It's more like raiding the return address even if it says "I was just forwarding this, this is not the actual return address".
And this return-address analogy needs to include the fact that a Tor node operator is cryptographically prevented from tracing backward toward the sender.
Well, not quite, but eh I can't make it perfect, it's a throwaway analogy.
If you're going to run a TOR exit node, which you are absolutely free to do, you have to expect this to happen from time to time and be prepared to explain why you are not responsible for the traffic you appear to have originated.
Cost of doing business. If standing on principle was free, it would be unremarkable.
Who's going to run a tor exit node if that's the legal precedent?
It's also pointless. While it's possible for a CP collector or distributor to run an exit node as cover, why would they when they can just use tor for real for all their CP dealings?
Think of the ultimate consequences. Such a legal precedent would have CP and other criminal activity causing more collateral damage rather than less. If all it takes to get most tor exit node operators to shut them down is engaging in illegal activities that will draw the attention of the authorities, then I can imagine a lot of countries' intelligence and military services would have an interest in engaging in criminal activities using U.S. tor exit nodes to reduce the available pool of tor exit nodes.
The IP address presumably actually belongs to the exit node operator's ISP. By this logic they should be raiding them instead.
> There's no way for law enforcement to know he didn't make those connections until they investigate
There's no way for law enforcement to know that you didn't make those connections until they investigate. That shouldn't be justification for raiding you, should it?
> If you're going to run a TOR exit node, which you are absolutely free to do, you have to expect this to happen from time to time and be prepared to explain why you are not responsible for the traffic you appear to have originated.
They already knew it was an exit node.
> If standing on principle was free, it would be unremarkable.
That is a very poor justification for unnecessarily making it more expensive.
Running a Tor exit node shouldn't give you some blanket against police investigations.
A warrant based on an IP address should be specific to the computing device associated with that IP address at the time it was logged. The cops should never be able to threaten someone with additional seizures--beyond what is specified on the warrant--to coerce cooperation.
Just the NAT router? Computer(s) behind the NAT router? Phones which have wi-fi and may or may not have been on it at the time? Computers on the other end of the site-site VPN which routes traffic out that NAT router to get around Geo IP restrictions? Any computer in the world which has TOR installed and therefore may have been "behind" that NAT router?
The Internet is really complicated, how specifically would you write that warrant without details of the network design?
Many conflate reasonable doubt with "any doubt whatsoever", and think that any excuse that can be concocted which is technically feasible is an alibi. "But Your Honor, it is possible that someone snuck into his house, spoofed his MAC address to get on his Wifi, used that to download this and that, and then left undetected!"
So there's a standard of reasonability, and there should be corroborating evidence.
Should, at least. In theory.
But if it is not reasonable to believe that an IP address is connected with a person, it is not justifiable to search or seize anything else that person may own or possess, beyond the particular device identified by the IP. I don't think an IP address alone is sufficient to even meet the probable cause standard.
It is also possible that someone with authorized access to his computer used an unsecured browser to view a compromised advertisement on an ordinary website, which recruited the machine into a botnet, which used infected machines as a distributed filesystem.
It is also possible that a wardriver with a cantenna brute-forced his Wi-Fi WPS PIN and extracted the WPA password, obtaining easy access to the network.
It is also possible that the ISP regularly refreshes its IP leases, and gave the cops identifying information for the customer who had the IP at the time the request was made, rather than the customer that had the IP at the time the suspicious traffic was logged.
None of those scenarios are necessarily exculpatory alibis, but they may cast doubt on any hypothesis that purports to connect an IP to a particular person.
In practice, warrant-signing judges seem to believe that an IP address is analogous to a postal address, possibly because it also contains the word "address", which may be conceptually ingrained into their minds as a permanent physical location.
You've discovered the fundamental problem. You can't. An exit node IP address is completely useless for that purpose because it tells you nothing about where the ultimate endpoint is. The person who actually did it could be in Brazil or Korea or on the International Space Station. You have no actual information on which to base a search.
There is at least a reasonable argument to make that for most residential IP addresses the devices that use the IP address are in the same building as the NAT router. And then you have an obvious solution: You look at the NAT router and then you look at the devices it has given a DHCP lease to, as in most cases there will only be a small number of them which will be in the same building.
But that isn't always the case. The NAT router or one of the devices behind it could be routing traffic for a very large number of machines, e.g. an entire corporation or all of a small ISP's customers or a coffee shop's public wifi. And in those cases the number of different machines controlled by different people is large enough that the IP address no longer identifies anything with enough particularity to justify searching all of the possibilities.
Tor and other open proxies are the extreme far end of that spectrum. It could literally be anyone in the whole world. The IP address tells you nothing at all. And if you know it tells you nothing at all, it provides no justification to search anything in particular.
