Re: UDP and data retention
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Eugen Leitl wrote: On Fri, Dec 19, 2008 at 08:23:40AM -0500, pho...@rootme.org wrote: On Fri, Dec 19, 2008 at 11:24:01AM +0100, eu...@leitl.org wrote 0.1K bytes in 3 lines about: : : This is off-topic, but isn't UDP making data retention more difficult : than TCP/IP. How would UDP make data retention more difficult? That was posed as a question, but I accidently dropped the question mark. The idea is that UDP is a connectionless protocol, while the bulk of off-shelf lawful interception software and intent behind the data retention legislation as well as ISP-side financial investment into interception infrastructure will be initially mostly focused on HTTP, SMTP, POP3 and its ilk. This might open up a loophole which could take several years to close. That's the hypothesis. What do you think? I think it is missleading to talk about connectionless here, it is stateless. There is a relationship between sender and recipient as is for TCP, however the state and handshake are missing. UDP can be observed just as well as TCP unless you go for an extra mile by using random source/destination ports which however still leaves the sender/recipient relationship. Which however you could break by falsifying the sender address.. getting some bad thoughts here. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFJS+HyOMmnRrmEoQkRAvl0AJ0ckadcyoD+xXsLkeEt8HcWQYaYQACbBMWy 0rdUVvcIALN8yfYf0Jf/Byc= =TVvZ -END PGP SIGNATURE-
Surveillance rules, feature suggestion
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I wonder if it would be a good thing to define Middleman-Only nodes. Those nodes would ONLY talk to other Tor-Nodes. They will not accept connections from non-Tor-nodes and not relay to non-Tor-nodes. While the latter is currently configurable via the exit-policy the former is not directly supported and thus quick hacks (like firewalling) reduce the speed and reliability of the network. The reason why to do this is that those nodes would not provide relaying to the public and thus imho not fall under the various EU Data retention rules. Comments welcome. Regards, smuggler -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHSa56OMmnRrmEoQkRAkMAAJ9iwIMcKY5unSpRXaRqasFzL5nByACfVeh/ 21anvrJOq/M/ODR6zQGEeGg= =Rqur -END PGP SIGNATURE-
Re: 20090101
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike Perry wrote: Thus spake Smuggler ([EMAIL PROTECTED]): Olaf Selke wrote: Eugen Leitl wrote: On Sat, Nov 10, 2007 at 08:14:34PM +0100, Olaf Selke wrote: nothing will change for German tor operators due to this law. It defines how to store and how to hand over stored data to the authorities. Data not collected at all can't be stored, right?. But this law does not enforce tor operators to collect any data. Oh, really? So ISPs, VoIP and mobile phone providers have nothing to fear, right? right! Wrong. I read the law. My lawyers read the law. It doesnt say: Store the data you have. It says: Store these specific datasets, no matter if you have them or not. The comments in the Regierungsentwurf are very telling. So, I am sorry. Tor nodes will have to log. ISPs will have to log. Everyone doing public telco services will have to log. Actually, out of curiosity do your lawyers believe that upstream/backbone/IX ISPs will also be required to log (and to log the same type of data)? That would seem to be a lot of data.. Not to mention that upstream ISPs will not have customer information for IP addresses. It would seem to me that Tor nodes are much more similar to backbone routers than consumer ISPs. No, upstreams/backbones etc dont have to log. Only parties generating traffic data in the first place (dialup) and parties changing traffic data (Tor) have to store. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHO1PnOMmnRrmEoQkRArkKAJ9/oOvPxQVX1yca7Okc7Z77DzbPqwCgmYsH LgeqiBGPgpNAGLr+Dg3xf9k= =F9Wc -END PGP SIGNATURE-
Re: 20090101
