TOR roundup

TOR logoRegarding my posting probably unluckily named “Germany: Crackdown on TOR-node operators” (i wrote “on TOR-node operators” on purpose, not “on TOR“) I’d like to clarify a couple of things. Before i start blurbing around I’d like to quote Shava Nerad, executive director of the TOR-project:

“Last week, a few Tor exit-node servers were seized by the German police in a massive sting against child pornography. From our friends on the ground in Germany, we hear that dozens and dozens of machines may have been seized. So far as we know only six of those were Tor servers. We have heard from the server operators. None of them has been charged.

This is not a “crackdown” on Tor, as has been widely reported. We expect and hope that the volunteer Tor server operators in Germany will get their equipment back after this has blown over, and there will be no action against Tor.”

I have nothing to add here and I’d like to point out that we all should calm down a bit and to repeat what I said in my initial posting:

“Those servers were most probably configured to be TOR Exit-Nodes, so their IP-addresses might have shown up in the server logfiles of the child-porn servers in question.
[…]
I guess that the attorney of state is just after logfiles, they knew that those servers were operating as TOR-nodes. If you IP-address pops up in a child-porn case surely your IP looks interesting to the police.”

Maybe my words weren’t clear enough, maybe I underestimated the momentum of this news, and I probably didn’t take into account that lot’s of people didn’t actually read my posting completely and just picked up the news which seemed to be relevant to them. Also some people definitively interpolated those crippled news to justify their prejudices against Germany (“Nazis“), the police (“they’re after us!“), and the TOR-project (“They’re supporting child-porn and probably terrorists!“).

And clearly i made the assumption on Boing Boing where i saidApparently it’s about the proliferation of child pornography, although no charges have been pressed against TOR operators yet.” I shouldn’t have written that.
So let me put it in other words, restating what i posted as a comment earlier:

  • The seized TOR-servers were most probably TOR exit-nodes.
  • Their IP-addresses most probably showed up in the logfiles of the alleged child-porn server.
  • The police found out about that IP-address and the police must take action and seize the server.
  • The fact that the server was running TOR is of no actual value for the process of forensics itself.
  • So there’s no actual evidence at the moment which proves that this is a direct attack on the TOR-network or it’s operators in Germany.
  • We still don’t know if any charges are pressed against operators. Basically we’re all speculating, so please, let’s keep calm until we really know more. If i find out more, I’ll post updates here.

I learned from all the feedback I got in comments and trackbacks that there’re actually people in China and other countries in the world specifically asking not to shutdown our nodes. They said that TOR is one of their very little possibilities to get a decent internet connection at all. Considering that other websites like Wikipedia are banned in those countries we should make it our responsibility to give people from oppressive states the support they need – free communication.

Famous last words: My TOR-server is still running, pushing 40GB/day around. I’m not going to shut it down for whatever reason. I ask all other TOR-operators in Germany to do the same. There’s no sign that we’re going to be sued for whatever reason at the moment.

Let’s keep calm and not become hysteric.

Tech Tags:

19 Responses to TOR roundup

  1. […] TOR roundup « IT, life and me Says: September 12th, 2006 at 5:20 pm […]

  2. devloop says:

    This story is strange…
    Maybe the police have seen the IP of an exit nodes in the logs of child pornography board…
    So they should have seized one or maybe two nodes… I don’t think the bad guys were always using exit nodes located in Germany (and if they are Germans it would be even more stupid)

    In my opinion the police is in fact looking for a hidden service (maybe a hidden bbs) and they know the bad guys are German… so they seized some nodes to see which server host the hidden service (great chance that : german guys -> german isp -> german computer).
    BUT a hidden service isn’t necessary on an exit node… The chance they found these guys is really weak

    • Fat Albert says:

