Re: Tor exit nodes

To: [email protected]
Subject: Re: Tor exit nodes
From: Russell Coker <[email protected]>
Date: Sat, 15 Apr 2017 02:14:53 +1000
Authentication-results: mail1.trendhosting.net; dkim=pass reason="1024-bit key; unprotected key" header.d=coker.com.au [email protected] header.b=ElR3MBcY; dkim-adsp=pass; dkim-atps=neutral
Cc: micah <[email protected]>
Delivered-to: [email protected]
Delivered-to: [email protected]
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=coker.com.au; s=2008; t=1492186494; bh=EvQyh6Bz37Y2iK3fopxLAVdCVx8ve28ZhHfPjXGHCzE=; l=2219; h=From:To:Subject:Date:Cc:References:In-Reply-To:From; b=ElR3MBcY0lTVJmsAj6GshfDXbYRZKA+oAfYlgM7uPODhrP53ttAtc50+Vlv9YMi/O FqWYPBUMS6Pav7AhwcIEJUVP0xv8Hy6L4SyIcBJIEQr2hx2OEgK1PcwsVpdn5P1gH9 rxzDjR9DQBCC5ERvF+QwUq2l5BKGlLn/sG3ZRLvo=
In-reply-to: <[email protected]>
List-archive: <file://master.debian.org:~debian/archive/debian-private/>
List-help: <mailto:[email protected]?subject=help>
List-id: <debian-private.lists.debian.org>
List-post: <mailto:[email protected]>
List-url: <https://lists.debian.org/debian-private/>
Old-return-path: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>
Resent-date: Fri, 14 Apr 2017 16:15:16 +0000 (UTC)
Resent-from: [email protected]
Resent-message-id: <U2FHiVqzmqM.A.P3G.UWP8YB@bendel>
Resent-sender: [email protected]
User-agent: KMail/1.13.7 (Linux/4.9.0-2-amd64; KDE/4.8.4; x86_64; ; )

On Fri, 14 Apr 2017 12:09:41 AM micah wrote:
> >> The police in this case (and seemingly routine in most countries)
> >> confiscated *all* his computers. Even air-gapping the Tor exit node from
> >> a Debian development machine would not help.
> > 
> > Yes.  They even go to the home of someone who paid a DC bill and take all
> > computers there.  They also generally don't care who owns the systems in
> > question (otherwise every suspect would say "but I don't own any PCs,
> > they are all owned by someone else").  If you share a house with someone
> > who runs a Tor exit node in the same country then your PCs are at risk.
> 
> I know someone running a tor exit node in Kentucky, on his home DSL
> connection. He occasionally has his internet shut off, but he just
> reminds them that it is a Tor Exit, and they turn it back on.

There are also people who chain-smoked for 50+ years without getting lung 
cancer.

> I don't say that to try and counter the argument, just to balance it a
> little. I would not recommend running an exit at home, its potentially
> dangerous and disruptive.
> 
> However, characterizing the way you have is a bit over the top. I've
> been running tor exit nodes in data centers for years, and know several
> people who do that. None of them have had the police do what you have
> described.

You are lucky.  I'm not going to rely on luck for the security of my GPG and 
SSH private keys and the other private data on my machines.

I'm also not going to rely on luck to remain out of jail.

> There are ways you can increase the safety, and there is quite a few
> resources out there that help you navigate these risks in a clear
> way. Rather than speculating on debian-private about these things, I
> think its better for people who want to discuss these details to do some
> research on the subject, and discuss it on the relevant tor lists. This
> isn't -private material.

Sure.  But let's spread the idea that running a tor exit node on anything 
that's in any way related to the system that has your GPG key is a really bad 
idea.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

Follow-Ups:
- Re: Tor exit nodes
  - From: Al Nikolov <[email protected]>

References:
- Dmitry Bogatov arrested in Moscow
  - From: Dmitry Shachnev <[email protected]>
- Re: Tor exit nodes
  - From: Russell Coker <[email protected]>
- Re: Tor exit nodes
  - From: micah <[email protected]>

Prev by Date: Re: Dmitry Bogatov arrested in Moscow
Next by Date: Re: Tor exit nodes
Previous by thread: Re: Tor exit nodes
Next by thread: Re: Tor exit nodes
Index(es):
- Date
- Thread