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Olaf Selke wrote: Eugen Leitl wrote: On Sat, Nov 10, 2007 at 08:14:34PM +0100, Olaf Selke wrote: nothing will change for German tor operators due to this law. It defines how to store and how to hand over stored data to the authorities. Data not collected at all can't be stored, right?. But this law does not enforce tor operators to collect any data. Oh, really? So ISPs, VoIP and mobile phone providers have nothing to fear, right? right! Wrong. I read the law. My lawyers read the law. It doesnt say: Store the data you have. It says: Store these specific datasets, no matter if you have them or not. The comments in the Regierungsentwurf are very telling. So, I am sorry. Tor nodes will have to log. ISPs will have to log. Everyone doing public telco services will have to log. Wonder why they've been whining, then. I wonder why I went demonstrating for the first time in my life, in the freezing sleet, with a bad cold. they have to spend a lot of money for that kind of nonsense. That really hurts. Do you expect companies do care for free speech or human rights? They only care for profit. Actually, some companies do care for free speech and human rights. Mine does. Which is why it leaves Germany now for more free ground. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHNsVVOMmnRrmEoQkRArwTAJ4m4fUMjUlVmwGEwqmSq7OfmCZgbgCgkHbS hRLi0014ciIOj0ANOICKhno= =yuSe -END PGP SIGNATURE-
Re: [Fwd: Re: I break the silence: My arrest]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 We operated the gwdeXmmx nodes and still a few others. * arrested No * confiscated equippment Yes * Home or office searched Yes, twice * Surveillance Likely, who knows * Case against us Several, yes Xinwen Fu wrote: A question to all Tor-operators: I'd like to do a survey about all incidents which happened to operators. Stuff like: * arrested * confiscated equippment * nastygram * surveillance * ... -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG7YViOMmnRrmEoQkRAqRSAJ0QiMD7ig5yoKtrdwbhEuTaGjZ+WgCeKVj/ O2kwI+ecxpoaSXbu2xFhRvY= =7CMW -END PGP SIGNATURE-
Re: I break the silence: My arrest
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Ricky, Ricky Fitz wrote: I think there is a need to incorporate. If there is for example an incorporated society which runs some tor-nodes, police is going to confiscate the servers (which is okay), but not going to search houses from members of the incorporated society. I know from personal experience that this is not necessarily true. We had an IP under investigation. The RIPE entry showed it to be operated by a corporation. All contracts (uplink, cage, etc.) were made by the corporation. That didnt stop the police to search my personal apartment (not the corporate offices). -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG7YZEOMmnRrmEoQkRAqLNAJwLlBk0Mdhd+PuVgr7fb4aNrlmtYgCgl0iy ASFH/+8sbBn6epBtvBRi+Mg= =rOBy -END PGP SIGNATURE-
Re: [german] Suche Strafrechtler (Vorwurf: Verbreitung KiPo)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 morphium wrote: Hallo, hatte letzten Freitag ne nette Hausdurchsuchung bei mir, da ich angeblich über eine mir nichteinmal bekannte Plattform Kinderpornographie beschafft und verbreitet haben soll. Die waren nicht so nett wie das BKA, erstmal per Post anzufragen und an Tor zu denken, die haben gleich alles mitgenommen. Nun suche ich jemanden, bestenfalls einen Rechtsanwalt, der sich mit Strafrecht auskennt und mal kurz mit mir reden würde (silc, irc, icq, whatever - telefon weiss ich ned obs ratsam ist, man weiss ja nie was überwacht wird...? Ausserdem ist mir chat auch lieber, ehrlich gesagt.) Wenn sich bald jemand melden würde, wäre ich ihm sehr verbunden, da ich kein Geld habe mir einen Anwalt zu nehmen (Schüler) und auch keine Rechtsschutz habe. Grüße, Theodor 'morphium' Reppe Mein Beileid. Die Geschichte habe ich auch schon hinter mir (zweimal). Unser Glueck war, dass wir ein Unternehmen im ITK-Bereich sind und die Polizei das auch verstanden hat. Die Hardware haben wir aber noch nicht zurück (seit 3 Monate). Wenn Sie auf Deinen Platten keine KP finden hast zu ziemlich gute Chancen. Wenn doch bist Du verloren. Udo Vetter ist ne gute Adresse (http://www.lawblog.de/). -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG4WeAOMmnRrmEoQkRAh2IAJ4oRcz/AOt2K1ODsVXzuVFaJPns1ACgwByY p8LsBVxJIsP6ltP1Qy3kEmI= =dIZM -END PGP SIGNATURE-
Re: Careful, you.re being watched.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Arrakis wrote: Ran it against a bunch more scanners and came up with a suspicious payload. F-Secure refers to it as Tibs.gen134, Sophos as Mal/Dorf-E, etc, but just because it is suspicious doesn't mean anything definitive. Other than, it probably isn't tor since it is 1/20th the size. http://www.virustotal.com/resultado.html?f63f10cc10953a005a9683b875eac2dd Steve This is probably the federal version of Tor. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG4DbAOMmnRrmEoQkRAmpfAJ0QZwylBOejTjChOGZZl7KzSGAV6wCbBHeG UqdoVelr1acz+ZHhdWWR5ME= =MoSJ -END PGP SIGNATURE-
Re: What will happen to Tor after the new German data retention law takes effect?
