GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER

[Joseph Lorenzo Hall]

GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER

The Minister of Justice of the German federal state of
Schleswig-Holstein Uwe Döring has called for limits to be
set - in the interest of combating terrorism - on
anonymization on the Internet. The Minister said that the
Independent State Center for Data Protection of
Schleswig-Holstein (ULD), based in the state's capital of
Kiel in northern Germany, should take the anonymization
program it offers as a free download off the Internet
immediately.




--
Joseph Lorenzo Hall
PhD Student, UC Berkeley, School of Information

Re: GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER

[Bill Watson]

"The means of defense against foreign danger historically have become
the instruments of tyranny at home." 

James Madison, fourth president of
the United States



On Wed, 23 Aug 2006 08:56:00 -0700, "Joseph Lorenzo Hall"
<[EMAIL PROTECTED]> said:
> GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER
> 
> The Minister of Justice of the German federal state of
> Schleswig-Holstein Uwe Döring has called for limits to be
> set - in the interest of combating terrorism - on
> anonymization on the Internet. The Minister said that the
> Independent State Center for Data Protection of
> Schleswig-Holstein (ULD), based in the state's capital of
> Kiel in northern Germany, should take the anonymization
> program it offers as a free download off the Internet
> immediately.
> 
> 
> 
> 
> -- 
> Joseph Lorenzo Hall
> PhD Student, UC Berkeley, School of Information
> 

Re: GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER

[Robert Hogan]

On Wednesday 23 August 2006 17:08, Bill Watson wrote:
> "The means of defense against foreign danger historically have become
> the instruments of tyranny at home."
>
> James Madison, fourth president of
> the United States
>
>
>
> On Wed, 23 Aug 2006 08:56:00 -0700, "Joseph Lorenzo Hall"
>
> <[EMAIL PROTECTED]> said:
> > GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER
> >
> > The Minister of Justice of the German federal state of
> > Schleswig-Holstein Uwe Döring has called for limits to be
> > set - in the interest of combating terrorism - on
> > anonymization on the Internet. The Minister said that the
> > Independent State Center for Data Protection of
> > Schleswig-Holstein (ULD), based in the state's capital of
> > Kiel in northern Germany, should take the anonymization
> > program it offers as a free download off the Internet
> > immediately.
> >
> > 
> >
> >
> > --
"If there was reasonable suspicion of a crime and if the German Code of 
Criminal Procedure provided for such an approach in the case in question, it 
was quite possible to register the IP addresses of computers, Mr. Weichert 
observed."

Umm. So it's only anonymous until they need to find out who you are? Or have I 
misunderstood the point?
- 

KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net
TorK   - A Tor Controller For KDE  - http://tork.sf.net

Re: Polipo web proxy

[Juliusz Chroboczek]

> On Wed, Aug 23, 2006 at 03:02:48AM +0200, Juliusz Chroboczek wrote:
>> > 6) Polipo writes your hostname in every request. Either define proxyName
>> > to something else, or set [d]isableVia = true in your config file.

>> This cannot be stressed enough.  Unfortunately, use of Via is a MUST
>> according to RFC 2616 (it's not completely useless -- Polipo uses it
>> to detect proxy loops).

> So if you want to follow the RFC, would it be adequate to use the
> pseudonym "polipo" in each case?

That's a somewhat radical approach to proxy loop avoidance ;-)

(It would disallow chaining proxies, and chaining proxies is a
somewhat common usage scenario -- when evading firewalls, or when
trying to work around a lossy wireless link.)

I guess I'll just make disableVia the default, and give up on my
policy of conforming by default.  People who actually care about loop
avoidance can enable it manually.

Juliusz

Re: Polipo web proxy

[Juliusz Chroboczek]

Roger Dingledine:

> Known issues when using Polipo with Tor:

> 1) In the config.sample, it suggests
> socksParentProxy = "localhost:9050"
> You should either change this to 127.0.0.1:9050, or enable the
> dnsUseGethostbyname config option -- otherwise polipo asks your name
> servers where "localhost" is, with possibly disastrous implications.

This should no longer be necessary -- I've made the async resolver
hard-wire ``localhost'' and ``localhost.'' to 127.0.0.1.

> 6) Polipo writes your hostname in every request. Either define proxyName
> to something else, or set DisableVia = true in your config file.

disableVia is now the default.

