered by the law, then law enforcment cannot
complain if there are no logs to analyse.

Re: William was raided for running a Tor exit node. Please help if

[Michael Painter]

Owen DeLong wrote:

I strongly disagree with you.

TOR exit nodes provide a vital physical infrastructure to free speech advocates who live in jurisdictions where strong 
forces are
aligned against free speech. I'm sure most TOR exit node operators would happily provide all the details they have if 
presented

with an appropriate subpoena.
I really cherish this idea of privacy on the internet. It's a strong tool for 
enabling democracy and freedom of speech.

[snip]

Isn't William's problem because he used an IP address that was registered to him on the Polish server?  If not, what am I 
missing?


SANS has chimed in via their latest Newsbites:

--TOR Operator Charged For Content Sent Through His Servers
(November 29  30, 2012)
An Austrian man who operated TOR servers has been charged with
distributing child pornography. Authorities detected the images passing
through the servers maintained by the man. Police seized 20 computers
and other equipment from William Weber's home. TOR is an acronym for The
Onion Router, a project developed by the US Naval Research Laboratory
that allows people surf the web anonymously. It is often used by
political dissidents, journalists, and law enforcement officers, and has
also been used by criminals. The offending images were being distributed
by a server in Poland and sent through Weber's servers. Weber operated
exit servers; traffic from these nodes can be traced back to the
servers' IP addresses. While the authorities became friendlier after
understanding where the images came from, there is a precedent for
holding TOR operators liable for content that passes through servers
they operate. The Electronic Frontier Foundations acknowledges the risk
that accompanies operating exit nodes and advises that it's best not
to run your exit relay in your home or using your home Internet
connection.
http://arstechnica.com/tech-policy/2012/11/tor-operator-charged-for-child-porn-transmitted-over-his-servers/
http://www.bbc.co.uk/news/technology-20554788
http://www.zdnet.com/austrian-man-raided-for-operating-tor-exit-node-708133/
[Editor's Note (Ullrich): IMHO, the TOR operator acted like a transit
ISP/NSP in this case.
(Hoan): In many countries it is not illegal to run a Tor exit node.
However, for anyone considering, or are already, running a Tor exit node
you should familiarise yourself with the Electronic Frontier
Foundation's Legal FAQ on the topic at
https://www.eff.org/torchallenge/legal-faq/]

Re: William was raided for running a Tor exit node. Please help if

[Owen DeLong]

On Dec 4, 2012, at 1:36 PM, Brian Johnson bjohn...@drtel.com wrote:

 -Original Message-
 From: Owen DeLong [mailto:o...@delong.com]
 Sent: Tuesday, December 04, 2012 2:22 PM
 To: Brian Johnson
 Cc: Jordan Michaels; nanog@nanog.org
 Subject: Re: William was raided for running a Tor exit node. Please help if
 
 
 On Dec 4, 2012, at 09:32 , Brian Johnson bjohn...@drtel.com wrote:
 
 I know I'm going to get flamed and excoriated, but here goes
 
 snip
 case evolves in and out of court. Are Tor exit-node operators going to
 be given the same rights as ISP's who's networks are used for illegal
 purposes? I would hope so, but it doesn't seem like that has happened in
 this case, so I am very interested to hear how the situation pans out.
 
 This is a misleading statement. ISP's (Common carriers) do not provide a
 knowingly illegal offering, AND they do provide the PHYSICAL infrastructure
 for packets to be passed and interconnected to other PHYSICAL networks.
 TOR exit/entrance nodes provide only the former. The lack of providing a
 physical infrastructure is crucial. Also, most ISP's (US specifically) are 
 required
 by Law (under subpoena) to provide details to law enforcement.
 
 
 I strongly disagree with you.
 
 TOR exit nodes provide a vital physical infrastructure to free speech
 advocates who live in jurisdictions where strong forces are aligned against
 free speech. I'm sure most TOR exit node operators would happily provide all
 the details they have if presented with an appropriate subpoena.
 
 
 TOR is not vital. It is political. I view this not as an issue of morals or 
 political action. It is an issue of a technical nature. A TOR is a way to 
 hide who you are. If I am hiding who you are from someone else and there is a 
 law broken, who do you go after?
 

Merely because something is political does not exclude it from being vital.

There are opportunities for free speech which would be diminished or eliminated 
if TOR were eliminated. As such, yes, it is, in fact a vital political tool.

It was a technical issue until people started having their civil rights 
potentially infringed. At that point, it became political and moral also.

If you are hiding who I am from someone else and I am breaking a law, I presume 
they would come to you asking (or even demanding) what you know about my 
identity. However, that's not what a TOR exit node does. The TOR exit node 
operator isn't hiding the identity of the sender. You can't hide what you never 
knew.

 I really hate this idea of privacy on the Internet. If you really think you 
 have
 the right to use the public infrastructure (to whatever extent you want to
 label the Internet as such) and be completely anonymous, I have a bridge to
 sell you. Network operators may treat your packets to whatever level of
 scrutiny that they may find necessary to determine if they want to pass your
 packets, keeping in mind that good operators want the Internet to work.
 
 
 I really cherish this idea of privacy on the internet. It's a strong tool for
 enabling democracy and freedom of speech.
 
 First, the internet hasn't been public infrastructure for a very long 
 time. It's
 a loose collection of privately owned networks with very few pieces still
 owned by government institutions. I don't think anyone has asserted a
 right to use that infrastructure, but, I certainly value that there are 
 people
 who choose to provide it. I think society benefits from having such
 infrastructure available.
 
 I like free speech. I like that there are people making free speech possible 
 in
 places where it is strongly discouraged. While I think it is a shame that 
 child
 pornographers and other nefarious users are able to abuse this
 infrastructure to the detriment of society, the reality is that it is like 
 any other
 tool. It has beneficial uses and harmful uses. Going after the tool is
 counterproductive and harmful.
 
 This is ridiculous. Owen you damn well know that if you send packets from a 
 source, that source can be tracked back. Add a subpoena, privacy hereby 
 destroyed. Other countries are generally less protective of the citizen than 
 the US and as such... what was your argument again. Oh yeah. I'll be hiding 
 behind my packets. ;P

If you send packets from a source, they can be tracked back in some cases. 
However, if you send your packets to someone nearby, anyone outside of that 
path probably can't easily track them back. If they then rewrite the packets 
and forward them to another who repeats that process and this process is 
repeated a few times, then if the person attempting to do the track-back isn't 
aware of the packets until the very far end, it can, in fact, be virtually 
impossible to track them back to the originator. This, combined with some 
obfuscation of the actual content along the way and a lack of logging is 
basically how TOR works.

Providing an effective cloak of anonymity has repeatedly been shown to allow 
important 

Re: William was raided for running a Tor exit node. Please help if

[Joe Greco]

 I suspect that the 'free speech' part of the total tor traffic volume is 
 pretty small(?).

Something like tor doesn't work if it is all traffic that's free 
speech regarding the regime of whatever country the user lives in.

If it were, it'd be just as sensible to set a DETAIN_AND_TORTURE_ME
bit on your IP traffic instead.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: William was raided for running a Tor exit node. Please help if

[Warren Bailey]

Speaking of torture.. Can you imagine an email thread that lasted longer than 
an entire weekend?

This email needs to be murdered, because it is completely out of control. In 
other words, the shit has been mercilessly beat out of this horse.


From my Galaxy Note II, please excuse any mistakes.


 Original message 
From: Joe Greco jgr...@ns.sol.net
Date: 12/03/2012 12:24 AM (GMT-08:00)
To: Joakim Aronius joa...@aronius.se
Cc: NANOG list nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help if


 I suspect that the 'free speech' part of the total tor traffic volume is 
 pretty small(?).

Something like tor doesn't work if it is all traffic that's free
speech regarding the regime of whatever country the user lives in.

If it were, it'd be just as sensible to set a DETAIN_AND_TORTURE_ME
bit on your IP traffic instead.

... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: William was raided for running a Tor exit node. Please help if you can.

[Aled Morris]

On 3 December 2012 07:19, Joakim Aronius joa...@aronius.se wrote:

  I am all for providing anonymized access to help free speech. Perhaps its
 better with anon access to specific applications like twitter, fb etc and
 not general internet access. I suspect that the 'free speech' part of the
 total tor traffic volume is pretty small(?).



I agree.

I can understand that people need to be anonymous when they are going to
publicly stand against an oppressive regime, or expose corporate corruption
etc.  What I'm not sure I believe as strongly is the justification for
anonymity in private, closed communication - this is the use case for
paedophiles and terrorists organising their crimes.

So in my view, anonymous + public = OK, anonymous + private = doubtful.

This isn't a solution to the troll or hate crimes problem (anonymous people
making statements that are distasteful on public forums) but at least we
can all see this going on and develop other solutions.

Aled

Re: William was raided for running a Tor exit node. Please help if

[Rich Kulawiec]

On Mon, Dec 03, 2012 at 08:49:24AM +, Warren Bailey wrote:
 Can you imagine an email thread that lasted longer than an entire weekend?

Yes, I can.  I've participated in some that went on for months.  It's simply
a matter of effectiveness and attention span.

 This email needs to be murdered, because it is completely out of control. 

I disagree, strongly, as this is an issue of unfortunate timely
relevance to the community.  However, if you, personally, grow tired
of the discussion then of course you can use your email client to
ignore all messages in the thread -- all superior mail clients make
that a trivial exercise.  (I recommend mutt, possibly supplemented
by procmail.  Both tools are suitable for professionals: stable,
mature, portable, and extremely efficient.)

---rsk

Re: William was raided for running a Tor exit node. Please help if

[.]

The crime of routing somebody else traffic in the wrong iso layer.


--
--
ℱin del ℳensaje.

Fwd: [tor-talk] William was raided for running a Tor exit node. Please help if you can.

[Mitar]

Hi!

Forwarding my answer to tor-talk list.


Mitar

-- Forwarded message --
From: Mitar mmi...@gmail.com
Date: Sat, Dec 1, 2012 at 12:29 AM
Subject: Re: [tor-talk] William was raided for running a Tor exit
node. Please help if you can.
To: tor-t...@lists.torproject.org
Cc: nanog@nanog.org

Hi!

On Fri, Nov 30, 2012 at 2:09 PM, Naslund, Steve snasl...@medline.com wrote:
 Remember, they did not raid the Tor exit node.  They raided the home of
 the guy running the Tor exit node.  Way different.

I can probably explain that. We were running a Tor exit node in
Slovenia (neighboring country of Austria, EU too). We had Tor exit
node on collocation at local ISP and the collocation was on friend's
name (not on some legal entity). Twice they came to his home in early
hours with warrant for all computer equipment he has at home. Once
because somebody was using Tor for blackmailing, the second time for
child pornography.

Why they came to his home? I believe the reason is simple: they have
IP, they write to ISP something like Who is your client who had that
and that IP at that and that time? ISP responds: This is X Y, living
there and there and + some other personal information they have on who
this person is. Criminal investigators go to the judge and say We
need a warrant for this and this person at this and this location.
They get one and they come to visit you in early morning hours.

In both cases he just had to explain that: 1) this IP is at
collocation and not at that location and 2) that it is a Tor exit node
and we do not keep any logs of activity through it.

1) tells makes their warrant invalid and you move from being a suspect
(they had in mind that you are using your own home connection to do
something illegal, this is the highest probability based on their
information) to a witness (you are server admin and it is higher
probability that some your user did something illegal).

2) tells them that even if you are a witness, you are worthless
witness: you do not have typical users and services, and you are not
even logging anything. For most services you are not really required
to log anything. Running Tor is not illegal. Having logs for it also
not required.

They left without taking anything and he hasn't heard from them
afterwards (this was few years ago). It might be because both cases
were international (Interpol) so for local investigators it was the
easiest to just write: it was Tor exit nodes, no logs possible to
obtain, case closed. And move on with their lives. If it would be some
local thing with a very motivated investigator they might not believe
him and would still confiscate equipment. But from a point when they
discover that their warrant is probably wrong they are on thin ice as
obviously IP was physically somewhere else.

It might be that in this case of a guy from Austria he didn't know
that it raid is for Tor node but he thought that it might be for
something else and just later on discovered that. Or that they simply
didn't listen to or believe him. Probably it depends on how you
communicate with investigators and your language skills.


Mitar

Re: Legal Crap [was: William was raided for running a Tor exit node. Please help if you can.]

[Barry Shein]

I think one error being made here is discussing the culpability of law
enforcement per se.

That's like blaming the UPS delivery person because something you
bought from Amazon was misleading. Or praising him/her because it was
great.

One way of asserting authority over any property is making very
visible arrests and similar (shutdowns, etc.)

If you follow the Internet Governance sphere a lot of what is going on
is a frantic power grab by various players, particularly govts but
also NGOs, for control of the internet.

This is being heightened by the competitiveness involved, if one
player grabs it before you do then you LOST THE GAME!

Even when they haven't a clue (or only barely) what they're fighting
over surely they can understand that it is bad to LOSE THE GAME!
Particularly to players you don't much like or trust.

As the great VP Dan Quayle was once quoted as saying: If we don't
succeed then we run the risk of failure!*

And that these players are finally figuring out just how powerful the
internet is, at least potentially.

Yeah you can say this has been going on for (insert your own
professional life time in years which is what people do.) Heck, the
whole thing was basically started by the US Dept of Defense, end of
argument, talk about a power player!

But that's sort of like saying that people were trying to capitalize
on the internet for years before the dot com bubble of the late 90s.

It misses the point. Yes you can find examples, no you can't find the
kind of activity and earnestness we're seeing of late.


* If you try to debate, confirm, etc that quote you're a loutish bore,
it stand on its own :-)

-- 
-Barry Shein

The World  | b...@theworld.com   | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD| Dial-Up: US, PR, Canada
Software Tool  Die| Public Access Internet | SINCE 1989 *oo*

Re: William was raided for running a Tor exit node. Please help if you can.

[Joel jaeggli]

On 11/29/12 23:18 , Joakim Aronius wrote:

 I am all for being anonymous on the net but I seriously believe that
 we still need to enforce the law when it comes to serious felonies
 like child pr0n, organized crime etc, we can't give them a free pass
 just by using Tor. I dont think it should be illegal to operate a Tor
 exit node but what just happened could be a consequence of doing it.

The seriousness of crimes that can be committed using anonymization
services should not be diminished. That said the motive I had for
running a tor exit when I did was that speech, and in particular
political organization (dare we call it sedition) are in fact very
serious crimes in many places. R.g. they can result in indefinite
imprisonment, torture, judicial or extra-legal execution and so forth, I
don't consider that unserious..

The internet is potentially quite a useful tool for getting your message
out so long as using it isn't  holding a gun to your own head. While we
site here with the convenient idea of some legal arbitrage which allows
me to do something which isn't illegal  in my own domain to facilitate
something that is quite illegal elsewhere, the fact of the matter is if
you run a service like this you don't get to pick and choose.

Re: William was raided for running a Tor exit node. Please help if you can.

[Michael Painter]

Joel jaeggli wrote:


The internet is potentially quite a useful tool for getting your message
out so long as using it isn't  holding a gun to your own head. While we
site here with the convenient idea of some legal arbitrage which allows
me to do something which isn't illegal  in my own domain to facilitate
something that is quite illegal elsewhere, the fact of the matter is if
you run a service like this you don't get to pick and choose.


In your opinion, would it make *any* kind of semse to engage in child pron AND 
run an exit node?
Thanks,
--Michael

Re: William was raided for running a Tor exit node. Please help if you can.

[Jima]

On 2012-12-02 22:44, Michael Painter wrote:

Joel jaeggli wrote:


The internet is potentially quite a useful tool for getting your message
out so long as using it isn't  holding a gun to your own head. While we
site here with the convenient idea of some legal arbitrage which allows
me to do something which isn't illegal  in my own domain to facilitate
something that is quite illegal elsewhere, the fact of the matter is if
you run a service like this you don't get to pick and choose.


In your opinion, would it make *any* kind of semse to engage in child
pron AND run an exit node?


 It makes a little.  Last I checked (granted: years ago), a user can 
steer their traffic to a given exit node; by doing so, they could pick 
one that they know to have no internal scrutiny (i.e., by the person 
managing the exit node), while maintaining plausible deniability as to 
whether the traffic originating from that exit node was theirs, in the 
event of external scrutiny (as was the case here).


 I suspect running a middle node (not an exit, not an entrance) would 
provide a similar or greater degree of plausible deniability, albeit 
without the assurance of no internal scrutiny of the exit node.


 Jima

Re: William was raided for running a Tor exit node. Please help if you can.

