Part of the reason I sadly stopped running any exit nodes was law enforcement harassment.
I ran a few exits for about about ~5 years. In those 5 years, my hosting provider (DigitalOcean) received 3 subpoenas for my account information.
The first two were random. The 1st one was someone sent a bomb threat email to a university. The 2nd one was someone sending a phishing email.
The last and final subpoena was the most serious one. Some nation-state hackers from Qatar had ended up using my exit IP to break into some email accounts belonging to people they were interested in and spied upon them and stole some info.
Thankfully both the Tor Project and the EFF were able to help me pro-bono. The EFF lawyer that was assigned to me helped me fight this subpoena but ultimately we had to turn over my account information to the DOJ + I had to give an affidavit stating that I was simply just an operator and nothing on the server in question would be useful to their investigation (by design).
The stress of having to deal with law enforcement, lawyers, and having to entertain the possibility of having my home raided over something so silly ultimately led to me finally shutting down my exits.
Even though I had all of my exits using a reduced exit policy and I would blacklist known malicious IPs and c2/malware infra from being able to use it, I was still a target.
I feel law enforcement realizes this is a big weakness they can target since a lot of Tor exit operators are individuals with not a lot of resources to fight them. They can use the legal system to scare operators into shutting down.
I one day hope to resume running exits as I find it rewarding to be able to help people from around the world in a small way.
Is something like this unexpected? I personally never ever thought so (which is the reason why I never ever even considered running a TOR exit node).
As much as I can respect the idealism about privacy and liberty etc..., I could not ignore the fact that any "really!!!" bad actor could use the same infrastructure to avoid investigation/prosecution, therefore I did not want to provide indirectly any help.
On one hand I admit that that might be the case, on the other hand even government organizations/departments/agencies can be "local" and scattered (e.g. similar IT departments for each "canton" in Switzerland) and not have huge amounts of resources/knowledge to track/identify perpetrators of all ongoing (sophisticated?) IT crimes => somebody somewhere might see the same IP involved in a lot of "bad" stuff not realizing it's just a TOR node.
I hate the current general trend pushing a position of an either absolute "yes/no" for any theme, including this one (of encryption for privacy/etc vs. crime).
In my opinion it's obvious that the current situation of solutions is in general bad: too much pressure on services that provide privacy because it's too easy for crime to misuse them :o(
Well, what would be considered a "really!!!" bad actor for some might be a hero for others. Just as an example, depending on which side of the Israel/Palestine conflict you are on, either side using your node for military intelligence might be an use worth fighting for or terrible abuse.
In the end, this really comes down to whether you value freedom or state protection more; either of which can be abused by rogue actors or a malicious state, respectively. There is no win-win-solution, unfortunately.
There's enough truly bad actors out there, not everything is shades of gray. Cartels, North Korea, ISIS, etc.
Yes. And running a Tor exit node means helping these people in addition to any in the morally gray area that you personally consider evil.
If you look at that and still come to the conclusion that the people you're helping are worth the cost of also helping commit atrocities, that's a decision you can make. But an occasional subpoena related to a bomb threat or similar is a good and necessary reminder of what it is that you chose to do.
This is the crux of every argument against free speech, no?
There is a fundamental trade off we have always had to make between safety and freedom. If you believe that privacy online is a freedom worth having, or if you believe one should be able to say whatever they want, you have to accept the bad with the good.
As soon as you start gating access by judging a person by what they're trying to do privately online, or what they're trying to say, you've thrown out that freedom and made it a privledge.
There's not even anything wrong with that if that's the world you would prefer to live in. Its important to know that's the tradeoff you're making though, and be prepared to accept the consequences if you one day find yourself running into new leadership that believes what you want to do online, or what you say, isn't worthy of the privilege.
Wasn’t the raid done in a democratic land? There is no gestapo in Germany in 2024, is there? Privacy is what terrorists love too. There needs to be a balance. Even guns need permits and psychological evaluation.
The goverment has just revoked your speech license. Please upstain from public talking to more than three people.
I really don't get how bomb threats can be considered "speech". Like, there is no benefit to society from allowing people to make bomb threats.
Be more precise in your thinking. This is not about bomb threats, this is about punishing people that provide a line of communication.
It is not a new concept that defendants of freedom of speech often have to protect scoundrels too. The argument doesn't change, it always has the same pattern and principle. And yes, it is advisable to err on the side of freedom, there is enough literature here to expand on that point.
Additionally the agencies that would demand these information are prone to break the law itself. So this isn't even a discussion about doing something just or not. This is purely a discussion about how much power you want the executive to have. Or in case of Germany, the often misdirected and overworked judicative branch.
Here's a different take:
Criminals and fraudsters will abuse pretty much every technology they can get their hands on. As a consequence, every service operator needs to do their part to prevent fraud and abuse. If you offer a service anonymously and indiscriminately, your service will be overrun by crooks, and you'll end up serving criminals.
The fact that your service could be used to defend free speech does not absolve you from your duty of monitoring the use of your service. If you realise your service is used for exchanging illegal content and bomb threats, it's your duty to do something against that, or stop providing the service.
The government are against free speech if you are criticising illegal things they are doing.
Germany certainly needs more liberty instead of raiding the home that called an official a penis.
Exactly. This is all I'm saying.
I don't have enough knowledge of Tor to make an argument that it does more harm than good or vice versa. But I do know that a lot of people on here are just as ignorant as I am but are quick to assume that Tor must be inherently good because it protects privacy.
