Emerging Tech

German police raids home of Tor operator

Alexander Janssen have just returned from a night of drinking when someone knocked "very hard" on his door - in the dead of the night.

Alexander Janssen had just returned from a night of drinking when someone knocked "very hard" on his door -- in the dead of the night.

German police then entered his apartment and proceeded to cuff him while they ransacked his house for allegedly posting bomb threats in a German forum related to law enforcement. Despite his protestations that he operated a Tor server, which typically funnels 40 GB of data per day, he was taken back to a police station and interrogated.

Janssen was subsequently released by a federal German official who acknowledged that a mistake has been made. However, Janssen has decided to abandon his Tor activities in the wake of this incident.

He wrote in a detailed blog entry:

I’ve shut down my Tor-server. I can’t do this any more, my wife and I were scared to death. I’m at the end of my civil courage. I’ll keep engaged in the Tor-project but I won’t run a server any more. Sorry. No.

Okay, question time. If 40 GB of other folk's Internet traffic flows through your home server, can the police, or RIAA for that matter, link whatever nefarious activities tracked to your computer's node to you?

On the other hand, are we courting trouble by running an anonymizing server in the first place? A police investigation needs to start somewhere after all, and it seems implausible that any investigations will bypass you simply because you run an open gateway.

Do you think that anonymizing services are good or bad?

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

16 comments
TG2
TG2

What were you expecting? You offered free control to anyone that wanted to come through you to get to the internet.. You made THEM anonymous, not yourself! Its like hanging an extension cord out your window, plugged into your electric outlet, and on the end is a sign "if you need some use some" .... then at the end of the month comes, and you get a huge bill but don't think you have to pay? YOU offered the ability for others to take the power, YOU pay for it.. You offered to allow these people to come through your home connection.. you allowed them to do anything they wanted, and now you think you shouldn't be hastled by someone when they trace it back to YOUR home.. If you were any more stupid... If you want to offer this type of autonomy, then you buy rack space and host a server in a farm. Thus when the cops come to arrest the person behind the IP, they trace it to a data center.. they then find out it is a server, no "individual" responsibility.. they might still look up the owner and come to to you to find out if you have any logs or records of connections... but you wouldn't have them for this type of server.. right? You got what you were giving out.. anonymous battery on an unsuspecting person.. the idea is utopian .... but not everyone is as honest and by opening yourself this way, you allow the good, the bad, and the plain nasty crap to come off as if it was YOUR connection and YOUR machine, and YOU at the controls.. big surprise they arrested or at least detained you...

shava
shava

The Tor Project works with or is recommended by or funded by Reporters without Borders, Human Rights Watch, Amnesty International, NPR, Voice of America, the Electronic Frontier Foundation, and thousands of individual volunteers and donors worldwide involved in freedom of speech, freedom of the press, and human rights work. Is one courting trouble by filing a news story to NPR from inside the Chinese firewall? Or by reporting on human rights violations in central Asia? By being an Iraqi blogging from the green zone or an Iranian blogging about politics? Yes, I suspect so. These people are all running the risk of a very similar knock on the door at midnight. And their traffic may be part of that German volunteer's server traffic. But the puzzle ultimately is this: If anyone is anonymous, then anyone can be. If nobody can be anonymous, then *NO ONE* can be. Is the cost of no journalist, blogger, human rights worker, labor activist, local political commentator in a company town, whistleblower, government transparency or crime reporting hotline -- is the cost of none of these folks having anonymity greater than the cost to society of bad people having anonymity? Then, factor in this: people who are willing to make anonymity a crime with a victim (make a botnet, steal a cell phone or computer, steal an identity,...) have far safer means of ensuring their anonymity than we provide. We are the best option for those who must be traceable online, who don't want to hurt someone else to do it. We find it appalling what the German police did. One suspects the didn't even consult a computer forensics professional -- the server in question was 500km away in a co-lo facility, if you read the original blog article. This was, it seems to me, just an issue of the police putting adrenaline before due process. A police investigation has to start somewhere -- and it should have started by consulting a computer expert who could have told the officers that the machine was not in this man's home, and that the traffic had been anonymized. It may seem odd to those of us in the US, but anonymity is considered to be part of a supported strategy for consumer protection by the EU governmental advisory group PRIME. (you can see a slightly different attitude about such things in the EU, for example: http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article2503612.ece) Anonymizing, good or bad? Like any internet tool, it's both. Like the phone, or the postal mail. Shava Nerad Development Director The Tor Project http://tor.eff.org

