On 11-03-26 3:35 PM, Steve Topletz, Wizard wrote:
> On Sat, 26 Mar 2011 15:33:29 -0500, chronomatic wrote:
>> I know you have a profit motive for bashing Tor, so it's really not
>> even worth engaging you on this topic, but I'll bite.
> Settle down, li'l doggie (Texas talk ;0) ) !!
> What better way to find out what the "terrorists" are up to than
> spying on the internet activities that TOR users voluntarily provide!
> An intelligence agnecy's wet dream.
I have actually had the FBI visit me and "advise" me to shutdown my tor
I was running an exit node, and apparently someone was doing something
with child ****ography which they traced to my IP. (I had meant to
configure it for HTTP and HTTPS out only, but I never got around to it,
so this was IRC activity.)
I had set the thing up during the Iran protest in June 2009 and then
forgot about it. One Friday night in February 2010 I got a knock on the
door. One local uniformed cop, one city detective who was also deputized
by the FBI and one county marshal, deputized by the secret service. were
at the door They had a warrant signed by a federal judge which would
have allowed them to seize every bit of computing equipment in the house.
They insist on talking to me separately from my family, but were slow to
tell me what the accusation was. The often asked questions which I could
have more easily answered if they'd let me on my computers, but they
stood between me and my keyboard and asked me not to touch the computers.
The local cop sent my wife and daughter upstairs. He was supposed to
keep them away from computers, but didn't realize that there were
computers upstairs as well. So there was a bit of an embarrassing bit
for him when he heard my daughter watching stupid YouTube videos from
They asked me whether I used IRC (I did not) eventually told me what the
accusation was. I explained that I had a Squid proxy open to Iranian IP
address and that I had a tor exit node, but restricted to HTTP and
HTTPS. (I was mistaken about the tor exit restrictions.)
The lead detective had heard of squid but didn't know anything of tor.
He scolded me about the squid proxy "why would you do something like
that?!" and on several occasions reminded me about how nice they were to
not make a big show for the neighbors of coming into my house. My wife
was beginning to panic about all of our computers being confiscated.
(There were times when the detectives sent me out of my office so they
could consult with each other and probably look around my office.)
They asked me to describe my machines, and when I pointed to Winky, the
FreeBSD server on my DMZ that rant the tor and squid services, I had to
explain that "FreeBSD was kind of like Linux". At this point, they had
to call in an expert from the FBI offices in Dallas, while I tried to
very politely explain the rationale enabling people (in particular
Iranians) to reach the net without fear of government snooping.
Eventually their expert showed up. He was someone I could talk to
because he was familiar with tor, BSD, the whole net freedom movement.
He apparently explained to the other detectives that everything I said
made perfect sense and that what I was doing was perfectly legal.
Anyway, these guys had an warrant, and could easily have taken my
machines and backups, but they didn't. This, I find, as a fairly good
indication that they could not trace the individual even though they had
"after the fact" total access to the tor server and its backups along
with backups of my firewall logs. (Because I wasn't using IRC at the
time, my firewall did log outbound IRC traffic.) All they did was
confirm in tor logs that there was an tor event at the date and time in
They left me with a harsh warning that if they ever had to return to my
house they would do so in a messy way.
My wife, a native of Hungary, doesn't accept their kiddie **** story,
but thinks that they were trying to shutdown tor nodes. (She also won't
allow me to start it up again.) I do believe their story. They thought
they were going to make a kiddie **** bust, and ended up with someone
who was legally making it easy for people to do things anonymously.
There are things that I should have done which I didn't. I was scared. I
knew that what I did was legal, but I also knew that they could ruin my
life. (I was a student teacher at the time, the accusation, even
unfounded of child ****ography, can destroy one's life.) And they did
have a warrant to take all the computers.
So I should have gotten a photocopy of their IDs. (They showed them to
me, but I promptly forgot their names.)
I did send off an email to the EFF about the incident immediately after
wards, but never heard back. I didn't post about it at the time because
I was still student teaching.
The only way in which I wasn't fully cooperative was when they asked me
whether I would be willing to take a lie detector test. I said I
wouldn't. When they asked me why I said that I wouldn't like my fate
tied to the result of consulting a Ouija board. Other than that I was
Oh, and one mildly amusing thing was the only book I found disturbed in
my office was my copy of "The LaTeX Companion". They must have been
disappointed in that.
Anyway, one incident doesn't prove anything, but given that tor is open
source, well reviewed, and in this case frustrated investigators,
suggests to me that it is reasonably safe.
Jeffrey Goldberg http://goldmark.org/jeff/
I rarely read HTML or poorly quoting posts
Reply-To address is valid