[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor server "nami" taken by the German Police

>  In addition, I would be very interested in knowing who authorities are
> eventually passed through to in a colo/datacenter scenario.

If they are out for blood and suspect the user, the user should expect contact.
If they are making low level inquiries of interest, or just learning
about Tor, maybe not.
If they consider the case exigent, they will break down doors and
commandeer the place.
If not, they serve a warrant or other normal process to whoever
staffs/runs the place.

>  If a full service datacenter gives a multi-rack ISP a /24 or /22, and then
> that ISP sells a half rack to a VPS provider who sells a VPS to an end user
> who then runs an exit node ... does a police contact ever even make it to
> the end user ?

Industry standard... whois to phone/address/email to help desk to user.
A big DC will have all sorts of hierarchy until finally reaching the end user.
Contact will make it as far as either the LEA wants or the DC/ISP wishes
to disclose. Not all help desks will contact you for everything, as may be
the case when they feel like telling the inquirer to go away because
their request may violate either their corp policy or the law. Unless
you're procuring services anonymously, it may be good to chat
with everyone in your upstream just to get a feel for everything and
to make any needed arrangements.

>  Finally, what generalizations can be made about the behaviors that
> eventually lead to a police interaction ?

Carding, cracking, death threats, piracy, all the usual things and more.
Seems pretty obvious. Tor just makes it interesting because it's
simply a newfangled carrier that can be used for good or bad. No different
than if you were to set up asterisk with a [t/e]-1 and call yourself a
phone company. That's where the raid/arrest risk lies... not enough
LEA's have
experience dealing with anon nets. To them, they just see activity from
an IP and assume end user / account holder. And rightly/technically so
as it could be one of many uses on that IP. The best you can hope for
is to clearly demarcate, notate, advertise and communicate that said
box is a standalone node and exists for all the good reasons Tor exists.

A node in a DC gives better isolation from your life and some time delay than
a node at home would. It also costs money. Each operator to their own.
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/