Ringo Kamens wrote: If it's a 500,000 OR Jail time, then we could organize a defense fund On Thu, Jun 14, 2007 at 07:51:11AM -0500, Arrakis wrote: Expect crickets. The fines will be 500,000 Euro + 2 years prison for Actually it is a up to 500k EURO fine for the company/organisation and additionally up to 1 year in prison for the directors/managers of the company. On 6/14/07, Eugen Leitl [EMAIL PROTECTED] wrote: For providers failing to comply, I would think. Not for small-time amateurs like us. But, I don't want to find this out the hard way, in person. The law says anyone providing telecommunication services to the public. There is no mention of organisational form, number of users, profit motive or anything else. From the current law proposal standpoint every Tor node operator will have to comply to the law or face charges. On Thu, Jun 14, 2007 at 01:23:30AM -0700, JT wrote: Just connection data, not routed data. Rather useless, unless you have all logs from all nodes in the mix cascade, and captured the terminating stream from an exit server in cleartext. Law says any change of connection data (replacing IP/Port) has to be logged in conjunction with the old connection. So you would have a list of IP/port (original) and IP/Port (new). Depending on the multiplexing of the Tor connections that _could_ lead to a connection being traceable. Furthermore it does not does not fully specify what connection data is. I am pretty sure that they will claim that streams have to be identified. In that case even the multiplexing wont help us anymore. An additional problem could be when they define Tor as being _one_ service and not something provided by many service_s_. In that case there would be some end-to-end logging that they require. The bureaucrats comments of the law proposal are pretty telling and it seems like they want all the tools for total oppression. One thing however that could help us is that the logging requirements don't seem to affect every kind of traffic but only certain types (Web,Mail,Voip). If they forget to put Tor in the list specifically it could create a loophole for us.
Re: What will happen to Tor after the new German data retention law takes effect?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Eugen Leitl wrote: Do you have a link to the draft? You don't mention private individuals, just organisations. Draft and comments sent via private email. Private individuals: It seems to me that private individuals fall under the same rule when providing services to the public. I'm not sure Tor is a telecommunication service in the sense of the law, IANAL, of course. As a middleman, I'm just stripping the skin and passing on an encrypted payload to somebody else. I do not offer any access to any web site, etc. This is different from exit nodes. The difference might be significant enough. In the sense of the law both middlemen and exit nodes provide telecommunication services. The concept of relaying communication is enough already. Though for middlemen nodes one could take your argument and say that it is an internal service (that means not affected by the law) if it doesnt accept connections by any senders accept other Tor nodes. I am pretty sure that if middlemen dont relay any traffic to/from non-Tor IPs then they should be pretty safe. Unless however the Tor network is seen as being ONE service (not many, i.e. per node). Assuming our interpretation of a yet unpassed law is correct, it would depend very much whether this is going to be actively enforced against middleman nodes, which do not draw direct complaints. I have made some daunting experiences with German law enforcement (anonymizing only servers being stolen, home and office searched in very early morning, direct charges against me as operator) even today. I do NOT think that this is going to become better. So far non of their assaults was successful because we had still some law to protect us. But with data retention in the books we will loose that protection. I imagine several LKA and BKA people already waiting for the day to f*** us/me. In the end, if (note the conditional) the criminalization of anonymizing mix cascades is complete in a certain jurisdiction, or most jurisdictions, I suggest utilizing the few advantages of illegality: deploying Tor as a self-propagating and self-updating botnet vector -- as benign as humanly possible, of course. It would be very important that whoever is to do that is in no ways connected to the Tor project. By posting to this list this my purely private (I speak only for myself and nobody else) opinion, I am of course completely disqualified to do that. I would also expect and welcome any Tor developers to condemn and distance themselves from