As I said, if you look frankly at the risks and decide that the benefits are still worth it, that's a decision I'm comfortable with you making. But that requires looking very frankly at the risks, which most seem reluctant to do in favor of high-minded abstract discussions of the merits of freedom and privacy.
This subthread spawned from someone who helped facilitate a bomb threat through an exit node they were running, and that kind of concrete harm needs to be mentioned in any discussion of the merits of Tor.
And someone else pointed out that the IRA used to send bombs through the mail. Yet we are not debating shutting down the Royal Mail because of that (and rightly so).
There are governments out there who kill people who criticise them, usually journalists. We need those people to continue their work. We do not want a world in which all communication is government-approved.
As I said elsewhere, at least in the US there's an entire law enforcement agency whose sole job is tracking down people who use the postal service to commit crimes and hurt other people. I'm sure there's an equivalent process in the UK. Tor is specifically designed to make that impossible.
There's really no comparison.
I agree, and it may well be that on the balance we come to the conclusion that Tor is worth it. All I'm asking is that we stop looking at the harms as an abstraction and the benefits as concrete.
OP facilitated a bomb threat but seems to have thought primarily about how unfair it was that law enforcement subpoenaed them rather than the complexity of the moral choice they made and its consequences.
This trade off concept is a popular belief but completely fictitious and dishonest.
The state is not fundamentally better than the people as a whole. They just have more focused resources.
More resources to brainwash their subjects about how their power is always such a great and wonderful thing and is only ever used for good, and definitely better than people exercising power themselves.
Oh and also much more resources to gas people to death in camps, starve them to death, blow them to bits (but always for completely good and justified reasons of course).
Complete crock of shit, it is.
I'm as much of a supporter of encryption as anyone, but I also accept that true effective encryption enables some pretty horrible things.
One of those "better look your meat in the eyes, before you murder and eat it" idealism-meets-realism moments.
On the whole, though, I think even with perfect encryption the remaining physical traces of illegality are sufficient for law enforcement purposes (granted: if more difficult).
I don't think the analogies to encryption are fair because a Tor exit node is far more active in shielding criminals than the inventor of a new cryptography scheme is. The inventor merely puts out an idea that can be used for good or bad. The exit node operator is actively paying on an ongoing basis to shuttle CSAM and bomb threats.
The exit node operator is also shuttling other content, so it's not wholly evil and on the balance someone might decide it's still worth it, but it's still a much less obvious ethical call than simply designing a piece of tech.
Someone has to pay for distribution, maintenance, and integrations of the encryption on an ongoing basis. If it was legal to write encryption but illegal to distribute it, what would be the difference from a ban? Both tor and cryptography require an ongoing effort to provide their service.
I see a pretty strong difference between hosting the latest build of gpg and actually running a server that moves the bytes that cause the harm. You may not, but I do.
‘Truly bad’ still relies on the perspective of the participant though. Parents point is that ‘bad’ is a matter of perspective, and that right or wrong, at lease some cartel/nk/isis operatives believe their actions are justified for some greater good, Palestine/Israel opinions and belief are obviously a more easy to understand perspective, but the point still stands.
NK operatives feel incredibly lucky they get to not starve. Unless they got to where they are at due to nepotism.
You don't know that, you've never been there or probably spoken to a north korean. Not saying you're wrong (i can admit i have no idea), but i'm annoyed you're swallowing narratives from warlords who have been known to lie to start wars as if it's assumed default true
I have no idea about nk politics, but if the media continually pumps out ‘the west is the reason we’re starving, join the military today!’ then they might feel lucky to both be fed, and to be serving their country.
Hitler thought he is a good guy. Stalin thought he is good guy. Everyone thinks he is a good guy from the own perspective.
You're naming things that are in the grey zone though. For example I can find polls [0] suggesting that North Korea is one of the least popular countries, but not strikingly different in absolute terms than someone like Russia or the USA. Internationally speaking they aren't unusually bad actors.
The problem with a "no shades of grey" stance is that in any large organised group there are going to be some good points and reasonable ideologies for why they have banded together to do what they do. They may be mistaken on important points, and it certainly may be necessary to put all empathy aside and try to ruthlessly crush them regardless of any good points they have - but in practice that approach almost always leads to terrible results compared to negotiating to emphasise the good and suppress the bad. Take ISIS - the reason we have groups like ISIS running around is generally because of a no-shades-of-grey approach taken to deal with their precursors. The US policy in the Middle East typically destabilises things (although they are hardly alone in doing that).
[0] https://en.wikipedia.org/wiki/Foreign_relations_of_North_Kor... - "Results of the 2017 BBC World Service poll. Views of North Korean Influence by country"
Are we the baddies?
https://www.youtube.com/watch?v=ToKcmnrE5oY
During The Troubles bombs were sent via the Royal Mail. Nobody blamed the post office. Indeed any infrastructure is a tool of terrorism as we rely on it (I am not going to make a list for obvious reasons). I think the reason we tolerate this problem with infrastructure is that the benefits outweigh the risk. The question is whether or not the same applies to free speech - you're right there is no win-win solution, but it still might be worth it.
However if you start "Peters no questions asked hand delivery service, shipping direct from Ireland to London so reliably you can set a timer by it" - and you deliver 3 bombs to politicians you might find yourself being asked a few questions.
At the time that's exactly what the Royal Mail was. Requiring identification to send packages is a much more recent development. Society just accepted that bad actors could do this and solved the root problem instead.
You ... do not read much about history, I guess from this.