[Joakim Aronius]

* Joel jaeggli (joe...@bogus.com) wrote:
 On 11/29/12 23:18 , Joakim Aronius wrote:
 
  I am all for being anonymous on the net but I seriously believe that
  we still need to enforce the law when it comes to serious felonies
  like child pr0n, organized crime etc, we can't give them a free pass
  just by using Tor. I dont think it should be illegal to operate a Tor
  exit node but what just happened could be a consequence of doing it.
 
 The seriousness of crimes that can be committed using anonymization
 services should not be diminished. That said the motive I had for
 running a tor exit when I did was that speech, and in particular
 political organization (dare we call it sedition) are in fact very
 serious crimes in many places. R.g. they can result in indefinite
 imprisonment, torture, judicial or extra-legal execution and so forth, I
 don't consider that unserious..
 
 The internet is potentially quite a useful tool for getting your message
 out so long as using it isn't  holding a gun to your own head. While we
 site here with the convenient idea of some legal arbitrage which allows
 me to do something which isn't illegal  in my own domain to facilitate
 something that is quite illegal elsewhere, the fact of the matter is if
 you run a service like this you don't get to pick and choose.

I agree. I was about to set up a tor node a few years ago but never got around 
to it. I send cash to orgs working for human rights in countries with 
oppressive regimes. I am all for providing anonymized access to help free 
speech. Perhaps its better with anon access to specific applications like 
twitter, fb etc and not general internet access. I suspect that the 'free 
speech' part of the total tor traffic volume is pretty small(?).

Cheers,
/Joakim 

Legal Crap [was: William was raided for running a Tor exit node. Please help if you can.]

[Patrick W. Gilmore]

On Nov 30, 2012, at 20:25 , Randy Bush ra...@psg.com wrote:

 Not a lawyer.
 
 than stfu with the legal crap

It amazes me how people feel free to opine on things like networking without a 
certification, but if you don't have a law degree, suddenly they believe you 
are incapable of understanding anything regarding the law.

As for the legal crap, most of what is posted is not on-topic here.  There 
are laws  legal implications which are operational, though.  And even though I 
am not a lawyer, I need to understand them or I cannot do my job.  My lawyer is 
not going to pick which datacenter to lease, even if he knows a metric-ass-ton 
more about indemnification than I ever will (at least I hope than I ever will - 
that shit is BOORING).

I appreciate people who have researched and understand the topic giving their 
insights - just like I do regarding BGP, MPLS, IPv6... okay, no jokes about 
IPv6. :)  And, just like with networking topics, I do not appreciate people 
taking up 10K+ of their not-so-closest-friends' time with half-baked ideas from 
people who have not taken the time to understand the subject matter.  However, 
I do not believe the only way to go from the latter group into the former is to 
pass the bar.  (And if so, in what state/country? what specialty? etc., etc.)

I guess this is a long-winded way of saying: If all you have to say is STFU, 
maybe you should take your own advice?

-- 
TTFN,
patrick

Re: William was raided for running a Tor exit node. Please help if you can.

[Jean-Francois Mezei]

The BBC has an article about a similar issue on a Tor exit node in Austria:

Austrian police raid privacy network over child porn
http://www.bbc.co.uk/news/technology-20554788


##
Austrian police have seized servers that were part of a global anonymous
browsing system, after images showing child sex abuse were found passing
through them.

Many people use the Tor network to conceal their browsing activity.

Police raided the home of William Weber, who ran the servers, and
charged him with distributing illegal images.
##


It is unfortunate that systems in place to allow free speech end up
being abused for the wrong purposes. The same applies to anonymous
remailers which have been used to stalk and harass/bully people often
using forged email addresses (since those remailers allow one to forge
the sender's email address instead of forcing an Anonymous sender email.

If Tor servers are just glorified routers then they could be considered
more as transit providers and not responsible for content transiting
through them.

However, if a transit service goes out of its way to hide the identity
of the sender of a packet to make it untraceable, then it becomes more
than a simpler carrier.

Re: William was raided for running a Tor exit node. Please help if

[Joe Greco]

 Those who do not remember history...
 
 On Fri, Nov 30, 2012 at 5:23 PM,  goe...@anime.net wrote:
  http://www.sjgames.com/SS/

Those who do not remember history... what, exactly?

We're doomed to repeat this over and over even if we remember it.

Even if we were to assume that there are no bad actors in law
enforcement, what happens when someone is simply faced with something
so complex that they don't really understand it?  The conventional
wisdom is to seize it and let experts work it out.

But there is the possibility of there being so much data, and such
complexity in modern systems.  What happens when you've got a Mac
and you're running VMware Fusion and you've got VM images sitting
on a NAS device?  Ten or twenty years ago, nab all the media was
pretty straightforward in the average case, but these days, it's
pretty easy even for Joe Sixpack to have some sophistication and
to be storing stuff on a NAS device.  If you have an iomega ix2-dl
with two 4TB hard drives in it, and the thing only reads out at
~60MB/sec, how do you effectively deal with that?  You can either
seize it or not.  You can't realistically analyze the whole thing
on site.  You can't realistically copy it in place (two days to read 
it all!).  So you seize it.  And what happens when it is reliant on 
other stuff on the local network?  And what happens when the police 
can't quite figure out the way everything worked together?

Heaven help us when we start talking about tech-sophisticated users
who employ things like encryption and run multiple levels of
abstractions.  And that brings us to Tor...

The flip side to the coin is that there is such little disincentive
to be aggressive in seizures.  There are any number of examples of
overreach, and since there is virtually no personal risk to the 
authorities responsible, even if the company is successful in
filing suit (see SJ Games).  

The authorities have one hell of a problem going forward.  I hope
that part is obvious.  

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: William was raided for running a Tor exit node. Please help if

[Rich Kulawiec]

On Sat, Dec 01, 2012 at 10:36:56AM -0600, Joe Greco wrote:
 Even if we were to assume that there are no bad actors in law
 enforcement, what happens when someone is simply faced with something
 so complex that they don't really understand it?  The conventional
 wisdom is to seize it and let experts work it out.

There is another problem with that approach.  Actually, two, one
that affects us, one that bears on the root cause.

We all know, or should know, that there are a couple hundred million
zombies (aka bots) out there.  Nobody knows exactly how many, of course,
because it's impossible to know.  But any estimate under 100M should be
discarded immediately, and I think numbers in the 200M to 300M are at
least plausible, if not probable.

Those systems are pretty much EVERYWHERE.  The thing is, we don't know
specifically where until either (a) they do something that's externally
observable that indicates they're zombies AND someone in a position
to observe it makes the observation or (b) someone does a forensic-grade
examination of them -- which is often what it takes to find some of
the more devious malware.

There is nothing at all that stops child porn types from leasing zombies
or creating their own.  There is also nothing stopping them from setting
those systems up to transmit/receive child porn via HTTP/S or SMTP or FTP
or any other protocol.  Or through a VPN or whatever.  No Tor required.

So -- five minutes from now -- you (generic you) could suddenly be in
a position where what happened to this guy is happening to you, because
7 zombies on your network just went active and started shovelling child
porn.  And you probably won't know it because the traffic will be noise
buried in all the other noise.

That is, until the authorities, whoever they are wherever you are,
show up and confiscate everything, including desktops, laptops, servers,
tablets, phones, printers, everything with a CPU.  And why shouldn't they?
Do you think you're immune to this?  Why should you be?  Because you're
an ISP?  A Fortune 500 company?  A major university?  Joe's Donut Shop?
Why should *you* get a pass from this treatment?

My point, which I suppose I should get to, is this:

This tactic (confiscating everything) is simply not a sensible response
by any law enforcement agency.  It's bad police work.  It's lazy. It's
stupid.  And worse than any of THAT, it *helps* the child porn types do
their thing.  (Why?  Because it clearly signals the nature and location
and time of a security breach.  This helps them avoid capture and provides
useful intelligence that can be used to design the next operation.)

The right tactic is to keep all that gear exactly where it is and doing
exactly what it's doing.  The children who have already been horribly,
tragically exploited will not be any more so if those systems keep
running: that damage is done and unplugging computers won't fix it.
But keeping that stuff in place and figuring how to start tracing the
purveyors and producers, THAT will attack the root cause of the problem,
so that maybe other children will be spared, and the people responsible
brought to justice.

I know it's unfashionable for police to, you know, actually engage in
police work any more.  It's tedious, boring, and doesn't make headlines.
It's much easier to hold self-congratulory press conferences, torture
helpless people with tasers, and try to out-do Stasi by setting up a
surveillance state.  But it would be nice if someone with a clue got
them to stop supporting child porn by virtue of being so damn lazy,
ignorant and incompetent.

TL;DR: try a rapier rather than a bludgeon.

---rsk

Re: Legal Crap [was: William was raided for running a Tor exit node. Please help if you can.]

[Jeffrey Ollie]

On Sat, Dec 1, 2012 at 4:21 AM, Patrick W. Gilmore patr...@ianai.net wrote:

 It amazes me how people feel free to opine on things...

Actually, what really bugs/amazes me about that thread is that the
person whom this thread was originally about IS NOT EVEN FROM THE
UNITED STATES OF AMERICA.

CALEA, DMCA, yadda, yadda, yadda have nothing at all to do with the
original problem.

--
Jeff Ollie

Re: Legal Crap [was: William was raided for running a Tor exit node. Please help if you can.]

[George Herbert]

On Dec 1, 2012, at 10:37 AM, Jeffrey Ollie j...@ocjtech.us wrote:

 On Sat, Dec 1, 2012 at 4:21 AM, Patrick W. Gilmore patr...@ianai.net wrote:
 
 It amazes me how people feel free to opine on things...
 
 Actually, what really bugs/amazes me about that thread is that the
 person whom this thread was originally about IS NOT EVEN FROM THE
 UNITED STATES OF AMERICA.
 
 CALEA, DMCA, yadda, yadda, yadda have nothing at all to do with the
 original problem.


True, but false.

The original incident in Austria was being used as an argument against 
anonymous networks in the US or elsewhere.  For US persons the relevant laws 
here are relevant to that followup discussion.


George William Herbert
Sent from my iPhone

Re: Legal Crap [was: William was raided for running a Tor exit node. Please help if you can.]

[Jimmy Hess]

On 12/1/12, Patrick W. Gilmore patr...@ianai.net wrote:
 On Nov 30, 2012, at 20:25 , Randy Bush ra...@psg.com wrote:
 As for the legal crap, most of what is posted is not on-topic here.  There
 are laws  legal implications which are operational, though.  And even
 though I am not a lawyer, I need to understand them or I cannot do my job.
 My lawyer is not going to pick which datacenter to lease, even if he knows a

Laws and legal ramifications are a driving force impacting design and
policy for network operations,  because they have financial
implications,  and finance matters. For example, if you or your orgs'
staff are denied access to your equipment or data and critical servers
are seized or offlined,  while a police investigation is ongoing, due
to a breach of PII confidentiality  (eg Stolen social security numbers
of staff members used by an ID thief), for example,  there is possible
hardship for the org,  even if you or your org fully exercised due
care  and went well beyond the minimum:  with a responsible
well-thought security program, and the offender is an outsider,you
might soon not have a network,  due to bankruptcy.

In this case you might not have any liability or guilt for the
breach, but you have major costs, regardless.


Anyone, including people off the street, can have opinions about the
Law, and opinions about networks. Would you be willing to rely
some  stranger off the street,  with no qualifications, or positive
background whatsoever,   to start recommending a new network design,
or give them a CLI with directions that they can start making whatever
changes they like to your core router?

Would you ask how to configure an AP to be secure,  on a  network law
discussion list?


Opinions are one thing;  but   a large amount of legal mumbo jumbo,
and attempting to suggest you have exactly what a court would find, or
what the exact and only issues are,
that list members can't responsibly rely on anyways (DUE to its
importance  not its non-importance), is a waste of bits,and there
might be a more appropriate  place to  discuss   law  itself.   :)


--
-JH

Re: Legal Crap [was: William was raided for running a Tor exit node. Please help if you can.]

[Dave Crocker]

On 12/1/2012 11:01 AM, Jimmy Hess wrote:

Anyone, including people off the street, can have opinions about the
Law, and opinions about networks. Would you be willing to rely
some  stranger off the street,  with no qualifications, or positive
background whatsoever,   to start recommending a new network design,



quite possibly.  strangers off the street sometimes demonstrate superior 
insight than credentialed 'experts'.  not typically, of course, but 
sometimes.


an essential point is how much work i want to do to assess the 
credibility of the comments from either source.


folks who rely on their credentials for credibility tend to lose it with 
me.  anyone who makes a point by clearly providing a solid basis for it 
tends to gain it.


but i agree that clarity about the purpose of this thread would be 
helpful...


d/
--
 Dave Crocker
 Brandenburg InternetWorking
 bbiw.net

Re: William was raided for running a Tor exit node. Please help if you can.

[Anne P. Mitchell, Esq.]

 Example of an actual warrant:
 
 
 https://www.eff.org/sites/default/files/filenode/inresearchBC/EXHIBIT-A.pdf

Please also keep in mind, if it's relevant, that *no warrant* is required for 
data that is stored by a third-party.  Data on a server, TOR or otherwise, 
would by definition be data that is stored by a third party.  Which means that 
if there is a person of interest (POI), it would not be terribly hard to get at 
personal information about the POI that is not on their own private machines.

(Here is an article we wrote about that:  
http://www.theinternetpatrol.com/no-warrant-necessary-for-law-enforcement-to-access-data-stored-in-the-cloud/
 )

 Not a lawyer.

Is a lawyer, but hasn't been following this thread.  That said, if there are 
specific questions, I'd be happy to answer them if I can.

Anne

Anne P. Mitchell, Esq
CEO/President
Institute for Social Internet Public Policy
http://www.ISIPP.com 
Member, Cal. Bar Cyberspace Law Committee

Re: William was raided for running a Tor exit node. Please help if you can.

[Jutta Zalud]

 The BBC has an article about a similar issue on a Tor exit node in Austria:

 Austrian police raid privacy network over child porn
 http://www.bbc.co.uk/news/technology-20554788

actually it is not a similar case but the case of William W. that
BBC reported. Though with some mistakes: the servers were not seized,
the hardware (drives etc) at his home was seized, William was not
charged (he says), police is just investigating.

http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses/p5

And so far only the police know if images showing child sex abuse
were actually found passing through them as BBC writes.

The warrent posted at arstechnica.net
http://cdn.arstechnica.net/wp-content/uploads/2012/11/Beschluss.png
mentions section 207a, para 2, 2nd case, and para 4 no 2, lit b of
Austrian Criminal Code, which would be possession of a a pornographic
depiction of a minor person over 14, showing their genitals in an
obscene manner. (the text of the relevant section in German:
http://www.ris.bka.gv.at/Dokumente/Bundesnormen/NOR40105143/NOR40105143.html)

The warrent does not mention anything that refers to distribution or
transport of pornographic images. So, either police and judge were not
aware that it was a TOR server or they have/had a suspicion
that's not related to running a TOR server. Or the made a
mistake and quoted the wrong section. We simply don't know at present.

regards,
jutta

am Samstag, 01. Dezember 2012 um 17:10 schrieb nanog@nanog.org:

 The BBC has an article about a similar issue on a Tor exit node in Austria:

 Austrian police raid privacy network over child porn
 http://www.bbc.co.uk/news/technology-20554788


 ##
 Austrian police have seized servers that were part of a global anonymous
 browsing system, after images showing child sex abuse were found passing
 through them.

...

Re: William was raided for running a Tor exit node. Please help if you can.

[Joakim Aronius]

* Will Hargrave (w...@harg.net) wrote:
 
 On 29 Nov 2012, at 20:53, George Herbert george.herb...@gmail.com wrote:
 
  The assertion being made here, that it's somehow illegal (or immoral,
  or scary) for there to be not-completely-traceable internet access in
  the US, is absurd.
 
 The real issue here is *not* the legality of the act of providing a Tor exit 
 node, or an open access point, or anything else. In sensible countries that 
 is perfectly legal. The problem here is the reality of undergoing a criminal 
 investigation. 

It could also be the case that they think the person running the Tor exit node 
is the actual perpetrator, i.e. its needed to seize all HW to get the kiddie 
pr0n. Is it even possible for a network sniffer to distinguish between Tor exit 
traffic and his own traffic?

Hopefully he will get it all back but it will most liklely cost both time and 
money to explain Tor to the Austrian judical system.

 
 Think carefully about the impact of having everything in your life which runs 
 an operating system taken away. Phones. Tablet. Laptop. Servers. All portable 
 drives, data. If you rely on that hardware for your income (and who 
 doesn't?) you're going to have to buy all of that again. And restore your 
 data, if you are able. 