paulmah
paulmah

Anonymizing services: good, or bad?

Neon Samurai
Neon Samurai

"If you want to offer this type of autonomy, then you buy rack space and host a server in a farm" If you read the post above: "the server in question was 500km away in a co-lo facility, if you read the original blog article" -Shava Nerad, Development Director, The Tor Project Sounds like he *did* buy rack space in a server farm. You might like to read the rest of that previous post too. It's from someone involved in the project who can truly speak technically about it.

troyfung
troyfung

if you want to do bad things!

TG2
TG2

Well.. there you go.. same issue, the original blog was not fully quoted. Either way.. still got what he deserved .. they probably looked up the domain information and went after the registered owner.... still operated a tor, still allowed anyone to do as they pleased, someone has to be scrutinzed for it.. he got it..

Absolutely
Absolutely

You believe he should not have invented the Internet in the first place, if you're consistent.

TG2
TG2

and who let the dog out in a place where it could get run over? who allowed the person to build the road? was there any safety included? gardrails, security fencing, places for people to cross that wouldn't put them in the path? Intent plays much to what is and is not within the perview of the crime. We hear all the time, "i didn't mean to shoot the guy, the gun went off" The person is still found guilty of taking the life of another. Perhaps the shades of that verdict mean something, but to the avg laymen guilty is guilty, you're going to loose something. Back to tor ... the "intent" is again benign, however these cops, this situation, they were not aware. The guy got the treatment he deserved for making possible actions of fellow humans that he openly allowed. Now, he could have been running technology to look for common bomb, death, and other threats. Could have created logs to track those that are not benign sounding, and then handed those over to the cops. that isn't the intent of the tor software, but again, he ran it, he opened it for anyone to use it, he has to take responsibility to make sure those that would take harm seriously from **his** resource that he operates this, and that it is not his intention to allow vile hateful humans to get through, but in protection of the greater good (the benign user that needs tor to escape their repressed regime). Obviously he failed in that regard, or the cops wouldn't have heavy handed him. But their reaction for the intended and perceived threat(s) is nothing less than should have been when they aren't in the know. And you or I standing outside their perview of events can not simply say they were wrong to go after this guy.. like the phrase "I'm running a tor server" is supposed to be some magic sheild that everyone in the world should instantly know and respect the boundaries of.... to maintain any sort of notion simply proves you live in a childs state of mind, nothing out there can hurt me so I can do anything and not worry about the consequences. (ie. children don't realize how dangerous some low-lifes can be, and don't realize some of the steps they can take to protect themselves from harm) You want my stance? Simple.. The guy operated a tor, allowed anyone that wanted to use it, access to it. He's guilty of helping someone perpetuate a crime. How could he have done otherwise? He could have had friends that he knew that needed anonymity, he could have given them the secret hand shake, or specified the ip's he would allow relay through him, and then protected those people by not naming them, or allowing the config to be captured identifying those source ip's, etc.. or could have allowed only secret user/pass combinations that would authenticate an allowed person to use the tor.. and not keeping anything to identify user X with IP Y and thusly give them access and protected them from being seen through the tor.. SO.. the guy had the means to allow ONLY specific people to relay and didn't restrict it. He opened the hole, let everything through **knowing** that bad people could use his tor.. he's guilty. Again.. **NOT** as guilty as the perp that caused the whole thing to happen.. but his hands are certainly NOT clean.

