Here's What Happened When The Dutch Secret Service Tried To Recruit A Tor Admin

from the true-or-false? dept

Law enforcement keeps bumping into Tor, as Techdirt has reported many times over the years. So it's understandable that the authorities are always looking for ways to subvert and circumvent the extra protection that Tor can offer its users when used properly. For obvious reasons, we don't often get to hear exactly how they are doing that, but a fascinating post on the Dutch site Buro Jansen & Janssen purports to give some details of what happened when the country's secret service tried to recruit a Tor admin. First, a caveat. The site says:

We received this story from a person who wants to remain anonymous. We conducted an investigation to the existence of this person and confirmed their existence.

However, that still raises the question of whether the site itself is reliable. It describes itself as follows:

A land-rights collective which has been publishing for 30 years on the expansion of repressive legislation, public-private partnerships, authorities, governmental actions and other state affairs.

Some might argue that means it has an axe to grind against the authorities and secret services, making its report less credible. That said, the site seems to contain a wide variety of solid information, and the post itself is plausible enough. It recounts how the Dutch secret service in the form of an older man and younger woman contacted the unnamed Tor admin:

They approached me and identified themselves with a badge of the Ministry of Internal Affairs and said they were working for the AIVD (Dutch secret service). They asked me to hear them out. I was in a state of shock and thought I had committed a crime but they immediately started to talk about on my studies. They made it clear they've read my thesis on IT security and showered me with compliments before they were firing a round of job offers at me.

Here's what they offered and what they wanted:

They asked me if I was interested in traveling for a couple of years and for example work in Germany at a technology company while visiting the Chaos Computer Club's hacker spaces to see what's going on and report back to them. All my expenditures would be covered.

...

They also mentioned that occasionally there are hacker parties in Italy, Austria, Spain, and other countries, and they said I could see that as paid holidays. They were very honest about the fact that they were looking for foreign talent but mostly interested in keeping tabs on Dutch IT-professionals and hackers abroad. They emphasized on monitoring Dutch people abroad at least 3 times.

That's pretty conventional stuff. But you obviously don't try to recruit a Tor admin unless you are also interested in keeping an eye on Tor itself:

The old man who showered me with compliments suddenly said: "look, we know about your Tor-exit nodes, if you run them with us you will be able to make a living out of it, but if you don't and something illegal happens, we can't help you if the police visits your home and seizes your equipment."

That threat was accompanied with a further warning not to speak to anybody about the conversation that had just taken place. Let's hope that nothing has happened, or will happen, to the person involved for disobeying that instruction. Assuming, of course, that the post is genuine -- something that Techdirt readers will doubtless have their own views about.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    afn29129 (profile), 31 Jan 2017 @ 4:38pm

    Little Dutch boy

    Even if true the little Dutch boy (Dutch Secret Services) has their finger the dike.

    reply to this | link to this | view in chronology ]

  • identicon
    neo anderson says, 31 Jan 2017 @ 4:54pm

    dutch cake

    really is dry isn't it....

    Ya think after all the spying anyone is gonna volinteer to be your stooges ....oh my you fools ....you have done your selves over.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 31 Jan 2017 @ 5:09pm

      Re: dutch cake

      First principal of intelligence: Never, not ever, do you shut down a leak you know about.

      Just make damned sure that the only information it gets is what you want it to get.

      reply to this | link to this | view in chronology ]

  • icon
    Ehud Gavron (profile), 31 Jan 2017 @ 6:09pm

    Some might argue...

    "Some might argue that means it has an axe to grind against the authorities and secret services, making its report less credible"

    Some might argue that if you're a reporter reporting on facts you should state those facts, not attempt to slide them into a "some might argue" statement without saying which way YOU argue.

    Some might argue that "has an axe to grind" is passing a judgment on an entire site. If done prior to reading the material that constitutes pre-judgment or in simple words prejudice.

    Some might argue that "making its report less credible" is an attempt to claim exactly that lack of credibility without saying so.

    Stop pussy-footing around. If there's no issue why would you say these things? If there is an issue why would you not?

    Innuendo and implied nonspecifics is the hallmark of the disparagement lawyer letters. Some might argue that if you have an axe to grind you should step away from the article and let someone without one write it. That would make the report more credible.

    E

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 31 Jan 2017 @ 8:49pm

      Re: Some might argue...

      Techdirt has made no secret of its opposition to surveillance states and secret government agencies in general, and the Dutch are not exempt from that. However, Techdirt lacks the resources to confirm that the claims posted by that other site are true, since verification would mean not only that the site is legitimate, but also that the claims made by the self-identified anonymous Tor administrator to that site are true. We do not know if the person who made these claims is a Tor administrator, nor whether they experienced anything like the article describes. If Techdirt had not included some sort of acknowledgment that the claims are unverified, someone would have raised a fuss in the comments. Perhaps Techdirt should have used different phrasing to disclaim the verifiability. Perhaps not. I found the existing disclaimer clear enough. Techdirt's author was caught between not reporting potentially true and interesting information or reporting information that was unverifiable. This attempts to split the difference by reporting it, but with a clear caveat that its truth is undetermined.

      reply to this | link to this | view in chronology ]

      • identicon
        Bruce C., 1 Feb 2017 @ 11:42am

        Re: Re: Some might argue...

