

The dangers of operating a Tor exit node - vaksel
http://calumog.wordpress.com/2009/03/18/why-you-need-balls-of-steel-to-operate-a-tor-exit-node/

======
cousin_it
Congratulations, now you understand who benefited when the media created the
pedophilia scare.

I confess to being a total conspiracy theory nut on this topic, and go out of
my way to defend "sex offenders" in any online discussion I come across. Sadly
this is not enough. We're up against a monstrous evil machine made up of
mostly good and well-intentioned humans and there's no apparent way to defeat
it.

Think about it: who should we blame for the persecution and near ostracism of
the article's author? The journalist who honestly warns the public about
pedophiles? The media executives? The lawmakers? The police? The whole chain
is structured to remove accountability, letting both idea creators and
executives sleep peacefully with a clear conscience. The end result is the
poor person facing a giant senseless Machine, thankful to be alive after
narrowly avoiding its grinding gears. It doesn't have to be this way, people.

~~~
katz
The problem with paedophilia is that it is extremely difficult to enforce. It
is not as if a 5 year old kid will walk up to a police station and file a
complaint. The internet made it near impossible to enforce paedophilia laws.

If the cops have to cause a mild inconvenience to 50 people to successfully
prosecute one bad guy - then so be it.

~~~
anamax
> If the cops have to cause a mild inconvenience to 50 people to successfully
> prosecute one bad guy - then so be it.

"mild inconvenience"?

If it's a "mild inconvenience", surely you won't mind paying for n instances,
for non-trivial n. You've used 50 above, so let's start there.

Are you personally willing to pay for the "mild inconvenience" suffered by 50
innocent people?

What? You're not willing to pay? You're only willing for other people to pay?

~~~
katz
> If it's a "mild inconvenience", surely you won't mind paying for n
> instances, for non-trivial n.

For all crimes there is a false search rate. A good example is a normal drug
"bust" or a stolen property bust.

And yes - with the enforcement of most laws there is an inconvenience. A good
example is a traffic stop - they check your license, check if the driver is
drunk, check if the car is stolen, check for outstanding warrants of arrest
and they may search the car.

What is the right number of car stops by police to enforce the law?

CP is more difficult because people can do this without going outside the
home. That just means that the police should occasionally check inside the
home.

~~~
anamax
I'm not questioning that it's an inconvenience or that there will be false
positives.

I'm pointing out that "mild" is inaccurate.

In ducking my question of how many of these "mild inconveniences" you're
willing to pay for, you concede that point.

Let me suggest that the more costly the inconvenience, the lower the
acceptable false positive rate. And, if the inconvenience is serious enough,
the folks inconvenienced should be compensated. (And, no, you don't get to
bargain away the compensation by letting them off of something else that you
wouldn't have found without the false positive.)

One benefit from compensating folks who are "inconvenienced" is that forces
the relevant parties to do a better job in minimizing the total cost (which is
proportional to the false positive rate multiplied by the cost of the
inconvenience).

It's amazing how people's priorities depend on who's paying.

~~~
katz
In most countries, if the police performs any raid on your premises all costs
(e.g. fixing doors) are paid for by the state. I also doubt that the cost of
doors is that high (compared to other expenses).

------
noonespecial
From the computers I've been asked by friends and family to repair of their
malware epidemics lately, I could retitle this article "The dangers of
operating Windows XP". Every single one has been in one botnet or another.

Tor is a sticky problem, sure, but uninformed law enforcement is as well. An
IP is not a telephone number. With the onslaught of voip, soon a telephone
number won't be either.

At least this case had a prosecution free resolution.

------
alecco
Blogspam, flagged.

Original: [http://calumog.wordpress.com/2009/03/18/why-you-need-
balls-o...](http://calumog.wordpress.com/2009/03/18/why-you-need-balls-of-
steel-to-operate-a-tor-exit-node/)

~~~
cdr
It looks like the link now points there; I assume it was fixed. Shouldn't this
comment be deleted now if that's the case?

~~~
alecco
I'd love to, but I can't delete it now. (Maybe after a while you can't or
after a reply?)

------
cstejerean
What I'd like to see is a way to enforce restrictions on the destinations
you're willing to route as an exit node. I'm all for giving people living
under restrictive regimes access to things like Wikipedia, but I don't
particularly care to enable anonymous access to child pornography.

