Tor exit nodes

To: [email protected]
Subject: Tor exit nodes
From: Russell Coker <[email protected]>
Date: Tue, 11 Apr 2017 20:44:42 +1000
Authentication-results: mail1.trendhosting.net; dkim=pass reason="1024-bit key; unprotected key" header.d=coker.com.au [email protected] header.b=ah6o+zgM; dkim-adsp=pass; dkim-atps=neutral
Delivered-to: [email protected]
Delivered-to: [email protected]
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=coker.com.au; s=2008; t=1491907484; bh=5/eqeR+uE/AaA9lXcXQNlGAnUJPibU6rmqJeduLLPv4=; l=1409; h=From:To:Subject:Date:References:In-Reply-To:From; b=ah6o+zgMVkamjZTHXtZwEpiQxwaHnxSbb6x9K957dW+8r+/J899wtWG9gPyj13W4N G0N6po4fg2fdmNlnnx+uNe+1B8YaAtdqofCY8a/m3EwrFUttKgzhtf1ydXiry8MdFT tpQxybP3EFhCCvGP9YwuT5Xhe1xaBU0nu/XUj8NU=
In-reply-to: <[email protected]>
List-archive: <file://master.debian.org:~debian/archive/debian-private/>
List-help: <mailto:[email protected]?subject=help>
List-id: <debian-private.lists.debian.org>
List-post: <mailto:[email protected]>
List-url: <https://lists.debian.org/debian-private/>
Old-return-path: <[email protected]>
References: <[email protected]> <[email protected]>
Resent-date: Tue, 11 Apr 2017 10:55:08 +0000 (UTC)
Resent-from: [email protected]
Resent-message-id: <KRtZm2ClRTF.A.QZC.MYL7YB@bendel>
Resent-sender: [email protected]
User-agent: KMail/1.13.7 (Linux/4.9.0-2-amd64; KDE/4.8.4; x86_64; ; )

On Tue, 11 Apr 2017 07:49:25 PM Alexander Gerasiov wrote:
> Security service and police came to his house and took away all the
> computers, cause he had Tor exit node on his PC which was used by some
> black-hats to attack government's site.

I think it would be best if DDs don't run Tor exit nodes from the same 
location as the machine holding their GPG keys etc.  If anything goes wrong we 
don't want systems that can compromise Debian security being collected by the 
police.  As this has apparently happened more than once it seems that it's 
something we need to discuss here.

While the police could subvert Debian without a lot of effort if they intended 
to I think it's still good to avoid them accidentally collecting keys to 
Debian resources and handing them over to whoever investigates IT security 
issues.

It would also be a good idea to not run a Tor exit node in the same country 
you reside in.  I know someone who ran a Tor exit node in a DC in his country 
and the police collected all PCs from his home as part of an investigation.  
If he had used a DC in a different country the police might have discovered it 
was a Tor exit node before going to the effort of starting an international 
police case and he wouldn't have lost his GPG and SSH private keys.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

Follow-Ups:
- Re: Tor exit nodes
  - From: Adam Borowski <[email protected]>
- Re: Tor exit nodes
  - From: Gunnar Wolf <[email protected]>
- Re: Tor exit nodes
  - From: Jonathan Dowland <[email protected]>

References:
- Dmitry Bogatov arrested in Moscow
  - From: Dmitry Shachnev <[email protected]>
- Re: Dmitry Bogatov arrested in Moscow
  - From: Alexander Gerasiov <[email protected]>

Prev by Date: Re: Dmitry Bogatov arrested in Moscow
Next by Date: Re: Dmitry Bogatov arrested in Moscow
Previous by thread: Re: Dmitry Bogatov arrested in Moscow
Next by thread: Re: Tor exit nodes
Index(es):
- Date
- Thread