
Russian FOSS activist arrested in Russia for his Tor exit-node - choojoy
Dmitry Bogatov was arrested on the 6th of April: he became part of the big penal case initiated by Russia’s Investigation Committee on &quot;incitations to mass riots&quot; during the protest action that took place on the 2nd of April in Moscow. According to the Investigation Committee, Bogatov was publishing messages on the forum sysadmin.ru, inciting to violent actions, for example, &quot;he&quot; was suggesting to bring to the Red Square &quot;bottles, fabric, gasoline, turpentine, foam plastic&quot;. According to the Investigation, the experts had analyzed the text of these messages and proved a &quot;linguistic and psychological characteristics of incitations to terrorism&quot;. However, Dmitry claims that he has nothing to do with posting the incendiary messages.<p>Dmitry Bogatov, 25 years old, teaches maths in MFUA (Moscow Finance and Law University) was a free and open source software activist (https:&#x2F;&#x2F;sinsekvu.github.io&#x2F;pages&#x2F;about.html). Dmitry was administrating a Tor exit node (https:&#x2F;&#x2F;atlas.torproject.org&#x2F;#details&#x2F;2402CD5A0D848D1DCA61EB708CC1FBD4364AB8AE) from his house. In fact, the author of &quot;incendiary messages&quot; (called &quot;Airat Bashirov&quot;) was using Tor, and, by lack of chance, he used the ip adress of Dmitry&#x27;s exit node.<p>Dmitry&#x27;s lawyer, Alexei Teptsov, presented videos from surveillance cameras, that proved that, during the moments when the &quot;incendiary messages&quot; were posted, Dmitry was away from his computer. He was coming back from a fitness center with his wife, Tatiana, a genetician, and then went to a supermarket, where cameras were also working. Moreover, &quot;Airat Bashirov&quot;, the author of the provocative messages, continues to post on sysadmin.ru, while Dmitry is under arrest. The last post was seen on the forum on April 11.<p>Dmitry will stay in pre-trial detention center until June 8 at least. Now the Investigation is examining all his seized devices.
======
dublinben
Not to excuse the behavior here, but anyone else who would like to run a Tor
exit node can learn from this situation. Follow the best practices[0] for
running an exit node, which would include not running it from your home.

You are much less likely to be raided and arrested if a cloud server in a
datacenter somewhere, leased by an anonymous LLC you control, is the subject
of an investigation.

[0] [https://blog.torproject.org/blog/tips-running-exit-
node](https://blog.torproject.org/blog/tips-running-exit-node)

~~~
radarsat1
If you _actually_ think you run a high risk of being raided for your
behaviour, is it ethical to put some poor saps running your data center in
that position instead of you?

Admittedly, I guess data centers run this risk automatically by the fact of
providing data storage/transfer services.

~~~
nbraud
I am involved in a non-profit that operates Tor exit nodes for a while (
[https://nos-oignons.net](https://nos-oignons.net) ), and before then I was
running exit nodes on my own.

The main benefit of setting up a non-profit is not shifting the risk to “the
poor saps in the data center”: the police isn't going to kick down the door of
the datacenter any more than they would raid your ISP.

The main benefit is that you get listed as abuse contact, and you get
contacted the same way an ISP gets contacted: you get a somewhat-polite email
(or a fax <3) asking who that IP address belongs to. At that point, you can
explain what Tor is and that you do not know the origin of the connection;
somehow, it's more difficult to have that conversation when you are in an
interrogation room, talking to someone likely believes you are guilty.

------
r721
Sources:

[https://meduza.io/en/feature/2017/04/10/mathematics-
teacher-...](https://meduza.io/en/feature/2017/04/10/mathematics-teacher-
accused-of-inciting-mass-riots-now-also-accused-of-supporting-terrorism-and-
once-again-detained) (English, Tor is not mentioned yet)

[https://geektimes.ru/post/287944/](https://geektimes.ru/post/287944/)
(Russian)

[https://zona.media/news/2017/11/04/home](https://zona.media/news/2017/11/04/home)
(Russian)

Liveblogs from the court (Russian):

[https://zona.media/online/2017/07/04/2april](https://zona.media/online/2017/07/04/2april)
(Day 1)

[https://zona.media/online/2017/08/04/bogatov-2](https://zona.media/online/2017/08/04/bogatov-2)
(Day 2)

[https://zona.media/online/2017/10/04/bogatov-3](https://zona.media/online/2017/10/04/bogatov-3)
(Day 3)

------
unholythree
The "This happens in the US too" comments are an annoying pointless
digression.

Just like in the Wikileaks threads when people go on about the abuses in other
countries, and how unfair it is that JUST America's/ the DNC's/ the CIA/ the
NAS's dirty laundry gets aired.

Repression and abuses of power should concern us all. One evil does not negate
an other.

~~~
steveracer
It is the primary mode of Russian paid trolls to use the "tu quoque" method of
argumentation ("You do it too!") in online discussions. However, tu quoque is
a fallacy. It is irrelevant to the discussion if other places do other things.
We are talking about this specific instance. It also is trying to create a
false equivalence, stating that if a bad thing happens once in country A, it
is as bad as country B. However the frequency and severity of these matters is
almost universally different, which shows the false equivalence.