Absolutely
Absolutely

[i]Look, its simple.. if you run a process whose intent is to openly allow anyone to use YOUR resources to perform their actions, you're guilty. Maybe not as guilty as the person commiting the action, but guilty none the less. If I own a gun, and I give that gun to someone to use, I'm partly to blame if the guy goes out and shoots someone with it. The guy may have shot the other person regardless of who's gun it was, but because I enabled him with MY gun, I'm held liable. How is this any different from the TOR? ... Dressing provacatively gets you notice, now you're tipping the scale to 52/48 of getting noticed.. be in the wrong places and around the wrong type of people, and you're tipping it to 60/40 for something bad to happen. Its again not that you would be entirely to blame, but not being there, not being dressed that way, could have kept you closer to a 50/50 odds of something happening or not. It doesn't make any difference, when it happens, it happens, and you're still a victim. But taking precautions can make it less likely to happen to day, as opposed to tomorrow (or the day after, or next week, month, year).[/i] Try this analogy. You pave a street that runs to your new home. It connects to 2 different major highways, to, let's say, Holland & Bavaria, because you like chocolate and you like windmills. Now, you might have a craving for either, so you pave your road very well. It's considered by your neighbors to be comparable to the Autobahn. One of those neighbors drives his Fahrvergnugen a little too fast one day and kills the other neighbor's pet. Whose fault is that? Did you pave the road too provocatively, or are people still responsible for our own actions? Man up, or cop out. Just be clear on what you really are.

TG2
TG2

ISP's *are* held responsible, they can be investigate the same as a private citizen, and can have their servers, software, and people taken away. Ever had an FBI team place servers in your datacenter to track users? I've been there when they have at a past company. Its not fun or pretty being interrogated for a server you've never touched or had any involvement with, but they still processed everyone to make sure no one made the compromised server available as a resource. This was, of course, before they started getting clues that microsoft stuff was broken, or that flaws in linux implementations do happen, and that most likely its those flaws that allowed the bad stuff to happen, not necessarily the admins and people surrounding it in the datacenter. If abuse is traced back to your connection, its now YOUR burden to prove yourself innocent... and that's exactly what happened. Perhaps the police need to be up to speed, but they did in fact go after the person who had the server, once word gets around about who that person is, and what traffic should be expected from his source IP, these things wouldn't happen. But to assume that because you hold up a card or squeal out "i run a tor server" doesn't mean that everyone should suddenly go "oh.. we're sorry to think you had something to do with ...." back to the rape thing, use common sense. You don't know what motivates someone else, but when it comes to sexual abuse and attack, being in the right place at the right time doesn't lead to winning any prize you'd want. Style of dress and location are certainly factors, but not the only factors. And additionally I don't joke about such things. Treating the concept as trivial or a punch line is not respectful to how serious a crime against man it is. (mankind) You're going to continue to maintain that something that randomizes and protects actions should be held innocent of the person that put it out for use, depending on the danger the item can produce, you will get a varying degree of reaction.. in this case, the police can be said to have over reacted, but they were still within the rights to investigate. Its not a pleasant thing, and things can be done wrongly, but the police have to react to the severity of the threat with caution until they know the reality of the situation. And perhaps that is what people don't get in their "civil disobediance" concepts. "we were just marching" is the same thing as "I don't know who threw the rock" Someone does something bad and the reaction that occurs is because police and those there to "protect" have to take the caution that this time it was a rock, whats the next time going to be.. and then push the people back or decide that the general order is starting to break down, and order the march disbanded. Put yourself in their shoes, put *your* life into the situation and that you're responsible to protect .. and see that your reactions are tempered by whats happening, and what the percieved threat becomes. Beyond that I'm sick of people who react like you, everything is perfectly fine because you know whats going on.. when you have to put yourself on the line... you'll react differently, but until then you'll deny it, and you'll condemn anyone else that did react claiming you would have done differently.

