
Access Now and EFF Condemn the Arrest of Tor Node Operator Dmitry Bogatov - remx
https://www.eff.org/deeplinks/2017/04/access-now-and-eff-condemn-arrest-tor-node-operator-dmitry-bogatov-russia
======
throwanem
> Put simply: running a Tor exit node is not a crime

In Russia? You sure about that? I wouldn't be, if I lived in Russia, and I'd
be much less so today than yesterday. It wouldn't surprise me if this
prosecution were intended to make a point, in the characteristically subtle
style of the modern Russian government, that regardless of what any
potentially relevant legislation might say, running an exit node, and by
extension acting in ways that help conceal communications potentially of
interest to the state, isn't a very good idea if you cherish whatever
stability and comfort your daily life affords.

The modern US government, on the other hand, has tended to be rather less
blunt about making such points, and to choose different such points to make.

~~~
wand3r
> if you cherish whatever stability and comfort your daily life affords.

I reckon this was their point rather than a rebuttal. They seem to believe it
is legal as well as a right and they're going to at least try.

Would I do run a tor node? Not in Russia and prob not in the US where I live.
I am glad a global network of people are braver than I am.

~~~
throwanem
Well, whether it's legal and whether it's a right - itself a concept of law,
with no meaning outside that context - is up to the state, and the state
doesn't seem thus far inclined to decide the question in their favor. Perhaps
they will convince it otherwise.

~~~
wand3r
Right. I meant that potentially they consulted lawyers / evaluated the law
before making the claim. I have no idea if it is legal in Russia (and they may
not either) but the quote seemed to be a statement which if levied at RU;
hopefully has something backing it up

~~~
throwanem
I read that as a normative, not a positive, statement. If there's anything at
all to suggest it be taken otherwise, I'd love to see a cite, because I've
looked for one and not found it.

------
alehul
edit: please comment as opposed to downvote -- HN's value is civilized debate
and information.

I value privacy and support VPN use, but for some reason this seems different
to me. Maybe something to do with a VPN being a company using servers to
create an obvious layer of identity protection that police can generally
subpoena when of importance.

By running a Tor exit node, this individual was consciously allowing _his_ IP
address to be used for potentially malicious purposes. Why can't it easily be
compared to someone making a cover for or assisting a criminal they don't know
the identify of, which would be a crime if committed in person? Investigations
lead back to him because he put himself in that position.

analogy: VPNs seem like concealing your ID from everyone, however police can
sometimes work to see it if a court deems it justifiable and necessary.
Individuals running Tor exit nodes seem like being given someone else's ID
instead, with no trace otherwise.

Untraceable VPNs (ones unaffected by subpoenas) are somewhere in the middle,
but the primary issue I see with this is the Tor system's use of someone
else's ID rather than hiding your own (investigators are aware when they find
a VPN service's IP).

~~~
Ensorceled
There really isn't much to debate. Your stance is very myopic and makes
assumptions that fail in a global context.

For example, you assume the police are legitimate and not the tools of an
oppressive government.

For example, you are completely ignoring non-"malicious" purposes for
disguising origin, say whistleblowing.

Finally, you are equating providing a legitimate service that may be used for
a crime with actual facilitation of crime. We should lock up telephone company
execs on this theory.

~~~
moneytalks
There's a lot to debate. If you're running a TOR node, you have child porn
traversing your system. You also have a whistleblower's traffic who might be
beaten or tortured if found.

Does the existence of the latter negate the former?

To claim that is an answered question is myopic to me.

~~~
dandelion_lover
[https://www.torproject.org/docs/faq-
abuse.html.en#WhatAboutC...](https://www.torproject.org/docs/faq-
abuse.html.en#WhatAboutCriminals)

------
driverdan
If you're going to run a Tor node at home make it a relay, not an exit. There
is practically no risk to running a relay. Exits have risk because of
situations like this.

If you want to run exit nodes use a hosted server. It separates it from your
normal traffic and makes it clear that it has a specific purpose.

~~~
phyzome
You'll also get the occasional website that blocks or reduces services for you
because they (or their IP reputation provider) doesn't understand Tor and
grabs the entire list of relays.

Notably, BrightCloud (Webroot) is such an ill-informed provider, and Dan's DNS
blocklist offers both exit and relay lists (the latter is an attractive
nuisance). Care2 is a consumer that blocks intermediate relays, although only
on their http: traffic, not https:. (I'm guessing their SSL termination proxy
messes up their IP detection!)

The odd thing is that the Tor Project _provides_ an easy to parse, up-to-date
list of exits ([https://check.torproject.org/exit-
addresses](https://check.torproject.org/exit-addresses)) but these providers
go to a lot of trouble to harvest bad data themselves.

------
temp-dude-87844
This is disturbing, but this is how the buck stops, isn't it? All of these
cryptographic dataflow concealer technologies have one very unpleasant failure
mode: somewhere they have to interface with the physical overworld, where
they're subject to all the unpleasantness of both their home jurisdiction (in
this case, Russia), and in some cases, the jurisdictions of those who are
intent on their laws applying worldwide (such as governments like the United
States -- who are absent from this particular case, but not others).

No amount of condemnation on part of the EFF and declarations that "running an
exit node is not a crime" is going to help Bogatov, where the Russian
government has decided it will do what it takes to prove a point. This is how
chilling effects work: when it endangers your own freedom and livelihood, you
are forced to suddenly re-evaluate your priorities between big abstract issues
like freedom of speech and whistleblower protection, vs. holding your head
down and hoping you don't get caught up in something much bigger than
yourself.

It also proves that these anonymizing networks only function in a free
society, and break down in the exact situations where they would be most
needed.

~~~
dandelion_lover
> All of these cryptographic dataflow concealer technologies have one very
> unpleasant failure mode

i2p doesn't. It is a parallel dark-net.

------
WhitneyLand
Why not make exit nodes only able to use secure protocols?

Am I missing something or could thing whole problem be put to rest, at the
same time the rest of the net is transitioning to https only.

~~~
ludjer
wont change the fact that the originating IP is still the exit node. If you
use tor and spam some https website the source IP will still be the exit nodes
IP. Secure protocols cant hide the source IP(which is way more complicated,
requires compromised router for a man in the middle attack, if TCP)

~~~
WhitneyLand
Ok I see, your saying it's not just spying on clear text, they just wait for
subversive propaganda to appear the force the site where it's posted to cough
up the ip address.

Maybe it would help if site took pains to not keep logs, but sometimes even
that is difficult.

------
c3534l
TIL Kanye West is illegal in Russia.

