Michael Eriksson's Blog

A Swede in Germany

Posts Tagged ‘tor

Tor Browser missing the point

with one comment

I have written before of browser makers having the wrong attitude (recently, Pale Moon; Firefox repeatedly, e.g. [1]) and of people missing the point to such a degree that what they do borders on the pointless.

Unfortunately, the Tor Browser is another case, brought to my mind by a recent “user agent”* issue (cf. below).

*Strictly speaking, “user-agent header”. For simplicity, I will use just “user agent” below.

The Tor Browser is a modified Firefox browser that allows surfing through the anonymisation/privacy/whatnot network Tor, while attempting to remove weaknesses in Firefox that could defeat the use of Tor. On some levels, the developers take a very strict approach, e.g. in that they advice against using Tor with another browser. On others they are paradoxically negligent.

Consider the following claim from the current version of the Tor FAQ:

Why is NoScript configured to allow JavaScript by default in Tor Browser? Isn’t that unsafe?

We configure NoScript to allow JavaScript by default in Tor Browser because many websites will not work with JavaScript disabled. Most users would give up on Tor entirely if a website they want to use requires JavaScript, because they would not know how to allow a website to use JavaScript (or that enabling JavaScript might make a website work).

This, however, makes both the use of Tor with the Tor Browser and the many alterations of the Tor Browser pointless… Allowing JavaScript is not just “unsafe”—it is a complete and utter disaster, defeating the purpose of Tor entirely! Indeed, I am very, very careful about allowing JavaScript even when not using Tor, because JavaScript does not only allow a circumvention of anonymity protection (which is not a concern in a more “vanilla” situation)—it also very severely increases the risk malware infections and whatnots. (To which can be added complications like more intrusive advertising, redundant and annoying animations of other kinds, and similar.) It would be better to use Firefox (over Tor) with JavaScript off than to use the Tor Browser with JavaScript on!

The we-do-not-want-to-scare-away-beginners argument normally carries some* weight; however, here it does not, because the damage done is so massive. This is like a word-processing program that does not allow the user to enter text… I would also argue that because someone is a beginner, it is more important to give him safe defaults—I know the dangers of JavaScript; most beginners do not. These beginners might then surf away as they like, in a false sense of security, and potentially find themselves in jail after insulting the local dictator…

*But only some: To a large part, it is a fallacy, because it so often involves insisting on behavior that benefits the beginners for two days and either harms the more experienced users for years or forces them to invest considerable time in searching for settings/plugins/whatnot to make the behavior more sane. Indeed, in many cases, the result is a background behavior of which most users will not even be aware, despite being harmed by it. (Consider e.g. “accessibility services” that run up processor time, increase the attack surface for hostile entities, make the OS sluggish, …, without ever being used by the vast majority of users.)

A much better solution would be to keep JavaScript off by default and give beginners sufficient information that they can judge why things might not work and when it might or might not be a good idea to activate JavaScript.* Indeed, the nature of anonymity on the Internet is such that Tor is of little benefit unless the user has received some education on the traps and problems.

*In most cases, the answer is “never”: The security loss will always potentially be there, even a trusted website can be abused by third-parties, and most sites that require JavaScript to function properly, at some point, require a de-anonymizing log-in or registration, e.g. to complete a purchase. With the rare exceptions, I would recommend using an entirely different Tor Browser instance.

The text continues:

There’s a tradeoff here. On the one hand, we should leave JavaScript enabled by default so websites work the way users expect. On the other hand, we should disable JavaScript by default to better protect against browser vulnerabilities ( not just a theoretical concern!). But there’s a third issue: websites can easily determine whether you have allowed JavaScript for them, and if you disable JavaScript by default but then allow a few websites to run scripts (the way most people use NoScript), then your choice of whitelisted websites acts as a sort of cookie that makes you recognizable (and distinguishable), thus harming your anonymity.