The thing is, we absolutely don't tolerate this with infrastructure. We have entire systems in place to make sure that we can find people who use our infrastructure to kill people. The USPS has its own entire law enforcement branch whose sole job is to track down people who misuse the mail. I'm sure there are processes in the UK for the same.
With our infrastructure there's some non-zero amount of abuse that we acknowledge we won't be able to prevent in order to make everything work without infinite enforcement cost, but we don't just close our eyes to the abuse and not even try to do anything about it at all.
The difference between the post office and Tor is that Tor is very specifically designed to make tracking a sender of a bomb threat impossible. State-run postal services at least try to have an audit trail for what they send.
Well, many (if not most) exit nodes are ran by three-letter agencies, so at least there is some infrastructure in place.
There are quite a bit of differences here. The mail services transport physical goods, and the whole path can be tracked. Every letter or parcel is registered by the postal office where it was submitted to for transport. And usually there is quite some physical evidence with everything you do mail.
You have to ask yourself if the good is worth the harm.
But the math on that looks like this.
The "really bad" people have no conscience. No qualms about compromising the device of some innocent victim and then using that as their "exit node" if Tor wasn't available. So if Tor doesn't exist, that's what they do, and that's worse. Because not only do the bad guys still get to be anonymous, now the owner of the compromised system takes the blame. Which is more likely to be someone less able than you to articulate what happened, and who has to claim they were hacked with perhaps scant evidence rather than being able to point to their IP address on the public list of Tor exit nodes. They also might not be in a country with due process. So what you're doing there isn't helping the bad guys, it's saving some of their innocent victims from being unjustly punished.
Meanwhile the "good guys" who use Tor do have a conscience, so they wouldn't do that to an innocent third party, and then without Tor they have nothing. So you'd be helping them too.
We shouldn’t have keys then. Really bad actors are going to force your door anyway. Let’s at least save the doors.
Come on, Tor main use is child pornography and drugs. If you think you’re helping oppressed journalists, it’s 99% false. You’re mostly enabling all sorts of criminal activities, from benign to major. Hosting a tor exit nod doesn’t make you a hero, quite the opposite actually.
I would use that argument if I were an oppressive government that was troubled by journalists using Tor to expose me. It's only 1% right? Think of the children.
Quoth Fidel Castro: ¿Armas para qué? (What do you need guns for?)
Guess what he did after he took the people's guns
Locks aren't for the really bad people, who are in fact going to break down the door. They prevent crimes of convenience.
But Tor is the lock, and the crimes of convenience would be e.g. mass surveillance of the population, in the event that ordinary people don't have it. So it's not clear what you're arguing here. That everyone should use Tor?
Start here:
https://news.ycombinator.com/item?id=41507790
Add to this, the illegal stuff isn't accessed via exit nodes, which link into the ordinary internet. Those things use hidden services, which are internal to the network and don't use exit nodes.
But let's even explore the premise. Suppose a lot of the traffic is people trading in illegal materials. Well, that's not really a big problem; people do that stuff via several other existing channels and the societal cost of each instance of someone buying pot over the internet isn't very high. Whereas the societal benefit of one single whistleblower is massive. These things can change the lives of millions of people. So even if it's 99% contraband, the remaining 1% is ten million times as valuable.
If we're talking about the decision to actually run an exit node, I disagree with this breakdown of the ethics. I can value freedom more than state protection in the abstract while at the same time not feeling that helping support freedom in Russia and China and Iran is worth the cost of simultaneously helping to shield perpetrators of violence closer to home.
In most people's ethical frameworks choosing not to run a Tor node does not make me culpable for the actions of a state suppressing its people, but choosing to run one does make me at least somewhat complicit in shielding the perp of a bomb threat.
how is this different from running a postal service? would you be against that?
The USPS has an embedded law enforcement agency [0] whose full time job is to track down people who are using the postal service to commit crimes. Tor is very specifically designed to make an equivalent impossible.
[0] https://en.m.wikipedia.org/wiki/United_States_Postal_Inspect...
Here's the thing: I am not on either side of that conflict, or likely any other conflict you could use as an example. There are atrocities committed by both sides. There are victims on both sides. You could argue over who committed the worse atrocities or over who is the biggest victim until your face turns blue, it isn't going to end the cycle of violence as long as there are people facilitating that violence.
And no, I am not naive. I know there are people out there who care nothing about causes beyond their own self interest and who care nothing about their victims. I realize that these people are impossible to combat without the innocent coming in harms way. Yet the moment we fail to be ashamed of the harm we cause in the name of the cause, the moment we fail to acknowledge who is being harmed in the name of the cause, is the moment we become no better than them.
Oh just because you are not affected yet, you might be in the future, most probably if no one is there to help against people with obscene power and they start to easily win
Here's a better example then. Publishing the truth or publishing opinions about political leaders is illegal in some jurisdictions. Would you be unwilling to provide help to these "bad actors"?
Lots of horrible dictators have used rhetoric like yours to rationalize/facilitate their actions.
The fact of the matter is, there really is no absolute objective moral compass; and yes, that includes "we should just stop facilitating violence" because you absolutely can be enabling others to take advantage of that to cause more harm.
You have to pick a stance and live with the harm that comes out of it (yes, whichever stance you pick, will cause harm).
This is again a forced binary "and/or"-decision, without anything inbetween.
It doesn't have to be like that - both can coexist, if both terms are not extreme.
