This is a post series on cyber crime. For more posts click here or the cybercrime tag below.
I’ve been called an idiot in various venues by mostly it seems computer security types for this series and my insistence that more law enforcement is required. What these people don’t see is the bigger issues involved.
This is the sort of thing I’m seeing. From anonymous cowards of course. How trollish. They are so afraid of what people think about what they say that they feel the need to hide behind anonymous Tor ip’s and won’t ever, ever use a real name.
I erected a fence around my house — it’s just one single fencepost, I expect the bad guys to line up behind it — but somehow the attacks keep getting through. Obviously I need to spend more on local law enforcement so they can recover my stuff, if they ever catch one of the thieves located in Whateverstan. My neighbor with the free Linux house never seems to have these problems, but he’s a kook. Some jerk published the location of my fencepost, says now everybody knows the security approach is weak and I can’t mislead customers anymore. Obviously I need to take all that customer license money and hire programmers to reorganize the menus on the word processor again.
From this point forward any comments on this blog will require a real, not Tor IP address. And a name. Otherwise they get trashed and treated as spam. No more cowards who spew from the shadows.
I digress however. The problem with ever higher and stronger fences is that they cut off access. That can be a good thing and it can be very bad. Yes you protect yourself from the bad people wanting to do you harm, but you also cut yourself off from the good people yo need to business with.
My main job is engineering. That’s actually very collaborative process. I can’t get the entire project built all by myself. I need to be able to trust that I can rely on others to get their part of the job done. That means that I have to have some confidence in then whoever they may be. Even if they are in some far away place and I will never meet them. In order to get my job done, I need to work in the web of trust.
If I can’t rely on other people, I cannot do my job and innovate. If there is no trust innovation and growth go away. You can see that all over the world, in places like Pakistan or Mexico. Look at the typical house in Pakistan, surrounded by walls and looking in. Which in many ways is a mirror of the culture and society in Pakistan and similar places. With all the inbreeding and stupidity that goes with it.
The internet can go the same way if people aren’t careful. The various users and ISP’s could “fort up,” only allowing connections that they absolutely trust. In fact it’s already started. Many organizations are already fairly strict about attachment and links in emails, for instance. And they routinely block websites for a variety of reasons. If the anarchy and malware continues to spread it’s only going to get worse. The various “dark nets” are only going to make it worse.
I suppose it’s fun t make fun of granny user and her unsecure computer. But without the billions of granny user online, and all other people online, the flow of internet comer and activity is going to stop. When that happens there will no linger be a net.
It looks like the Tor people are aware of the problem of people blocking Tor nodes.
This is a Tor Exit Router
Most likely you are accessing this website because you had some issue with the traffic coming from this IP. This router is part of the Tor Anonymity Network, which is dedicated to providing privacy to people who need it most: average computer users. This router IP should be generating no other traffic, unless it has been compromised.
Tor sees use by many important segments of the population, including whistle blowers, journalists, Chinese dissidents skirting the Great Firewall and oppressive censorship, abuse victims, stalker targets, the US military, and law enforcement, just to name a few. While Tor is not designed for malicious computer users, it is true that they can use the network for malicious ends. In reality however, the actual amount of abuse is quite low. This is largely because criminals and hackers have significantly better access to privacy and anonymity than do the regular users whom they prey upon. Criminals can and do build, sell, and trade far larger and more powerful networks than Tor on a daily basis. Thus, in the mind of this operator, the social need for easily accessible censorship-resistant private, anonymous communication trumps the risk of unskilled bad actors, who are almost always more easily uncovered by traditional police work than by extensive monitoring and surveillance anyway.
In terms of applicable law, the best way to understand Tor is to consider it a network of routers operating as common carriers, much like the Internet backbone. However, unlike the Internet backbone routers, Tor routers explicitly do not contain identifiable routing information about the source of a packet, and no single Tor node can determine both the origin and destination of a given transmission.
As such, there is little the operator of this router can do to help you track the connection further. This router maintains no logs of any of the Tor traffic, so there is little that can be done to trace either legitimate or illegitimate traffic (or to filter one from the other). Attempts to seize this router will accomplish nothing.
If you are a representative of a company who feels that this router is being used to violate the DMCA, please be aware that this machine does not host or contain any illegal content. Also be aware that network infrastructure maintainers are not liable for the type of content that passes over their equipment, in accordance with DMCA “safe harbor” provisions. In other words, you will have just as much luck sending a takedown notice to the Internet backbone providers. Please consult EFF’s prepared response for more information on this matter.
For more information, please consult the following documentation:
That being said, if you still have a complaint about the router, you may email the maintainer. If complaints are related to a particular service that is being abused, I will consider removing that service from my exit policy, which would prevent my router from allowing that traffic to exit through it. I can only do this on an IP+destination port basis, however. Common P2P ports are already blocked.
You also have the option of blocking this IP address and others on the Tor network if you so desire. The Tor project provides a web service to fetch a list of all IP addresses of Tor exit nodes that allow exiting to a specified IP:port combination, and an official DNSRBL is also available to determine if a given IP address is actually a Tor exit server. Please be considerate when using these options. It would be unfortunate to deny all Tor users access to your site indefinitely simply because of a few bad apples.
It would appear that the Tor people are beginning to realize that they are going to have a problem. The fact is that unless they start cleaning up “their town” and stop the their barbarians from extorting money from granny user, the problems for them, and everybody else are only going to get worse. All the legal disclaimers in the world doesn’t absolve you of that responsibility. As I’ve said, if the risk/reward balance isn’t changed thing are going to break down pretty quickly.