Apart from understating the risks of JavaScript, this argument hinges on an easily avoidable use of NoScript. (Cf. footnote above.) This use is the normal case when using a vanilla Firefox, but it is only a convenience, it is not a good idea with the Tor Browser, and it is not acceptable to let the uninformed dictate behavior for the informed. Better then to inform them! In a pinch, it would be better to not include NoScript at all,* point to the possibility of using several browser instances (with or without JavaScript on), and let those who really, really want NoScript install it manually.

*With some reservations for secondary functionalities of NoScript, which is not just a fine-grained JavaScript on/off tool. Then again, these secondary functionalities could in some cases also help with de-anonymization through making the browser behave a little differently from others and thereby allowing some degree of finger-printing.

The same type of flawed thinking is demonstrated in a recent change to the user agent: Historically, this identifier of the browser, OS, and whatnot has had the same default for all Tor Browsers (with occasional updates as the version changed), in order to make it harder to de-anonymize and profile individual users. With the recent release of version 8.0*, this had** changed and at least the OS was leaked. The implication was that e.g. a Linux users could be pinpointed as such—and because of their smaller proportion of the overall users, their anonymity was turned into a fraction*** of what it was before.

*Based on Firefox 60.x, incorporating the extreme overhaul of Firefox hitherto kept back. I am not enthusiastic about the changes.

**The developers have recanted in face of protests—a welcome difference to the way the Firefox developers behave.

***In some sense: Consider a game of “twenty questions”, where the “questioneer” is told in advance that a mineral is searched for… Not only does such information prematurely cut the average search space in three (mineral, plant, animal resp. Linux, MacOS, Windows), but due to the smaller size of the mineral kingdom resp. set of Linux users, the specific current search space is made far smaller.

The justification for this appears to be a fear that websites would (as per the old default) hand out Windows content to Linux users, causing sites to not work. While this is not as bad as the JavaScript issue, it is bad enough, especially since this change was not clearly communicated to the users.

Again, the reasoning behind the change is also faulty: Firstly, the influence of the OS is fairly small and any site that relies on OS information is flawed. Secondly, the opposite problem is quite likely, that a website sees “Linux” and decides “I have nothing tailor-made for Linux. What if the display is not pixel perfect?!? Better to just show an error message!”, even though the site would have worked, had the Windows version been delivered. Combined, these two factors imply that the change likely did more harm than good even for functionality…

A specific argument in favor of the change was that it made little sense to spoof the user agent, because this information could still be deduced by other means. However, almost all these other means require JavaScript to be active—and no reasonable user of the Tor Browser should have JavaScript active (cf. above)! For those who, sensibly, have deactivated JavaScript, the user agent is now an entirely unnecessary leak. To boot, there are situations, notably automatic logging of HTTP-requests, that have access to the user agent, but not to other values (or only with undue additional effort). Looking at such a log, an after-the-fact evaluation can show that a Linux (and Tor Browser) user from IP X visited a certain North-Korean site at 23:02 on a certain day, while the JavaScript based evaluation has to take place in real-time or not at all. Possibly, the logs of another North-Korean site shows that a Linux user from the same IP visited that site at 23:05. It need not be the same user, but compared to a (real or spoofed) Windows user in the same constellation, the chance is much, much larger.*

*Among many other scenarios. Consider e.g. a certain page on a site which is visited by a Linux user somewhere between 23:00 and 23:30 everyday—had he been a Windows users, no one might even have noticed a pattern. Or consider a user visiting one page of a site with one IP at 23:02 and another page with another IP at 23:03—now the risk that the user is recognized as the same is that much larger. Such scenarios obviously become the more serious when other information is added from the “regular” twenty questions. (And while they might seem trivial when applied to e.g. me or the typical reader, they can be very far from trivial in more sensitive situations, e.g. that of a North-Korean fighting for democracy or of someone like Assange.)

