Re: Tor exit nodes

To: [email protected]
Subject: Re: Tor exit nodes
From: Russell Coker <[email protected]>
Date: Thu, 13 Apr 2017 23:43:20 +1000
Authentication-results: mail1.trendhosting.net; dkim=pass reason="1024-bit key; unprotected key" header.d=coker.com.au [email protected] header.b=R9mnsBRY; dkim-adsp=pass; dkim-atps=neutral
Delivered-to: [email protected]
Delivered-to: [email protected]
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=coker.com.au; s=2008; t=1492091002; bh=6h70bNFor7Gy7lpYAHLE3V/xWsKM162rb+oKnZhjOeA=; l=1793; h=From:To:Subject:Date:References:In-Reply-To:From; b=R9mnsBRYG77LiP7cjluSqDPh5g5wEy8cindwk6GG+zO9uwmg3B/Ju7SLNpe3Z8lsL +21ZX/w2vj9BNuxQ04kcveF0W3yc4SMa2xPzkm9M7sK6RsmPjeTKEBp/LKKllX8DCE sXwEz2OI65gf5QaCo6qwCgglUMvmlX6K2e0ayGAc=
In-reply-to: <[email protected]>
List-archive: <file://master.debian.org:~debian/archive/debian-private/>
List-help: <mailto:[email protected]?subject=help>
List-id: <debian-private.lists.debian.org>
List-post: <mailto:[email protected]>
List-url: <https://lists.debian.org/debian-private/>
Old-return-path: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>
Resent-date: Thu, 13 Apr 2017 13:43:43 +0000 (UTC)
Resent-from: [email protected]
Resent-message-id: <JhmpkT_jy9G.A.OuF.PC47YB@bendel>
Resent-sender: [email protected]
User-agent: KMail/1.13.7 (Linux/4.9.0-2-amd64; KDE/4.8.4; x86_64; ; )

On Thu, 13 Apr 2017 07:20:00 PM Jonathan Dowland wrote:
> On Tue, Apr 11, 2017 at 08:44:42PM +1000, Russell Coker wrote:
> > I think it would be best if DDs don't run Tor exit nodes from the same
> > location as the machine holding their GPG keys etc.  If anything goes
> > wrong we don't want systems that can compromise Debian security being
> > collected by the police.  As this has apparently happened more than once
> > it seems that it's something we need to discuss here.
> > 
> > While the police could subvert Debian without a lot of effort if they
> > intended to I think it's still good to avoid them accidentally
> > collecting keys to Debian resources and handing them over to whoever
> > investigates IT security issues.
> 
> The police in this case (and seemingly routine in most countries)
> confiscated *all* his computers. Even air-gapping the Tor exit node from a
> Debian development machine would not help.

Yes.  They even go to the home of someone who paid a DC bill and take all 
computers there.  They also generally don't care who owns the systems in 
question (otherwise every suspect would say "but I don't own any PCs, they are 
all owned by someone else").  If you share a house with someone who runs a Tor 
exit node in the same country then your PCs are at risk.

Martin Krafft has managed to mitigate the risks of this with some success.  
Being an unpaid Tor consultant would probably be fun if it happened once or 
twice in your area.  But travelling to another country multiple times for it 
would be a drag.  But you really need to know what you are doing and be based 
in a jurisdiction with a well functioning legal system.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

Follow-Ups:
- Re: Tor exit nodes
  - From: micah <[email protected]>

References:
- Dmitry Bogatov arrested in Moscow
  - From: Dmitry Shachnev <[email protected]>
- Tor exit nodes
  - From: Russell Coker <[email protected]>
- Re: Tor exit nodes
  - From: Jonathan Dowland <[email protected]>

Prev by Date: Re: Dmitry Bogatov arrested in Moscow
Next by Date: Re: Tor exit nodes
Previous by thread: Re: Tor exit nodes
Next by thread: Re: Tor exit nodes
Index(es):
- Date
- Thread