Fully agree.

/J

Re: William was raided for running a Tor exit node. Please help if you can.

[Rich Kulawiec]

On Thu, Nov 29, 2012 at 08:04:02AM -0500, Chris quoted (William):
 Yes, it happened to me now as well - Yesterday i got raided for
 someone sharing child pornography over one of my Tor exits.

Question: what evidence has been published -- that is, placed somewhere
that we can all see it -- that substantiates the claim that child porn
traversed the node in question?

Followup question 1: if no such evidence has been produced, then
why should we believe that it exists?  Extraordinary claims require
extraordinary proof.

Followup question 2: if the goal is to identify and apprehend the
perpetrators of child porn (and that's a good goal) then why would
the police raid this operation?  Would it not make far more sense to
take advantage of the operator's knowledge and experience and quietly
ask for his/her cooperation *while leaving the node running*?

Followup question 3: what evidence in front of us allows us to clearly
discern that this is what it purports to be and not simply an attempt
to shut down a Tor node (and intimidate the operators of others)
by using a plausible excuse based on a universal hot-button issue?

---rsk

Re: William was raided for running a Tor exit node. Please help if you can.

[Jeroen Massar]

On 2012-11-30 13:51 , Joakim Aronius wrote:
 * Will Hargrave (w...@harg.net) wrote:
 
 On 29 Nov 2012, at 20:53, George Herbert george.herb...@gmail.com
 wrote:
 
 The assertion being made here, that it's somehow illegal (or
 immoral, or scary) for there to be not-completely-traceable
 internet access in the US, is absurd.
 
 The real issue here is *not* the legality of the act of providing a
 Tor exit node, or an open access point, or anything else. In
 sensible countries that is perfectly legal. The problem here is the
 reality of undergoing a criminal investigation.
 
 It could also be the case that they think the person running the Tor
 exit node is the actual perpetrator, i.e. its needed to seize all HW
 to get the kiddie pr0n. Is it even possible for a network sniffer to
 distinguish between Tor exit traffic and his own traffic?

Not easily, this as TCP connections originate from the box itself.

 Hopefully he will get it all back but it will most liklely cost both
 time and money to explain Tor to the Austrian judical system.

According to http://raided4tor.cryto.net/ he at least got a full list of
what was confiscated including the various weapons in his possession,
that in combo with the owning of a safe deposit box (which was not
searched) with amongst others cash is an interesting part in personal
security IMHO though ;)

 Think carefully about the impact of having everything in your life
 which runs an operating system taken away. Phones. Tablet. Laptop.
 Servers. All portable drives, data. If you rely on that hardware
 for your income (and who doesn't?) you're going to have to buy all
 of that again. And restore your data, if you are able.

Actually they did not take anything away that was really related to the
what was detected.

The IP that the connection to the (apparently monitored or owned by the
$investigators) CP website came from was a rented server in Poland.
He apparently was notified that that exit node was being used for abuse
and thus 'closed it because of the hacking through it' (which really is
not helping when you still run others and looks a lot like you have
something to hide to me...)

All the other servers he apparently runs in the US and Hong Kong etc are
still up and running too.

Thus the computer things confiscated where effectively unrelated to the
IP that triggered them to look at it.

On 2012-11-30 13:58 , Rich Kulawiec wrote: On Thu, Nov 29, 2012 at
08:04:02AM -0500, Chris quoted (William):
 Yes, it happened to me now as well - Yesterday i got raided for
 someone sharing child pornography over one of my Tor exits.

 Question: what evidence has been published -- that is, placed somewhere
 that we can all see it -- that substantiates the claim that child porn
 traversed the node in question?

The moment you can see that it is real CP you have seen CP.

Do not ask for that. There are special people who have legally signed
documents and agreements that investigate this.


 Followup question 1: if no such evidence has been produced, then
 why should we believe that it exists?  Extraordinary claims require
 extraordinary proof.

What likely is the case, from what I understand, is that the server
hosting the CP was being either monitored or operated by $investigators.

 Followup question 2: if the goal is to identify and apprehend the
 perpetrators of child porn (and that's a good goal) then why would
 the police raid this operation?

Because they maybe think he originated it, see also the note above of
closing the Tor exit that (allegedly) sourced the request(s).

 Would it not make far more sense to
 take advantage of the operator's knowledge and experience and quietly
 ask for his/her cooperation *while leaving the node running*?

He already closed the node, apparently due to hacking happening through it.

But that would not help anyway, as it is Tor, thus unless you are really
really good there is nothing to see there as you'll never find out who
originated the connection through Tor.

 Followup question 3: what evidence in front of us allows us to clearly
 discern that this is what it purports to be and not simply an attempt
 to shut down a Tor node (and intimidate the operators of others)
 by using a plausible excuse based on a universal hot-button issue?

The owner (the William person this is about) shut it down himself.

See the blog mentioned above for more details from his side.

Greets,
 Jeroen

William was raided for running a Tor exit node. Please help if you can.

[b.g. white]

I think if they took the cash registers too the Starbucks lawyer would be
in court an hour later with a motion to quash in one hand and an offer of
full cooperation in the other.

Regards, Bill Herrin

The standard, in the U.S., is any electronic device capable of storing
data.

Re: William was raided for running a Tor exit node. Please help if you can.

[Barry Shein]

On November 29, 2012 at 11:50 george.herb...@gmail.com (George Herbert) wrote:
  On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher tbeec...@localnet.com wrote:
   Assuming it's true, it was bound to happen. Running anything , TOR or
   otherwise, that allows strangers to do whatever they want is just folly.
  
  Such as, say, an Internet Service Provider business?

Or a wi-fi hotspot that only requires clicking Accept, no id involved?

-- 
-Barry Shein

The World  | b...@theworld.com   | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD| Dial-Up: US, PR, Canada
Software Tool  Die| Public Access Internet | SINCE 1989 *oo*

Re: William was raided for running a Tor exit node. Please help if you can.

[Barry Shein]

On November 30, 2012 at 08:18 joa...@aronius.se (Joakim Aronius) wrote:
  
  I am all for being anonymous on the net but I seriously believe that we 
  still need to enforce the law when it comes to serious felonies like child 
  pr0n, organized crime etc, we can't give them a free pass just by using Tor. 
  I dont think it should be illegal to operate a Tor exit node but what just 
  happened could be a consequence of doing it.

Yeah, next they'll let just anyone walk down the sidewalk without
identifying themselves. And those are public sidewalks paid for by tax
dollars!

Or drop a few coins in a public telephone (I know, a little dated, but
they exist) w/o id and commit some crime!

I think some here need to reflect on what they're saying.

Sure, it'd be better to stop bad guys, but this has always been the
problem in a free society, you can't just put draconian rules on
everyone else because otherwise some bad guy might not be immediately
and easily identified.

This was the sort of reasoning they used in the Soviet Union to make
it very difficult to get access to a photocopy machine (ask someone
who lived there, it was practically like buying a firearm in the US.)

We're all (well most of us) glad that law enforcement does its job,
but even the US Constitution (3rd amendment) bothered to state:

No Soldier shall, in time of peace be quartered in any house,
without the consent of the Owner, nor in time of war, but in a
manner to be prescribed by law.

It's only an analogy but I think it's clear, if we're protected from
being forced to provide food  shelter directly to soldiers presumably
defending our lives and country the principle as it pertains to being
required to do whatever law enforcement dreams up to catch bad guys is
pretty clear. As a principle -- Note: I am NOT making a legal point!

Ok, grab onto that manner prescribed by law, but remember that it
said in time of war. None of what we're discussing is relevant to
any war (except as politicians toss around the war on this or that.)

  Of course they might not know abot Tor and believes that it is Mr Williams 
  that is the bad guy. 
  
  /J

Sure, but I assume he told them that :-)

-- 
-Barry Shein

The World  | b...@theworld.com   | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD| Dial-Up: US, PR, Canada
Software Tool  Die| Public Access Internet | SINCE 1989 *oo*

Re: William was raided for running a Tor exit node. Please help if you can.

[Miles Fidelman]

Barry Shein wrote:

On November 30, 2012 at 08:18 joa...@aronius.se (Joakim Aronius) wrote:
  
   I am all for being anonymous on the net but I seriously believe that we 
still need to enforce the law when it comes to serious felonies like child pr0n, 
organized crime etc, we can't give them a free pass just by using Tor. I dont 
think it should be illegal to operate a Tor exit node but what just happened could 
be a consequence of doing it.

Yeah, next they'll let just anyone walk down the sidewalk without
identifying themselves. And those are public sidewalks paid for by tax
dollars!

Or drop a few coins in a public telephone (I know, a little dated, but
they exist) w/o id and commit some crime!

I think some here need to reflect on what they're saying.

Sure, it'd be better to stop bad guys, but this has always been the
problem in a free society, you can't just put draconian rules on
everyone else because otherwise some bad guy might not be immediately
and easily identified.

Well put Barry.  Or, as Ben Franklin put it: They who can give up 
essential liberty to obtain a little temporary safety, deserve neither 
liberty nor safety.


Miles Fidelman*
*

--
In theory, there is no difference between theory and practice.
In practice, there is.    Yogi Berra

Re: William was raided for running a Tor exit node. Please help if you can.

[William Herrin]

On Fri, Nov 30, 2012 at 12:48 PM, Barry Shein b...@world.std.com wrote:
 Yeah, next they'll let just anyone walk down the sidewalk without
 identifying themselves. And those are public sidewalks paid for by tax
 dollars!

If you hang out with criminals, sooner or later you'll encounter a
situation where there is a reasonable suspicion that you committed a
crime. Not because you hung out with criminals but because something
criminal happened while you were hanging out with the criminals and
with only a partial set of facts it appears likely that you did it.

It takes extraordinary diligence to hang out with criminals yet remain
personally above reproach. It's a tightrope many news reporters have
to walk. I have yet to see such diligence practiced in the operation
of a Tor node.

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

Re: William was raided for running a Tor exit node. Please help if you can.

[Owen DeLong]

On Nov 30, 2012, at 4:58 AM, Rich Kulawiec r...@gsp.org wrote:

 On Thu, Nov 29, 2012 at 08:04:02AM -0500, Chris quoted (William):
 Yes, it happened to me now as well - Yesterday i got raided for
 someone sharing child pornography over one of my Tor exits.
 
 Question: what evidence has been published -- that is, placed somewhere
 that we can all see it -- that substantiates the claim that child porn
 traversed the node in question?
 
 Followup question 1: if no such evidence has been produced, then
 why should we believe that it exists?  Extraordinary claims require
 extraordinary proof.
 

I don't find the claim all that extraordinary. I think it was only a
matter of time before the kiddie-pr0n distributors figured out TOR
as a perfect way to distribute anonymously.

 Followup question 2: if the goal is to identify and apprehend the
 perpetrators of child porn (and that's a good goal) then why would
 the police raid this operation?  Would it not make far more sense to
 take advantage of the operator's knowledge and experience and quietly
 ask for his/her cooperation *while leaving the node running*?

Sure, but law enforcement isn't exactly renowned for doing the smart
things in such situations. Especially during their rather extensive
learning curve.

 Followup question 3: what evidence in front of us allows us to clearly
 discern that this is what it purports to be and not simply an attempt
 to shut down a Tor node (and intimidate the operators of others)
 by using a plausible excuse based on a universal hot-button issue?
 

None whatsoever. It's an entirely plausible alternate explanation.
At this point, we can't rule either of them out. However, the basic
theory Never attribute to malice what can be adequately explained
by incompetence. says that the kiddie-pr0n story is more likely.

Owen

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

-Original Message-
From: Rich Kulawiec [mailto:r...@gsp.org] 
Sent: Friday, November 30, 2012 6:59 AM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please
help if you can.

 On Thu, Nov 29, 2012 at 08:04:02AM -0500, Chris quoted (William):
 Yes, it happened to me now as well - Yesterday i got raided for 
 someone sharing child pornography over one of my Tor exits.

 Question: what evidence has been published -- that is, placed
somewhere that we can all see it -- that substantiates the claim that
child porn 
 traversed the node in question?

The cops don't have to present evidence until there is a court case.
Since this guy was not arrested, they have apparently not decided to
charge him yet.  The apparently had some evidence to get the seizure
order.  They have to convince a judge, not the public.


 Followup question 1: if no such evidence has been produced, then why
should we believe that it exists?  Extraordinary claims require
extraordinary 
 proof.

Again, no evidence needed until a prosecution happens. Just enough for
the cops to convince a judge to allow the evidence seizure.

Followup question 2: if the goal is to identify and apprehend the
perpetrators of child porn (and that's a good goal) then why would the
police raid this operation?  Would it not make far more sense to take
advantage of the operator's knowledge and experience and quietly ask for
his/her cooperation *while leaving the node running*?

Maybe the cops think he is a perpetrator.  It is not unthinkable that he
set up a network to hide his own activities.  Note that they seized his
HOME storage devices, not the Tor server.

Followup question 3: what evidence in front of us allows us to clearly
discern that this is what it purports to be and not simply an attempt to
shut down a Tor node (and intimidate the operators of others) by using
a plausible excuse based on a universal hot-button issue?

Since the individual indicates that the Tor node was already down and
the police did not seize it, what makes you think that it was the target
at all.  The individual only indicated that the police asked about the
IP address used by the Tor server during his questioning so it is
possible they did not know it was a Tor node and maybe thought it was at
his apartment.  I have yet to see anything indicating that he is not
allowed to bring his Tor node back online.  I am not assuming this is
only about the Tor node just because the cops asked him about it.  I am
a little concerned that this guy keeps a safe deposit box with a burner
phone and cash around.  Is he a CIA agent? :)

Why would I donate to his legal defense when he has not been charged
yet?  A little premature, no?


---rsk


Steven Naslund

RE: [tor-talk] William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

WAIT A SECOND HERE!?!?

I just read below that this guy runs a large ISP in Austria.  I thought
his Tor node was hosted with an external provider.  If he runs the ISP,
why would he not host his own server in house?  I suppose there are
reasons but I can't think of one, especially if you feel so strongly
about this being your right.  

He talks about moving it to another ISP in the article interviewing him.
How about moving it to the large ISP you run? 

If he runs a large ISP he must not be very good at it if he needs our
donations to help him defend himself from a crime he has not been
charged with yet.  Most of the guys I know that run large ISPs have
legal guys available to them.  They could also come up with 1EUR if
necessary.  

What is he going to do with this money if no charges are filed and they
give his gear back?  If he believes that he is innocent of any crime
then he should be confident they won't find anything to charge him with,
right?

  If convicted i could face up to 6 years in jail, of course i do not 
  want that and i also want to try to set a legal base for running Tor

  exit nodes in Austria or even the EU.
 

Six years in jail for what?  They didn't arrest you yet.  How do you
know what the charges are?  The cops must not be too worried about the
Tor node if they did not seize it.  They seem a lot more interested in
his personal storage devices.  He seems to have a lot of data at home,
not illegal (possibly) but I am wondering what it all might be.  The
cops have a lot of looking around ahead of them.  Seems awful worried
for a guy who claims to be innocent.  I am wondering why he seems so
sure he will be charged that he is building a legal defense fund before
being arrested.


  Sadly we have nothing like the EFF here that could help me in this 
  case by legal assistance, so i'm on my own and require a good
lawyer.
  Thus i'm accepting donations for my legal expenses which i expect to

  be around 5000-1 EUR.

So you know how much it costs to defend a case with unknown charges and
without knowing if you will be arrested yet?!?!?!

This whole thing sounds flakier with every new detail.

Steven Naslund

-Original Message-
From: Eugen Leitl [mailto:eu...@leitl.org] 
Sent: Friday, November 30, 2012 1:25 AM
To: NANOG list
Subject: Re: [tor-talk] William was raided for running a Tor exit node.
Please help if you can.

- Forwarded message from Asad Haider a...@asadhaider.co.uk -

From: Asad Haider a...@asadhaider.co.uk
Date: Thu, 29 Nov 2012 19:37:24 +
To: tor-t...@lists.torproject.org
Subject: Re: [tor-talk] William was raided for running a Tor exit node.
Please help if you can.
Reply-To: tor-t...@lists.torproject.org

William will be posting a statement soon which will explain everything
that's happened and give a detailed account of events, along with
evidence including pictures showing the aftermath of the raid in his
apartment, as well as copies of the warrant and inventory of seized
items.

He runs a large ISP in Austria and is a well respected member of the
community, a lot of us have already sent in donations.

His blog is https://rdns.im/ and I'm guessing the statement will be
posted on there, I'll send everyone a link once it's finished being
written.

