FBI Sends Subpoena To Boing Boing Over Its Tor Exit Node, Gets Educated, Goes Away
from the well-that's-nice dept
There have been plenty of discussions on the possible “risks” of running a tor exit node, where clueless law enforcement might confuse traffic that comes out of that node as being from the person who actually manages the node. And, indeed, last year we wrote about an absolutely ridiculous case in which a tor exit node operator in Austria was found guilty as an “accomplice” because someone used his node to commit a crime. Thankfully, it appears that the US isn’t going quite down that road yet. It appears that a month and a half ago, of all places, the website Boing Boing received a subpoena concerning the tor exit node that the site hosts, demanding an appearance before a federal grand jury in New Jersey.
Except, Boing Boing’s lawyer, Lauren Gelman, quickly shot off a note explaining “tor exit node” to the FBI… and the FBI understood what was going on and moved on. Really. Here’s the note that Gellman sent:
Special Agent XXXXXX.
I represent Boing Boing. I just received a Grand Jury Subpoena to Boing Boing dated June 12, 2015 (see attached).
The Subpoena requests subscriber records and user information related to an IP address. The IP address you cite is a TOR exit node hosted by Boing Boing (please see: http://tor-exit.boingboing.net/). As such, Boing Boing does not have any subscriber records, user information, or any records at all related to the use of that IP address at that time, and thus cannot produce any responsive records.
I would be happy to discuss this further with you if you have any questions.
They didn’t have any questions. They understood the situation and (one assumes) continued the investigation through other means. As Cory Docotorow writes:
The FBI agent did his homework, realized we had no logs to give him, and no one had to go to New Jersey. Case closed. For us, anyway. Not sure what went down with the grand jury.
We write plenty of stories about “clueless” law enforcement and politicians overreacting to things by not understanding the technology. Because that’s newsworthy. But it is worthwhile, every once in a while, to remember that there are some in these jobs who do understand technology and are perfectly willing to understand what is happening and continue to do their jobs without going overboard.
And, as Cory notes, perhaps this story of nothing actually happening will be useful in convincing a few more people that maybe the “risks” of running a tor exit node aren’t quite as high as some have made them out to be. Yes, you may receive a subpoena, but hopefully it’s from law enforcement willing to understand how tor actually works and what it means.
Filed Under: fbi, subpoena, tor, tor exit node
Companies: boing boing
Comments on “FBI Sends Subpoena To Boing Boing Over Its Tor Exit Node, Gets Educated, Goes Away”
so what happened to the Austrian guy? appeal and get let off or what??
Re: Re:
3 years probation, no appeal.
Explanation note
Shouldn’t the answer have had a lot more black ink covering most of the page?
Re: Explanation note
No – Boing Boing provided this, not the FBI. Had the FBI provided it, it would be two black pages.
Can't provide what you don't have
This is actually a good response to be able to give in general. Law enforcement may not understand tech or TOR exit nodes, but they understand “we don’t have any records to give you, never had them”. I’ve always thought that was a good reason to keep logs and such only for as long as you needed for technical reasons (eg. unless you have a problem you’re troubleshooting you keep them for 24 hours at most) unless the law specifically requires you to keep certain logs longer than that and then you keep only what the law requires and dump the rest.
It’s also a good reason to encourage proper strong encryption of e-mail (ie. encrypted with the recipient’s public key by the sender, decrypted by the recipient on their system, mail systems never have the private keys at all). That way if a subpoena comes in you can just turn over the encrypted data and if law enforcement comes back wanting the keys you can honestly shrug and say “don’t have ’em, never did, only person who has them is the recipient so you’ll have to talk to them about it”. (Yes, encrypted e-mail can work safely with webmail, Javascript has the APIs to decrypt the text if the page is coded to use them and the text is in a standard form in an easily-identified page element.)
Remember the Cop Mentality
If you’re a civilian, you’re guilty, even if provably innocent. If you’re a cop, you’re innocent, even if the video shows the cop’s victim was unarmed and not resisting.
ALWAYS remember this when you’re dealing with the Masters.
Re: Prima facie "Social Justice Warrior" detected!
Can’t be bothered to read the article, but posting what I think about what it says anyway. That comment has nothing to do with this story. The cop realized his/her mistake, and went away happy. Yet you then come along and spit out that. What for?
Why would anyone want to do this (what you did) as an AC? What’s it really get you?
You’ll receive a subpoena if you’re a company. If you’re just an average person and someone does something like share child pornography through your exit node, you will have you door kicked in by the FBI, be slammed to the floor, cuffed, have an assault rifle be jammed in the back of your head and then spend the next several hours at the nearest FBI field office, while agents collect every electronic device from your home and go over your life with a fine-toothed comb.
Re: Re:
Actually, in most cases I’ve heard about, the FBI’s been pretty good about open WiFi and TOR. They appear to do their homework by investigating the IP in question before going in guns blazing, due to the number of IPs that belong to someone other than the one doing the dirty deed. This probably has something to do with the fact that the FBI uses these technologies themselves to conduct investigations.
But this article makes one really useful point: don’t put your TOR exit node on an IP shared with other traffic. Because then you’ll have to dig up all your logs to prove that it was the TOR node and not you using HTTPS that made the connection in question.
Re: Re: Re:
Actually, in most cases I’ve heard about…
Actually, only one that goes the way described by Rekrul is enough for the rest of your whole life…
Re: Re: Re:
The FBI may be ‘pretty good’ but SWAT teams ..ehh not so much
https://www.youtube.com/watch?v=NUahTD5IBXU
I would bet money on that you will write about them again before the end of the month.
Evidence that James Comey was left out of the loop.
Cease and resist
Clearly the fed DIDN’T understand TOR or he wouldn’t have sent the subpoena in the first place.
What he did was something akin to Hollywood’s speculative invoicing, where he hoped to gather information from a clueless, shitscared or insanely patriotic (read non-thinking patriot) company/individual in the hopes that would make his job easier. When this didn’t happen, no doubt the fed just moved on to his next (speculative) target.
If this were real there would still be the need to testify, regardless of whether said *documents* could be supplied or not.
Running a Tor exit node is a high risk if not done properly. You don’t want to run a exit node on your home internet connection. You want to have the Tor exit node completely separate from your personal internet usage for legal reasons.
https://www.torproject.org/eff/tor-legal-faq.html.en