~~~
true_religion
The idea is to shift the conversation from one of utter disapproval for
Russia's actions, to one where positions are negotiable.

If the US has even one instance of doing this, then questions arise such as:

1\. Maybe this is unavoidable, and if so how much time/money should we spend
chasing down an unavoidable issue?

2\. Maybe there are specific circumstances where this is okay? Why isn't this
one of those specific circumstances? We should trust the Russian government,
just as American's give their own government the benefit of the doubt.

------
sstradling
What's concerning to me here is "Now the investigation is examining all his
seized devices". It's possible, although perhaps slightly paranoid, that the
message posting was intended to create pretext for seizure.

This may be a little far-fetched - there's likely easier ways to generate
pretext - but it might be something for owners of Tor exit nodes to be aware
of.

~~~
saint_fiasco
It's more likely that Russia just does not like Tor in general, so they find
excuses to put users in jail and mess with their devices just to dissuade
other people from using Tor.

From that perspective, your theory is not so far-fetched because it's not like
the Russian government went through a lot of effort to frame this activist in
particular. Any other Tor user would do.

~~~
smsm42
Added to that, they need to show they are fighting terrorism online. Finding
actual terrorists is hard and dangerous. Finding people reposting memes on
Facebook or running Tor exit nodes and jailing them under terrorism and
"extremism" laws is much more cost effective, and looks the same in the
statistical reports. Since there is no independent courts in Russia and
prosecutorial abuse is almost never punished (it's very hard to punish it even
in the US, in Russia it's orders of magnitude harder), and acquittal in
Russian court is vanishingly rare (only 0.4% criminal cases end in acquittal)
- there's no risk involved except for maybe couple of articles in the press.

------
holtalanm
When are authorities, or people in general, going to realize that IP addresses
are NOT a "smoking gun".

~~~
086421357909764
It's Russia, They don't likely believe him to be the culprit, instead they're
trying to break down the spirit of the masses for using or the facilitation of
TOR which they cannot control.

~~~
apeace
Exactly. And what a silly move, since even shutting down all the Tor nodes in
Russia would not stop Russians from using Tor for the same activities.

It will be interesting to see if Russia adopts a network monitoring and
censorship strategy as China has[0]. Of course, it would be tragic if they
did.

[0]
[https://en.wikipedia.org/wiki/Great_Firewall](https://en.wikipedia.org/wiki/Great_Firewall)

~~~
gspetr
It will be adopted in Russia. I have an acquaintance who's working on deep
packet inspection for Rostelekom and he tells me it should be ready within the
next 2 years.

~~~
M_Grey
I suspect we'll do it here in the US too eventually, under a "national
security" umbrella to, "protect ourselves some foreign cyber-terror" or such
nonsense. The UK will probably do it first...

Edit: Remember that a huge portion of this country is demanding a 2000 mi long
_wall_ be built along one border... don't underestimate stupid and scared.

~~~
__jal
It is already happening in the US, just slightly differently. Befitting our
"national character", as the Chinese term it, our great wall is made of
advertising.

Deep packet inspection is here today for Comcast and other ISP customers. The
nominal reason for the surveillance is typical adtech panty-sniffing, but of
course the data is also available for subpoena, assuming ISPs actually ask for
one, or just freely given out (that's more of an ATT thing).

And given that we know the FBI recruits Geek Squad techs to become informants
and collaborators[1], who really thinks the FBI, DEA or another TLA won't do
the same/hasn't already started doing the same with, say, network techs at
Comcast? The same come-ons that worked for the Stasi work just fine elsewhere.

The people down-voting this comment, if they're doing so out of the belief
that "it won't happen here", are simply wrong.

The surveillance-entertainment complex was born in the US, and the tools are
massively attractive to anyone who covets power. Anyone who doesn't think the
world-empire of the day will use them is deluding themselves.

[1] [https://www.washingtonpost.com/local/public-safety/if-a-
best...](https://www.washingtonpost.com/local/public-safety/if-a-best-buy-
technician-is-a-paid-fbi-informant-are-his-computer-searches-
legal/2017/01/09/f56028b4-d442-11e6-9cb0-54ab630851e8_story.html)

------
Dolores12
1) The title is misleading.

2) If someone using your TOR node posts a message threatening to kill someone,
YOU will be SWAT-ed first and only then police will find out you run TOR exit-
node and maybe you are not the one who posted it. You implicitly accept risks
associated with your operation.

~~~
x1798DE
Why would running a Tor exit node ever imply that the people exiting at that
node are speaking on your behalf? Is a coffee shop "vouching" for you by
letting you use its wifi? Is your ISP?