        So in other words, this is about as reliable as the Buzzfeed report on the Russian dossier on Trump.

        reply to this | link to this | view in chronology ]

    • icon
      Ninja (profile), 1 Feb 2017 @ 1:37am

      Re: Some might argue...

      So much hatred! It seems to me that Glynn stumbled upon this piece of info and did some of the fact checking but could not determine everything to be 100% trusted but given what he could check it could be reported on with caveats (that he thoroughly explained).

      Which brings us to one healthy discussion: how many are running compromised exit nodes in the TOR network? What prevents someone to set up a node to let law enforcement spy on the traffic of said node? How do we know it isn't a wide spread tactic already?

      Instead of bashing Glyn we could be discussing the implications of the information if we assume it true. Shall we?

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 1 Feb 2017 @ 11:56am

        Re: Re: Some might argue...

        As far as compromised exit nodes... a healthy chunk of TOR exit nodes are run by the NSA or Germany's equivalent. Are they compromised? Depends on what you mean; every exit node will be run for a reason; libraries are starting to run them to provide more freedom of information from tracking, but right from the start, a large number of nodes were for research purposes. Carnegie Mellon's research program showed how exit nodes could be "weaponized" by actors looking for specific behaviour, to tie it back to the original users. China has begun getting interested in exit node hosting so they can keep tabs on what sort of information people globally are trying to hide from their governments.

        A Chinese exit node could care less if you were using the mdoe to illegally access copyrighted information; the German and US government exit nodes could care less if you were wanting to look up information on the Falun Gong or Tienanmen Square. The ALA doesn't really care what you're accessing as long as it's not illegal, and some guy running a bunch to add legitimacy to his bulletproof server company in Belarus is going to be happy knowing that the above activities are going on, but masking his own enterprises.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 31 Jan 2017 @ 9:22pm

    "Some might argue that means it has an axe to grind against the authorities and secret services, making its report less credible."

    yes people that have not paid any attention to ... reality might find them credible

    put it another way

    the hippy(your implication) collective techdirt

    which has been publishing for 15 years on the expansion of repressive legislation, public-private partnerships, authorities, governmental actions and other state affairs.

    sorry Glyn you don't get to play favorites if you want to be credible just cause you don't think these hippy shits are more than liberals(in the phil ochs way) doesn't make your sideways slap legitimate

    reply to this | link to this | view in chronology ]

  • identicon
    well isn't this a bamboosal, 31 Jan 2017 @ 9:26pm

    I see my post has been killed because I critisized Glyn

    Good jorb on free speach there say of

    reply to this | link to this | view in chronology ]

    • icon
      Ehud Gavron (profile), 31 Jan 2017 @ 9:57pm

      Re: I see my post has been killed because I critisized Glyn

      I doubt your speach[sic] was chilled because you critisized[sic] Glyn.

      More likely you were too wasted to hit "Submit".

      E

      reply to this | link to this | view in chronology ]

  • identicon
    well isn't this a bamboosal, 31 Jan 2017 @ 9:30pm

    or it might just be me :(!

    Apologizes everyone and glyn

    not very patient at the moment

    reply to this | link to this | view in chronology ]

  • icon
    TechDescartes (profile), 31 Jan 2017 @ 9:31pm

    Post Hole Digger

    What if Glyn isn't real and this is a fake post about a fake post?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 1 Feb 2017 @ 1:30am

    Carrot, Carrot, Carrot...

    ...STICK!!!

    reply to this | link to this | view in chronology ]

  • identicon
    M, 1 Feb 2017 @ 5:06am

    BuribJan

    reply to this | link to this | view in chronology ]

  • identicon
    DC Pathogen, 1 Feb 2017 @ 6:43am

    Maybe the leak is intentional

    Just letting the hackers know that there needs to be more scrutiny about whom is let in to the party.

    reply to this | link to this | view in chronology ]

  • identicon
    I.T. Guy, 1 Feb 2017 @ 8:59am

    "A land-rights collective which has been publishing for 30 years on the expansion of repressive legislation, public-private partnerships, authorities, governmental actions and other state affairs."

    A copyright website which has been publishing for 20 years on the expansion of repressive legislation, public-private partnerships, authorities, governmental actions and other state affairs.

    "making its report less credible."
    Does the above make TD any less credible?

    Some will actually read the article and make an informed decision as to who is shoveling the bovine fecal matter.

    reply to this | link to this | view in chronology ]

  • identicon
    I.T. Guy, 1 Feb 2017 @ 10:06am

    "Techdirt readers will doubtless have their own views about."
    Sometimes when the "fake" news seems credible.

    I dont think it is real though. The way he is approached doesn't seem legit. You would think spy agencies would have profiled him better to see if he was a likely person to be a snitch.

    They go from cupcakes and unicorns to "we can't help you if the police visits your home and seizes your equipment."

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 1 Feb 2017 @ 12:03pm

      Re:

      That seems pretty standard to me; that approach probably works for 20% of those they approach. Most of the rest will be too worried to go public about it. Which is why this guy felt safe telling the story (likely with a few changes to protect his identity) as he's likely not the only one they approached, and so isn't singled out by going public.

      reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.