Excursion on user agent, etc.:
The situation is the more idiotic, seeing that there are* very, very few cases where e.g. the browser or the OS of the user is of legitimate interest to the website. Apart from statistics** and similar, the main use is to deliver different contents, which is just a sign that the web developers are incompetent—with very, very few exceptions, this should never be needed. If in doubt, it is virtually always better to make a specific capability check*** than to check for e.g. specific browser. Writing websites that look good/function in all the major browsers, on all the major platforms, and even simultaneously in “desktop” and “mobile” versions****using the same contents is not that hard—and doing so ensures that the website is highly likely to do quite well in more obscure cases too.

*Today: In the past, this was not always so, with comparatively weak and highly non-standardized browser capabilities. I think back on my experiences with JavaScript and CSS in the late 1990s with horror.

**And what legitimate reasons do websites have to gather statistics on user agents? The answer is almost always “none”. The main reason that is even semi-justifiable is to optimize the website based on (mostly) the browser, and (cf. above) this is almost always a sign of a fundamentally flawed approach—and the solution is to write more generic pages, not to gather statistics. (In contrast, statistics like how many users visit at what hour or from what country can be of very legitimate interest. A partial exception to the above are major technological upheavals like the switch to HTML 5, but these are likely better handled by more central and generic statistics—or, again, specific capability checks.)

***For a trivial example, if a site needs JavaScript to function, it should check for JavaScript with or in combination with the “noscript” tag (not related to the NoScript plugin)—not whether a browser from a short list of known JavaScript capable browsers is used. The latter will give false positives when JavaScript is turned off and false negatives when a rarer-but-JavaScript-capable browser is used.

****If different versions are needed at all (dubious), this should be an explicit choice by the user. I note that I have very often preferred to use the mobile versions of various sites when on a desktop, because these typically are less over-wrought, are “cleaner”, have a lesser reliance on (unnecessary) JavaScript, come with less advertising, …

Unfortunately, a fad/gimmick/sham of the last few years has been adaptive web design. Attempts to apply this virtually entirely unnecessary and detrimental concept is the cause of much of the wish for e.g. knowing the browser, OS, screen size*, device type, … (other reasons relate to e.g. de-anonymization, profiling, and targeted advertising), to the point that some have wanted to detect the charge level of a mobile’s battery in order to adapt the page… The last is horrendous in several aspects, including an enormous patronization, the demonstration of a highly incompetent design (no page should ever, not even when the battery is full, draw so much power that this is a valid concern), great additional risks with profiling, and a general user hostility—if this was a legitimate issue, give the user an explicit choice: He might prefer to run everything at full speed when low on charge, because he knows that he will be home in ten minutes; he might prefer to run everything at minimum speed even with a full battery, because he is gone for the weekend and has forgotten his charger.

*Screen size might seem highly relevant to the uninitiated, but normally is not—a sufficiently generic design can be made for most types of content. With the rare exceptions, leave the choice to the user.

Advertisements

Written by michaeleriksson

September 27, 2018 at 4:08 pm

Posted in Uncategorized

Tagged with , , , ,

Pale Moon as a replacement for Tor Browser (or Firefox)

with one comment

With the continued deterioration of Firefox and the major recent or (for Tor Browser* users) up-coming changes, I have strongly considered moving away from the Tor Browser*. Specifically, I have had my eyes on Pale Moon, a complete fork of an older Firefox version, for a long time, but have held back because it was not available from the Debian repositories**.

*The Tor Browser is a derivative of Firefox, based on the “extended support releases” rather than the latest release. This implies that changes of various kinds are released later or considerably later than for Firefox it self.

**Implying that there would be more hassle to get it running, no way to get automatic security updates through the standard Debian mechanisms, etc.

I read up more in detail some weeks ago*, with the urgency rising, considering going for a switch anyway:

*The below contents are from my open browser tabs. There might have been edits, new posts, whatnot since then.

At first, it seemed to be a sufficiently strong candidate that I could see myself dropping the hardening provided by the Tor Browser in return for having a “better Firefox”. In particular, it promised not to duplicate Firefox’ absurd attitude towards the users (cf. e.g. [1], [2]). For instance, the FAQ claims:

Firefox is created with one-size-fits-all in mind; Pale Moon is created with efficiency and user choice in mind. These two approaches are mutually exclusive, […] Pale Moon also has a different set of goals as to what should be included in the browser and intended audience.