~~~
radu_floricica
Either you have freedom of information, or you don't. All you're saying is
that you want to write the rules yourself.

edit: What I mean, is it's a slippery slope. If you do the selection by
yourself, you'll let out a lot of good stuff. If you trust somebody else to do
the selection, that someone will be in time important enough to become either
corrupt or a target, or both. Just imagine google excluding sites from its
index on some subjective criteria.

You can't solve this kind of problem by limiting access to information. It's
simply a bad strategy from the start, and like any design mistake it creates
problems farther and farther away, when the issue is only one: a bunch of bits
have been made illegal.

~~~
greendestiny
"a bunch of bits have been made illegal"

I strongly disagree with this idea that I've seen a few times, that somehow
the law is irrationally and ridiculously making bits illegal whether in
copyright or in pornography. Child pornography is illegal whether its printed
on paper or stored as bits. That somehow it shouldn't be a crime just because
of the fact that bits can be used to represent anything is a really bad
argument.

~~~
Raphael
Bits are information, so it makes sense to use them as evidence of a crime,
but can the bits themselves really constitute a crime?

"Ooh, you put a zero next to that one. Naughty, naughty."

------
ryanwaggoner
I found this part at the end of the post amusing:

 _They need to be disciplined and retrained, and their senior managers need to
be named and shamed, as they are an unacceptable risk to innocent members of
the public, and the real criminals must be running rings around them._

There's absolutely no incentive for the police to understand these things (or
let on that they do) and avoid freaking out "innocent" members of the public.
Look at this example: this guy won't be running a Tor exit node again, so in a
way, they got what they wanted.

------
bprater
This is the type of article that should be passed out to everyone running an
open Wifi network.

~~~
jgfoot
Hell yes. I thought of this sort of thing when I read Bruce Schneier's
infamous piece about how it's a great idea to keep your wi-fi network open.
[http://www.wired.com/politics/security/commentary/securityma...](http://www.wired.com/politics/security/commentary/securitymatters/2008/01/securitymatters_0110)
Tor exit nodes and open-wifi let other people use your IP address, and for
purposes of a search warrant you might as well let them use your name and
face.

------
bprater
How do the police even stumble on the fact that this guy was involved?

Did they take down a pedophilia source and then rip through the web server
logs? (That seems legit.)

Or were they monitoring IP traffic on a larger scale, knew of a pedophilia
source, let it continue running and simply harvested IP addresses that were
connecting with it? (Sounds like a privacy issue.)

Regardless -- how does a good guy help without putting himself in legal hot
water?

------
poutine
Because of the ignorance of the police you need to be nuts to run a Tor exit
node.

I don't much see the point in Tor anyhow, you want to be anonymous for some
reason just use an unsecured WIFI AP or a proxy in another country, easy
enough.

~~~
jonas_b
I think unsecured WIFI AP in Burma or China is a very precious commodity, if
it even exists.

~~~
poutine
Then you think very wrong. It's trivial to find open WIFI all over China. Most
restaurants and coffee shops have it.

I can see several from my apartment.

~~~
gommm
But, of course, the problem is that even with an open wifi there are quite a
few websites that are blocked by the great firewall...

So using an open wifi doesn't solve the problem the way tor does. The other
way is to have a server outside of china and use ssh to proxy through it but
how many have a server they can access like that...

~~~
poutine
Anyone that cares can access the Internet at large in China. There's many http
proxies that work quite fine. Most expats that care use a VPN tunnel to a
service or corporate HQ. The rare person uses Tor but it's generally
disfavored because it's unreliable and slow.

This is not the problem however. The vast majority of Chinese people in
general don't really care about censorship. Far more due to language and
culture than censorship the Internet is mostly an internal Chinese thing to
Chinese for the purposes of entertainment, not information. Many view state
censorship as doing its job to protect the majority from corrupt western
influences.

But it seems most people in the west would like to prefer to imagine
jackbooted thugs keeping the masses down through coercion and fear. The truth
is rather worse, that of apathy, ignorance and a collectivist submission to
authority.

------
topbanana
Nice cover story