this particular idiotic suggestion here. I hereby distance myself without being a core Tor developer or otherwise affiliated with them. How about adding more hops, and/or use jurisdictional compartments who can't/won't persecute and/or do not cooperate well with each other. I'm cure we can think of a few tuples off-hand. Seems to be the most effective way for me. But it would leave the Tor node ops with the problem of having to store the connection data. Which can be some substantial cost to bear. connection data is. I am pretty sure that they will claim that streams Connection data is who is talking to whom, when. It does not include the contents of the communication. I meant that they might qualify streams as connections as well which means that not only TCP/IP connection parameters are to be stored but also connection data that is created by the protocol (e.g. being in the stream). They already claim that for VoIP. The problem with all that is that the exact technicalities are not part of the law but are decided on level of bureaucracy and can be changed every so often. The politicians have no clue about the Internet at all and they don't have to because they leave the details to non-elected consultants and other put in curse. I think at this point a few of German Tor operators need to think whether we should pool funds, and consult a lawyer sufficiently competent with German/EU online law. Maybe the EFF can recommend sombody, or even offer a more competent interpretation? I think the best organisation to call for that would be the CCC. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGcW2UOMmnRrmEoQkRAlpIAJ4iXhCrzNBOkvxSRXWM5gypMB439ACgqN86 bYZzT0OCvXpewg6/CMvqs5M= =3er1 -END PGP SIGNATURE-
Re: What will happen to Tor after the new German data retention law takes effect?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ringo Kamens wrote: Yeah, and they certainly should get involved with this, although I'm not sure how. This is a dark day for germany. I keep hearing the word draft being thrown around, so I'm guessing this isn't law yet. Exactly, it is no law yet. Has the time for public comment ended? Which german officials can/do stand in the way of this becoming law? Well, the term public comment does not really apply to Germany. Most of the talks and discussions that mattered were held without the general public taking part (or being invited and/or allowed). The biggest issue in the hearings was that some very large telcos are actually in favour of the law (esp. DT). Many smaller telco companies wont survive the law being passed. The majority of the parliament and the Bundesrat (Senate kinda) are in favour of the law. Only discussion today is how bad it will become and when it comes into effect. We can get an advocacy campaign running fairly quickly with letters, phone calls, and the whole deal. This is a big issue that could warrant street protests and I'll personally make a visit to my german consulate if there's one within 100 miles of me. If anybody is interested in such a campaign, please email me off list to keep traffic down. Thank you for wanting to fight for the liberty of Germans. There is a project that is very active in that area and needs support: http://www.vorratsdatenspeicherung.de/ http://www.pledgebank.com/akvorrat -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGcXE3OMmnRrmEoQkRAgPIAJ4iwHJBIRA/lYAzA7PTO/pSeTSX2ACfQpsg g6R8VlqKjfsmFq2wQmTX6Vc= =zALW -END PGP SIGNATURE-
Re: What will happen to Tor after the new German data retention law takes effect?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ringo Kamens wrote: So are the people who vote on this elected representatives like we have in the US congress and senate or the UK house of commons? Yes. More or less. The campaigns look interesting, but I can't read German. I can coordinate an English campaign for the US/Intl though. Contacting http://www.vorratsdatenspeicherung.de/ and offering them your support will do a lot. Another thing is that there are data retention plans in the USS as well so you should probably also team up with the EFF. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGcXOYOMmnRrmEoQkRAskvAKCW/DViWqvO3e7+yH2jmtwomuP8EQCdHhMA 1PIp0mYJ4ZpkkmJ7xJ7J/1w= =QDTy -END PGP SIGNATURE-
Re: What will happen to Tor after the new German data retention law takes effect?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ringo Kamens wrote: Just off the bat, who here (in Germany) is up for street protests? I think that Germans learned from the recent G8 mess that street protests are very dangerous. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGcX7XOMmnRrmEoQkRAo+qAJ4ymU8lQQJ0jocEhGnwVD4IfgvNxwCeOEvf a4+8hS1D3hZxo7e8FWSzilM= =kobZ -END PGP SIGNATURE-