And if you're a cop, why would you dispatch a SWAT team to a Tor exit node at
all? You can see if the IP is on the list and if so you'll have a hell of a
time proving that the traffic came from the person running it even if they did
(after all, why would they even use their own IP address when _you could have
used Tor_?). At that point, you're basically punishing a random, innocent
person for the (legal) act of running an exit node.

~~~
Dolores12
> Why would running a Tor exit node ever imply that the people exiting at that
> node are speaking on your behalf?

If we imply that TOR exit-node owners are innocent by default, what stops me
from installing TOR node, posts threatening messages and when police comes say
"hey i am humble TOR node owner, look somewhere else"?

> why would you dispatch a SWAT team SWAT was just an example.

Whatever law enforcement agency that investigate your case.

>You can see if the IP is on the list

You have to know there is such thing as TOR exists & see first part of the
comment.

~~~
comex
> If we imply that TOR exit-node owners are innocent by default, what stops me
> from installing TOR node, posts threatening messages and when police comes
> say "hey i am humble TOR node owner, look somewhere else"?

If you're savvy enough to run a Tor exit node and want to post threatening
messages, why wouldn't you use Tor yourself?…

But anyway, at least in the United States, everyone is "innocent by default"
\- that is, until proven guilty beyond a reasonable doubt. If the presence of
a Tor exit node, or an open proxy, or an open Wi-Fi network, or any number of
other things makes an IP address insufficient evidence by itself, well, that's
too bad. It may still be sufficient evidence to launch an investigation into
the owner of the Internet connection, to gather more evidence - but even then,
the standard is based on the likelihood that they committed the crime, not
something about incentives to run exit nodes.

~~~
boomboomsubban
>But anyway, at least in the United States, everyone is "innocent by default"

The presumption of innocence only applies to the jury. Even with it, you can
be arrested and the prosecutor will make the best possible case against you.
It does not apply to anything that has happened in this story so far.

------
foobarer
In Soviet Russia you do not critique the government, the government critiques
you. If necessary, jails you. If absolutely necessary, poisons you with
Polonium-210.

~~~
darpa_escapee
If someone in the US posted publicly about bringing "bottles, fabric,
gasoline, turpentine, foam plastic" to a protest, they'd get a visit from the
FBI. Speech that incites violence is something they investigate regularly.

~~~
lawless123
It looks like he didn't post any of that though.

~~~
jaddood
Exactly. It looks like. You can't just blame authorities because they arrested
him for investigation while the only thing you know is that it looks like he
hasn't written them.

~~~
logfromblammo
They have to make sure he didn't queue up messages to be automatically posted
according to a predetermined schedule while he was establishing an alibi away
from his computer.

~~~
lawless123
Obviously he's a FOSS extremist..

------
spacemanmatt
This happens in the U.S., too.

------
andoon
I know this opinion is not going to be popular, but here it goes: by running a
Tor exit, you're letting anonymous people do whatever they want in your
behalf, because the exit IP address relates their activities to you. I believe
it's irresponsible to do so. This kind of stuff is going to happen.

I also don't believe the "an IP address doesn't identify a person" mantra
that's so widely used in the privacy-aware circles. Your ISP gives you an IP
address for yourself, and if you let others use it, you know you can get
yourself in trouble, the same you'd get yourself in trouble if you let anybody
who asked you use a rifle of yours, or a car. Would you let someone you don't
know at all drive your car? What if he runs over someone? Would you be
responsible of it for letting him use your car? Would you risk going to
prison?

The alternative is worse: I could be looking at pedophilia or terrorism sites
all day and if they catch me say "well I also run a Tor exit node so how do
you prove it was me!". Your IP identifies you, so be responsible!

~~~
humanrebar
> ...the same you'd get yourself in trouble if you let anybody who asked you
> use a rifle of yours.

You lost me here. This is more like letting someone make a call with your
phone. Rifles are inherently dangerous, even gun enthusiasts agree on that.
We're talking about information more broadly here.

~~~
andoon
For what reason would a person want to use Tor instead of his regular
connection?

And before you tell me Tor is nothing more than a privacy tool, remember that
most sites ban Tor exits because the majority of users are troublemakers.

~~~
billmalarky
Seriously? I imagine >95% of consumers would adopt tor quickly if browsing
performance was comparable to standard browsing (hell it would be packaged
with firefox). The general public hates being tracked and having their privacy
invaded. Just look at the political mess created when congress gave ISP's the
right to sell user browsing data at the end of last month.

~~~
andoon
>The general public hates being tracked and having their privacy invaded. Just
look at the political mess created when congress gave ISP's the right to sell
user browsing data at the end of last month.

You gotta be kidding me. If that were the case nobody would ever use Facebook,
or browse the web without an ad blocker and blocking 3rd party cookies. I also
like privacy but we have to understand that nobody really cares about that.
Maybe it's because they are not educated and don't know what the risks are,
but whatever the reason, privacy is ignored by most people.

~~~
yellowapple
In the case of Facebook, users might very well not know the extent by which
Facebook tracks them. In the case of ad-blockers, users (at least those I've
met) tend to not know they exist, and are excited to try them out.

