I often wonder what incentives drive people to run TOR exit nodes; the risk even if remote of getting raided is enough to stop most I'd imagine. Got me thinking on the legal implications and interestingly TOR doesn't recommend running an exit node at home -
~Has anyone ever been sued or prosecuted for running Tor?
No, we aren't aware of anyone being sued or prosecuted in the United States just for running a Tor relay. Further, we believe that running a Tor relay — including an exit relay that allows people to anonymously send and receive traffic — is legal under U.S. law.
~Should I run an exit relay from my home?
No. If law enforcement becomes interested in traffic from your exit relay, it's possible that officers will seize your computer. For that reason, it's best not to run your exit relay in your home or using your home Internet connection.
I’ve read [citation needed] that some people enjoy doing it because they want to give (back) to the community and because they would like to try having to deal with anything from spam complaints (e.g. Automatically) and legetimate complaints and requests. Maybe also because “somebody has to”. :)
For me, my middle relay is sufficient entertainment. It’s like a digital pet that doesn’t need much attention except an update/upgrade about once or twice a month.
I am running a couple of relays. There are no costs if your servers have spare resources available. The tor daemon barely eats anything, and you can always limit how much bandwidth it's allowed to use. Please spend half an hour and set up a relay if you can, it doesn't help as much as running an exit node, but it's still something.
Thanks for doing that! I think a viable long term strategy to increase the health of the Tor network, is to increase the number of relays (not exit nodes) and make it easier for companies/websites to expose their services as native Tor services. That way the amount of bandwidth insides the Tor network would increase, without exposing anyone to increased liability.
I know you get a lot of hassle/blocking if you're a Tor exit node - do you get some of the same problems being a middle relay, just by virtue of appearing in lists of tor nodes?
Which country do you operate in? One issue in some of the Western world is that your IP becomes blacklisted by some websites. There's also the issue that some ISPs cut you off for running a relay (yes, not an exit node).
I've been running a relay for ~9 months, and have been blocked by a few websites, but it's fairly limited (I honestly can't remember the last time I ran into an issue).
I ran few exit nodes several years ago on 3rd world country VPS hoster with bitcoin payments and fake data. They had never care until abuse notice from Korean Government during some crime investigation.
BTW, they didn't even ban my account, just froze the external IP address of the node and ask to rent new VPS instance because they needed to answer to the legal letter.
That drops the reputation of the node (the longer node is staying online, the more it is trusted by network), but it's okay.
Pretty sure the reason is the same as for seeding stuff on filesharing, editing Wikipedia (legitimately) and developing open-source software. Namely, that one likes all of that being available to them and recognizes that it relies on people doing those things.
I think that is one of the reasons why in Germany a registered association named "Zwiebelfreunde e.V." (can be translated to "Onion friends") was founded.
By this it is a legal entity and legal trouble can be handled better than if its against a person but the members of the board still gets trouble with the law. Not long ago they were raided because they were treated as witnesses in a case.
(Yes, in Germany even as a witness you can be raided ...)
Not just in Germany. US providers can also be forced to hand over data to be used in cases against others. It's just usually not done with a raid since providers will turn over data when asked.
Just for context: This is relativly new in Germany. In 2017 there was a change which has as consequences
- witnesses _have to_ appear in person if requested (by police or DA)
- witnesses _have to_ make statements regarding the case at hand
This is quite a nice tool if you lack moral. You might request the suspect to appear as a witness and try to leverage the new requirements to make the suspect reveal damaging information.
Maybe this was the reason that Germany was mentioned before.
>This is quite a nice tool if you lack moral. You might request the suspect to appear as a witness and try to leverage the new requirements to make the suspect reveal damaging information.
Germany doesn't have protections against self-incrimination? Or does this rely on the suspect being too cooperative for his own good?
Running an exit node safely at a vps provider is equivalent to donating 10 USD/month, and you can often choose a region where you want this help to go like asia or the americas.
The risk is only involved if you're running an exit node, which you don't have to.
My server is running a middle node for almost two years (~0.3-0.4% chance you'll go through it) without a slightest inconvenience. I've put a daily cap on the bandwidth so that I can use the server for other purposes without increasing my server bill. As a result, I'm basically donating bandwidth that'd otherwise be wasted.
Back when I was a younger, even more naive idiot, I ran a tor exit node on a server at home and one night had the idea to mirror that switch port and run software on another machine that would display all photos from a data stream.
Its one of the more regrettable decisions I've ever made.
There is no computer advice I'd give anyone that I'd more desperately implore they follow than to never ever fucking look into that abyss.
I ran a Tor exit relay from home for a few years, eventually had to stop because I kept getting blocked from sites due to having my IP address listed on the Tor exit node list.
I have doubts about running a relay on a VPS, or on any other machine that I don't physically control for that matter.
Tor security relies on multiple nodes being hard to seize synchronously. This property goes away if the majority of people run their nodes as virtual machines on infrastructure provided by a few cloud providers.
I feel the same way. The main benefit of a VPS is that they're typically cheap, resource sufficient, and hosted somewhere that isn't your residence. There is an additional benefit, you can spin up a VPS within an hour then deploy a docker image to resume your node. However, a hosting provider may ban tor activity then subsequently disable services for accounts running tor nodes (this is alleviated by the aforementioned quick deployment).