shava
shava

Running a Tor server is legally the equivalent of running an ISP or data service. If every ISP were responsible for the traffic that transited their servers, switches, uplinks -- no one would run an ISP. EVERY ISP is abused. The mails are abused. Phone calls are abused. Caller-ID blocking is abused. But we don't make it illegal to used ISPs, envelopes, phones or caller-ID blocking, because we believe that people have a right to privacy. Or perhaps, *most* people do. Perhaps you are an exception. In fact, the police could *not* have as easily issued a subpoena, because to do that they would have had to produce probable cause. An investigation would have shown that the server was a Tor server -- and Tor as a privacy mechanism is protected by EU law, whether you like that fact or not. At best, they could have seized his server hardware for forensics (something that has happened, and we and our volunteers have cooperated with). But they could not have legally come and ransacked his house and shackled him to a kitchen chair and terrified his wife. And thank you, Tor was *NOT* designed for criminal purposes -- in fact it was designed by the US Naval Research Lab to protect our troops, originally, and is used by military and law enforcement, as well as journalists, human rights workers, and many others. Our primary funding comes from the US government, still -- from the International Broadcasting Bureau, the folks who fund Voice of America and Radio Free Europe/Asia/... Tor allows folks in oppressed countries to have access to the whole Internet, both for access to information and for the free exercise of political speech, for labor organizing, for democracy advocacy, and so on. If it were as simple your argument, no one would ever have the expectation of privacy online -- or off. Any facility that could be used for a criminal purpose should be banned. That means, gosh, guns, credit cards, cars -- we wouldn't have many tools left when you got done with it. What facility or tool is immune to abuse? But going back to the provocative dress argument, I would think a person with your beliefs would just suggest strong enough law enforcement to put locked chastity belts on all the possible rapists, as a pre-emptive measure. After all, that part of the anatomy could be used with criminal intent. You aren't carrying, are you? :) Yrs, Shava Nerad [since it won't let me respond to the follow on -- it says we've reached the maximum message level...] I am not saying that the police were wrong to investigate him. I said they over-reacted. I've said they had every right to go investigate, go to the data center 500km away, and seize his Tor server for forensics. So in this we agree. You see this as me saying he should be immune. I see it as an insistence on due process, and a facile acceptance on your part of abusive police practices. I don't believe he should be immune -- but as this case and many prior cases in Germany and elsewhere show, there is nothing illegal about running a Tor server. We may disagree philosophically about whether having anonymity available is worthwhile, and you have every right to disagree with me on that. I see journalists and human rights workers and others thanking me every day for their safety. I see criminals - who generally don't care if they steal an identity or bot a computer -- staying much safer than these benign folks because they use stronger anonymity measures than Tor provides. The courts have already agreed with me that our server operator did nothing wrong. I take rape and police abuse and the abuse of bloggers and journalists and various folks very seriously. The analogy to rape started out as a way to show how you were trivializing that someone who did something that anyone might find risk-taking doesn't *deserve* abuse. You were the one who turned it into "she is taking an unacceptable risk it...if..." and gave percentages. If those risk percentages weren't a joke, as a woman who lives in, as they say, an "urban" neighborhood, I have to believe they are in poor taste. I don't want to live in a world where the chilling effects mean I need to wear a burqa to feel safe, or keep my mouth shut as a journalist, or decline to provide a tool for freedom of the press -- because the fear of abuse is greater than I can bear. This incident is an example of just that -- police abuse, and chilling effects. This is not even viewed by the German courts as civil disobedience. They never supported any charges against our volunteer. Any of our server operator volunteers understand that their machines can be seized for forensics. That happens, upon occasion, and we always cooperate. Yet you think he should be prepared for home invasion, which is a little different from uncomfortably standing around for civil questioning in a machine room. SN