(disclosure: my post is not related in any way to Israel nor Palestine and I'm personally not linked in/directly to anything related to Israel nor Palestine and this post is not related to the current conflict)
Stepping back though neither side in that conflict needs Tor. They both have numerous supporters in other countries where that support is legal. They can send and receive information through trusted outside supporters including some outside governments. They just need secure communication channels to a few representatives among those supporters rather than something is general as Tor.
I want to argue for freedom, on the grounds that most people know whats best for themselves better than others, so on balance there should be more people using that freedom for good, but then most people are busy, and not as motivated or knowledgable of how to use that freedom as the malicious actors are.. so is that even freedom in the end?
I don't think that dicotomy is quite right. bad actors can take away my freedoms (for example if they steal my bank account I'm no longer financially free as I'd have no money)
I don't know the correct balance. maybe it's just an impossible problem. I just don't think the two sides are freedom vs state protection.
The problem is when you choose to involve yourself in nation-state conflicts they’re just not going to care about your protestations of neutrality and freedom. They’re just going to see you aiding their enemy.
Agreed.. this " I could not ignore the fact that any "really!!!" bad actor could use the same infrastructure to avoid investigation/prosecution," could be dependant on what you personally see as bad actor.
Would being gay count? In some countries it's a death sentence, so using TOR is how they avoid being thrown off a roof or stoned. Talking about anything LGB is a crime.
What about someone who wants to read 1984.. Would you be okay with them committing that crime?
Yes being gay is illegal in some countries, but those governments don't have the ability to raid a German citizen's home for it.
The people who do live in those countries could, however, be using an exit node in Germany. It isn't the exit node operator who chooses who uses it.
Exactly
Making an analogy, I feel these people are kinda the European ideological equivalents of the "sovereign citizens" in the US (though sure, they're usually more informed)
In one way, deeply concerned about very legitimate worries of free speech and privacy. In another way, very naive about what happens in the real world or how legal process works
Expectations: "We're helping people fight dictators!11" Reality: 80% malicious usage, 10% "just a prank bro", 5% people with legitimate uses and then the rest
Agreed, except, what is especially European about this?
The idealism and rose-tinted/"self righteous" view of the world.
"Wir schaffen das"
Idealism around privacy and liberty are quite important, otherwise you end up with a worse country and there is a reason for laws to usually grant people these rights.
The law failed here and it is a typical problem for Germany, that historically and still today has problems with liberties in general.
FUD doesn't mean we should do away with liberty. To say otherwise is naive idealism that requires infallible human actors in security related agencies. That is impossible.
And it doesn't need to be a "really bad actor". I have been spammed by someone for years who clearly used a script to target an online service of mine. Always connecting from TOR, so banning an IP or a range wouldn't block that person.
This shows how easily TOR can be abused, even for small misdeeds.
Decentralization is not an excuse for negligence. Anyone working in cybercrimes should be aware that Tor exists and of what it is. The list of exit nodes is public. Harassing the operators can only be one of malice or incompetence and neither alternative is excusable.
But flipping the script: bomb threats and Qatar conducting international espionage aren't silly things as far as the government is concerned, and if we intentionally interpose ourselves in the comms channel in a way that the attack trace stops at us, we should be expecting follow-up from a human being tasked with enforcing the law, right?
I suppose my issue stems from my perception of the seemingly lack of serious investigation on their law enforcement side.
If you had visited any of my exit nodes via port 80 or 443, I had a lander on them stating that it was a Tor exit node and to please contact me if you wanted your IP to be blacklisted from it. I also stated that there was no useful information contained on this server (by design) that would be helpful for any evidence gathering or investigations. Seriously, all they had to do was plug my IP into a browser or do a simple scan of it but I suppose that's asking too much from LE lol.
Additionally, Tor exit nodes are public and all they had to do was look into my IP more than 5 seconds after finding it in logs somewhere and firing off a warrant or subpoena for it. The first two were straight up vague templated fishing expeditions. The 3rd subpoena actually came straight from the DOJ and was a lot more detailed and serious.
They should know what Tor is and know that any Tor server contains ZERO info that would be able to assist them in whatever they are attempting to investigate.
Sure, I do think such situations require follow-up but as soon as they are informed it's a Tor ip, they should know to drop any pursuit of getting evidence from it. They do not, they continue to go after you via legal means. Even though I had the EFFs help, this entire process still took months.
It's pretty stressful to be in a situation where its lil ole me VS the entire United States government who has unlimited resources, time, and money to go after you.
I am extremely blessed to have had the EFF lawyers at my defense and will forever be a life long supporter and donor to them. They really do fight for our digital rights and can help defend you in a digital equivalent of a David versus Goliath situation.
The end goal is probably to get you to do what you did, which is shut down the exit node. If they make it painful to run a Tor exit node, they make Tor harder to use.
Exactly. Which is not as obviously an unethical approach as some here would think—if you are standing between law enforcement and a bomb threat, "I'm intentionally ignorant of the activities of the people that I'm shielding" is a morally dubious place to stand. The law allows law enforcement to subpoena records related to an investigation like this, and I honestly think it's fair to force Tor exit node operators to handle those subpoenas every time, even if the answer is always the same.
To have some sort of automated process in place to deflect blame allows an exit node operator to ignore the real damage their work can do. They may still decide that the good that they're doing outweighs the bad, but forcing them to see the negative consequences of shielding anyone who wants a shield has value.
Is that the horseman we're giving up our rights for today?
Your right to knowingly run a service that is used by people to kill other people while never having to interact with the consequences of that decision?
