Austrian Tor exit relay operator guilty of ferrying child porn An Austrian man has been found guilty after child sex abuse material transited his Tor exit relay. IT administrator William Weber was charged in November last year after state police raided his home confiscating 20 computers, gaming consoles and devices after one of his seven global Tor exit relays funneled the illicit …
"..... then ISP's should also be liable......" Once again, for those that seem better at bleating than reading the article, he was caught in a chat saying how great TOR was for shifting kiddie porn anonymously. If you have evidence of an ISP advertising their services in a similar manner then please post it and forward it to their local police.
Yeah, and just how many exit nodes do they run that has let Extremist comms/KP through? Isn't that why the run them?
If that's why they run them, then they are providing a service specifically for the purpose of promoting the transfer of such material, but of course they are above the law so that's that.
Rather than try to go after users, blatantly the five eyes have decided to send a warning to any prospective node contributors:
"Do that and we'll have you in every paper in the country for possession and distribution of child pornography"
i expect this one to be rolled out a little more often as an intimidation tactic, even if it costs some people their livelihoods and reputations along the way
If that was the crux of the case and his lawyer didn't successfully cross examine or redirect I doubt you're going to find what you think you will. It's easier to lie to a "journalist" with an axe to grind than it is to lie in court. Not that it's particularly difficult to lie in court mind you.
Definitely a hot-water situation. Someone could deliberately transmit 'illegal' material through the Tor network between two machines belonging to themselves, monitor the transmission and report the server owner for transmitting it illegally. Fundamentally anyone could target a mark and get their system shut down.
As has been said, this appears an easily defendable case. On the other hand, if upheld, it would have major ramifications for *anyone* running a public facing network. The theoretical ability for a third party to *legally* get an entire infrastructure network shut down (on the simple pretext of retransmission of data via the infrastructure of that company's network) through one illicit act is quite scary.
Interesting that whenever media scrutiny and bad publicity threaten to overwhelm state apparatus, some "good" application of state surveillance is suddenly brought into the public spotlight.
I ask myself, if internet surveillance is such a great tool for catching terrorists (dubious) then why don't the powers that be use it to catch some "real" flesh and blood bad guys?
This poor sod will have his life ruined for hosting an exit node, the KP distributors will just move onto another node.
Color me unimpressed, I sometimes wonder if the unwashed masses can even swallow this anymore.
You're missing the point. If the Feds wanted to search your house but had insufficient grounds to get a warrant, they would send unsolicited illegal material via a delivery mechanism that required you to sign for it.
Should you be foolish enough to sign for the brown envelope, the contents of which you did not know, they had your signature proving you had illegal material at your property and voila, one search warrant coming right up.
This specific case may or may not be the electronic equivalent of that tactic (e.g. the references to chat room stuff may mean it isn't), but you can see how this judgment has handed law enforcement everything they need to (literally) get their foot in the door.
Reminds me of the 1990s in Usenet. Militant activists attacked some alt groups they disliked - by posting illegal pictures. They then complained to ISPs to get those Usenet groups blocked. There was also a report that USA law enforcement agencies were responsible for a large amount of illegal material/substances in circulation. They were establishing their "street cred" for possible sting operations.
This Tor ruling could easily be the route to similar attacks on Tor's legal traffic by anyone.
I would like to know why they also didn't go after the phone company, and come to that the electricity supplier, on exactly the same grounds... They are certainly equally "complicit" - ie not at all.
It comes down to a simple question really - should we round up the gunsmiths, knife makers and inflatable banana manuafacturers (it could be done...) and charge them with all the murders involving their produce?
No?
Because if not, the guy is plainly bloody innocent.
The right of the people to be secure in their persons, houses, papers, and effects,[a] against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
There'll be fireworks later...
P.
The silver lining here is that some clever people will now be very interested in finding a way to create a system performing a similar function to tor that does not have the particular vulnerability that allowed the police to identify Mr. Weber as the operator of the exit node concerned.
I do hope those clever people are much cleverer than I am, because I have no idea how this could even be accomplished; any ideas?
Spreading the packets across multiple exit points means that no one person has transmitted anything illegal, however I wouldn't put it past someone to define 1% of a CP image as equal to the entire image and lock everyone up..
Basically the authorities don't want TOR around, so they'll use any method to kill it. VPNs will be next, if they can find a way of legally distinguishing between business and private ones.
Operating on the millions of 0wned Windows XP machines no doubt.
I did hear somewhere that compromised routers are now being used to route TOR traffic so there is another reason not to use hardware from manufacturers known to have security issues: you might get your door bashed down any day soon.
Should 1% of a CP/EP/etc image be grounds for prosecution? Yes, if it is hosted on a botnet infected machine even providing that 1% should be just as illegal, but the crime should be "failing to adequately protect your system" punishable by confiscation and public steamrollering of the infected machine and attached hardware ONLY.
Should be an adequate deterrent against idiots who think antivirus is an optional extra.
(gets off soapbox)
Even if, as the conspiracy theorists say, he was set up by the NSA/MI5/6/GCHQ/Aliens...etc. I still fail to see how in any context that he mentioned the phrase 'CP'? I don't use it in normal language, not even posting on the internet. If he did indeed advocate the use of TOR as being secure enough to be able to even transmit it then that's enough to take a closer look at him isn't it? If there is proof to show that he did say it in a chatroom authoritatively to another user then, as far as i'm concerned, he should get locked up and they should throw away the key. Maybe he's a good reason for monitoring exit nodes?
I fully expect the privacy brigade to bring on the downvotes, but at least I'm not an anonymous coward! I'm glad he was picked up.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
