Comments on: Tor anonymity server admin arrested

In a recent posting to his blog, a German operator of a Tor anonymous proxy server revealed that he was arrested by German police officers at the end of July.

[patrickyeon]

As for plausible deniability...

I'm not convinced you can make a strong enough case for plausible deniability in this case (from the technical side at least, I can't vouch for the legal side). There are just a few too many ways to tie the Bittorrent (or other) traffic to you. A quick shot at it here: http://patrickyeon.blogspot.com/2007/09/plausible-deniability-with-tor.html

[john data]

Plausible deniability and Tor - add TrueCrypt

Tor might provide good plausible deniability but
adding TrueCrypt to hide any files, possibly in
a hidden volume, would add security.

[unknown unknown]

TOR and plausible deniability

I think your post is based on some fundamental misunderstandings of how TOR actually works, that is if I understood what you were trying to say. For example, if privoxy is used, DNS requests can be routed through the TOR network and because the exact path chosen is only known to originator, watching both the entry and exit points of a circuit would be a bit difficult. Further, each node only knows the node that passed it a packet and where it is suppose to send it next.

[pgunn01]

Regarding Tor..

I've always felt that if it passes through one's computer through a service one provides, then it's one's responsibility if it can't be tracked to someone else. Unless somebody else can be found, everything that passes through Tor is the admin's responsibility, legally speaking. From this perspective, running a Tor exit node is an extremely foolish thing to do.

[shava23]

German seizures last year, and deniability

Chris, the Ars Technica article has some fact checking errors, you might not want to link to it.

This is a better article.

http://www.boingboing.net/2006/09/11/tor-german-police-ar.html

Ars Technica tends to use slashdot as a source without verifying facts with the interested parties.

The servers were, as far as I know, all returned and no charges were made. PRIME protects anonymity online in the EU as part of consumer protection. That's at an EU level.

As far as deniability goes, no server operator has ever been brought to trial, that we've ever heard of. Mostly law enforcement seizes the equipment or otherwise harasses a server operator, is educated on how Tor works, realizes it is a pass-through network legally similar to a phone switch or internet router, and drops any action against the operator.

If all internet services were liable for content that passed through them, or who even wrote content on their systems, then there would be no ISPs or blogging sites -- the liability would be too high.

Shava Nerad
Development Director
The Tor Project

[AlexanderJanssen]

Re: German seizures last year, and deniability

I agree with Shava. Once again, to state it loud and clear, this was not against Tor but about a bomb-threat. If someone annouces that he plans to "set someone up the bomb"[1] the police has to react.

Unfortunately, in my case, the police didn't bother to do the most basic investigation - if they would've done that, they would've seized my server in Erfurt instead. But what did they do? They didn't check for plausibility, the lawyer of the state in charge didn't have any clue at all, the interrogating officers weren't IT-specialists and the only guy who had some clue, understood that they screwed up but still said "well, you know, your own fault if you expose yourself like that, you can expect more visits or nastygrams in the future if you continue like that" was a guy from Düsseldorf's Staatsschutz (something like the DHS).

Well. I won't support nutters who want to see a global or national conspiracy that the governemt want's to scare Tor-operators to death if they aren't able to ban the service in a legal manner. But it's still frightening what could happen, as Dan pointed out on El Reg[2]. And he's right. Been there, done that. As sad as it sounds.

Cheers, Alex.

[1] http://en.wikipedia.org/wiki/All_your_base_are_belong_to_us
[2] http://www.theregister.co.uk/2007/09/16/bomb_threat_leads_police_to_raid_tor_operator/

[pingpong111]

I just assumed that's what it was for.

I've been running Tor off and on to post controversial messages on message boards without Big Brother tracking me down, but I'm more worried someone will accuse me of something I didn't do than have an excuse for something I did, since other than practicing free speech I don't do anything illegal online.

[chickenandporn]

pingpong111, you have it backwards

@pingpong111 you have the roles reversed: you use Tor to do things as a client. There are Tor gateways that proxy your connection, and you get your anonymity at their risk. The victim here was a guy accepting risk to give people like you your ability to practice free speech. You are not at risk, but he is/was. It is as though you are the dude discussion chemistry (in this case, explosives) through his router.

[tatianahunt]

I`m agree
I have found two interesting sources ( http://filesfinds.com & http://fileshunt.com ) and would like to give the benefit of my experience to you.

[Zak70smith]

i saw some of the arrests of the admins. but there are some really funny clips about the work of admins here http://loadingvault.com

[needforn]

needfornews.com

[zarak0]

There certainly are big risks involved in hosting a Tor server.

---
Zarak
http://www.callerbase.com/

[tatianahunt]

I am tuning my pc by the best software for free, with the file search engine http://fileshunt.com and http://filesfinds.com . May be you have your own experience and could give some useful sites too. Because this two social sites help me much.

[salamzadeh2004]

Hi thanks.Please send me torpark software.