Pale Moon has a number of differences in the user interface and feature set to provide an as intuitive, predictable, logical and usable user interface as possible for the best user experience. […]

Note that Pale Moon will never adopt the Australis (Firefox 29 and later) interface and aims to remain a fully XUL-driven browser with full user interface customizability.

Also please note that Pale Moon has not run rampant with its releases […]

However, the official forums showed that Pale Moon might talk the talk—but it does not walk the walk. (I have particular concerns about the lead developer, “Moonchild”, but make reservations for the risk of misattributation.) Consider the following forum discussions (by no means a complete list):

  1. https://forum.palemoon.org/viewtopic.php?f=46&t=17619:

    The developers more-or-less force the users to give up the very, very valuable NoScript plug-in*, using the motivation that too many web-sites would break when it is turned on and that Pale Moon would be blamed by uninformed users—a truly Firefoxian move!

    *The use of “plug-in” and “add-on” in this text might be inconsistent. (Starting with my never quite having found out whether there is a difference in Firefox terminology and, if so, exactly what that difference is.)

    Since this is implemented through blacklisting of the plug-in, it appears that the only way to get the plug-in to work again is to turn off the blacklist entirely, which means a considerable unnecessary security risk… The flaws of this implementation, be it of the block, per se, or the blacklist, seem to be beyond the developers’ comprehension.

    The repeatedly displayed lack of insight to the criticism raised in the thread led to comments like

    This makes the whole idea of switching from Firefox a farce– it is replacing the arrogance of one party with the arrogance of another.

    You are the one who needs perspective, and people are going to be giving it to you. You will certainly not gain it though.

    (More complaints about this decision can be found in e.g. https://forum.palemoon.org/viewtopic.php?f=46&t=19119. This might at some point include the above, seeing that the moderators want to merge threads.)

  2. https://forum.palemoon.org/viewtopic.php?f=13&t=5647:

    Here a number of rules are given for those who want to suggest new features. While some of them are somewhat sensible, not all are, and the overall impression is not positive:

    Is the suggested feature specific to your workflow? If so, you have to think about how it would affect people who do things differently, and how many people are likely to use the same workflow you do. Evaluate your own browsing behavior before suggesting this kind of feature.

    This is not only very hard to check, but the attitude displayed here goes a long way in the direction of “if the majority does not use it, it should not be a feature”, which is a major problem with modern software—including the Firefox of the last years. (There is much positive to say about avoiding feature bloat, including easier maintenance; however, older Unix software has shown that it is possible to achieve tremendous functionality and flexibility without writing undue features, simply through the correct thinking. In contrast, most modern software falls on its face as soon as the user tries to do something other than the designers explicitly intended—which is often pitifully little and highly limiting.)

    Is the suggested feature culturally neutral? Keep in mind that Pale Moon users come from all walks of life everywhere in the world. Core features should apply to everyone and not be regionally or culturally bound where possible.

    This sounds like the worst type of Politically Correct crap: Either a feature makes sense or it does not. “Cultural neutrality” is not a valid criterion. (Note that e.g. a Bible-study helper or a find-the-way-to-Mecca helper would be, even without this guideline, too specific to make a useful feature, a prime example of something to put in a plug-in, and/or something that could be generalized to something more useful and culture neutral.)

    How “advanced use” is the suggested feature? While I wholly welcome power users and gurus to use Pale Moon, any added feature should still be easy to understand for most anyone.

    Again a fundamentally flawed approach from a software-development perspective: This ties the hands of the development and could cause a number of beneficial features not to be implemented. It would, for instance, have prevented the development of the features needed for plug-ins… To boot, the limit for “too advanced” is usually set far too low, as e.g. with Firefox and images on/off or, indeed, with Pale Moon and NoScript above…

    Are there multiple existing solutions to what the suggestion addresses? You can call this “technical neutrality”. If there are clear choices a user can make from e.g. existing add-ons to get the feature implemented in different ways, with different levels of granularity or catering to different situations, then the feature is likely less suitable for inclusion in the browser core. User choice is an important driver for Pale Moon.