      Oh, I dont’ know about that…It seems to me that there’s been a rash of child pornography busts right here in my own hometown of Philadelphia, USA! And those busts happened within the last 3 -10 days. This “coincides” perfectly with the recent TOR search engine siege, and the arrest of that sicko ( I cant think of his name, off-hand ) that got busted MAJORLY in Ireland.. the guy who supposedly founded “Freedom Hosting.” These busts are happening in every state in the U.S , as sure as I’m sittin’ here typing away on this keyboard!! A good 90% of these “busts” aren’t being covered by the media, at all! This is for 2 reasons, 1: It would take up too much air-time for them to cover the hundreds of weekly arrests currently being made. So they mostly only cover those arrests that involve prominent community figures. 2: The authorities do not want ANYbody knowing the true “scope” of the crackdown currently underway!! So the media is keeping silent about approximately 90% of it! In fact, the FBI stated that, yes, there is indeed a cybercrime crackdown underway, but they would NOT say ANYthing more as they want to make sure that the cybercriminals are “kept in the dark!” … You must understand that it was only a matter of “time” before this happened. Millions of government dollars are spent YEARLY around the globe, ALL of it being used to fight “cybercrime!” … Particularly child porn, terrorist threats, and ( unfortunately now ) whistle-blowers!! And with THAT kind of finance being sharply focused on any one objective, believe me, MOUNTAINS are going to get MOVED!! In short, It’s some kind of divine “miracle” that the ‘dark web’ didn’t get “taken out” at least a DECADE ago!!( especially with the “Patriot Act” piling additional “heat” on it )! As for me, I once used a TOR router. It just felt “risky’ to me. I didn’t feel all that ‘safe.” Then my computer got “infected!” So I decided that it just wasn’t worth the risk. Going out into the ‘dark web’ is also like entering a seedy pitch-black stadium-sized auditorium filled with dangerous criminals who want to hack into your computer and steal your sensitive “info,” ( who knows, perhaps they’ll even find out WHO you are and where you “LIVE!”), and cops who are scanning the nooks and crannies of CyberCreep Blvd, searching for criminals and fools dumb enough to get “CAUGHT” in a place like that. And now, the safe harbor once known as the ‘dark web’ has ( very predictably ) been put in jeopardy. That safe harbor ain’t SAFE no more! And man, that was almost “PROPHECIED” to happen!! The authorities have entered that big blacked-out stadium and have turned on newly installed “security lights!” The light of the law now “shineth” therein!! The rats are now scrambling for cover. If you’re currently “IN” the ‘dark web’, now is the time to GET THE HECK OUT! If you’re NOT currently “IN” the den of shadows, hey hey hey, you best STAY AWAY.

  3. @devloop: If you look at http://serifos.eecs.harvard.edu/cgi-bin/exit.pl you see that there are currently 187 tor-nodes active in Germany. A hidden service could run on any of these nodes – or anywhere else in the world. I don’t think that they’re really looking for a hidden service, and if they’re the computer-forensics department of the state-police is more stupid than I’ve ever could’ve imagine. They’re not that stupid.

    Let’s wait until we know more. Seizing a computer “only” because of it’s IP-address showed up in logfiles is a common reason – and pretty much normal.

    Thanks for reading,
    Alexander.

  4. John Smythe says:

    I too hope that there are no charges brought against Tor and its operators. But if there are no charges against Tor, does this send a message to kiddie porn wackos that Tor is the safest service to use in order to continue their sick hobby and not get caught?

  5. @John Smythe: The police always follows one important principle: Follow the money-trail. That one is probably easier to follow than getting the logfile from an open proxy-server in Taiwan, so TOR is not the one and only solution to their sick hobby.
    Just my 2c though…

  6. […] Finally some good news so that we can all forget about the TOR-craze for a moment. Supercomputing Online reports that IBM announced today the availability of the IBM BladeCenter QS20, a Cell Broadband Engine based addition to existing IBM infrastructure: “The IBM BladeCenter QS20 is a Cell BE-based blade system designed for businesses that can benefit from high performance computing power and the unique capabilities of the Cell BE processor to run graphic-intensive applications and is especially suitable for computationally intense, high performance workloads across a number of industries including digital media, medical imaging, aerospace, defense and communications. […]

  7. mark says:

    Ah I don’t know about all this,Me and a few people i know went onto one of thouse boards that people post that chunk on,we posted fat chicks and gross stuff that i think is about as much as you can do aginst this stuff on a hidden service.

    as for the police trying to shut them down?is that even possiable?hidden services are encrypted end to end and there is no logs so it would make more sense that this is just use of exit nodes,like what happend in france.