TG2
TG2

Look, its simple.. if you run a process whos intent is to openly allow anyone to use YOUR resources to perform their actions, you're guilty. Maybe not as guilty as the person commiting the action, but guilty none the less. If I own a gun, and I give that gun to someone to use, I'm partly to blame if the guy goes out and shoots someone with it. The guy may have shot the other person regardless of who's gun it was, but because I enabled him with MY gun, I'm held liable. How is this any different from the TOR? The guy opperated a server, said.. come here.. do what you want to the internet, through my server. If the guy's machine were then used through the tor to hack into other computers, as the ISP I would shut the server down. Perhaps we can say the police went a little overboard, but, they could have just as easily issued a subpoena or warrent or writ to appear before a magistrate, and then the magistrate could have ordered the guy to no longer run a tor. WHY? Because the nature of the device allowed criminal intent. How would you get around that? you'd keep logs, etc.. of which you could then turn over who said or did whatever.. which thusly defeats the purpose of using a tor. Its not the benign actions of a tor that make this an issue.. its the criminal acts that a tor allows. And since you can't have one without the other.. Tor should not be allowed.. PERIOD. I know that's a radical / fundamental thing to say or write ... but unfortunately its the only thing left, you can't allow others to act illegally through your actions or you're nearly as guilty. As to the concept of the style of dress and rape ... old argument, does it matter what you're wearing for a rape to occur? no. The act itself is a violation of one being from another. Common sense however, mandates, that if you drew no attention to yourself, and you were not in a bad neighborhood, etc.. that you'd still fair about a 50/50 chance of being the victim. Dressing provacatively gets you notice, now you're tipping the scale to 52/48 of getting noticed.. be in the wrong places and around the wrong type of people, and you're tipping it to 60/40 for something bad to happen. Its again not that you would be entirely to blame, but not being there, not being dressed that way, could have kept you closer to a 50/50 odds of something happening or not. It doesn't make any difference, when it happens, it happens, and you're still a victim. But taking precautions can make it less likely to happen to day, as opposed to tomorrow (or the day after, or next week, month, year).

shava
shava

Isn't this a bit like saying, if he didn't want to get raped he shouldn't have dressed that way? It is the responsibility of the police to investigate, not the responsibility of the citizen to be beyond suspicion -- for anything. The police are supposed to understand the law, investigate, and use things like warrants and due process -- and sense. Otherwise, anyone could get treated like this for any trumped up excuse, or none at all. A Tor server has been shown to be no different in the mind of the law -- when they are paying attention -- than someone running a small ISP. Traffic transits the network, and just like an ISP or phone company, the operator is not liable for the content of the traffic. If this were not true no one would be able to bear the liability of running a data service. This is why none of our server operators has ever had charges brought against them successfully. In the EU, where this incident happened, anonymity is part of their consumer protection law. Read: https://www.prime-project.eu/prime_products/whitepaper/PRIME-Whitepaper-V1.pdf PRIME, which sets EU legal policy for Internet privacy, says: "The concept of a user-controlled identity management system implements the EU Directives 95/46/EC and 2002/58/EC, whose purpose is to safeguard individuals' fundamental rights and freedom, including the right to privacy. The technology will enable PRIME platforms to comply with European legislation. The platform applies the EU Directive's data protection principles. It supports and facilitates anonymity and pseudonymity to minimize the processing of personal information, whenever possible." PRIME recommends Tor specifically. Why is it so hard for you to believe that the police were just *wrong* in this case? Shava Nerad Development Director The Tor Project

Neon Samurai
Neon Samurai

"got what he deserved" is too often a simple response to the simplification of a complex issue. You'd have to actualy know the person and be able to measure and conpaire all the good and bad that resulted from his specific exit node before that judgement could be made. From the short blog, my guess is that the police saw "bomb", checked the DNS registration address and sent SWAT running out the door before they went through due process. Police, in general, specialize in criminology not technology so clearly understanding the TOR project would have meant consulting someone before reacting.