On 29 November 2012 19:22, Eugen Leitl eu...@leitl.org wrote:

 - Forwarded message from Emily Ozols win...@team-metro.net -

 From: Emily Ozols win...@team-metro.net
 Date: Fri, 30 Nov 2012 01:14:08 +1100
 To: nanog@nanog.org
 Subject: Re: William was raided for running a Tor exit node. Please
help if
 you can.

 Hi,

 I gotta ask and I'm sure someone would if I didn't, but how do we know

 this guy is legit?
 He's jumped up on a forum saying, Hey, police raided me, help. gib 
 mone plz and failed to provide and reason as to how he's real and not

 just making it up.

 Maybe if there's a way to know this guy is legit, I'll help out if 
 possible, but until then I'm just going to watch others with caution 
 and I suggest others do as well.

 On Fri, Nov 30, 2012 at 12:04 AM, Chris cal...@gmail.com wrote:
  I'm not William and a friend pasted a link on IRC to me. I'm going 
  to send him a few bucks because I know how it feels to get 
  blindsided by the police on one random day and your world is turned
upside down.
 
  Source:
 http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exi
 t-accepting-donations-for-legal-expenses
 
  From the URL:
 
  Yes, it happened to me now as well - Yesterday i got raided for 
  someone sharing child pornography over one of my Tor exits.
  I'm good so far, not in jail, but all my computers and hardware have

  been confiscated.
  (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)
 
  If convicted i could face up to 6 years in jail, of course i do not 
  want that and i also want to try to set a legal base for running Tor

  exit nodes in Austria or even the EU.
 
  Sadly we have nothing like the EFF here that could help 

Re: William was raided for running a Tor exit node. Please help if you can.

[Jimmy Hess]

On 11/29/12, William Herrin b...@herrin.us wrote:

 If the computer at IP:port:timestamp transmitted child porn, a warrant
 for all computers is also too broad. Computers which use said IP

As you know, there may always be some uncertainty about which computer
was using a certain IP address at a certain time --  the computer
assigned that address might have been off,  with a   deviant
individual spoofing MAC address and IP address of a certain computer,
using different equipment still attached to the same physical LAN.

Their warrant authors will probably not say all computers;  they
will more likely say something like all digital storage media,  and
equipment required for access.

Which includes all hard drives, SSDs,  CF cards, diskettes, CDRs,  and
all the computing equipment they are installed in  (keyboard, monitor,
mouse, etc)  normally used to access the media.


 address or which employ forensic countermeasures which prevent a ready
 determination whether they employed said IP address. And have a

DHCP?

 qualified technician on the search team, same as you would for any
 other material being searched.

If they had a qualified technician,  they probably wouldn't be raiding
a TOR exit node in the first place;   they would have investigated the
matter  more thoroughly, and saved precious time.

--
-JH

Re: William was raided for running a Tor exit node. Please help if you can.

[Peter Kristolaitis]

On 11/30/2012 04:01 PM, Naslund, Steve wrote:

   I am a little concerned that this guy keeps a safe deposit box with a burner
phone and cash around.  Is he a CIA agent? :)
Anyone who DOESN'T have such things stashed away somewhere is, IMHO, 
incredibly naive and taking on quite a large amount of risk.


The likelihood (and hope) is that you'll never need it.  But on the off 
chance that you get f***ed by the legal system because of some power 
hungry, mouth-breather cop who can't/won't understand that you've done 
nothing wrong -- or worse, that you're easily provably within the law, 
but he believes that you're not and drags you through the process 
anyways -- you'll be very happy that you stashed away that old unlocked 
cell phone, old laptop, change of clothes and cash.


I'm a (legal) firearms owner... up here in Canada, where some previous 
governments enacted extreme anti-gun legislation, that pretty much means 
that if I so much as sneeze in a way that a cop doesn't like, I can have 
my life ruined pretty damned fast (not quite, but really close).  I 
wouldn't bet against me having an excrement-hitting-the-oscillator stash 
like this guy does.  ;)


(Note:  I don't mean to imply that all cops are power hungry 
mouth-breathers intent on destroying the lives of citizens.   Most cops 
are fundamentally good people and do a great job.  But like every other 
profession, there ARE bad cops out there, and it's within the realm of 
possibility that you'll deal with one of them one day.)



Why would I donate to his legal defense when he has not been charged
yet?  A little premature, no?

If you think that legal costs in a criminal case only start when you've 
been formally charged, you're grossly misinformed.   At what point you 
personally decide to donate is one thing, but implying that someone 
doesn't need a defense fund prior to charges being laid is a bit naive 
about how the process works.


- Pete

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

As a network professional do I not have a duty to protect my companies
network from unauthorized access within my ability to do so?  I think I
do.  If you lost all of your credit card and identity data because I
left an open wifi hotspot on my network would you have a liability case?
I sure think so.
If I go into your building and plug in an open wifi hotspot that allows
a hacker to gain access to your stuff, is that illegal?  I think it is.

In this case we are not talking about a civil claim of negligence at
all.  It is not even a civil case.  Let's look at it more as the
credibility of deniability.  Grandma can claim in court that she had no
idea that the neighborhood was using her wifi and be believable.  I
can't make that claim because it is easy to prove that I know better.
Whether the act itself is legal is another matter, but the ability to
deny knowledge of the act is the question.  So, the way this translates
is Sir, did you know that a large percentage of Tor use is for illegal
activities?  How does this guy answer no when he supposedly runs a
large ISP?

As far as the anonymous remailer, at that time sending anonymous email
or spam was not yet illegal.  Many ISPs began cracking down on open mail
relays well before the CAN SPAM stuff came about because it was good
business and most of the industry agreed that open mail relay was bad.  

What I find really interesting is that the ISP (in general, there are a
few rogues) will immediately shut down access to an open mail relay
being hosted by their customer because it enables SPAM, but would allow
a Tor relay that allows lots of illegal activity.

I can tell you exactly why this happens.  Most network professionals
hate spam, its inconvenience, its clogging of the systems we maintain,
and we declared war on the spammers.  Tor however enables a whole lot of
gray area activities like media piracy, warez, and lots of other stuff
that some of us are less concerned about (and some of us actually use).
If the ISPs and engineers get concerned about any of this stuff, we are
capable of killing it off easier than the law enforcement channels.  We
never eliminated SPAM but it was made a lot tougher.  Unfortunately, the
history of the public Internet shows that one of the technology drivers
of higher and better connections are for things like media sharing and
distribution which includes some not so savory or legal sharing and
distribution and some not so nice media.

Steven Naslund



-Original Message-
From: Michael Froomkin - U.Miami School of Law
[mailto:froom...@law.miami.edu] 
Sent: Thursday, November 29, 2012 6:30 PM
To: Naslund, Steve
Cc: NANOG
Subject: RE: William was raided for running a Tor exit node. Please help
if you can.

On Thu, 29 Nov 2012, Naslund, Steve wrote:

[...]

 When it comes to running an open access point, I think the legal issue

 would be negligence.  Is it negligence for the 90 year old grandma to 
 have an open AP (probably not, just didn't know better)?  Is it 
 negligence for me to have an open AP (probably, I am a network 
 professional and know how to secure a network).


In order for there to be a civil claim of negligence there must be,
inter alia, a breach of duty.

What duty has been breached in your scenario?  None.

[...]

 This is certainly an interesting discussion and I think there are not 
 a lot of concrete answers since this is on the edge of technology law.

 I

Actually some of us have been teaching and writing about this stuff
since the mid 1990s.  These issues are far from new; we went through
them in the early anonymous remailer days.

relurk

--
A. Michael Froomkin, http://www.law.tm Blog: http://www.discourse.net
Laurie Silvers  Mitchell Rubenstein Distinguished Professor of Law
Editor, Jotwell: The Journal of Things We Like (Lots),  jotwell.com U.
Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA
+1 (305) 284-4285  |+1 (305) 284-6506 (fax)  |  froom...@law.tm
--It's warm here.--

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

OK, there must be a lot more paranoid people out there than I thought
there were.  I personally don't have a runaway kit stashed away.  I
will get right on that. So when that mouth breather cop won't believe
you are innocent, your answer is to grab your stuff and go on the lamb
for awhile?  I am sure he will let you out to go to the bank, get your
stuff, and leave town.  I think you have seen way to many movies.

So if the cops show up at his door tomorrow and say Here's all your
stuff back, there was no evidence of a crime., you are OK with this
guys keeping the defense fund?

Steve

-Original Message-
From: Peter Kristolaitis [mailto:alte...@alter3d.ca] 
Sent: Friday, November 30, 2012 3:53 PM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.


On 11/30/2012 04:01 PM, Naslund, Steve wrote:
I am a little concerned that this guy keeps a safe deposit box with

 a burner phone and cash around.  Is he a CIA agent? :)
Anyone who DOESN'T have such things stashed away somewhere is, IMHO,
incredibly naive and taking on quite a large amount of risk.

The likelihood (and hope) is that you'll never need it.  But on the off
chance that you get f***ed by the legal system because of some power
hungry, mouth-breather cop who can't/won't understand that you've done
nothing wrong -- or worse, that you're easily provably within the law,
but he believes that you're not and drags you through the process
anyways -- you'll be very happy that you stashed away that old unlocked
cell phone, old laptop, change of clothes and cash.

I'm a (legal) firearms owner... up here in Canada, where some previous
governments enacted extreme anti-gun legislation, that pretty much means
that if I so much as sneeze in a way that a cop doesn't like, I can have
my life ruined pretty damned fast (not quite, but really close).  I
wouldn't bet against me having an excrement-hitting-the-oscillator stash
like this guy does.  ;)

(Note:  I don't mean to imply that all cops are power hungry 
mouth-breathers intent on destroying the lives of citizens.   Most cops 
are fundamentally good people and do a great job.  But like every other
profession, there ARE bad cops out there, and it's within the realm of
possibility that you'll deal with one of them one day.)

 Why would I donate to his legal defense when he has not been charged 
 yet?  A little premature, no?

If you think that legal costs in a criminal case only start when you've 
been formally charged, you're grossly misinformed.   At what point you 
personally decide to donate is one thing, but implying that someone
doesn't need a defense fund prior to charges being laid is a bit naive
about how the process works.

- Pete

Re: William was raided for running a Tor exit node. Please help if you can.

[Rayson Ho]

On Fri, Nov 30, 2012 at 4:46 PM, Jimmy Hess mysi...@gmail.com wrote:
 If they had a qualified technician,  they probably wouldn't be raiding
 a TOR exit node in the first place;   they would have investigated the
 matter  more thoroughly, and saved precious time.

And what if the TOR exit node was in the cloud? Are they going to
confiscate millions of servers just because a few of them were hosting
child pornography??

(I am a believer of Cloud Computing, and in fact earlier this month we
had a 10,000-node Grid Engine HPC cluster running in Amazon EC2:
http://blogs.scalablelogic.com/2012/11/running-1-node-grid-engine-cluster.html
)

I believe most Cloud providers (Google, Amazon, IBM, etc) have some
sort of disclaimer clause... but then one can get a VPN account easily
too (there are many free ones as well)! So how could VPN, local coffee
shops, and cloud providers protect themselves from this kind of
non-sense??

Rayson

==
Open Grid Scheduler - The Official Open Source Grid Engine
http://gridscheduler.sourceforge.net/



 --
 -JH

Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.

[Sam Tetherow]

On 11/30/2012 03:30 PM, Naslund, Steve wrote:

WAIT A SECOND HERE!?!?

I just read below that this guy runs a large ISP in Austria.  I thought
his Tor node was hosted with an external provider.  If he runs the ISP,
why would he not host his own server in house?  I suppose there are
reasons but I can't think of one, especially if you feel so strongly
about this being your right.

He talks about moving it to another ISP in the article interviewing him.
How about moving it to the large ISP you run?

If he runs a large ISP he must not be very good at it if he needs our
donations to help him defend himself from a crime he has not been
charged with yet.  Most of the guys I know that run large ISPs have
legal guys available to them.  They could also come up with 1EUR if
necessary.

What is he going to do with this money if no charges are filed and they
give his gear back?  If he believes that he is innocent of any crime
then he should be confident they won't find anything to charge him with,
right?


If convicted i could face up to 6 years in jail, of course i do not
want that and i also want to try to set a legal base for running Tor
exit nodes in Austria or even the EU.


Six years in jail for what?  They didn't arrest you yet.  How do you
know what the charges are?  The cops must not be too worried about the
Tor node if they did not seize it.  They seem a lot more interested in
his personal storage devices.  He seems to have a lot of data at home,
not illegal (possibly) but I am wondering what it all might be.  The
cops have a lot of looking around ahead of them.  Seems awful worried
for a guy who claims to be innocent.  I am wondering why he seems so
sure he will be charged that he is building a legal defense fund before
being arrested.



Sadly we have nothing like the EFF here that could help me in this
case by legal assistance, so i'm on my own and require a good

lawyer.

Thus i'm accepting donations for my legal expenses which i expect to
be around 5000-1 EUR.

So you know how much it costs to defend a case with unknown charges and
without knowing if you will be arrested yet?!?!?!

This whole thing sounds flakier with every new detail.

Steven Naslund

-Original Message-
From: Eugen Leitl [mailto:eu...@leitl.org]
Sent: Friday, November 30, 2012 1:25 AM
To: NANOG list
Subject: Re: [tor-talk] William was raided for running a Tor exit node.
Please help if you can.

- Forwarded message from Asad Haider a...@asadhaider.co.uk -

From: Asad Haider a...@asadhaider.co.uk
Date: Thu, 29 Nov 2012 19:37:24 +
To: tor-t...@lists.torproject.org
Subject: Re: [tor-talk] William was raided for running a Tor exit node.
Please help if you can.
Reply-To: tor-t...@lists.torproject.org

William will be posting a statement soon which will explain everything
that's happened and give a detailed account of events, along with
evidence including pictures showing the aftermath of the raid in his
apartment, as well as copies of the warrant and inventory of seized
items.

He runs a large ISP in Austria and is a well respected member of the
community, a lot of us have already sent in donations.

His blog is https://rdns.im/ and I'm guessing the statement will be
posted on there, I'll send everyone a link once it's finished being
written.

On 29 November 2012 19:22, Eugen Leitl eu...@leitl.org wrote:


- Forwarded message from Emily Ozols win...@team-metro.net -

From: Emily Ozols win...@team-metro.net
Date: Fri, 30 Nov 2012 01:14:08 +1100
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please

help if

 you can.

Hi,

I gotta ask and I'm sure someone would if I didn't, but how do we know
this guy is legit?
He's jumped up on a forum saying, Hey, police raided me, help. gib
mone plz and failed to provide and reason as to how he's real and not
just making it up.

Maybe if there's a way to know this guy is legit, I'll help out if
possible, but until then I'm just going to watch others with caution
and I suggest others do as well.

On Fri, Nov 30, 2012 at 12:04 AM, Chris cal...@gmail.com wrote:

I'm not William and a friend pasted a link on IRC to me. I'm going
to send him a few bucks because I know how it feels to get
blindsided by the police on one random day and your world is turned

upside down.

Source:

http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exi
t-accepting-donations-for-legal-expenses

 From the URL:

Yes, it happened to me now as well - Yesterday i got raided for
someone sharing child pornography over one of my Tor exits.
I'm good so far, not in jail, but all my computers and hardware have
been confiscated.
(20 computers, 100TB+ storage, My Tablets/Consoles/Phones)

If convicted i could face up to 6 years in jail, of course i do not
want that and i also want to try to set a legal base for running Tor
exit nodes in Austria or even the EU.

Sadly we have nothing like the EFF here that could help me in this
case by legal 

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

From: Jimmy Hess [mailto:mysi...@gmail.com] 
Sent: Friday, November 30, 2012 3:47 PM
To: William Herrin
Cc: NANOG list
Subject: Re: William was raided for running a Tor exit node. Please
help if you can.

On 11/29/12, William Herrin b...@herrin.us wrote:

 If the computer at IP:port:timestamp transmitted child porn, a
warrant 
 for all computers is also too broad. Computers which use said IP

As you know, there may always be some uncertainty about which computer
was using a certain IP address at a certain time --  the computer
assigned that address might have been off,  with a   deviant
individual spoofing MAC address and IP address of a certain computer,
using different equipment still attached to the same physical LAN.

Their warrant authors will probably not say all computers;  they will
more likely say something like all digital storage media,  and equipment
required for access.

Funny thing is they hit his residence, not the location where
the Tor server was located.  Most likely they tracked the Tor server's
IP to anaccount at the ISP that hosted it, that pointed at his
residence.  Strange that they did not seize the server itself according
to the interview of the guy involved.