I'm not suggesting people shouldn't be able to run a Tor exit node. I'm suggesting that people who run Tor exit nodes should occasionally have to a deal with a subpoena that says "your exit node was used by a criminal to hurt people in ${these ways} and we require any information you have to help apprehend the attacker."
I don't want to deprive anyone of the right to make a moral decision, but I do want them to feel the weight of the full import of that decision.
Can you name a product or service for which this is not the case? Militaries use general purpose software to design weapons. Murderers use vehicles and transit systems. We don't expect the government to harass the makers of cutlery because they provided a product used in a mugging.
I think that any creator of any tool should be faced on a regular basis with the harm that that tool causes and have to make the call on a regular basis if it's still worth it.
So steel workers should get a subpoena they have no effective means to respond to on a regular basis because steel is used to make all manner of weapons and machinery that gets used by bad actors?
Aside from this being a bad faith comparison - no way you actually believe that steel rods and bars can't be subject to EAR
You can't justify a bad policy with a different bad policy. Trying to control access to a fungible global commodity is pointless.
You've questioned existence of such "bad policy". I pointed out that there are such policies. I neither supported nor opposed them.
I won't be surprised if there were something in US criminal code with supreme court precedents that specifically dictate the government harass in timely manners the makers of cutlery used in a mugging. There _are_ always laws. _Everything_ is regulated. Most of those regulations are reasonable.
This is a bad faith comparison and I'm not going to engage with it.
I'm honestly not sure what distinction you're trying to draw between them. Clearly any ordinary product can be used for nefarious purposes.
The distinction some people try to draw is when a higher proportion of a product's users are nefarious, but that doesn't really work either because who uses something can change over time.
If you have a society where nobody has window blinds or locks on their doors because it's a rural area and there is no one around to invade your privacy then locks will be disproportionately used by neerdowells "with something to hide", and then busybodies will claim that anyone with nothing to hide shouldn't be concealing their private spaces and anyone selling or using any privacy technology should be pressured to stop. Which sustains the status quo through external pressure even if someone does start invading everyone's privacy.
And that's what's been happening on the internet. Surveillance is the default, Cloudflare et al block Tor users as a matter of course and that drives normal people from Tor and similar technologies even though they would otherwise benefit from its use. People are told that it's the dark web where there are criminals and they shouldn't use it -- it being Tor Browser, the thing that keeps ad networks from tracking them across the internet.
Then after dispersing the normal users who would otherwise benefit from using it, people say that it has a lot of nefarious users to justify the continued harassment of anyone who does. But that's just path dependence, and there are parties interested in leading us down the garden path to mass surveillance.
Right, I could kill a person with a spoon. Still we regulate guns and not spoons, why is that?
You are talking into a void following this line of reasoning. There is no logical consistency in the context of a state and all the myriad of terms and concepts in its wake. That's by design and everyone that's brought up under it from a young age is taught to embrace that, as a feature. Your words are foreign invaders and every core of these smart people's beings will fight you with their ridiculously smart and well trained antibodies.
Not trying to single out the person you're responding to, but I've seen this play out many times and engaged in it previously to no effect.
We, uh, absolutely expect the government to "harass" people operating transit systems for any and all information about a criminal using that system.
Camera feeds, ticket records... All of that is accessible via warrant. That's probably the most salient example in this context.
Tor exit nodes don't have any information to identify the end user. They don't know who it is, so there is nothing to subpoena or turn over. Subjecting low-resource entities to a known-futile legal process is a form of harassment.
It's not known-futile. A misconfigured Tor node could be storing all sorts of useful traffic data. Besides, there's also the possibility that the exit node operator themselves could be the actor; since the trail stops at them, they're under suspicion.
If it is moral for the US government to create Tor, it is moral to use it. Sure, it may be it’s a tragedy of the commons, but there’s no individual moral accountability or responsibility for those running Tor because of things other people do or don’t do on it. That’s outside anyone’s ability to control anyway.
Of course there is. If I am deciding whether to dedicate resources, money and time to running a service which -
a) Helps dissidents in authoritarian regimes communicate freely
and
b) Enables bad actors to send threats and/or move CSAM around
Then that is absolutely a moral choice I need to make. It's not outside your control, you get to decide whether or not to provide the service.
I don’t know. Could you imagine if you were in charge of investigating something like this and you _didnt_ check one of the computers involved just because the guy who owned the computer claimed it doesn’t have anything useful on it?
There could be logging bugs in Tor that you were unaware of, or the owner could be using Tor as a cover. It would be negligent _not_ to at least check the device logs for anything useful.
By that logic why not also seize and do forensics on all the ISP's routers too then, just in case? After all, the ISP could be secretly in on the criminal plot, and how could you know without imaging every hard-drive in the data center? It would be negligent not to.
The truth is that police investigations normally are restrained based on the disruption that they cause the public. Police deviate from standard operating procedure when it comes to TOR exit node operators because they want to punish and intimidate them.
They want to punish operators because the authorities are frustrated by the effectiveness of these technologies in countering the pervasive surveillance environment which the authorities take for granted.
Citation needed. ISPs have entire departments dedicated to cooperating with law enforcement. Comcast has a whole portal with its own subdomain specifically for handling requests from law enforcement [0]. Cox has a page detailing exactly how to send them a subpoena [1]. These guys are clearly dealing with subpoenas just like the ones OP is describing all the time.
It only seems out of the ordinary this time because it's a random person who decided to play middle-man instead of an enormous corporation with a massive legal department.
[0] https://lrc.comcast.com/lea
[1] https://www.cox.com/aboutus/policies/law-enforcement-and-sub...