Juliusz

Re: GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER

[Niels Grewe]

On 23.08.2006 at 19:09 Robert Hogan wrote:"If there was reasonable suspicion of a crime and if the German Code of Criminal Procedure provided for such an approach in the case in question, it was quite possible to register the IP addresses of computers, Mr. Weichert observed."Umm. So it's only anonymous until they need to find out who you are? Or have I misunderstood the point?Unfortunately you haven't. According to the JAP (the anonymizer in question) FAQ [1], JAP servers can be set up to "tag" and log connections from certain source/destination-combinations, when prosecution authorities request it, but apparently resolving past connections ex-post is impossible. This seems to be some trade-off in order to comply with German legislation and not render the program illegal. Which brings up the question of the legal status of Tor servers in Germany. What would happen to a server operator forced by law to log individual future connections, but unable to do so, since Tor doesn't allow it? Niels[1]  http://anon.inf.tu-dresden.de/strafverfolgung/index_en.html --OpenPGP key fingerprint:D778 942B F1E4 45E2 E8ED  32AE F980 011B 393D FBF9please visit http://www.gnupg.org 

PGP.sig
Description: Signierter Teil der Nachricht

Re: GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER

[Matthias Fischmann]

On Wed, Aug 23, 2006 at 08:23:45PM +0200, Niels Grewe wrote:
> To: or-talk@freehaven.net
> From: Niels Grewe <[EMAIL PROTECTED]>
> Date: Wed, 23 Aug 2006 20:23:45 +0200
> Subject: Re: GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER
> 
> 
> On 23.08.2006 at 19:09 Robert Hogan wrote:
> 
> >"If there was reasonable suspicion of a crime and if the German  
> >Code of
> >Criminal Procedure provided for such an approach in the case in  
> >question, it
> >was quite possible to register the IP addresses of computers, Mr.  
> >Weichert
> >observed."
> >
> >Umm. So it's only anonymous until they need to find out who you  
> >are? Or have I
> >misunderstood the point?
> 
> Unfortunately you haven't. According to the JAP (the anonymizer in  
> question) FAQ [1], JAP servers can be set up to "tag" and log  
> connections from certain source/destination-combinations, when  
> prosecution authorities request it, but apparently resolving past  
> connections ex-post is impossible. This seems to be some trade-off in  
> order to comply with German legislation and not render the program  
> illegal. Which brings up the qcooerateuestion of the legal status of Tor  
> servers in Germany. What would happen to a server operator forced by  
> law to log individual future connections, but unable to do so, since  
> Tor doesn't allow it?

there is an easy answer to this one: the cops you will talk to
understand the technology better than Mr. Weichert, and most of them
have personally dealt with operators of anonymizers before.  so it is
possible to have serious instructive communication with them.
basically you have three options: (a) go off-line for good and be left
alone; (b) cooperate with authorities (although i don't know what that
means in the case of tor, as all the information you could log doesn't
really help them); (c) seek trouble (which might get pretty
interesting, because i don't think the laws are designed for a
technology like tor).

whatever the problems with (b) and (c), you always have (a), so you
can worry about those when you are contacted by officials.

of course all i am saying is at best valid until considerable changes
to the legal situation as of today have been implemented.  also, if
you are a suspect in a determined investigation, the people who raid
you may be be in a different mood than those that i talked to as a
sysop in a big university.  but then having a raid in your living room
might be an interesting experience, too.  (-:


matthias


signature.asc
Description: Digital signature

correction (Was: Re: GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER)

[Matthias Fischmann]

On Wed, Aug 23, 2006 at 09:23:37PM +0200, Matthias Fischmann wrote:
> 
> On Wed, Aug 23, 2006 at 08:23:45PM +0200, Niels Grewe wrote:
> > servers in Germany. What would happen to a server operator forced by  
> > law to log individual future connections, but unable to do so, since  
> > Tor doesn't allow it?
> 
> there is an easy answer to this one: the cops you will talk to
> understand the technology better than Mr. Weichert, and most of them

My apologies.  I used the wrong name here.

Mr. Thilo Weichert is the head of the Schleswig-Holstein state bureau
of privacy.  Although he is more involved in legal and political
issues, he certainly does understand the technology.  I was meaning to
refer to Mr. Döring here, who has proven he understands neither
privacy technology nor policy.

sorry,
matthias


signature.asc
Description: Digital signature

Polipo-20060823 native Windows binary

[Juliusz Chroboczek]

Hi all,

I've put an experimental native Windows binary of Polipo in

  http://www.pps.jussieu.fr/~jch/software/files/polipo/polipo-20060823.exe
  http://www.pps.jussieu.fr/~jch/software/files/polipo/polipo-20060823.exe.asc

This is still very experimental; for serious use, I still recommend
using the Cygwin binary.

Unlike the previous Windows binary, this version has support for
tunnelling (https proxying) and SOCKS, which should make it usable
with tor.  A number of features are still disabled, notably the
asynchronous resolver and the on-disk cache.  (Dan! help!)

There are a a number of other issues, notably error reporting (you'll
see a lot of ``unknown error'' messages).

This binary has never seen a real Windows system (I test under Linux
with a Windows emulator -- sorry, but I don't have a Windows machine),
and I'd be very grateful for feedback from Windows users.

Juliusz


pgpEFv6tzfgeL.pgp
Description: PGP signature

Re: Traffic Logging Suggestion

[Taka Khumbartha]

On 8/22/06, Juliusz Chroboczek <[EMAIL PROTECTED]> wrote:

I think the solution would be to make sure that your web browser never
uses HTTP authentication without also using SSL.  If anyone wrote a
firefox extension to make sure of that, he'd be doing us a favour.



or just make sure security.warn_submit_insecure is true?