B. As others have said 6:00 AM is among the most likely time that most working professionals will be home.
C. I'm not sure what his status as an exit node operator has to do with the hour at which a search is executed?
I can watch videos of people getting killed on reddit. I can watch rape videos. I can even watch videos of horrific crimes....
But how dare I watch someone under 18 get naked through a computer. Even if that someone is myself. The worst part is that, while in most other crimes, account for intentionality is considered. (Something falling in my cart while I walk out the store isn't shoplifting, yet shoving something in my pocket is.) Instead this "crime" frankly shouldn't be. It is proof a crime took place however. Its too easy to have a potential dangerous image... even from hosting a Tor gateway
Edit: at absolute minimum, there should be a mens rea requirement where possession or transmission of child pornography took place.
In honestly though, you're not wrong. Richard Stallman has his controversial stance on child porn as well and I tend to agree with him. It is really really bizarre that modern western society doesn't seem to have a problem with video of soldiers shooting up little kids in Baghdad, yet a picture of a teenager showing her breasts to her boyfriend via text is instant grounds for being locked up (in Australia there is a zero tolerance police and teenagers have gone to jail and are on sex offender registries for just that; although their sex offender databases are confidential and not as fucked up as America's).
However, sexual assault on children is a heinous crime. It's sad and destroys the lives of kids who parents hope to keep from getting tainted by the world as long as possible. It's not unjustified to hate this crime to the degree which it is, but it's also kinda bizarre we don't treat videos of kids getting shot the same way. People get off on that stuff too; sexually.
What's even more interesting about this case is that the police knew CP was downloaded from his IP address. That might because the United States has mandatory ISP reporting, or potentially his IP was found on a raided website:
I'm more interested in how that information was obtained, and whether that process involved violating the rights of individuals of people not associated at all with any crimes.
I'm not surprised. Considering I work with Tor extensively, along with cryptocurrencies and other 'interesting stuff', I guess I fit right in with the tech crowd on there.
I'm all for just punishment, from which I think pedophilia is most certainly a crime. It gets... fuzzy around a lot of areas though, especially after puberty up to 17. The law, frankly, is just a total mess. Sex- OK, sext- CP, fake license- pedophilia.... on and on.
Homosexuality was viewed as psychiatric disorder not too long ago as well. Although some people still think it is - are you one of them?
Whether that is a mental health asylum, prison, or somewhere/somehow else, so be it.
I don't think they should be abused either, as it's a popular trend in the penal system to use rape as an informal deterrent for criminals.
Or do you believe that e.g. audiophiles hump their speakers, and bibliophiles use the library for public orgies?
Well, yes. But only because it's really easy to imagine after browsing their forums.
I'm curious what the laws / regulations would be for general social media, image hosts, and other businesses that host user content. It's pretty much a given that at some point, there will probably be some illegal content uploaded onto it (including potentially child pornography). In some ways, a Tor exit node sort of falls under that same boat: you are indirectly passing information generated / requested by users.
Now, Twitter or Facebook doesn't going to get raided / computers confiscated every time an illegal image passes through their network. But I'm sure the police may ask questions during investigations (and I'm sure the companies comply as best they can). So I honestly think what happened here is fine. (I'd think differently if the police automatically confiscated computers and trashed houses of Tor exit nodes for no reason.)
I'm sure I'm sitting nice and pretty on several lists.
It seems to me that it would be patently unreasonable to raid the FedEx employee's home, but it would be perfectly reasonable to hold FedEx the company responsible for not delivering such things. If it happened once, sure, raiding them is excessive. But if the government knew that FedEx, by design, actively did not care what they were delivering and made it hard for themselves to figure that out until it's loaded onto a truck for local delivery, and they had evidence that some drugs or weapons were being delivered, then sure, raiding the local FedEx distribution center and searching it seems within the realm of reasonable actions. Seizing all packages at that distribution center would be unreasonable, but the analog (seizing the computers) didn't happen.
You're saying that should justify the FBI going to all the FedEx hubs and opening all the packages to check for various illegal stuff?
Unlike UPS and FedEx, Tor makes this straightforward, and also tries to avoid knowing the identities of people who are sending things via their service. So the police don't have that option.
(Note that the above is simply a description of what Tor is currently doing, as I understand it, and not an attempt to make a moral judgment one way or the other as to what Tor should be doing.)
I suspect that package services are used with high frequency by criminals without these constraints, e.g. the ones committing mail fraud. The police deal with this not by searching the contents of random packages but by arresting the actual perpetrators regardless of what they use for a delivery service.
There seems to be a common impression that if the police can't find you using one specific investigative method then they have to give up and go home. There are hundreds of different ways to catch criminals. Most of the ones people complain about the police losing are ones they never traditionally had to begin with.
Tor is more like you operating as a volunteer delivery guy who is willing to pick up a locked box anywhere in the city for free and drop it off anywhere else that is requested. You have no idea what's in the box nor who you are picking it up from or dropping it off to.
This doesn't stop police from raiding them.