Monday, September 17, 2007

TOR server owner arrested in Germany

A TOR server owner got arrested in Germany, read here.

The thing is that anybody who uses TOR is in essence a "TOR server owner/administrator". You use TOR to be anonymous but at the same time traffic is being routed through your TOR software to anonymize other people (that's how TOR works). In TOR you can choose to be a man-in-the-middle only or to be an exit node for other people to use. In the case of an exit node, your TOR software will request web pages (or whatever) for other people using your ip-address. I wonder how this is going to work out in other European countries, I think some law enforcement people will be watching this case closely.

2 comments:

Shava said...

To be detected as passing someone's traffic as this volunteer was, you'd have to elect to be an exit node -- the last server in a chain of three that are used to anonymize traffic.

Tor works on a client/server model, not P2P. If you run the Tor client, no one else's traffic is routed through your node. Hundreds of thousands of people run Tor clients worldwide. Only about 1000 run servers.

If you run a server as an entry or middle node, this kind of heinous police procedural mistake would not be a danger to you.

You have to elect and configure your node to be an exit server.

While law enforcement are watching this closely, PRIME also protects Tor as consumer protection privacy software.

Shava Nerad
Development Director
The Tor Project

September 22, 2007 at 5:21 PM
Yonathan said...

Thank you for your comment.

I agree with you that Tor works as a client/server model and not a P2P model.

For Tor to be a success I think a lot of people should be a middle node or an exit node.

I should have stated more clearly in my post that I was referring to people who run Tor in middle or exit node mode.

I am wondering how legislation is going to act on middle node traffic. In some countries there have been legal cases brought to court about encrypted traffic being on a "middle node" (not Tor, but FreeNet related to child pornography in this case) and the question was if it is not the responsibility of the middle node to make sure no illegal traffic is passed through. It tries to compare a middle node as a facilitator who should have known that his facility could and would be used for illegal purposes. I wonder how future legislation is going to be regarding the middle node.

I agree that an entry node has nothing to worry about....yet!

I am planning a simple post about an easy technique to get the source ip-address of an entry node and match that with the request made from the exit node. Some papers have been written and some coding efforts have been made, but all where pretty complicated.

Yonathan

September 27, 2007 at 7:23 PM

Post a Comment

Subscribe to: Post Comments (Atom)