    While I agree with the question, I find the explanation incomprehensible. For one thing, I am not certain that I understand what is meant; for another, the argumentation is contrary to expectations: If there are multiple existing add-ons to solve a problem, then that could very well be a sign that the functionality should be given a blessing as a core feature (or that some core feature should be made available to cover commonalities of the add-ons). The more solutions there are, the more popular the feature is likely to be, and the more duplication is caused by not having it as a core feature… Indeed, the question would be better as “Is there at least one existing solution to what the suggestion addresses?”, seeing that this is where the question gains its legitimacy.

    Does the suggestion improve overall quality of the browser? A suggestion for a core feature should improve overall quality or convenience for the user in the broadest sense of the word and applicable to a majority of the Pale Moon users.

    Again, a question that makes sense followed by an explanation that does not: This again commits the sin of ruling out features based on some version of “majority use” and rules many things out that would fulfill the question.

    Does the suggestion hinder the download and display of any content? Pale Moon should enable and promote the download of web content, not prevent it. This applies to any content, including commercial content that might be considered “superfluous” or “undesired”. As such, the Pale Moon browser core will not be a good place to put any “blocking” features (ad blockers, script blockers, etc.)

    Spurious reasoning: A good browser should serve to display content the way the user likes it. This includes having some ability to block content as a matter of course, including a minimum of e.g. images on/off*, JavaScript on/off, Cookies on/off, animated content on/off, movies on/off, sound on/off, and preferably e.g. a possibility to black-list based on a pattern. Indeed, many of these can be hard or impossible to implement without supporting core features… However, more advanced solutions, e.g. that provided by the NoScript plug-in are preferably to put in an add-on to avoid bloat. (But then the NoScript plugin is not available anymore…)

    *In some examples, there can be a question of whether the actual download or only the display should be prevented. However, one of the main reasons to block some types of contents is to reduce the number and size of downloads—especially for those who use Tor and see correspondingly slower downloads.

  3. https://forum.palemoon.org/viewtopic.php?f=13&t=19187:

    A post titled “The developers’ attitude” starts this thread thus:

    OK, you have to be the biggest asshole developers I’ve seen in a while. With this attitude you don’t deserve any attention or recognition whatsoever.

    The stupidity that stems from this is so immense that after I read it, its force was so strong a wind gushed from my monitor and pushed me back.

    I don’t care if you delete this thread or ban me, the important thing is that a moderator and maybe some users will read it before its deletion and you will get called out for the arrogant asshats you are.

    You need to stop with this attitude or even the few people that use your outdated, laughable FireFox forks will stop using it knowing you’re a bunch of douchebags.

    Unfortunately, there is no reason given for this opinion, but it is certainly not a good sign, especially when combined with the other threads mentioned.

    (The rest of the thread is, predictably, a flame war.)

  4. https://forum.palemoon.org/viewtopic.php?f=3&t=19696:

    Here a user has problems with a missing option to continue with a page display after a warning concerning certificates—a standard feature in modern browsers. The responses are not cooperative and the OP says:

    But in this case it was safe, as seen by the fact the page loaded if I followed a link to get to it. So, why does Pale Moon get to make the decision instead of me? Shouldn’t a manual override always be an option? Shouldn’t I have control over how I use the program?

    (An opinion that I support whole-heartedly: He should be in control, Pale Moon claims to want to put users in control, and not actually doing so is both user-hostile and hypocritical. Software should enable—not disable.)

    Most of the thread consists of a back and forth between users, who believe that they should be in charge, and developers, who believe that they know better…

  5. https://forum.palemoon.org/viewtopic.php?f=17&t=11659:

    Here the developers explain “why we prefer to not allow TOR relayed users to use our services”—using entirely specious reasoning: Because Pale Moon would not in any way be “personally or ideologically sensitive”, anonymity is not needed and the only conceivable use of Tor would be for illicit purposes like “abuse, spam and trolling”.

