Am 18.10.2008 um 10:49 schrieb Karsten N.:
Some papers of non-gouverment organizations like ULD: "Tor and JAP are not affected by the telecommunication law, because it is not a telecommunication service (in the case of law) and tor nodes have NOT to log."
That's not true, the ULD is a 100% governmental institution (at least financially). Its task is among others to supervise the data protection in the government agencies of Schleswig-Holstein (German province).
Or, if it was more simple for the developer, a feature for exit nodes to define a country (based on geoip) to reject all exit routes. If all german relays used this feature, it may work.
This would be a good option anyway. Rejecting exit connections to your own country would dramatically reduce the investigation requests. In my case 100% were because of connections to German servers so far.
Otherwise, all german nodes have to switch to middle man.
I suggest to keep calm. There is a long way to go, before we will have a final judgment about this. And until then there's no need to act.
In general I don't like to create the impression that the logging in Tor nodes is so essential for the reliability of Tor. If the trust in Tor would be based on the assumption, that the Tor nodes are not compromised and not logging, the whole concept would be flawed, and I would never support it. The new data rentention law is a danger for the simple one-hop-proxys, but not for Tor. You would need a detailed log on _circuit_ level of every single node in order to trace it back. I don't even know if Tor is able to create these logs (not with info level, what about debug level?). But it's very unlikely that the German courts will demand even this. The worst case will be TCP connections, which are almost useless, since you hardly can correlate in- and outgoing connections. (My node has always 4000-5000 parallel open connections, and connections to other Tor nodes are persistent.)
This whole law anyway will turn out as a big joke (as usually), since there are so many networks that hide thousands of users behind a single NAT address, which _officially_ don't have to log, because they are not public. (Like big companies, university networks and student dormitories, for example.)
Regards, Sven
Attachment:
smime.p7s
Description: S/MIME cryptographic signature