Law Enforcement Raids Another Tor Exit Node Because It Still Believes An IP Address Is A Person
from the TASE-THAT-ROUTER dept
An IP address is not a person, even less so if said IP address traces back to a Tor exit relay. But that's not going to stop the "authorities" from subjecting people with no knowledge at all of alleged criminal activity from being subjected to raids and searches.
It happened in Austria. Local police seized a bunch of computer equipment from a residence hosting a Tor exit node. ICE -- boldly moving forward with nothing more than an IP address -- seized six hard drives from Nolan King, who was also running a Tor exit relay.
Those more familiar with Tor suggested ICE's "upon information and belief" affidavit statements should probably include at least a little "information" and recommended law enforcement check publicly-available lists of Tor exit nodes before conducting raids based on IP addresses. ICE, however, vowed to keep making this same mistake, no matter what information was brought to its attention.
ICE wasn't involved in the latest raid predicated on nothing more than an IP address -- at least not directly. This search/seizure was performed by Seattle PD conducting a child porn investigation. Sure enough, investigators had traced the activity back to an IP address, which was all the probable cause it needed to show up at privacy activist David Robinson's home at 6 a.m. and demand access to his computers.
"They were there because I run a Tor exit relay," he says. Tor (which stands for The Onion Router) is a system that allows people to surf the Internet anonymously. It's sometimes referred to as the "dark Web," and it relies on Internet connections provided by volunteers like Robinson.Robinson said the Seattle PD "should have known" he couldn't "see" the traffic passing through his node and that relay was little more than a "post office:" something anyone can use, even criminals, to send and receive information.
Considering he's depicted as a "prominent privacy activist," Robinson "should have known" a few things himself. This is not the correct response to a 6 a.m. visit by misguided police officers.
[W]hen Seattle police showed up at David Robinson's home shortly after 6 a.m. last Wednesday, he figured he had little choice but to let them in and hand over all his computer passwords.That's no way to handle the police. Of course, they did present Robinson with a bad/worse proposition.
Instead of impounding all of Robinson's computers, which the warrant would have allowed, they offered to search them on the premises as long as he consented to turning over his passwords. He did, and they let him keep his machines after they scanned them.On-site imaging: now a thing thanks to extremely cheap, portable storage. Still, that's not much comfort to Robinson, who no longer trusts his computers.
Given his early morning wake-up call last week and the fact that he may now have to get rid of his computers because he can't be sure what the police did to them while he was being questioned outside his apartment, Robinson says he may have to reassess whether it's practical for him to [continue running Tor relays].It would be a lot more practical if law enforcement didn't assume "IP address" = "smoking gun." It also would help if people -- including politicians -- didn't assume just because something's not visible, it must be criminal. As has been pointed out before, Tor Project publishes a list of publicly-available exit relays and anyone can access that list -- even law enforcement. Courts have declared, on multiple occasions, that an IP address is not a person. I guess those logical conclusions have yet to trickle down to law enforcement level.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: ice, ip address, nolan king, tor
Reader Comments
Subscribe: RSS
View by: Time | Thread
Improper raids aren't a bug, they're a feature....
Even if the police knew that ip address != person there is no incentive for them to check and even less of one for them to stop.
Every time they raid an innocent Tor exit node it increases the likelihood that the user running the node decides it's too much trouble and shuts it down.
[ link to this | view in chronology ]
Re: Improper raids aren't a bug, they're a feature....
I'd much prefer a market of competing security/"policing" companies in which you pay for the security you want, consensually.
That way, if said security/policing company is up to no good, you can take your business elsewhere.
I prefer consensual relationships and exchange.
[ link to this | view in chronology ]
Re: Re: Improper raids aren't a bug, they're a feature....
[ link to this | view in chronology ]
Re: Re: Improper raids aren't a bug, they're a feature....
With the extra that your protection will further depend on whether you're able to pay or not. More than now.
The problem isn't in the nature of our police, but in the nature of our citizens, that don't have the will, brains or guts to punish their politicians when they screw up, or allow such screw ups.
Market isn't the solution to corruption, as it's even more corrupt than countries. As an example, who do you think that are the main lobbyists in the laws you get?
[ link to this | view in chronology ]
Re: Re: Improper raids aren't a bug, they're a feature....
What you are proposing is rule by warlord, as such companies would fight amongst themselves for dominance. Organised government usually avoids the problem of warlord rule, except when there is sufficient profit motive, (relative to the local standard of living), like the drugs trade.
[ link to this | view in chronology ]
Re: Re: Improper raids aren't a bug, they're a feature....
You really wouldn't. That's the way policing used to be done, in the early days of the US. And the disaster that it was is reason why that's not how we do it now.
As bad as the cops are now, they're positively saints compared to the sort of "cops" that private companies end up producing.
[ link to this | view in chronology ]
Re: Re: Re: Improper raids aren't a bug, they're a feature....