    This shows a fundamental lack of understanding for how anonymity on the Internet works and the problems relating to e.g. profile building and government surveillance—not to mention the potential extra effort to e.g. run multiple browsers. To boot, if all sites reasoned in this manner, only a fraction of sites would be usable with Tor, and Tor correspondingly be reduced to a tool for criminals/terrorists and vulnerable politicals, instead of the general anonymity tool it is supposed to be.

    Some other thread that I did not keep open also showed a complete misunderstanding of the advantages and disadvantages of Tor.

    For someone considering a switch from Tor Browser (or even Tor it self), this is not a good sign, especially since this type of naivete is likely to also manifest it self in the internal workings of Pale Moon, e.g. concerning what data is volunteered to various sites.

At least at this point of time, I would not touch Pale Moon with a ten-foot pole. For others, it might or might not be better than the original Firefox, but that is not a ringing endorsement… Tor Browser users should certainly stay with Tor Browser, even at the price of losing a few plug-ins. Sadly, the reason for my rejection is that Pale Moon manifestly does have the same user-despising philosophy as Firefox—quite contrary to the official claims.

Written by michaeleriksson

August 14, 2018 at 8:29 am

How to handle Tor

leave a comment »

I am a frequent user of the anonymization tool Tor. Regrettably, some websites are in the bad habit of blocking requests from Tor without a valid reason—and those that do have a valid reason (e.g. related to spam or malicious attacks) rarely handle the situation appropriately.

Bearing in mind that most Tor users are perfectly legitimate, these are the main errors:

  1. Never telling the user that or why the request was blocked.

  2. Blocking only parts of a page, creating the impression that something unrelated to Tor is not working, that something unrelated to the website is not working (e.g. a proxy), or that things are working (while they are not).

  3. Excluding the user from functionality that is unrelated to the problem. For instance, many forums block Tor with the claim that they are afraid of spam. Well, if so, they may have a legitimate reason to block postings—but not reading! Further, if spam is the problem, then this is probably the wrong solution to begin with: Some combination of registration and verification (CAPTCHA, manual reply to an email, e.g.) would be more effective.

As a natural pendant, the following advice:

  1. Do not block Tor (and similar services) unless you absolutely have too—or without bothering to find out what Tor is.

  2. Explicitly tell the users that they were blocked and why. Use a message that takes into account that this is a blanket ban of a user group—not an individual misbehaving user.

  3. Exclude pages in their entirety or not all. (Some special cases may exist, but none occurs to me at the moment.)

  4. Never block users from functionality that does not enhance the effects of the ban (e.g. reading posts, when the purpose of the ban is to prevent writing posts).

Written by michaeleriksson

May 15, 2011 at 8:21 pm

I2P and Internet anonymity

leave a comment »

A few weeks ago, I wrote an entry about Tor and anonymity. Since then I have continued my experiments with a related service, I2Pw.

Conceptually, I2P works differently from Tor: It is not a tool to surf the Internet anonymously (although this is possible through a gateway), but a private and anonymous sub-net within the Internet. Effectively, this is an Internet in miniature with its own search-engines, email systems, blogs, file-sharing and torrent services, and similar. Unfortunately, the amount of content is still far too small for it to be a complete anonymous replacement for the Internet. Then again, the growth appears to be decent and the future may be different. (Certainly, and unsurprisingly, the file-sharing community appears to be flowering.)

Notably, the high degree of anonymity provided can be very valuable for those who live in fear of prison for criticizing their respective governments, wish to communicate anonymously within a smaller group, or similar.

As with Tor, just running a local node can be a great help to the community—and, unlike with Tor, there is no risk of landing in the eyes of the police for having relayed someone elses surfing.