Which includes all hard drives, SSDs,  CF cards, diskettes, CDRs,  and
all the computing equipment they are installed in  (keyboard, monitor,
mouse, etc)  normally used to access the media.

Probably said all computing equipment and media on the premise.
That is extremely common language for these warrants.  I have never,
ever, heard of a seizure that only involved a single IP address.  The
cops know that media moves around.


 address or which employ forensic countermeasures which prevent a
ready 
 determination whether they employed said IP address. And have a

DHCP?

 qualified technician on the search team, same as you would for any 
 other material being searched.

If they had a qualified technician,  they probably wouldn't be raiding
a TOR exit node in the first place;   they would have investigated the
matter  more thoroughly, and saved precious time.


Remember, they did not raid the Tor exit node.  They raided the home of
the guy running the Tor exit node.  Way different.


--
-JH


Steven Naslund

RE: William was raided for running a Tor exit node. Please help if you can.

[Eric Wieling]

-Original Message-
From: Peter Kristolaitis [mailto:alte...@alter3d.ca] 
Sent: Friday, November 30, 2012 4:53 PM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help if 
you can.

 (Note:  I don't mean to imply that all cops are power hungry 
mouth-breathers intent on destroying the lives of citizens.   Most cops 
are fundamentally good people and do a great job.  But like every other 
profession, there ARE bad cops out there, and it's within the realm of 
possibility that you'll deal with one of them one day.)

Power corrupts and cops have power.What scares me is that there is no way 
*I* can tell the difference between a cop who accepts free coffee from the 
local café and a cop who will lie to get what they want.

Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.

[Warren Bailey]

When is the last time you were arrested, or even in a legal situation
which required your attention as a defendant? It seems pretty straight
forward, but I can assure you this guy is getting very little sleep and
his heart is beating out of his chest. Granted this entire situation is
taking place in a legal venue which I have no understanding of (The EU
obviously does things differently). I think it was pretty risky to
consider running a Tor node, much less being involved in running multiple
nodes. This entire situation is beginning to read like a Kim DotCom (or
Schmitz for those of us who worked for him at some point) novel, where an
outside force directed a local LEA to perform some kind of raid to get
someone's attention. This was obviously not a helicopter raid with SWAT,
ala RapidShare, but I hope you get the point. This guy is sweating bullets
because he has no idea what is going to happen next (in my humble
opinion), so his rational thought process and/or even discussing when he
will return the funds donated is a pre-mature at best.

Just my .02.

On 11/30/12 1:30 PM, Naslund, Steve snasl...@medline.com wrote:

WAIT A SECOND HERE!?!?

I just read below that this guy runs a large ISP in Austria.  I thought
his Tor node was hosted with an external provider.  If he runs the ISP,
why would he not host his own server in house?  I suppose there are
reasons but I can't think of one, especially if you feel so strongly
about this being your right.

He talks about moving it to another ISP in the article interviewing him.
How about moving it to the large ISP you run?

If he runs a large ISP he must not be very good at it if he needs our
donations to help him defend himself from a crime he has not been
charged with yet.  Most of the guys I know that run large ISPs have
legal guys available to them.  They could also come up with 1EUR if
necessary.  

What is he going to do with this money if no charges are filed and they
give his gear back?  If he believes that he is innocent of any crime
then he should be confident they won't find anything to charge him with,
right?

  If convicted i could face up to 6 years in jail, of course i do not
  want that and i also want to try to set a legal base for running Tor

  exit nodes in Austria or even the EU.
 

Six years in jail for what?  They didn't arrest you yet.  How do you
know what the charges are?  The cops must not be too worried about the
Tor node if they did not seize it.  They seem a lot more interested in
his personal storage devices.  He seems to have a lot of data at home,
not illegal (possibly) but I am wondering what it all might be.  The
cops have a lot of looking around ahead of them.  Seems awful worried
for a guy who claims to be innocent.  I am wondering why he seems so
sure he will be charged that he is building a legal defense fund before
being arrested.


  Sadly we have nothing like the EFF here that could help me in this
  case by legal assistance, so i'm on my own and require a good
lawyer.
  Thus i'm accepting donations for my legal expenses which i expect to

  be around 5000-1 EUR.

So you know how much it costs to defend a case with unknown charges and
without knowing if you will be arrested yet?!?!?!

This whole thing sounds flakier with every new detail.

Steven Naslund

-Original Message-
From: Eugen Leitl [mailto:eu...@leitl.org]
Sent: Friday, November 30, 2012 1:25 AM
To: NANOG list
Subject: Re: [tor-talk] William was raided for running a Tor exit node.
Please help if you can.

- Forwarded message from Asad Haider a...@asadhaider.co.uk -

From: Asad Haider a...@asadhaider.co.uk
Date: Thu, 29 Nov 2012 19:37:24 +
To: tor-t...@lists.torproject.org
Subject: Re: [tor-talk] William was raided for running a Tor exit node.
   Please help if you can.
Reply-To: tor-t...@lists.torproject.org

William will be posting a statement soon which will explain everything
that's happened and give a detailed account of events, along with
evidence including pictures showing the aftermath of the raid in his
apartment, as well as copies of the warrant and inventory of seized
items.

He runs a large ISP in Austria and is a well respected member of the
community, a lot of us have already sent in donations.

His blog is https://rdns.im/ and I'm guessing the statement will be
posted on there, I'll send everyone a link once it's finished being
written.

On 29 November 2012 19:22, Eugen Leitl eu...@leitl.org wrote:

 - Forwarded message from Emily Ozols win...@team-metro.net -

 From: Emily Ozols win...@team-metro.net
 Date: Fri, 30 Nov 2012 01:14:08 +1100
 To: nanog@nanog.org
 Subject: Re: William was raided for running a Tor exit node. Please
help if
 you can.

 Hi,

 I gotta ask and I'm sure someone would if I didn't, but how do we know

 this guy is legit?
 He's jumped up on a forum saying, Hey, police raided me, help. gib
 mone plz and failed to provide and reason as to how he's real and not

 just making it up.

 

RE: [tor-talk] William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

Well, in that case  I am really worried that the cops might charge
me with a crime.  They took my computers and are looking at them.  I did
not do anything wrong but just in case they decide to charge me with a
crime, please send me some money.


Thanks,

Steven Naslund

-Original Message-
From: Warren Bailey [mailto:wbai...@satelliteintelligencegroup.com] 
Sent: Friday, November 30, 2012 4:12 PM
To: Naslund, Steve; NANOG list
Subject: Re: [tor-talk] William was raided for running a Tor exit node.
Please help if you can.

When is the last time you were arrested, or even in a legal situation
which required your attention as a defendant? It seems pretty straight
forward, but I can assure you this guy is getting very little sleep and
his heart is beating out of his chest. Granted this entire situation is
taking place in a legal venue which I have no understanding of (The EU
obviously does things differently). I think it was pretty risky to
consider running a Tor node, much less being involved in running
multiple nodes. This entire situation is beginning to read like a Kim
DotCom (or Schmitz for those of us who worked for him at some point)
novel, where an outside force directed a local LEA to perform some kind
of raid to get someone's attention. This was obviously not a helicopter
raid with SWAT, ala RapidShare, but I hope you get the point. This guy
is sweating bullets because he has no idea what is going to happen next
(in my humble opinion), so his rational thought process and/or even
discussing when he will return the funds donated is a pre-mature at
best.

Just my .02.

On 11/30/12 1:30 PM, Naslund, Steve snasl...@medline.com wrote:

WAIT A SECOND HERE!?!?

I just read below that this guy runs a large ISP in Austria.  I thought

his Tor node was hosted with an external provider.  If he runs the ISP,

why would he not host his own server in house?  I suppose there are 
reasons but I can't think of one, especially if you feel so strongly 
about this being your right.

He talks about moving it to another ISP in the article interviewing
him.
How about moving it to the large ISP you run?

If he runs a large ISP he must not be very good at it if he needs our 
donations to help him defend himself from a crime he has not been 
charged with yet.  Most of the guys I know that run large ISPs have 
legal guys available to them.  They could also come up with 1EUR if

necessary.

What is he going to do with this money if no charges are filed and they

give his gear back?  If he believes that he is innocent of any crime 
then he should be confident they won't find anything to charge him 
with, right?

  If convicted i could face up to 6 years in jail, of course i do not

  want that and i also want to try to set a legal base for running 
  Tor

  exit nodes in Austria or even the EU.
 

Six years in jail for what?  They didn't arrest you yet.  How do you 
know what the charges are?  The cops must not be too worried about the 
Tor node if they did not seize it.  They seem a lot more interested in 
his personal storage devices.  He seems to have a lot of data at home, 
not illegal (possibly) but I am wondering what it all might be.  The 
cops have a lot of looking around ahead of them.  Seems awful worried 
for a guy who claims to be innocent.  I am wondering why he seems so 
sure he will be charged that he is building a legal defense fund before

being arrested.


  Sadly we have nothing like the EFF here that could help me in this 
  case by legal assistance, so i'm on my own and require a good
lawyer.
  Thus i'm accepting donations for my legal expenses which i expect 
  to

  be around 5000-1 EUR.

So you know how much it costs to defend a case with unknown charges and

without knowing if you will be arrested yet?!?!?!

This whole thing sounds flakier with every new detail.

Steven Naslund

-Original Message-
From: Eugen Leitl [mailto:eu...@leitl.org]
Sent: Friday, November 30, 2012 1:25 AM
To: NANOG list
Subject: Re: [tor-talk] William was raided for running a Tor exit node.
Please help if you can.

- Forwarded message from Asad Haider a...@asadhaider.co.uk -

From: Asad Haider a...@asadhaider.co.uk
Date: Thu, 29 Nov 2012 19:37:24 +
To: tor-t...@lists.torproject.org
Subject: Re: [tor-talk] William was raided for running a Tor exit node.
   Please help if you can.
Reply-To: tor-t...@lists.torproject.org

William will be posting a statement soon which will explain everything 
that's happened and give a detailed account of events, along with 
evidence including pictures showing the aftermath of the raid in his 
apartment, as well as copies of the warrant and inventory of seized 
items.

He runs a large ISP in Austria and is a well respected member of the 
community, a lot of us have already sent in donations.

His blog is https://rdns.im/ and I'm guessing the statement will be 
posted on there, I'll send everyone a link once it's finished being 
written.

On 29 November 2012 

Re: William was raided for running a Tor exit node. Please help if you can.

[Peter Kristolaitis]

I didn't say anything about trying to run away.  That probably won't 
accomplish a whole lot in the long run.   But when all of your bank 
accounts and credit cards are frozen, and your house is a crime scene, 
at least you have the means to rent a hotel room, contact 
family/lawyers, etc.


And no, I'm not OK with people keeping any money that was donated for a 
specific purpose in excess of what was actually used.  You'd hope that 
he'd be a good guy about it and give back the portion that wasn't used, 
or clearly state that any excess will go to charity or something.  
However, there's no such guarantee (short of doing it through a trust 
fund with his lawyer), and just like any philanthropic venture, it's up 
to each donor choose when/if they'll help out.   It's just like 
Kickstarter -- you hope to get something good out of it, but if it 
bombs, well... you pay your money and you take your chances.


- Pete



On 11/30/2012 05:02 PM, Naslund, Steve wrote:

OK, there must be a lot more paranoid people out there than I thought
there were.  I personally don't have a runaway kit stashed away.  I
will get right on that. So when that mouth breather cop won't believe
you are innocent, your answer is to grab your stuff and go on the lamb
for awhile?  I am sure he will let you out to go to the bank, get your
stuff, and leave town.  I think you have seen way to many movies.

So if the cops show up at his door tomorrow and say Here's all your
stuff back, there was no evidence of a crime., you are OK with this
guys keeping the defense fund?

Steve

-Original Message-
From: Peter Kristolaitis [mailto:alte...@alter3d.ca]
Sent: Friday, November 30, 2012 3:53 PM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.


On 11/30/2012 04:01 PM, Naslund, Steve wrote:

I am a little concerned that this guy keeps a safe deposit box with
a burner phone and cash around.  Is he a CIA agent? :)

Anyone who DOESN'T have such things stashed away somewhere is, IMHO,
incredibly naive and taking on quite a large amount of risk.

The likelihood (and hope) is that you'll never need it.  But on the off
chance that you get f***ed by the legal system because of some power
hungry, mouth-breather cop who can't/won't understand that you've done
nothing wrong -- or worse, that you're easily provably within the law,
but he believes that you're not and drags you through the process
anyways -- you'll be very happy that you stashed away that old unlocked
cell phone, old laptop, change of clothes and cash.

I'm a (legal) firearms owner... up here in Canada, where some previous
governments enacted extreme anti-gun legislation, that pretty much means
that if I so much as sneeze in a way that a cop doesn't like, I can have
my life ruined pretty damned fast (not quite, but really close).  I
wouldn't bet against me having an excrement-hitting-the-oscillator stash
like this guy does.  ;)

(Note:  I don't mean to imply that all cops are power hungry
mouth-breathers intent on destroying the lives of citizens.   Most cops
are fundamentally good people and do a great job.  But like every other
profession, there ARE bad cops out there, and it's within the realm of
possibility that you'll deal with one of them one day.)


Why would I donate to his legal defense when he has not been charged
yet?  A little premature, no?


If you think that legal costs in a criminal case only start when you've
been formally charged, you're grossly misinformed.   At what point you
personally decide to donate is one thing, but implying that someone
doesn't need a defense fund prior to charges being laid is a bit naive
about how the process works.

- Pete

Re: William was raided for running a Tor exit node. Please help if you can.

[William Herrin]

On Fri, Nov 30, 2012 at 4:46 PM, Jimmy Hess mysi...@gmail.com wrote:
 On 11/29/12, William Herrin b...@herrin.us wrote:
 If the computer at IP:port:timestamp transmitted child porn, a warrant
 for all computers is also too broad. Computers which use said IP

 As you know, there may always be some uncertainty about which computer
 was using a certain IP address at a certain time --  the computer
 assigned that address might have been off,  with a   deviant

Or more likely behind a NAT device where the address which presents is
the NAT device. But the police won't know that until they search.
Until they search they have no factual basis for the presumptions
either that more than one computer was associated with the activity or
that it isn't possible to readily identify which computer was
involved. That Tor node was probably on a static IP address and was
probably  on the same static IP address at the time of the alleged
activity.

Reasonable suspicion doesn't mean Bob thinks you did it, it means
that there's a trail of facts which lead *directly* to the evidence
you seek permission to seize. The trail to child porn doesn't include
the right to seize the stack of John Denver music and while it might
include the right to search the shelf of DVDs it doesn't include the
right to seize the ones produced by Disney. The right to search your
computer and the right to seize it are not at all the same thing.

Practically speaking, right now the police are going to seize all your
computers. But keep watching. Some time in the next decade or two
warrants will start to get quashed for failing to specify (by
parameters) *which* computer they were looking for. As computers
become more central to our lives it will probably come out that they
have the right to duplicate your hard drives and other read/write
media but don't have a right to take the originals unless they observe
warrant-covered material *on* the computer while searching.

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

Guess who has power over the networks and Internet.  We do and power corrupts 
us too.  There are some bad guy ISPs and engineers out there too.  Just because 
you are running a Tor server to allow for privacy protection does not mean 
you were never doing anything illegal through it.  I know this is not true in 
all cases but a lot of times the guy who screams the most about privacy has 
something to hide.  Do you like getting phone calls with blocked callerID?  Do 
you like getting anonymous SPAM?  Do you mind having anonymously sourced pics 
of your kids going out over the internet?  One guys privacy is sometimes an 
invasion of mine.  

If this guy is so distraught over this case maybe he should have ensured that 
he had the resources to defend himself before he put up the multiple exit 
nodes.  There are test cases all the time, but if you want to be the test case 
you should be prepared.  

How many of us have killed an open mail relay (did you have a warrant before 
you interrupted that good Samaritan providing that free mail server to the poor 
downtrodden email-less masses...you are not even a cop and did not have a judge 
review your actions..how dare you...)?

Steven Naslund

-Original Message-
From: Eric Wieling [mailto:ewiel...@nyigc.com] 
Sent: Friday, November 30, 2012 4:12 PM
To: nanog@nanog.org
Subject: RE: William was raided for running a Tor exit node. Please help if you 
can.

-Original Message-
From: Peter Kristolaitis [mailto:alte...@alter3d.ca] 
Sent: Friday, November 30, 2012 4:53 PM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help if 
you can.