Erm, no. That's not how it works. As you have correctly pointed out, John, the profit motive tends to bring out the worst in us.
[ link to this | view in chronology ]
Re: Improper raids aren't a bug, they're a feature....
[ link to this | view in chronology ]
Re: Re: Improper raids aren't a bug, they're a feature....
[ link to this | view in chronology ]
Re: Re: Re: Improper raids aren't a bug, they're a feature....
Saying the evidence is questionable is your opinion and one obviously not shared by the judge who determined probable cause and issued the warrant. Your comments show a general ignorance of the legal system which, if you want to change things is not a good position to be in.
[ link to this | view in chronology ]
Re: Re: Re: Re: Improper raids aren't a bug, they're a feature....
I think his comments show a general mistrust of the ability of the legal system to make proper decisions rather than an ignorance of how the system works.
[ link to this | view in chronology ]
Re: Re: Improper raids aren't a bug, they're a feature....
2. warrants are bullshit rubber-stamped creations of convenience for police abuse, NOT high-bars to prevent abuses...
3. neutral magistrates do not exist, or they would not be promoted to such positions of ultimate gatekeeping in a corrupt society...
4. in short, the whole system is corrupted, broken, and serves as an instrument of oppression, not defending freedom...
is that elaborate enough for you ? ? ?
[ link to this | view in chronology ]
Re: Re: Re: Improper raids aren't a bug, they're a feature....
"warrants are"
"neutral magistrates do not"
"the whole system is"
I understand the personal catharsis such generalized, blanket statements may bring you but these simple heuristics do little to help solve problems.
[ link to this | view in chronology ]
Re: Re: Re: Re: Improper raids aren't a bug, they're a feature....
Neither does your criticism of someones post.
https://www.reddit.com/r/iamverysmart/
[ link to this | view in chronology ]
Re: Improper raids aren't a bug, they're a feature....
[ link to this | view in chronology ]
Re: Re: Improper raids aren't a bug, they're a feature....
[ link to this | view in chronology ]
Re: Improper raids aren't a bug, they're a feature....
[ link to this | view in chronology ]
He was lucky he wasn't naked though or he would be another dead to the statistics.
[ link to this | view in chronology ]
Re:
I get your point but I also have ehm... seen a raid like this and if there are 5-6 people standing in front of you, at 6am before your first coffee, with sub machine guns in their hands you kind of feel more cooperative then you would on a forum or blog post.
[ link to this | view in chronology ]
Re: Re:
terrorism is only illegal if you are not a member of government... otherwise the Government is allowed to Terrorize you until you are actually dead, without cause.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
How things are supposed to work
[ link to this | view in chronology ]
Re: How things are supposed to work
[ link to this | view in chronology ]
Re: How things are supposed to work
Who do you think initiated the legal process? The search warrant fairy?
[ link to this | view in chronology ]
Re: How things are supposed to work
[ link to this | view in chronology ]
Features......
All these people (Police and Politicians) know is that when THEY hide something it is ONLY due to wrongdoing. To them anything not visible is Bad; Cause they hide stuff Often.
[ link to this | view in chronology ]
Their kung-fu is weak
I would, however, expect the IT department whose job it is to investigate serious internet crime, such as terrorism & child porn, to know full well the ToR exit nodes, popular VPN exit points, proxies...
The more I see stories like this the more I am convinced that Law Enforcement and The Security Services are in dire need of professional help.
[ link to this | view in chronology ]
Re: Their kung-fu is weak
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
I at times have thought it would be nice to run an exit relay, not to hide any illegal activity but to generate "noise" on my line. It would make it harder for companies to build a profile of me if my IP was putting out lot of random activity.
Of course, this story is the exact reason I have not gone through with setting up an exit relay. I am not comfortable putting those I live with in danger of being shot.
[ link to this | view in chronology ]
Re: Re:
The reality is that there are some TOR users who are more than happy to abuse your connection for their own illicit pleasures. Much more harm likely comes from that than any risk related to getting raided.
[ link to this | view in chronology ]
Re: Re: Re:
You must be new here because if you read techdirt and you do not 1000% believe that if the police raided a Tor node and shot someone they wouldnt walpaper the everliving crap out of it with fake drug charges?
No judge presented with said drug charges would think anything of the 'Tor' references other than they were a typo.
[ link to this | view in chronology ]
Re: Re: Re:
Some people do things, so you should not allow anyone access, even those who have real, honest, even humanitarian reasons for using TOR. If someone *might* do something bad, nobody should be allowed access at all.
Whatever "logic" at its finest.
"Much more harm likely comes from that than any risk related to getting raided"
As ever, I await your evidence.
[ link to this | view in chronology ]
Re: Re: Re: Re:
People use TOR for various reasons. Since TOR is not a "performance" network (because of lots of handling of packets), it's used by people who want to hide their activities online.