Written by michaeleriksson

May 23, 2010 at 1:26 am

Posted in Uncategorized

Tagged with , , , ,

Internet anonymity, Tor, and the German justice system

with one comment

The last few days, I have been looking into various anonymization solutions for the Internet, in particular Torw, with the adage “better safe than sorry” in mind. Apart from the traditional arguments (that may or may not actually apply/be paranoia in the individual case) about being spied upon by the government, the advertising industry, or similar, I would get some satisfaction from helping in thwarting the current Nineteen Eighty-Four developments. Further, I occasionally engage in some activities that are perfectly ethical, but could, in at least some circumstances, technically be illegal—or be misinterpreted as illegal. (Exactly what those are, I will obviously not mention here. Let us just say that anyone who occasionally jaywalks should think twice about throwing the first stone.) Notably, much of the policing of the Internet (possibly policing in general) is more focused on making the numbers look good or catering to special interest groups than on proper policing (i.e. preventing crimes and finding the guilty with a minimal disturbance to the innocent)—catching a metaphorical jaywalker is often prioritized over attacking actual criminals.

Tor is a collaborative network that re-directs the request for e.g. an HTML page over several network nodes in order to ensure that the end-user cannot be identified without snooping between the requester and the first node (assuming that the end-user is careful, that the nodes are not manipulated, and similar) Obviously, this only works when sufficiently many users provide nodes; in particular, “exit nodes” that interact directly with the servers, and whose IPs are the ones that eventually end up in various external log files. With too few nodes, as is currently the case, Tor is slow—and, naturally, the “fair” user tries to give something back by providing a node of his own.

However, looking at the issues involved with providing a node in Germany, I was appalled: Apparently, there have been a number of instances where the computers providing exit nodes have been confiscated by the police, where accusations of surfing for child pornography or violating copyrights have been raised against the users providing the nodes (based on something a third-party user has done), and other cases of harassment. This despite Tor it self being perfectly legal—and despite there being no way to extract the identity of the original requester from the exit node. (With some reservations for “Vorratsdatenspeicherung”e; which, in my understanding, did not apply to Tor, as it is non-profit, and which has recently been ruled unconstitutional.) See an English language accounte for one of the more harmless examples; most other accounts are, understandably, written in German.

Even a small risk of this kind of harassment is too much for me at this particular time, and I will therefore not be setting up an exit node. (I may still decide to set up a non-exit node, however; and if I someday have a server at an ISP, the situation will be different.) This in particular considering that a police investigation would (potentially) not merely involve the police accessing my private files, nor even just taking my hard-drives, but actually taking the physical computers as a whole—with no telling when and if they will be returned. The more absurd, because just physically removing the hard-drives would be less effort for the authorities themselves in the long run—not to mention how much time and money the owner would save.

For those in Germany who can take the risk—please do. If the authorities find that their behaviour (be it caused by sheer ignorance or by a deliberate scare tactic) is just a waste of time and energy, then there is a hope that they will eventually back down.

Of course, we have to consider the issue of anonymization being abused by various criminals. Could counter-measures against e.g. Tor be justified? In my current understanding: No. Firstly, the value of the legal uses, say to avoid being spied upon, is potentially considerable (notably, Tor is even used by some companies who want to increase the security of their professional communications). Secondly, the tendency for greater government “Big Brotherness” is a great mid- to long-term threat, which necessitates resistance of various forms. Thirdly, criminals benefit comparatively little compared to the average citizen, because they have other means available to them. (Cf. e.g. Tor’s abuse FAQe.) In many ways, attacks against Tor are similar to saying that “A criminal could use or has used your private road to commit a crime; ergo, you, yourself, are a criminal and your road must be closed.” (while the same claim concerning a public road would resemble closing the Internet as a whole).

We should further remember that those types of Internet criminality that actually are under heavy attack from the authorities (mostly child-porn and movie/music piracy) are far lesser problems than propaganda tells us—there simply are no 14 million child-porn sites. (A claim I discuss in my discussion of pedophile hysteria).

Written by michaeleriksson

May 6, 2010 at 10:15 pm

Posted in Uncategorized

Tagged with , , , ,