 (Note:  I don't mean to imply that all cops are power hungry 
mouth-breathers intent on destroying the lives of citizens.   Most cops 
are fundamentally good people and do a great job.  But like every other 
profession, there ARE bad cops out there, and it's within the realm of 
possibility that you'll deal with one of them one day.)

Power corrupts and cops have power.What scares me is that there is no way 
*I* can tell the difference between a cop who accepts free coffee from the 
local café and a cop who will lie to get what they want.

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

OK, I get it.  I think my BS detector is set to high today.  I am just
really suspicious that this guy that runs an large ISP can't at least
wait until there are charges before all the uproar.  I think if the cops
came and seized my home PCs right now I would probably give them the
time to look at them, realize there is nothing there, and give them back
to me before freaking out completely.  I would be wondering what was
going on but probably not raising a defense fund.

Steve

-Original Message-
From: Peter Kristolaitis [mailto:alte...@alter3d.ca] 
Sent: Friday, November 30, 2012 4:21 PM
To: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.

I didn't say anything about trying to run away.  That probably won't 
accomplish a whole lot in the long run.   But when all of your bank 
accounts and credit cards are frozen, and your house is a crime scene,
at least you have the means to rent a hotel room, contact
family/lawyers, etc.

And no, I'm not OK with people keeping any money that was donated for a
specific purpose in excess of what was actually used.  You'd hope that
he'd be a good guy about it and give back the portion that wasn't used,
or clearly state that any excess will go to charity or something.  
However, there's no such guarantee (short of doing it through a trust
fund with his lawyer), and just like any philanthropic venture, it's up 
to each donor choose when/if they'll help out.   It's just like 
Kickstarter -- you hope to get something good out of it, but if it
bombs, well... you pay your money and you take your chances.

- Pete



On 11/30/2012 05:02 PM, Naslund, Steve wrote:
 OK, there must be a lot more paranoid people out there than I thought 
 there were.  I personally don't have a runaway kit stashed away.  I 
 will get right on that. So when that mouth breather cop won't 
 believe you are innocent, your answer is to grab your stuff and go on 
 the lamb for awhile?  I am sure he will let you out to go to the bank,

 get your stuff, and leave town.  I think you have seen way to many
movies.

 So if the cops show up at his door tomorrow and say Here's all your 
 stuff back, there was no evidence of a crime., you are OK with this 
 guys keeping the defense fund?

 Steve

 -Original Message-
 From: Peter Kristolaitis [mailto:alte...@alter3d.ca]
 Sent: Friday, November 30, 2012 3:53 PM
 To: nanog@nanog.org
 Subject: Re: William was raided for running a Tor exit node. Please 
 help if you can.


 On 11/30/2012 04:01 PM, Naslund, Steve wrote:
 I am a little concerned that this guy keeps a safe deposit box 
 with a burner phone and cash around.  Is he a CIA agent? :)
 Anyone who DOESN'T have such things stashed away somewhere is, IMHO, 
 incredibly naive and taking on quite a large amount of risk.

 The likelihood (and hope) is that you'll never need it.  But on the 
 off chance that you get f***ed by the legal system because of some 
 power hungry, mouth-breather cop who can't/won't understand that 
 you've done nothing wrong -- or worse, that you're easily provably 
 within the law, but he believes that you're not and drags you 
 through the process anyways -- you'll be very happy that you stashed 
 away that old unlocked cell phone, old laptop, change of clothes and
cash.

 I'm a (legal) firearms owner... up here in Canada, where some previous

 governments enacted extreme anti-gun legislation, that pretty much 
 means that if I so much as sneeze in a way that a cop doesn't like, I 
 can have my life ruined pretty damned fast (not quite, but really 
 close).  I wouldn't bet against me having an 
 excrement-hitting-the-oscillator stash like this guy does.  ;)

 (Note:  I don't mean to imply that all cops are power hungry
 mouth-breathers intent on destroying the lives of citizens.   Most
cops
 are fundamentally good people and do a great job.  But like every 
 other profession, there ARE bad cops out there, and it's within the 
 realm of possibility that you'll deal with one of them one day.)

 Why would I donate to his legal defense when he has not been charged 
 yet?  A little premature, no?

 If you think that legal costs in a criminal case only start when
you've
 been formally charged, you're grossly misinformed.   At what point you
 personally decide to donate is one thing, but implying that someone 
 doesn't need a defense fund prior to charges being laid is a bit naive

 about how the process works.

 - Pete

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

I might be reading this the wrong way but it looked to me like the cops
raided his home and the Tor server is hosted off site with an ISP.  That
is what is bugging me so much.  The cops raided his house, not the
location of the server.  If they had tracked the server by its IP it
would have led to the hoster, not his home.  They could have gotten his
address as the account holder but the ISP would have known that the Tor
server was at their site not his home.  The IP would not track to his
residence.  Something is not the full story here or I am misreading his
interview.

I have seen some of the warrants due to child porn cases.  They tend to
be very sweeping and usually specify recordable media and data
processing equipment.  That is admittedly broad but the cops usually do
not have forensic computer guys on site so they try to grab it all.  It
is not right but that is how it currently works.  Anything else requires
the expertise on site to search the equipment where it is.  Most cops
don't know a PC from a router, from a switch.  It all goes.


Steven Naslund

-Original Message-
From: William Herrin [mailto:b...@herrin.us] 
Sent: Friday, November 30, 2012 4:21 PM
To: Jimmy Hess
Cc: NANOG list
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.

On Fri, Nov 30, 2012 at 4:46 PM, Jimmy Hess mysi...@gmail.com wrote:
 On 11/29/12, William Herrin b...@herrin.us wrote:
 If the computer at IP:port:timestamp transmitted child porn, a 
 warrant for all computers is also too broad. Computers which use 
 said IP

 As you know, there may always be some uncertainty about which computer

 was using a certain IP address at a certain time --  the computer
 assigned that address might have been off,  with a   deviant

Or more likely behind a NAT device where the address which presents is
the NAT device. But the police won't know that until they search.
Until they search they have no factual basis for the presumptions either
that more than one computer was associated with the activity or that it
isn't possible to readily identify which computer was involved. That Tor
node was probably on a static IP address and was probably  on the same
static IP address at the time of the alleged activity.

Reasonable suspicion doesn't mean Bob thinks you did it, it means that
there's a trail of facts which lead *directly* to the evidence you seek
permission to seize. The trail to child porn doesn't include the right
to seize the stack of John Denver music and while it might include the
right to search the shelf of DVDs it doesn't include the right to seize
the ones produced by Disney. The right to search your computer and the
right to seize it are not at all the same thing.

Practically speaking, right now the police are going to seize all your
computers. But keep watching. Some time in the next decade or two
warrants will start to get quashed for failing to specify (by
parameters) *which* computer they were looking for. As computers become
more central to our lives it will probably come out that they have the
right to duplicate your hard drives and other read/write media but don't
have a right to take the originals unless they observe warrant-covered
material *on* the computer while searching.

Regards,
Bill Herrin


--
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

Re: William was raided for running a Tor exit node. Please help if

[Joe Greco]

 OK, I get it.  I think my BS detector is set to high today.  I am just
 really suspicious that this guy that runs an large ISP can't at least
 wait until there are charges before all the uproar.  I think if the cops
 came and seized my home PCs right now I would probably give them the
 time to look at them, realize there is nothing there, and give them back
 to me before freaking out completely.  I would be wondering what was
 going on but probably not raising a defense fund.

You do realize that it is completely common for looking at them to
take months.

This is a big thing to people in this community, because the police
will happily come and confiscate the tools you need to do your job,
and not return them for months, years, or sometimes even ever, even
in cases where it seems fairly straightforward to identify that the
person has done nothing wrong.  The police, and many of the policies
surrounding this issue, often assume that the party is guilty, and
also assume that seizure isn't a significant professional issue.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: William was raided for running a Tor exit node. Please help if you can.

[Jason Baugher]

I can't help but wonder who would send money to same random person based on
a story that may or may not be true. Were these people sucked in by Nigeria
scams as well?

Not only that, but the list of people who proclaimed their innocence only
to be proven guilty is very long. I can't vouch for countries outside of
the USA, but here at least we don't get subpoenas on a whim. They are
usually part of a very long drawn-out investigation, and they usually are
for a very good reason.

Jason

On Fri, Nov 30, 2012 at 4:37 PM, Naslund, Steve snasl...@medline.comwrote:

 OK, I get it.  I think my BS detector is set to high today.  I am just
 really suspicious that this guy that runs an large ISP can't at least
 wait until there are charges before all the uproar.  I think if the cops
 came and seized my home PCs right now I would probably give them the
 time to look at them, realize there is nothing there, and give them back
 to me before freaking out completely.  I would be wondering what was
 going on but probably not raising a defense fund.

 Steve

 -Original Message-
 From: Peter Kristolaitis [mailto:alte...@alter3d.ca]
 Sent: Friday, November 30, 2012 4:21 PM
 To: nanog@nanog.org
 Subject: Re: William was raided for running a Tor exit node. Please help
 if you can.

 I didn't say anything about trying to run away.  That probably won't
 accomplish a whole lot in the long run.   But when all of your bank
 accounts and credit cards are frozen, and your house is a crime scene,
 at least you have the means to rent a hotel room, contact
 family/lawyers, etc.

 And no, I'm not OK with people keeping any money that was donated for a
 specific purpose in excess of what was actually used.  You'd hope that
 he'd be a good guy about it and give back the portion that wasn't used,
 or clearly state that any excess will go to charity or something.
 However, there's no such guarantee (short of doing it through a trust
 fund with his lawyer), and just like any philanthropic venture, it's up
 to each donor choose when/if they'll help out.   It's just like
 Kickstarter -- you hope to get something good out of it, but if it
 bombs, well... you pay your money and you take your chances.

 - Pete



 On 11/30/2012 05:02 PM, Naslund, Steve wrote:
  OK, there must be a lot more paranoid people out there than I thought
  there were.  I personally don't have a runaway kit stashed away.  I
  will get right on that. So when that mouth breather cop won't
  believe you are innocent, your answer is to grab your stuff and go on
  the lamb for awhile?  I am sure he will let you out to go to the bank,

  get your stuff, and leave town.  I think you have seen way to many
 movies.
 
  So if the cops show up at his door tomorrow and say Here's all your
  stuff back, there was no evidence of a crime., you are OK with this
  guys keeping the defense fund?
 
  Steve
 
  -Original Message-
  From: Peter Kristolaitis [mailto:alte...@alter3d.ca]
  Sent: Friday, November 30, 2012 3:53 PM
  To: nanog@nanog.org
  Subject: Re: William was raided for running a Tor exit node. Please
  help if you can.
 
 
  On 11/30/2012 04:01 PM, Naslund, Steve wrote:
  I am a little concerned that this guy keeps a safe deposit box
  with a burner phone and cash around.  Is he a CIA agent? :)
  Anyone who DOESN'T have such things stashed away somewhere is, IMHO,
  incredibly naive and taking on quite a large amount of risk.
 
  The likelihood (and hope) is that you'll never need it.  But on the
  off chance that you get f***ed by the legal system because of some
  power hungry, mouth-breather cop who can't/won't understand that
  you've done nothing wrong -- or worse, that you're easily provably
  within the law, but he believes that you're not and drags you
  through the process anyways -- you'll be very happy that you stashed
  away that old unlocked cell phone, old laptop, change of clothes and
 cash.
 
  I'm a (legal) firearms owner... up here in Canada, where some previous

  governments enacted extreme anti-gun legislation, that pretty much
  means that if I so much as sneeze in a way that a cop doesn't like, I
  can have my life ruined pretty damned fast (not quite, but really
  close).  I wouldn't bet against me having an
  excrement-hitting-the-oscillator stash like this guy does.  ;)
 
  (Note:  I don't mean to imply that all cops are power hungry
  mouth-breathers intent on destroying the lives of citizens.   Most
 cops
  are fundamentally good people and do a great job.  But like every
  other profession, there ARE bad cops out there, and it's within the
  realm of possibility that you'll deal with one of them one day.)
 
  Why would I donate to his legal defense when he has not been charged
  yet?  A little premature, no?
 
  If you think that legal costs in a criminal case only start when
 you've
  been formally charged, you're grossly misinformed.   At what point you
  personally decide to donate is one thing, but implying that someone
  

RE: William was raided for running a Tor exit node. Please help if

[Naslund, Steve]

I understand that they could look at them for many months.  In the
meantime, my life will go on.  I don't believe there is a whole lot you
can do about it.  If they take too long, I will consider asking a lawyer
to look into getting my stuff back but it would have to be expensive
stuff to make the lawyer worthwhile.  I am guessing I would buy a new PC
(they did not seize this guys bank account or credit cards), I probably
don't need 100 Terabytes of storage so my costs are not so bad.  

 My message to the cops and my lawyer would be charge me or lets clear
this up.  There are laws to protect you from the government from taking
your stuff in an unfair manner if you want to go that route.  If there
is a misunderstanding I will talk to the cops all they want.  If I feel
I need representation, I will get some.  If I am really innocent, I
doubt they could ask me too much that would upset me.  My guess is they
would rather move on in their case instead of spinning their wheels with
me.  

I have thought it was rough on people to have all their stuff seized and
I suppose you could try and collect some damages if you bought new gear
while your stuff was being held (if for no reason) but I think that very
often the cops seize the right stuff.  I would really like a poll since
we have a lot of network professionals on here, exactly how many of us
have had something seized by the cops with NO CAUSE.  Anybody, I would
like to hear from a real life case.

Sorry people...most cops want to put the right people in jail and are
not trying to violate your rights.  There are bad eggs but that is why
we have judges.  When I hear someone I don't know say they are innocent
and the cops say they are guilty, I tend to believe the cop.  Everyone
in jail says he is innocent too.

BTW - in this case, the cops have not even said this guy is guilty of
anything yet.

Steven Naslund





-Original Message-
From: Joe Greco [mailto:jgr...@ns.sol.net] 
Sent: Friday, November 30, 2012 4:49 PM
To: Naslund, Steve
Cc: nanog@nanog.org
Subject: Re: William was raided for running a Tor exit node. Please help
if

 OK, I get it.  I think my BS detector is set to high today.  I am just

 really suspicious that this guy that runs an large ISP can't at least 
 wait until there are charges before all the uproar.  I think if the 
 cops came and seized my home PCs right now I would probably give them 
 the time to look at them, realize there is nothing there, and give 
 them back to me before freaking out completely.  I would be wondering 
 what was going on but probably not raising a defense fund.

You do realize that it is completely common for looking at them to
take months.

This is a big thing to people in this community, because the police will
happily come and confiscate the tools you need to do your job, and not
return them for months, years, or sometimes even ever, even in cases
where it seems fairly straightforward to identify that the person has
done nothing wrong.  The police, and many of the policies surrounding
this issue, often assume that the party is guilty, and also assume that
seizure isn't a significant professional issue.

... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI -
http://www.sol.net We call it the 'one bite at the apple' rule. Give me
one chance [and] then I won't contact you again. - Direct Marketing
Ass'n position on e-mail spam(CNN) With 24 million small businesses in
the US alone, that's way too many apples.

Re: William was raided for running a Tor exit node. Please help if you can.

[Michael Painter]

Naslund, Steve wrote:

I might be reading this the wrong way but it looked to me like the cops
raided his home and the Tor server is hosted off site with an ISP.  That
is what is bugging me so much.  The cops raided his house, not the
location of the server.  If they had tracked the server by its IP it
would have led to the hoster, not his home.  They could have gotten his
address as the account holder but the ISP would have known that the Tor
server was at their site not his home.  The IP would not track to his
residence.  Something is not the full story here or I am misreading his
interview.


How about:

Police have seen CP and have logs from Additionally, I was accused of sharing (and possibly producing) child pornography 
on a clearnet forum via an image hosting site that was probably tapped.

Police look at IP addresses that have accessed the images for those that are 
within their jurisdiction.
Police find an address within a block that is registered to Wiliam.
Police raid William and receive an education on TOR exit nodes on servers in 
Poland.

Maybe?
Why wouldn't the IP address have led to William?

--Michael 

Re: William was raided for running a Tor exit node. Please help if you can.

[b.g. white]

PROCEDURE FOR SEIZURE OF COMPUTERS AND RELATED DEVICES

 This search warrant covers and controls the procedure for searching:  (1)
electronic or computer devices, related equipment or media which has been
authorized to be seized pursuant to this warrant on the basis that it is
contraband or a direct instrumentality used to commit the crime, and (2)
electronic or computer devices, related equipment or media for which
seizure has not been specifically authorized.  Agents are authorized to
seize and remove from the premises such electronic or computer device,
including computer system input/output (I/O) peripheral devices, software
and media so that a qualified computer expert can accurately search for and
retrieve the data in a laboratory or other controlled environment when this
is necessary in order to search and retrieve the data or information
authorized to be searched for and seized pursuant to this warrant.


  Agents and computer experts working with agents are authorized to
seize the relevant system software (operating systems, interfaces and
hardware drivers), any applications software which may have been used to
create the data (whether stored on hard drives or on external media), as
well as all related instruction manuals or other documentation and data
security devices (including but not limited to passwords, keycards and
dongles) in order to facilitate the authorized search.  In addition, if
necessary for data retrieval, they are authorized to reconfigure the system
in order to accurately search for and retrieve the evidence stored therein.
 If, after inspecting the I/O devices, software, documentation and data
security devices, the analyst determines that these items are no longer
necessary to search for, retrieve and preserve the data, and if the
software, documentation and devices have not been seized pursuant to the
warrant as contraband or instrumentalities of the crime, the items shall be
returned within a reasonable time.


https://webcache.googleusercontent.com/search?q=cache:HJ9PtsbdL3kJ:www.fjc.gov/public/pdf.nsf/lookup/ElecDi31.rtf/%24file/ElecDi31.rtf+cd=1hl=enct=clnkgl=us


Example of an actual warrant:


https://www.eff.org/sites/default/files/filenode/inresearchBC/EXHIBIT-A.pdf


Not a lawyer.



On Fri, Nov 30, 2012 at 6:25 PM, Randy Bush ra...@psg.com wrote:

 as this thread has moved firmly to legal opinions, i now scan it for
 postings by folk i know are actual lawyers and whack the rest.  if you
 are a lawyer, but not well known as such, please say so right up front
 in your message.

 randy

RE: William was raided for running a Tor exit node. Please help if

[goemon]

On Fri, 30 Nov 2012, Naslund, Steve wrote:

My message to the cops and my lawyer would be charge me or lets clear
this up.  There are laws to protect you from the government from taking
your stuff in an unfair manner if you want to go that route.  If there
is a misunderstanding I will talk to the cops all they want.  If I feel
I need representation, I will get some.  If I am really innocent, I
doubt they could ask me too much that would upset me.  My guess is they
would rather move on in their case instead of spinning their wheels with
me.


http://www.sjgames.com/SS/

-Dan

Re: William was raided for running a Tor exit node. Please help if you can.

[Randy Bush]

 Not a lawyer.

than stfu with the legal crap

Re: William was raided for running a Tor exit node. Please help if you can.

[Owen DeLong]

 
 Not only that, but the list of people who proclaimed their innocence only
 to be proven guilty is very long. I can't vouch for countries outside of
 the USA, but here at least we don't get subpoenas on a whim. They are
 usually part of a very long drawn-out investigation, and they usually are
 for a very good reason.

Usually, but not always. I've seen a number of subpoenas and a few search
warrants that were:

Ridiculously broad
Overreaching
Really stretched the concept of probable cause

As in all else, not all LEOs are good actors.

Owen

Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.

[William Allen Simpson]

On 11/30/12 5:15 PM, Naslund, Steve wrote:

Well, in that case  I am really worried that the cops might charge
me with a crime.  They took my computers and are looking at them.  I did
not do anything wrong but just in case they decide to charge me with a
crime, please send me some money.


As well you could be, because you appear to have the same name as a
registered sex offender:

  http://www.sexoffenderin.com/reg110698/steven_w_naslundmugshot.htm

On 11/29/12 6:39 PM, Naslund, Steve wrote:
# As a long time service provider ...
#
# my many years of experience in engineering ARPANET, MILNET, and the
# Internet I would have to guess that most Tor servers are used for no
# good much more than they are protecting anyone's privacy.

I'm surprised that medline.com is offering network access as an ISP?
Admittedly, you began posting to NANOG in 2002 as:

  Network Engineering Manager
  Hosting.com - Chicago

While I was involved in engineering NSFnet and the Internet and was an
original member of NANOG, but I don't remember you.  Of course, I'm
notoriously bad with names.

OTOH, I have met, remember, and greatly respect the Tor engineers.

Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.

[Randy Bush]

 As well you could be, because you appear to have the same name as a
 registered sex offender:

ok children.  can we pull ourselves up out of the mud, please?

randy

Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.

[James Downs]

On Nov 30, 2012, at 7:20 PM, William Allen Simpson wrote:

 As well you could be, because you appear to have the same name as a
 registered sex offender:

Hey, that's a fun game: 
http://www.sexoffenderin.com/reg77161/william_a_simpsonmugshot.htm

Re: William was raided for running a Tor exit node. Please help if

[George Herbert]

Those who do not remember history...

On Fri, Nov 30, 2012 at 5:23 PM,  goe...@anime.net wrote:
 On Fri, 30 Nov 2012, Naslund, Steve wrote:

 My message to the cops and my lawyer would be charge me or lets clear
 this up.  There are laws to protect you from the government from taking
 your stuff in an unfair manner if you want to go that route.  If there
 is a misunderstanding I will talk to the cops all they want.  If I feel
 I need representation, I will get some.  If I am really innocent, I
 doubt they could ask me too much that would upset me.  My guess is they
 would rather move on in their case instead of spinning their wheels with
 me.


 http://www.sjgames.com/SS/

 -Dan




-- 
-george william herbert
george.herb...@gmail.com

Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.

[Jutta Zalud]

am Freitag, 30. November 2012 um 22:30 schrieb NANOG list:

 WAIT A SECOND HERE!?!?

 I just read below that this guy runs a large ISP in Austria.

The info from tor-talk was somewhat misleading. William Weber is not
the owner of the ISP. He works there as an administrator. So he runs
it (maybe) technically, not economically.

See eg:
http://www.lowendtalk.com/discussion/2641/we-colo-your-rpi-for-free
where his boss ExPl0ReR weighs in.

And large is quite relative. This info http://edis.businesscard.at/
says they have 13 employees. It may be outdated though.

Regards,
Jutta

William was raided for running a Tor exit node. Please help if you can.

[Chris]

I'm not William and a friend pasted a link on IRC to me. I'm going to
send him a few bucks because I know how it feels to get blindsided by
the police on one random day and your world is turned upside down.

Source: 
http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses

From the URL:

Yes, it happened to me now as well - Yesterday i got raided for
someone sharing child pornography over one of my Tor exits.
I'm good so far, not in jail, but all my computers and hardware have
been confiscated.
(20 computers, 100TB+ storage, My Tablets/Consoles/Phones)

If convicted i could face up to 6 years in jail, of course i do not
want that and i also want to try to set a legal base for running Tor
exit nodes in Austria or even the EU.

Sadly we have nothing like the EFF here that could help me in this
case by legal assistance, so i'm on my own and require a good lawyer.
Thus i'm accepting donations for my legal expenses which i expect to
be around 5000-1 EUR.

If you can i would appreciate if you could donate a bit (every amount
helps, even the smallest) either by PayPal (any currency is ok):
https://paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=2Q4LZNBBD7EH4

Or by Bank Transfer (EUR only please):

Holder: William Weber
Bank: EasyBank AG (Vienna, Austria)
Account: 20011351213
Bank sort number: 14200
IBAN: AT031420020011351213
BIC: EASYATW1

I will try to pay them back when i'm out of this (or even before) but
i can obviously not guarantee this, please keep this in mind.
This money will only be used for legal expenses related to this case.

If you have any questions or want to donate by another way
(MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free
to send me a mail (will...@william.si) or a PM, or contact me in LET
IRC.

Thanks!
William




--
--C

The dumber people think you are, the more surprised they're going to
be when you kill them. - Sir William Clayton

Re: William was raided for running a Tor exit node. Please help if you can.

[Ray Soucy]

If you run Tor, then you should probably accept that it might be used
for activity that you don't approve of or even is in violation of the
law.

I'm not saying Tor is good or bad, just that if you're using it you
probably know what you're getting into.

In order to catch someone in a criminal case, most law enforcement
will certainly take whatever they think could be used as evidence,
perform forensic analysis on it, and retain it as long as they think
necessary.

Depending on how well your laws are written, you might be not be
protected from them discovering other activity that is outside the
scope and bringing a separate criminal case against you directly.

Got any pirated music or movies?




On Thu, Nov 29, 2012 at 8:04 AM, Chris cal...@gmail.com wrote:
 I'm not William and a friend pasted a link on IRC to me. I'm going to
 send him a few bucks because I know how it feels to get blindsided by
 the police on one random day and your world is turned upside down.

 Source: 
 http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses

 From the URL:

 Yes, it happened to me now as well - Yesterday i got raided for
 someone sharing child pornography over one of my Tor exits.
 I'm good so far, not in jail, but all my computers and hardware have
 been confiscated.
 (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)

 If convicted i could face up to 6 years in jail, of course i do not
 want that and i also want to try to set a legal base for running Tor
 exit nodes in Austria or even the EU.

 Sadly we have nothing like the EFF here that could help me in this
 case by legal assistance, so i'm on my own and require a good lawyer.
 Thus i'm accepting donations for my legal expenses which i expect to
 be around 5000-1 EUR.

 If you can i would appreciate if you could donate a bit (every amount
 helps, even the smallest) either by PayPal (any currency is ok):
 https://paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=2Q4LZNBBD7EH4

 Or by Bank Transfer (EUR only please):

 Holder: William Weber
 Bank: EasyBank AG (Vienna, Austria)
 Account: 20011351213
 Bank sort number: 14200
 IBAN: AT031420020011351213
 BIC: EASYATW1

 I will try to pay them back when i'm out of this (or even before) but
 i can obviously not guarantee this, please keep this in mind.
 This money will only be used for legal expenses related to this case.

 If you have any questions or want to donate by another way
 (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free
 to send me a mail (will...@william.si) or a PM, or contact me in LET
 IRC.

 Thanks!
 William




 --
 --C

 The dumber people think you are, the more surprised they're going to
 be when you kill them. - Sir William Clayton




-- 
Ray Patrick Soucy
Network Engineer
University of Maine System

T: 207-561-3526
F: 207-561-3531

MaineREN, Maine's Research and Education Network
www.maineren.net

Re: William was raided for running a Tor exit node. Please help if you can.

[Barry Shein]

Back in the early days of the public internet we didn't require any id
to create an account, just that you found a way to pay us. We had
anonymous accts some of whom dropped by personally to pay their bill,
some said hello but I usually didn't know their names and that's how
they wanted it, I'd answer hello ACCOUNT, whatever their login was
if I recognized them. Some mailed in something, a mail order, even
currency tho that was rare but it did happen, or had someone else drop
by to pay in cash (that is, no idea if they were local.)

LEO occasionally served a warrant for information, usually child porn
biz (more than just accessing child porn, selling it) tho I don't
remember any anonymous accts being involved.

I never expected to be held accountable for anyone's behavior unless I
was knowingly involved somehow (just the usual caveat.) LEO never
showed any particular interest in the fact that we were ok with
anonymous accounts. If I was made aware of illegal activities we'd
shut them off, didn't really happen much, maybe some credible
hacking complaint on occasion.

It's funny, it's all illusion like show business. It's not hard to set
up anonymous service, crap, just drop in at any wi-fi hotspot, many
just ask you to click that you accept their TCs and you're on. Would
they raid them, I was just using one at a major hospital this week
that was just like that, if someone used that for child porn etc? But
I guess stick your nose out and say you're specifically offering anon
accts and watch out I guess.

-- 
-Barry Shein

The World  | b...@theworld.com   | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD| Dial-Up: US, PR, Canada
Software Tool  Die| Public Access Internet | SINCE 1989 *oo*

Re: William was raided for running a Tor exit node. Please help if you can.

[Patrick W. Gilmore]

On Nov 29, 2012, at 11:17 , Barry Shein b...@world.std.com wrote:

 Back in the early days of the public internet we didn't require any id
 to create an account, just that you found a way to pay us. We had
 anonymous accts some of whom dropped by personally to pay their bill,
 some said hello but I usually didn't know their names and that's how
 they wanted it, I'd answer hello ACCOUNT, whatever their login was
 if I recognized them. Some mailed in something, a mail order, even
 currency tho that was rare but it did happen, or had someone else drop
 by to pay in cash (that is, no idea if they were local.)
 
 LEO occasionally served a warrant for information, usually child porn
 biz (more than just accessing child porn, selling it) tho I don't
 remember any anonymous accts being involved.

Mere conduit defense.  (Please do not anyone mention common carrier status 
or the like, ISPs are _not_ common carriers.)


 I never expected to be held accountable for anyone's behavior unless I
 was knowingly involved somehow (just the usual caveat.) LEO never
 showed any particular interest in the fact that we were ok with
 anonymous accounts. If I was made aware of illegal activities we'd
 shut them off, didn't really happen much, maybe some credible
 hacking complaint on occasion.

How do you shut off a Tor account?


 It's funny, it's all illusion like show business. It's not hard to set
 up anonymous service, crap, just drop in at any wi-fi hotspot, many
 just ask you to click that you accept their TCs and you're on. Would
 they raid them, I was just using one at a major hospital this week
 that was just like that, if someone used that for child porn etc? But
 I guess stick your nose out and say you're specifically offering anon
 accts and watch out I guess.

Do you think if the police found out child pr0n was being served from a starbux 
they wouldn't confiscate the equipment from that store?

-- 
TTFN,
patrick

Re: William was raided for running a Tor exit node. Please help if you can.

[Barry Shein]

On November 29, 2012 at 11:45 patr...@ianai.net (Patrick W. Gilmore) wrote:
  On Nov 29, 2012, at 11:17 , Barry Shein b...@world.std.com wrote:
  
   It's funny, it's all illusion like show business. It's not hard to set
   up anonymous service, crap, just drop in at any wi-fi hotspot, many
   just ask you to click that you accept their TCs and you're on. Would
   they raid them, I was just using one at a major hospital this week
   that was just like that, if someone used that for child porn etc? But
   I guess stick your nose out and say you're specifically offering anon
   accts and watch out I guess.
  
  Do you think if the police found out child pr0n was being served from a 
  starbux they wouldn't confiscate the equipment from that store?

I dunno, has it ever happened? I mean confiscated the store's
equipment, I assume that's what you mean. Is that because no one has
ever been involved with child porn etc from a Starbucks? Does that
seem likely? I don't know, really.

And why would confiscating it from one location address the issue if
they offer anonymous hotspots (I don't know if they do but whatever,
there are plenty of others) at all locations and they're one company?

It would seem like they'd have to confiscate the equipment at every
Starbucks in their jurisdiction, which could be every one in the US
for example.

   -b

Re: William was raided for running a Tor exit node. Please help if you can.

[Patrick W. Gilmore]

On Nov 29, 2012, at 12:58 , Barry Shein b...@world.std.com wrote:
 On November 29, 2012 at 11:45 patr...@ianai.net (Patrick W. Gilmore) wrote:
 On Nov 29, 2012, at 11:17 , Barry Shein b...@world.std.com wrote:
 
 It's funny, it's all illusion like show business. It's not hard to set
 up anonymous service, crap, just drop in at any wi-fi hotspot, many
 just ask you to click that you accept their TCs and you're on. Would
 they raid them, I was just using one at a major hospital this week
 that was just like that, if someone used that for child porn etc? But
 I guess stick your nose out and say you're specifically offering anon
 accts and watch out I guess.
 
 Do you think if the police found out child pr0n was being served from a 
 starbux they wouldn't confiscate the equipment from that store?
 
 I dunno, has it ever happened?

No idea.  However, I would not be the least bit surprised.  In fact, I would be 
surprised if they failed to do so, after having proof that child pr0n was 
served from one.


 I mean confiscated the store's
 equipment, I assume that's what you mean. Is that because no one has
 ever been involved with child porn etc from a Starbucks? Does that
 seem likely? I don't know, really.
 
 And why would confiscating it from one location address the issue if
 they offer anonymous hotspots (I don't know if they do but whatever,
 there are plenty of others) at all locations and they're one company?
 
 It would seem like they'd have to confiscate the equipment at every
 Starbucks in their jurisdiction, which could be every one in the US
 for example.

They didn't confiscate every Tor exit node in the US once they found something 
nefarious emanating from one.

-- 
TTFN,
patrick

Re: William was raided for running a Tor exit node. Please help if you can.

[Emily Ozols]

Hi,

I gotta ask and I'm sure someone would if I didn't, but how do we know
this guy is legit?
He's jumped up on a forum saying, Hey, police raided me, help. gib
mone plz and failed to provide and reason as to how he's real and not
just making it up.

Maybe if there's a way to know this guy is legit, I'll help out if
possible, but until then I'm just going to watch others with caution
and I suggest others do as well.

On Fri, Nov 30, 2012 at 12:04 AM, Chris cal...@gmail.com wrote:
 I'm not William and a friend pasted a link on IRC to me. I'm going to
 send him a few bucks because I know how it feels to get blindsided by
 the police on one random day and your world is turned upside down.

 Source: 
 http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses

 From the URL:

 Yes, it happened to me now as well - Yesterday i got raided for
 someone sharing child pornography over one of my Tor exits.
 I'm good so far, not in jail, but all my computers and hardware have
 been confiscated.
 (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)

 If convicted i could face up to 6 years in jail, of course i do not
 want that and i also want to try to set a legal base for running Tor
 exit nodes in Austria or even the EU.

 Sadly we have nothing like the EFF here that could help me in this
 case by legal assistance, so i'm on my own and require a good lawyer.
 Thus i'm accepting donations for my legal expenses which i expect to
 be around 5000-1 EUR.

 If you can i would appreciate if you could donate a bit (every amount
 helps, even the smallest) either by PayPal (any currency is ok):
 https://paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=2Q4LZNBBD7EH4

 Or by Bank Transfer (EUR only please):

 Holder: William Weber
 Bank: EasyBank AG (Vienna, Austria)
 Account: 20011351213
 Bank sort number: 14200
 IBAN: AT031420020011351213
 BIC: EASYATW1

 I will try to pay them back when i'm out of this (or even before) but
 i can obviously not guarantee this, please keep this in mind.
 This money will only be used for legal expenses related to this case.

 If you have any questions or want to donate by another way
 (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free
 to send me a mail (will...@william.si) or a PM, or contact me in LET
 IRC.

 Thanks!
 William




 --
 --C

 The dumber people think you are, the more surprised they're going to
 be when you kill them. - Sir William Clayton




-- 
~Em

Re: William was raided for running a Tor exit node. Please help if you can.

[William Herrin]

On Thu, Nov 29, 2012 at 11:45 AM, Patrick W. Gilmore patr...@ianai.net wrote:
 Do you think if the police found out child pr0n was
 being served from a starbux they wouldn't
 confiscate the equipment from that store?

I think if they took the cash registers too the Starbucks lawyer would
be in court an hour later with a motion to quash in one hand and an
offer of full cooperation in the other.

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

Re: William was raided for running a Tor exit node. Please help if you can.

[Warren Bailey]

It's difficult to compare a guy in Austria to a multi-billion dollar
corporation. Here in the US, the fed has charged 3 men with involuntary
manslaughter for their parts in the Gulf of Mexico Rig explosion. BP
received a slap on the wrist, and a decent (to us, not them) sized fine.

On 11/29/12 10:57 AM, William Herrin b...@herrin.us wrote:

On Thu, Nov 29, 2012 at 11:45 AM, Patrick W. Gilmore patr...@ianai.net
wrote:
 Do you think if the police found out child pr0n was
 being served from a starbux they wouldn't
 confiscate the equipment from that store?

I think if they took the cash registers too the Starbucks lawyer would
be in court an hour later with a motion to quash in one hand and an
offer of full cooperation in the other.

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

Re: William was raided for running a Tor exit node. Please help if you can.

[Patrick W. Gilmore]

On Nov 29, 2012, at 13:57 , William Herrin b...@herrin.us wrote:
 On Thu, Nov 29, 2012 at 11:45 AM, Patrick W. Gilmore patr...@ianai.net 
 wrote:
 Do you think if the police found out child pr0n was
 being served from a starbux they wouldn't
 confiscate the equipment from that store?
 
 I think if they took the cash registers too the Starbucks lawyer would
 be in court an hour later with a motion to quash in one hand and an
 offer of full cooperation in the other.

And if the sky were orange

Any other non-sequitors? :)

-- 
TTFN,
patrick

P.S. I can come up with some examples where the cash registers would be fair 
game, such as when the manager was charging the hosting provider extra to sit 
in the corner and host the 'bad content'.  But it is still a non-sequitor w/r/t 
this thread.

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

How would this be legally different than receiving the illegal content
in an envelope and anonymously forwarding the envelope via the post
office?  I am pretty sure you are still liable since you were the
sender.  I realize that there are special postal regulations but I think
that agreeing to forward anything for anyone sight unseen is pretty
risky and I think you will have a hard time pulling of the service
provider defense if you are not selling services and are not licensed
as a carrier.

Steven Naslund

-Original Message-
From: Patrick W. Gilmore [mailto:patr...@ianai.net] 
Sent: Thursday, November 29, 2012 10:45 AM
To: NANOG list
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.

On Nov 29, 2012, at 11:17 , Barry Shein b...@world.std.com wrote:

 Back in the early days of the public internet we didn't require any 
 id to create an account, just that you found a way to pay us. We had 
 anonymous accts some of whom dropped by personally to pay their bill, 
 some said hello but I usually didn't know their names and that's how 
 they wanted it, I'd answer hello ACCOUNT, whatever their login was

 if I recognized them. Some mailed in something, a mail order, even 
 currency tho that was rare but it did happen, or had someone else drop

 by to pay in cash (that is, no idea if they were local.)
 
 LEO occasionally served a warrant for information, usually child porn 
 biz (more than just accessing child porn, selling it) tho I don't 
 remember any anonymous accts being involved.

Mere conduit defense.  (Please do not anyone mention common carrier
status or the like, ISPs are _not_ common carriers.)


 I never expected to be held accountable for anyone's behavior unless I

 was knowingly involved somehow (just the usual caveat.) LEO never 
 showed any particular interest in the fact that we were ok with 
 anonymous accounts. If I was made aware of illegal activities we'd 
 shut them off, didn't really happen much, maybe some credible 
 hacking complaint on occasion.

How do you shut off a Tor account?


 It's funny, it's all illusion like show business. It's not hard to set

 up anonymous service, crap, just drop in at any wi-fi hotspot, many 
 just ask you to click that you accept their TCs and you're on. Would 
 they raid them, I was just using one at a major hospital this week 
 that was just like that, if someone used that for child porn etc? But 
 I guess stick your nose out and say you're specifically offering anon 
 accts and watch out I guess.

Do you think if the police found out child pr0n was being served from a
starbux they wouldn't confiscate the equipment from that store?

--
TTFN,
patrick

Re: William was raided for running a Tor exit node. Please help if you can.

[Tom Beecher]

Assuming it's true, it was bound to happen. Running anything , TOR or 
otherwise, that allows strangers to do whatever they want is just folly.


People will spend time and money securing their home wireless so their 
neighbor can't steal their internet, but willingly allow strangers from 
anywhere in the world to use their connections no strings attached. It's 
hilarious.


On 11/29/2012 8:04 AM, Chris wrote:

I'm not William and a friend pasted a link on IRC to me. I'm going to
send him a few bucks because I know how it feels to get blindsided by
the police on one random day and your world is turned upside down.

Source: 
http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses

 From the URL:

Yes, it happened to me now as well - Yesterday i got raided for
someone sharing child pornography over one of my Tor exits.
I'm good so far, not in jail, but all my computers and hardware have
been confiscated.
(20 computers, 100TB+ storage, My Tablets/Consoles/Phones)

If convicted i could face up to 6 years in jail, of course i do not
want that and i also want to try to set a legal base for running Tor
exit nodes in Austria or even the EU.

Sadly we have nothing like the EFF here that could help me in this
case by legal assistance, so i'm on my own and require a good lawyer.
Thus i'm accepting donations for my legal expenses which i expect to
be around 5000-1 EUR.

If you can i would appreciate if you could donate a bit (every amount
helps, even the smallest) either by PayPal (any currency is ok):
https://paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=2Q4LZNBBD7EH4

Or by Bank Transfer (EUR only please):

Holder: William Weber
Bank: EasyBank AG (Vienna, Austria)
Account: 20011351213
Bank sort number: 14200
IBAN: AT031420020011351213
BIC: EASYATW1

I will try to pay them back when i'm out of this (or even before) but
i can obviously not guarantee this, please keep this in mind.
This money will only be used for legal expenses related to this case.

If you have any questions or want to donate by another way
(MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free
to send me a mail (will...@william.si) or a PM, or contact me in LET
IRC.

Thanks!
William




--
--C

The dumber people think you are, the more surprised they're going to
be when you kill them. - Sir William Clayton

RE: William was raided for running a Tor exit node. Please help if you can.

[Naslund, Steve]

I think the best analogy I would use in defense is something like the
pre-paid cellular phones that are sold.  That is about the only
anonymous communications service I can think of off the top of my head.
Problem is that most people are not licensed carriers and may not be
able to hide behind that protection.  

I can see an argument both ways with the feds saying that you are
running a service for the express service of concealing the identity of
a person allowing them to avoid law enforcement (among other uses).  On
the other hand, the makers of guns do not get charged with murder even
though their tool enabled a criminal.  Could go either way but the
problem is that in any case it will be expensive to defend so win or
lose, you lose.  I guess you can't run a Tor exit unless you have a
legal defense fund set up.  I understand the legit uses of Tor but
wonder what the actual percentage of good vs. evil use really is.

Steven Naslund

-Original Message-
From: Barry Shein [mailto:b...@world.std.com] 
Sent: Thursday, November 29, 2012 10:17 AM
To: NANOG list
Subject: Re: William was raided for running a Tor exit node. Please help
if you can.


Back in the early days of the public internet we didn't require any id
to create an account, just that you found a way to pay us. We had
anonymous accts some of whom dropped by personally to pay their bill,
some said hello but I usually didn't know their names and that's how
they wanted it, I'd answer hello ACCOUNT, whatever their login was
if I recognized them. Some mailed in something, a mail order, even
currency tho that was rare but it did happen, or had someone else drop
by to pay in cash (that is, no idea if they were local.)

LEO occasionally served a warrant for information, usually child porn
biz (more than just accessing child porn, selling it) tho I don't
remember any anonymous accts being involved.

I never expected to be held accountable for anyone's behavior unless I
was knowingly involved somehow (just the usual caveat.) LEO never showed
any particular interest in the fact that we were ok with anonymous
accounts. If I was made aware of illegal activities we'd shut them off,
didn't really happen much, maybe some credible hacking complaint on
occasion.

It's funny, it's all illusion like show business. It's not hard to set
up anonymous service, crap, just drop in at any wi-fi hotspot, many just
ask you to click that you accept their TCs and you're on. Would they
raid them, I was just using one at a major hospital this week that was
just like that, if someone used that for child porn etc? But I guess
stick your nose out and say you're specifically offering anon accts and
watch out I guess.

-- 
-Barry Shein

The World  | b...@theworld.com   |
http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD| Dial-Up: US, PR,
Canada
Software Tool  Die| Public Access Internet | SINCE 1989
*oo*

Re: William was raided for running a Tor exit node. Please help if you can.

[Eugen Leitl]

On Fri, Nov 30, 2012 at 01:14:08AM +1100, Emily Ozols wrote:
 Hi,
 
 I gotta ask and I'm sure someone would if I didn't, but how do we know
 this guy is legit?
 He's jumped up on a forum saying, Hey, police raided me, help. gib
 mone plz and failed to provide and reason as to how he's real and not
 just making it up.
 
 Maybe if there's a way to know this guy is legit, I'll help out if
 possible, but until then I'm just going to watch others with caution
 and I suggest others do as well.

This matter is being investigated by the Tor developers.
It looks legitimate, so far. 
 
 On Fri, Nov 30, 2012 at 12:04 AM, Chris cal...@gmail.com wrote:
  I'm not William and a friend pasted a link on IRC to me. I'm going to
  send him a few bucks because I know how it feels to get blindsided by
  the police on one random day and your world is turned upside down.
 
  Source: 
  http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses
 
  From the URL:
 
  Yes, it happened to me now as well - Yesterday i got raided for
  someone sharing child pornography over one of my Tor exits.
  I'm good so far, not in jail, but all my computers and hardware have
  been confiscated.
  (20 computers, 100TB+ storage, My Tablets/Consoles/Phones)
 
  If convicted i could face up to 6 years in jail, of course i do not
  want that and i also want to try to set a legal base for running Tor
  exit nodes in Austria or even the EU.
 
  Sadly we have nothing like the EFF here that could help me in this
  case by legal assistance, so i'm on my own and require a good lawyer.
  Thus i'm accepting donations for my legal expenses which i expect to
  be around 5000-1 EUR.
 
  If you can i would appreciate if you could donate a bit (every amount
  helps, even the smallest) either by PayPal (any currency is ok):
  https://paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=2Q4LZNBBD7EH4
 
  Or by Bank Transfer (EUR only please):
 
  Holder: William Weber
  Bank: EasyBank AG (Vienna, Austria)
  Account: 20011351213
  Bank sort number: 14200
  IBAN: AT031420020011351213
  BIC: EASYATW1
 
  I will try to pay them back when i'm out of this (or even before) but
  i can obviously not guarantee this, please keep this in mind.
  This money will only be used for legal expenses related to this case.
 
  If you have any questions or want to donate by another way
  (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free
  to send me a mail (will...@william.si) or a PM, or contact me in LET
  IRC.
 
  Thanks!
  William
 
 
 
 
  --
  --C
 
  The dumber people think you are, the more surprised they're going to
  be when you kill them. - Sir William Clayton
 
 
 
 
 -- 
 ~Em
-- 
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

RE: William was raided for running a Tor exit node. Please help if you can.

[Scott Berkman]

Not sure if there is a legal precedent for this, but logically the
difference is that there are no robots that I know of that can automatically
receive and parse postal mail, then re-address and forward it.  For a human
to forward a letter takes a conscious manual action, even if they choose not
to look inside.

Having a Tor node for no specific purpose, having a hacked server/pc that is
then compromised for some nefarious purpose, etc. are not necessarily
purposeful actions that one could be held accountable for without other
proof.  I'd think the LEA would have to establish motive, like in any other
crime, to make that jump.  Perhaps in this case they believe they have, and
that would end up in the courts, where you'd have to hope the Judge and or
Jury sees that difference.

Don't see this as very different either from when an agency confiscates a
whole rack of shared servers because one user was suspected of some bad
action, and we all know that does happen.

-Scott 

-Original Message-
From: Naslund, Steve [mailto:snasl...@medline.com] 
Sent: Thursday, November 29, 2012 2:07 PM
To: nanog@nanog.org
Subject: RE: William was raided for running a Tor exit node. Please help if
you can.

How would this be legally different than receiving the illegal content in an
envelope and anonymously forwarding the envelope via the post office?  I am
pretty sure you are still liable since you were the sender.  I realize that
there are special postal regulations but I think that agreeing to forward
anything for anyone sight unseen is pretty risky and I think you will have a
hard time pulling of the service provider defense if you are not selling
services and are not licensed as a carrier.

Steven Naslund

-Original Message-
From: Patrick W. Gilmore [mailto:patr...@ianai.net]
Sent: Thursday, November 29, 2012 10:45 AM
To: NANOG list
Subject: Re: William was raided for running a Tor exit node. Please help if
you can.

On Nov 29, 2012, at 11:17 , Barry Shein b...@world.std.com wrote:

 Back in the early days of the public internet we didn't require any 
 id to create an account, just that you found a way to pay us. We had 
 anonymous accts some of whom dropped by personally to pay their bill, 
 some said hello but I usually didn't know their names and that's how 
 they wanted it, I'd answer hello ACCOUNT, whatever their login was

 if I recognized them. Some mailed in something, a mail order, even 
 currency tho that was rare but it did happen, or had someone else drop

 by to pay in cash (that is, no idea if they were local.)
 
 LEO occasionally served a warrant for information, usually child porn 
 biz (more than just accessing child porn, selling it) tho I don't 
 remember any anonymous accts being involved.

Mere conduit defense.  (Please do not anyone mention common carrier
status or the like, ISPs are _not_ common carriers.)


 I never expected to be held accountable for anyone's behavior unless I

 was knowingly involved somehow (just the usual caveat.) LEO never 
 showed any particular interest in the fact that we were ok with 
 anonymous accounts. If I was made aware of illegal activities we'd 
 shut them off, didn't really happen much, maybe some credible 
 hacking complaint on occasion.

How do you shut off a Tor account?


 It's funny, it's all illusion like show business. It's not hard to set

 up anonymous service, crap, just drop in at any wi-fi hotspot, many 
 just ask you to click that you accept their TCs and you're on. Would 
 they raid them, I was just using one at a major hospital this week 
 that was just like that, if someone used that for child porn etc? But 
 I guess stick your nose out and say you're specifically offering anon 
 accts and watch out I guess.

Do you think if the police found out child pr0n was being served from a
starbux they wouldn't confiscate the equipment from that store?

--
TTFN,
patrick