If you are operating a TOR exit node, those are the people you are "serving". It would be foolish and ignorant not to accept that at least some of those users are going to use TOR to hide criminal activity or general creepy actions that nobody wants to be part of. The criminal activities are the sorts of things that do get law enforcement attention.
As for "evidence", I know you know how to use Google (or at least one of your caregivers does it for you), but you can look at:
http://arstechnica.com/tech-policy/2016/03/new-data-suggests-94-percent-of-tor-traffic-is-malicio us/
or even TOR themselves trying to excuse their horrible users:
https://blog.torproject.org/blog/tor-80-percent-percent-1-2-percent-abusive
Plenty of reading there, that should take you a couple of weeks to get through.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
From experience, I know that the things you randomly Google often say the opposite of what you say they do, or at least act as poor evidence for whatever point you're trying to make. For example, the Ars Technica article's headline is "CloudFlare: 94 percent of the Tor traffic we see is “per se malicious”. Given that single source, the type of service Cloudflare operates and the nature of the blog post itself, it's an interesting viewpoint but not "evidence" for anything other than you Googled and found some people who agreed with you.
If your argument is that some users will be using TOR for nefarious means and thus an exit node operator should apply caution and be aware that some such activity will happen, I agree.
If, as appeared to be your original point, that anyone operating an exit node should expect to be met with retribution and should probably not do it, I strongly disagree. If you have a real point to make (other than your usual game of "I'll make up any old crap to disagree with the article"), I am as ever open to a real discussion backed with facts over a well argued point. If you can present one, do so.
"one of your caregivers"
Which fantasy version of me have you invented to pretend I need one of those?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
Warning! reductio ad absurdum ahead:
...you should worry about the kinds of speech you would be encouraging and supporting by advocating First Amendment rights for everyone.
Also, it seems to me that Tor exit nodes fall dead center within the definition of an ISP in regards to Section 230 safe harbors. Do you have an argument as to why they shouldn't be protected by Section 230?
[ link to this | view in chronology ]
Re: Re:
No, it's not. If he wanted to hide illegal activity then the worst thing he could do is run a TOR exit point (for obvious reasons).
[ link to this | view in chronology ]
Something else is fishy here...
[ link to this | view in chronology ]
Re: Something else is fishy here...
So the cops raided the exit point because they literally had no trail to follow past that.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Is there a company that does this? (Come to think of it, if you're paying for such a node, is there any way to confirm that your specific node does in fact exist?)
Or will a cloud services provider like Azure let you set up a virtual server to run an exit node? Would it protect you from this sort of incident?
[ link to this | view in chronology ]
Re:
If you set it up on Azure or AWS or some such and used a prepaid credit card to pay for it I can't see how anyone could find you. As long as you did all the administration though TOR or a public access point.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
The Beginning of the End?
[ link to this | view in chronology ]
This Level of Threat
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Warrant affidavit omits Tor exit node detail
[ link to this | view in chronology ]
Legal FAQ for Tor Relay Operators
"Should I run an exit relay from my home?
No. If law enforcement becomes interested in traffic from your exit relay, it's possible that officers will seize your computer. For that reason, it's best not to run your exit relay in your home or using your home Internet connection.
Instead, consider running your exit relay in a commercial facility that is supportive of Tor. Have a separate IP address for your exit relay, and don't route your own traffic through it.
Of course, you should avoid keeping any sensitive or personal information on the computer hosting your exit relay, and you never should use that machine for any illegal purpose."
https://www.torproject.org/eff/tor-legal-faq.html.en
[ link to this | view in chronology ]
huh
no, sherman. no.
[ link to this | view in chronology ]
How to deal with the Police when running a Tor Exit Node
A pro se (pro se literally meaning for self)litigant doesn't need a license to practice law. (see e.g. Faretta v. California, etc.) And what is further, is that the pro se litigant retains the attorney/client privilege. (This is because a pro se attorney retains all powers of an attorney as though they were a member of the bar.)
This essentially means that if police size a computer used in the pro se practice of law, the litigant has a cause of action agianst the police under 18 U.S.C. 1983 / Bivens v. six unknown agents,IF the police were told that the computer had attorney/client privileged information on it. (A search warrant for attorney/client privileged information is highly presumptive to be invalid under United States law.)
After you tell them there is attorney client privileged information on the computer, you then tell them if they take the computer or examine it in any way it WILL result in a federal law suit against all officers present at the scene, unless and until they petition the court for a modification of the warrant specifying certain areas that "cant" be searched. (notably "qualified immunity" will not apply, either because this is rather old-school and long standing law that the police have been on notice of for the better part of 30 years.)
When police start seeing a rash of civil rights litigation, they will think twice about shucking about with the owners of Tor exit nodes, because no cop wants to be on the wrong side of a civil law suit.
[ link to this | view in chronology ]