ISPs cooperate with law enforcement. Most even have dedicated staff for that.
So there's no need to seize their equipment.
< By that logic why not also seize and do forensics on all the ISP's routers too then, just in case?
You think they don't!?
Implying that they don’t have the capability to do this already and/or alternative means to accomplish the same thing.
https://en.wikipedia.org/wiki/Room_641A
There's a very productive spammer that sends out spam for their shops and, on their home page, they have a big info about how they didn't send that spam, and it's just somebody else trying to ruin their reputation.
If all you'd need to deter law enforcement is to put a website up on your server and say that you don't have anything to do with anything happening on that server and that they shouldn't bother because there's nothing to see anyhow, a lot more criminals would do that. I'm sure they'd even put an actual exit node on their machines if that protected them from law enforcement.
Maybe rather than a big info explaining that there's nothing to see, it could be a big info explaining that "source IP address" is useless as evidence of a crime, because, as this server and many, many other proxy services demonstrate, the IP listed as the origin is in no way guaranteed (or even likely) to be the actual origin of the traffic.
It's like raiding the home of the mail carrier because someone got drugs in the mail. Sure, it could technically be that the mail carrier is also a drug dealer. But when it comes to the USPS, the identity of who delivered the contraband package is not a useful data point for investigating the crime, and acting otherwise is willful ignorance.
It doesn't have to be the actual origin for it to be useful—unless the software is specifically designed to avoid traces (i.e., Tor), there are often logs that will lead you to another IP address, which might lead you to another, which might eventually lead you to the source. It would be foolhardy for police investigating a bomb threat to not at least ask, given how many people they do in fact catch this way.
No, in the case of OP it's like subpoenaing the local post office and asking for everything they know about where that package came from. Which is, incidentally, quite common, except that in the US the post office is a government entity that doesn't need to be subpoenaed because it has its own law enforcement agency that should have jurisdiction over the case.
Fair enough!
I mean, yes, I'm pretty sure "just take my word for it" is asking too much of LE.
We can always say "Come back with a warrant" but then sometimes they'll come back with a warrant.
Unless, of course, one has misconfigured it... Which could be the case. Definitely the kind of thing LEO can figure out on the other side of a seize-and-strip of the hardware. Unfortunately, I think the only way to not be a part of the story here is to not be a part of the story here... Don't proxy anonymous traffic if you don't want law enforcement asking after the anonymous traffic you proxied. Otherwise, expect the responsibility imposed upon a service provider (since you're providing a service).
Other ISPs avoid this scrutiny by going out of their way to be helpful to law enforcement.
There is no way for police to know if the traffic came through tor, or was initiated by the owner of computer/server. It seems reasonable that the police have the right to investigate. If not, anyone could run a tor node to cover up their own criminal activities. Even if you did have logs suggesting it was tor activity, should we trust someone’s claim that the logs are proof that it was someone else?
It would in fact be negligent if the police did not properly investigate the server/computer/house of the device.
Yup that's the same conclusion that I've come to for now. I got a family and stuffs now so don't want to bring any stress to them.
One day I will resume but in the future :)
Maybe they did not expect any useful info? One gets jaded but https://en.wikipedia.org/wiki/The_purpose_of_a_system_is_wha...
That isn't the reading I would make of the situation.
Like the OP says, it's harrassment to discourage continued operation.
I think that's what the person you replied to was saying. The purpose of the "system" of law enforcement is not what they say it is (to try and gather evidence from the server), but rather is what the system does (get people to shut down exit nodes because of the hassle).
That's my experience too from actually having my house raided. I had two kids in bed at the time, and the police didn't even know to expect kids in the house (both kids were over 11 years old, had birth certificates, had lived in that house all their lives and attend local schools and are darn fine students).
They didn't know. It's mind boggling to me that they could get a raid warrant without having done even the most basic (below even basic) investigation.
My opinion of police investigative competence took a 99% hit as a result.
It's a lesson my kids won't forget either.
The raid no doubt was carried out by the police. They just what they are told to do by an organisation that is higher up. No one will get reasons. Maybe the chief of police. But only a limited amount so he can claim plausible deniability.
The dirty people behind all this are in the way they run the investigations. And what way is that ? Well it’s the “organised crime investigations”. The Netherlands pushed the RIEC way of working here to Germany and Belgium. Look it up. Euriec.
The whole way of working is to do dirty tricks in an unaccountable way.
Yes, but they should be able to investigate without placing an undue burden on exit node operators (or regular people with a compromised device that was used as a proxy). Unfortunately it's hard not to be cynical and assume that these kinds of overreactions (and worse) are going to continue. But in my opinion, any society where policing is convenient for the police is a horrible place to live. (Is it really such a radical concept that law enforcement should be focused on protecting the innocent, not punishing the guilty?)
Is the burden undue?
A Tor exit node operator has made the ethical judgment call that they're doing more good than harm. That might be a reasonable position to take, but I don't think it's unreasonable for us to expect an operator to face up to exactly what it is that they are doing. I'm fully on board with any bomb threats (as just one example) leading to a subpoena on the exit node operator who shielded the threat actor, even if the answer is the same every time.
Making the decision that you're doing more good than harm requires you to fully understand the harm that you're justifying, and law enforcement subpoenaing you every single time is one way to make it very clear what it is that you're choosing.
I can think of very few cases where the possibility of your home being raided by heavily armed police officers, and your property seized, is appropriate if it's clear all you're doing is running software. (Side note: I'm surprised how often attitudes on this site are at odds with the "hacker" part of "Hacker News".)
It is fair that running an exit node might be inconvenient, maybe even to the point where consulting a lawyer is advisable, but I think we should draw a hard line at direct threats to an innocent person's liberty, livelihood, and physical safety. That kind of fear is definitely an "undue burden".
Yes, I can agree that an armed raid or the threat thereof is definitely an undue burden.
I do not view software as amoral. It's a tool, and like any tool it is an extension of myself. Software that I run is acting on my behalf, and what my software is designed to do is something that I should be held morally accountable for.
I'm not sure when the hacker ethos came to mean that "just running software" absolved you from having to account for the damage your software causes, but if that's what the hacker ethos is about then yes, you can count me out.
My point was that running any kind of software should not come with a presumption of guilt. But in the eyes of the establishment, it often does; see: Aaron Swartz, or how pressing F12 might be illegal[0], or many other such cases. A "hacker" should not have any sympathy for this kind of draconian knee-jerking.
[0] https://techcrunch.com/2021/10/15/f12-isnt-hacking-missouri-...
Where is the presumption of guilt? A threat of violence was traced to their IP and they were served a subpoena to provide information that might lead to finding the threat actor before they actually hurt anyone. No one even accused OP of a crime, much less presumed their guilt.
I don't mean in the judicial sense, I mean in terms of how they are treated by law enforcement.
Again: where is the presumption of guilt in OP's case? They got subpoenaed, they enlisted help to respond, life went on.
Their lawyers warned them to prepare as though a raid would occur, but that's the lawyers' job: to prepare their clients for the worst just in case.
When computing became predominantly online, hackers inherited a moral dimension: the need to consider whether they are doing harm to others via what they do with the shared global network.
It's a different story when you're cobbling scraps together in your basement, and it's a different story when you're primarily phone phreaking "the man," as it were.
Hacker News is hacker like a hot dog is a dog
That's not what subpoenas are for, and it would be a really stupid waste of time and resources. If you really want to do that, just send them an email.
An email can be filtered, doing that with a subpoena would be... silly.
Subpoenas are used all the time in cases where they're not expected to be inherently useful for acquiring information. If law enforcement is going to take 10x as long to find the perp because you hid them, I don't see a problem with them sharing that burden with you a bit—there are externalities here that should be internalized.
Yes.
They are. Absolutely. It's not really a question.
No, that's just harassment.
Scenario: LEOs knock on your door and take everything connected to the internet. Why? Your home was running an exit node. Who? Your 12 year old.
Yeah yeah “parents should know” but given the rash of shootings by young people, fuck that argument.
The danger is that the Government could just make all this up to specifically target nodes they do not control.
The exit nodes have been known to be the weakest part of the tor design. It has been a logical theory for a while that all exit nodes are visible to the U.S. Govt.
This is just one way they can leave a system like Tor up for their uses and also make sure anything domestically is fully visible to them.
What about timing attacks though, things like governments controlling things coming and going into routers and the internet as a whole?
Surely that's worse than the exit nodes?
The way I see it, the right approach is some kind of continuous communication where messages end up in fixed slots, where if no message would have gone, there'd have been a randomly generated message.
That's very nice but until tor exit nodes are illegal, such police action is purely a harassment effort, right?
One thing that struck me, years ago, is that the people running these actions (recipient of a death threat or police) are far more concerned with the fact that "someone enabled this", rather than the fact that someone was angry enough at them to issue a death threat. They had no visible concern about that wannabe murderer, apparently spending no effort trying to identify THEM. They just wanted retribution against the exit node operator. It was totally doing something for the sake of doing something, zero concern about solving any root problem. They had seemingly zero concern that their safety was a risk (I mean, from eventual action stronger than a death threat.)
They also had zero awareness that anonymous email had allowed this ennemy to be revealed before any physical violence.
...
This really doesn't strike you as cognitive dissonance? I mean, yes, I get it, it's easy to construct a scenario where you're "helping people". But you're also "helping" people engage in terrorism and identity theft in exactly the same way.
Surely that deserves at least a little thought and moral calculus, no? You're not making a first principles argument about fundamental rights or anything, you're saying you run exits because it's "helping". Well, shouldn't it help more than it hurts?
Doesn't running a post office help people communicate coded messages about nefarious things? Doesn't running a telephone network help people do the same? What about cellular hardware providers and maintainers?
They do. But all of the above bend over backwards to help law enforcement.
The US postal service scans and stores the outside of every envelope and package they handle. Law enforcement agencies can query this metadata.
https://en.m.wikipedia.org/wiki/Mail_Isolation_Control_and_T...
They do, but they are not only share the metadata with law enforcement, but also let them wiretap. (Often they require a warrant for this, but that is not a hard burden for a LEO.) And this capability is not some aftertought, but deeply integrated into their tech stack.
We prefer they assist LEO operating under court order, instead.
Tor isn't a post office or telephone network. We have post offices and telephone networks. Tor also isn't a replacement for a web browser or internet, we have those too.
Tor's feature isn't "communication" in the abstract, it's anonymity. And yes, that can be used for good or for evil. But the upthread comment was saying how nice it was to run an exit node because it was "helping people". And to the extent that's true, I think correct thinking demands you also account for the harm.
And let's be clear: Tor is definitely harmful. Almost all Tor traffic is some degree of nefarious. The tiny handful of dissidents are drowned in a sea of phishing and contraband.
You don't need tor for terrorism or identity theft, and it probably isn't widely used in those circles. There are easier ways. But plenty of people use tor to avoid what amount to terrorist govenments and regimes.
This statement is made without basis. What percentage of tor traffic is used for terrorism, identity theft, or people avoiding persecution?
I'm not going to make a value judgment on the use of tor, but I do think it's important to be honest about how it may be used.
I actually think that Tor should deemphasize exit nodes and trying to provide access to the clearnet, in favor of better hidden services.
Nearly every major site ends up either totally blocking anything that comes from a Tor relay, or applying massive numbers of weird CAPTCHAs and restrictions, so it's getting to be basically unusable anyway.
The new Cloudflare captcha has changed this and it's a lot better now. There's no more Recaptcha hell. I read the Ben Collier book about Tor recently and in his interviews he found that some Tor contributors actually feel the opposite, because they feel the negative attention that the "dark web" mythology brought on has been bad for Tor. According to the book the archetypal Tor user is someone in a censorship heavy country like Iran visiting facebook.com or nytimes.com, so they don't get much out of hidden services.
I don't even use Tor (this is literally stock Safari) and Cloudflare will not let me through as of last week or so.
Isn't that I2P[1]?
[1]: https://en.wikipedia.org/wiki/I2P
There really is a fundamental difference between : secure end to end messages of willing participants. VS arbitrary anything-illegal from someone else's public ip.
This gets back to AnthonyMouse's argument (above) that
(1) TOR exit node operators are buffers to protect people from being hacked. A hacker would more easily use TOR than need the effort to runa scan for vulnerable routers, root one, and hop between various routers.
Which implies
(2) if TOR had no exit nodes and/or clearnet service blocked TOR ranges, hackers will just resort to hacking routers / other systems / botnets to make their own proxy. Now the block doesn't work, someone(s) got hacked, TOR is gone.
Basically TOR as a "containment" system. Seems to me that would be preferable for law enforcement, particularly because some state actors (https://www.infosecinstitute.com/resources/general-security/...) are putting great effort into unmasking TOR, making it a great honeypot. Ironic that Germany prosecuted a German exit node when they were the same ones investing heavily in unmasking it!
I ran an exit node back 2007-2008 ish after learning about Tor at a conference.
I stopped running an exit node when I looked at the traffic flowing through it. I even sslstripped it back when that was much easier.
No freedom fighters. No oppressed journalists. No free speech.
Only porn and scams.
Running a Tor exit node for freedom is like burning a village to save it or enriching your own uranium to solve the energy crisis.
There's gotta be an answer, but this ain't it.
Just because most stuff is botspam, that doesn't mean it's not worth it for the occasional Snowden or Panama Papers - those would have been next to impossible to safely execute without Tor.
They were sending this in cleartext?
Enriching own uranium is an interesting project. I prefer nuclear simulations, but same vibes.
Makes sense that's where the bulk of the volume is, not much different from the internet at large. Freedom fighters and oppressed journalists are exceedingly rare, but they do use Tor.
I wonder what you expected?
Why don't lawyers just do this stuff? Then minor legal threats are not a concern.
Alternatively, why don't we become lawyers, too?
At the end of the day, lawyers are human too, with lives and families.
They would know the full extent of the inconveniences regarding home raids and device seizures for long periods of time. This would disrupt their lives, work, and probably affect their ability to serve their clients’ legal troubles.
At the very least, I’m thankful for the efforts of the EFF and others that do know the law and help. But I’d imagine there’s a good case for separations of concerns here. Stay out of the legal troubles yourself so you can help others that do get caught up in it. One degree away.
My sarcastic self would say because lawyers became lawyers to earn good money and have social standing. Not to be benevolent to society.
Wouldn't the true exit node be the ISP as you are one clear node behind them? How many ISP execs get raided by SWAT teams?
In jurisdictions whose ISP laws I'm familiar with, ISPs have a special protection granted: they don't get raided because they're seen as an infrastructure provider, but only as long as they can point to a customer responsible for some given traffic when served a court order.
Yes the IP was just a DO vps I setup to be a Tor exit.
That's why they requested my personal account information, billing info, IPs that I logged into DO with, all of that.
If not interrupted by me getting the help of the amazing EFF lawyers, the next step after getting my personal information, could have been to raid my home and seize all my electronics. I work from home and would have been greatly disrupted and not been able to work without my computers and etc. Then I'd have to wait months/years to be found innocent and then get all of my electronics back + spend thousands on lawyers.
During all of this, the EFF lawyers straight up told me to prepare my home as if it were to be raided and encrypt all my devices.
Thankfully it did not come to that.
I’m surprised DO allows Tor exit nodes. No wonder their IP reputation is trash the time I tried to set up my mail server there.
https://docs.digitalocean.com/products/droplets/details/poli...:
Running Tor exit node without abuse? How is that possible? Since they didn’t shut you down after three abuses serious enough to get law enforcement involved, I guess they don’t really give a shit about abuse after all.
Restrictive exit policies
I was going to run an exit node when I first learned about Tor, but realized that the cool positive use cases I was imagining it would help with could be effectively done in other ways. In some cases those other ways might not be as easy, but there would be enough resources available to the people involved to get the job done.
It seemed likely that it would be the horrible use cases it would benefit the most.
Balancing an increase in the efficiency of doing good things that could already by done other ways against greatly benefiting horrible use cases made it so that I could not morally justify it.
Situations like this are the main reason I shuttered the torwhois.com service. The barely zero gain wasn't worth the risk, sadly.