    Bad thing is if they are going after people just visiting thouse hidden services then 99% of the people they would arrest would be innocent

  8. A exit node says:

    The Tor is “freedom for all”. I like the freedom!

    • Fat Albert says:

      You don’t think that the cops and the feds can open up their “own” TOR accounts!? OFCOURSE they can!! It is NOT rocket science! And they have the advanced computer tracking and forensics tools necessary to fish lawbreakers OUT of the TOR system! The once ‘massive” blacked-out underground cybercrime depot has now been lit up by the harsh light of the police state! The authorities have gained entry! Those who use the ‘dark web’ (regardless of the reason) are about to have their cover blown, and as we’ve been seeing, many people ( not all of them criminals ) have already been “exposed.” Unfortunately, the security lights are going up, and the light does not care who gets “exposed.” There’s an international “witch-hunt” currently taking place. It’s called the pedophile / kiddie-porn witch-hunt! And in a “witch-hunt”, when you get “exposed”, you’ve been “!!exposed!!” It doesn’t matter whether you’re “guilty” or not! That’s how “witch-hunts” work! Now, at very least, the ‘dark-web’s’ days are numbered to ( I fear ) not very many more days. It was fun while it lasted. But now, I think we’d ALL be well advised to stay away from the ‘dark-web’. It’s just not worth the risk. I mean, dude! if you get “exposed”. ( regardless of guilt ) If by some chance you actually SURVIVE at least TEN YEARS in the penatentury, and if you can manage to avoid lifetime civil commitment, you’ll probably STILL be forced to sleep under a freeway overpass, due to “residency restrictions!” Because you’ll be a “registered pedophile” for the REST OF YOUR LIFE!! Again, it’s not worth it, PLEASE, don’t risk getting yourself “exposed” on a TOR site. That’s all.

  9. Tor user #whatever says:

    Mmm… Nice try mister officer.

  10. Sat says:

    You can run a hidden service without being a server.
    They simply don’t understand how Tor works and perhaps think only exit nodes they see can run them.

    By default, Tor servers don’t keep any logs, so what they most probably got were clean PCs with no sign of anything usable.

    They could probably install some spy stuff on the servers and return them to their users, hoping for some info, but even so, they probably wouldnt get much from an exit node…as there are other nodes in-between anyway.

  11. tom cruise says:

    The issue.. A question to ask. What are the facts and what relation are they to the issues of freedom, persecution and bigotry? Are the folks facing years in prison for the possession of pictures because of their sexual orientation deserving of protection ? It is only in recent times that “age of consent” concepts have even existed.. In ancient Rome or Greece the average at marriage for a girl at was about 12. In many contemporary 3rd world countries it is not much older except that those societies are rapidly being devoured and destroyed by the industrialized “correct concept” societies who are being economically exploited and and whose values are being forced on them. That is not about the protection of children, a cause I completely support. For these differences many, many good and bright people are being systematically destroyed by the powers that be. On the one hand we are being told that it is perfectly fine to witness on national television actual footage of people being killed; hung upside down and burned, bullets being shot in their heads, and prison for people who possess pictures of nudity depending on age?? OK, just think about it.
    TC

    • RedSnap says:

      Both Fat Robert and you have obviously not had your brains damaged by generations of consuming “food additives” like so many other folks out there. You guy’s minds are sharp as razors! And all this so-called “child safety” ==== is just their way of “justifying” the new brutal law enforcement. This is fast becoming the muscle of the emerging global dictatorship.

  12. […] reason why you want to stay anonymous on the interweb. Lately there was quite a hassle about seized TOR-servers in Germany and I was waiting for my server to be seized too. Didn’t happen until now. Something quite […]

  13. Jed Nell says:

    More TOR servers seized? did I get that right, is that true?
    Please post details

  14. Jed: Nope, I’m not aware of more servers being seized apart from what’s written on the or-talk mailinglist. I just got a letter from the federal police, asking for relevant logfiles. See http://itnomad.wordpress.com/2007/01/04/tor-the-feds-and-me/ for details.
    Cheers, Alex.

Follow

Get every new post delivered to your Inbox.

Join 120 other followers

%d bloggers like this: