Tor anonymity server admin arrested

In a recent blog posting, a German operator of a Tor anonymous proxy server revealed that he was arrested by German police officers at the end of July. Although he was released shortly afterwards, information about the arrest had been kept quiet until his lawyers were able to get the charges dropped.

Tor Project Logo

(Credit: Tor Project)

Tor is a privacy tool designed to allow users to communicate and browse anonymously on the Internet. It's endorsed by the Electronic Frontier Foundation and other civil liberties groups as a method for whistle blowers and human rights workers to communicate with journalists. Tor provides anonymous Web-browsing software to hundreds of thousands of users around the world, according to its developers. The largest numbers of users are in the United States, the European Union and China.

The police were investigating a bomb threat posted to an online forum for German police officers. The police traced one of the objectionable posts on the forum to the IP address for Janssen's server. Up until his arrest, Alex Janssen's Tor server carried more than 40GB of random strangers' Internet traffic each day.

Showing up at his house at midnight on a Sunday night, police cuffed and arrested him in front of his wife and seized his equipment. In a display of both bitter irony and incompetence, the police did not take or shutdown the Tor server responsible for the traffic they were interested in, which was located in a different city, more than 500km away.

Janssen's attempts to explain what Tor is to the police officers initially fell on deaf ears. After being interrogated for hours, someone from the city of D?sseldorf's equivalent of the Department of Homeland Security showed up and admitted to Janssen that they'd made a mistake. He was released shortly after.

---

Germany is clearly not going out of its way to make computer security researchers and activists feel too welcome. Germany recently passed a law that "renders the creation and distribution of software illegal that could be used by someone to break into a computer system or could be used to prepare a break in. This includes port scanners like nmap, security scanners like nessus [as well as] proof of concept exploits."

Back in summer 2006, German authorities conducted a simultaneous raid of seven different data centers, seizing 10 Tor servers in the process. Agents took the servers believing them to be related to a child porn investigation. Furthermore, in 2003 a German court ordered the developers of the Jap anonymity system, a completely different project than Tor, to create a back-door in their system to be used in national security investigations.

This event does raise some interesting legal questions. If 40GB of other people's Internet traffic flows through your own home network, can authorities, be they the RIAA or FBI, reasonably link anything that has been tracked to your computer's IP address to you?

Does setting up a Tor server give you the ultimate plausible deniability card? "No officer, that BitTorrent download wasn't mine. It was from one of the thousands of people who route their Internet traffic through the anonymizing sever on my home network."

The ability to have a believable claim to plausible deniability is something that some of us have been attempting to get for a while by having an open wireless access point at home. And 40GB of Internet traffic from perfect strangers may be more significant in the eyes of a court than the possibility of one or two of your neighbors connecting to your wireless network. All of this, for now, remains theoretical. No Tor-related case has made it to the courts.. but it's just a matter of time until one does.

[patrickyeon]

As for plausible deniability...

I'm not convinced you can make a strong enough case for plausible deniability in this case (from the technical side at least, I can't vouch for the legal side). There are just a few too many ways to tie the Bittorrent (or other) traffic to you. A quick shot at it here: http://patrickyeon.blogspot.com/2007/09/plausible-deniability-with-tor.html

[john data]

Plausible deniability and Tor - add TrueCrypt

Tor might provide good plausible deniability but
adding TrueCrypt to hide any files, possibly in
a hidden volume, would add security.

[unknown unknown]

TOR and plausible deniability

I think your post is based on some fundamental misunderstandings of how TOR actually works, that is if I understood what you were trying to say. For example, if privoxy is used, DNS requests can be routed through the TOR network and because the exact path chosen is only known to originator, watching both the entry and exit points of a circuit would be a bit difficult. Further, each node only knows the node that passed it a packet and where it is suppose to send it next.

[pgunn01]

Regarding Tor..

I've always felt that if it passes through one's computer through a service one provides, then it's one's responsibility if it can't be tracked to someone else. Unless somebody else can be found, everything that passes through Tor is the admin's responsibility, legally speaking. From this perspective, running a Tor exit node is an extremely foolish thing to do.

[shava23]

German seizures last year, and deniability

Chris, the Ars Technica article has some fact checking errors, you might not want to link to it.

This is a better article.

http://www.boingboing.net/2006/09/11/tor-german-police-ar.html

Ars Technica tends to use slashdot as a source without verifying facts with the interested parties.

The servers were, as far as I know, all returned and no charges were made. PRIME protects anonymity online in the EU as part of consumer protection. That's at an EU level.

As far as deniability goes, no server operator has ever been brought to trial, that we've ever heard of. Mostly law enforcement seizes the equipment or otherwise harasses a server operator, is educated on how Tor works, realizes it is a pass-through network legally similar to a phone switch or internet router, and drops any action against the operator.

If all internet services were liable for content that passed through them, or who even wrote content on their systems, then there would be no ISPs or blogging sites -- the liability would be too high.

Shava Nerad
Development Director
The Tor Project

[AlexanderJanssen]

Re: German seizures last year, and deniability

I agree with Shava. Once again, to state it loud and clear, this was not against Tor but about a bomb-threat. If someone annouces that he plans to "set someone up the bomb"[1] the police has to react.

Unfortunately, in my case, the police didn't bother to do the most basic investigation - if they would've done that, they would've seized my server in Erfurt instead. But what did they do? They didn't check for plausibility, the lawyer of the state in charge didn't have any clue at all, the interrogating officers weren't IT-specialists and the only guy who had some clue, understood that they screwed up but still said "well, you know, your own fault if you expose yourself like that, you can expect more visits or nastygrams in the future if you continue like that" was a guy from Düsseldorf's Staatsschutz (something like the DHS).

Well. I won't support nutters who want to see a global or national conspiracy that the governemt want's to scare Tor-operators to death if they aren't able to ban the service in a legal manner. But it's still frightening what could happen, as Dan pointed out on El Reg[2]. And he's right. Been there, done that. As sad as it sounds.

Cheers, Alex.

[1] http://en.wikipedia.org/wiki/All_your_base_are_belong_to_us
[2] http://www.theregister.co.uk/2007/09/16/bomb_threat_leads_police_to_raid_tor_operator/

[pingpong111]

I just assumed that's what it was for.

I've been running Tor off and on to post controversial messages on message boards without Big Brother tracking me down, but I'm more worried someone will accuse me of something I didn't do than have an excuse for something I did, since other than practicing free speech I don't do anything illegal online.

[chickenandporn]

pingpong111, you have it backwards

@pingpong111 you have the roles reversed: you use Tor to do things as a client. There are Tor gateways that proxy your connection, and you get your anonymity at their risk. The victim here was a guy accepting risk to give people like you your ability to practice free speech. You are not at risk, but he is/was. It is as though you are the dude discussion chemistry (in this case, explosives) through his router.

[tatianahunt]

I`m agree
I have found two interesting sources ( http://filesfinds.com & http://fileshunt.com ) and would like to give the benefit of my experience to you.

[Zak70smith]

i saw some of the arrests of the admins. but there are some really funny clips about the work of admins here http://loadingvault.com

[needforn]

needfornews.com

[zarak0]

There certainly are big risks involved in hosting a Tor server.

---
Zarak
http://www.callerbase.com/

[tatianahunt]

I am tuning my pc by the best software for free, with the file search engine http://fileshunt.com and http://filesfinds.com . May be you have your own experience and could give some useful sites too. Because this two social sites help me much.