The tor project recommends against using OVH and Hetzner because they have such a large AS presence in the tor network [1]. The tor project also maintains a list of ISPs and they're "friendliness" [2] - some of which are totally anonymous. Every relay operator should familiarise themselves with the ISP page when deploying a relay. Another diversity problem extends to the OSs themselves, Debian has an overwhelming presence [3].
I have run a relay/entry node at home for a while, just to figure out how all of this worked and with symmetrical gigabit I have bandwidth to spare.
The network never promoted my node to an entry but it operated as a relay.
One thing I noticed that my IP must have suddenly been in some lists. I can't prove it but on multiple forums my IP was blacklisted an I had issues accessing some services from telco providers.
Never had these issues before and never again after I stopped running the relay... maybe I'm just paranoid.
Yes, this happens. Some companies blindly block any IP that's part of the Tor network even if they're just relays. Apple Discussions used to do this, I don't know if they still do.
I consider it a good filter for companies I don't want to do business with.
my old company had some bad stuff come out of tor nodes, hired a company to do some analysis, they found i ran a relay at home (employee vpns to work from home from a tor node, is what they said) and thought it was suspicious. so i was called to security and given the grief. sometimes its not worth running a relay from home...
A friend of mine wound up unable to pay their TV bill after spinning up a Tor relay - the connection to the site would just time out.
Said friend worked at said TV company and pulled some strings inside to get it investigated. Turns out, by default, a number of IPS systems deny traffic from relays for no good reason. He was unsuccessful in getting the security people to turn that bogus rule off.
Another interesting project I've learned about recently is Snowflake [0] using WebRTC datachannels to use the browser as a proxy to help with additional entry nodes. Technical details are at [1].
I have no experience using it for any extended period of time so use at your own risk.
The screen shot at the bottom of the post is an i3 window manager with title bar hidden. Did not knew titlebar can be hidden in i3 window manager. Its 2 line configuration https://gist.github.com/lirenlin/9892945.
Apparently new_window is deprecated. Not quite sure why it acts like this, but it's nice to reclaim those extra pixels, especially since Waybar displays the window title anyway.
Why you need balls of steel to operate a Tor exit node
By calumog
I became interested in Tor in the spring of 2007 after reading about the
situation in Burma and felt that I would like to do something, anything, to
help. As a geek and lover of the internet it seemed the best thing I could do
was to run Tor as an exit node to allow those under jurisdictions that censor
the internet free access to the information they need. I had a lot of unused
bandwidth and it seemed like a philanthropic use of it to donate that to Tor.
Tor is a system of anonymizing proxy servers which allows you to visit
resources on the web, not just web sites, without revealing your ip address.
This is extremely useful for those who are compromised in their access to the
internet because it means, rather than attempting to connect directly to the
resource in question, say Wikipedia, which might be filtered by their
government, they connect to a Tor relay which ultimately routes the request
to the resource in question via an exit node. Exit nodes are special kinds of
relays which proffer the request on behalf of the original client revealing
their ip address, not that of the original requestor, to the destination
resource. I sometimes imagine how exciting it must be for soemone in Burma,
say, or China, to load up Tor and browse to a web site they have never been
able to see before. And to know that there is nothing, nothing, that reveals
who it really is who is visiting.
I totally believe in Tor. I think it is a magnificent force for the
circumvention of internet censorship but there is a problem. I was visited
by the police in November 2008 because my ip address had turned up in the
server logs of a site offering, or perhaps trading in (I was not told the
details of the offence) indecent images of children. The date of the offence
was about one month after I started the server so it looks as though the site
in question had been under surveillance for more than a year. It was what is
known as a ‘dawn raid’ and, amazingly enough, my children were still asleep
when it occured. Thank God. I explained to the officers, who we had heard
threatening to break the door down before we let them in, about Tor but they
had never heard of it. My wife says she thinks they were about to arrest me
before that. I was not arrested. I was told not to touch the computer and it
was placed, considerately, in a black plastic bag and taken away for forensic
examination. I was OK at first. I knew that somebody had gone through my
server to access that material and that I was not guilty of any offence but
as the weeks wore on it started to get to me.
I was overwhelmed by horror to be implicated in such a thing. I was
desperately worried about my family. One of the officers had told my wife
that Social Services would be informed as a matter of course and there was a
possibility that my children would be taken into care. The low point came
about two weeks after the visit by the police when I totalled my car. I was
distracted, stressed and unable to accurately assess the road conditions. I
ploughed into a hedgerow at speed, destroying the car which we had just
bought, but, luckily, walked out of it with only bruised ribs. I didn’t
have the money to hire a lawyer so I just sat the thing out. From time to
time the police called with an estimate of when the investigation would be
finished but none of that meant very much because those dates came and passed
with no resolution.
Eventually, four months after the visit, I picked up a voice message from the
police inviting me to call back. When I called I was told that no evidence
had been retrieved and the machine would be returned to me. I think, in
retrospect, I was desperately naive to run a Tor exit server on a home
computer but I didn’t believe that an ip address in a server log would be
enough evidence to warrant seizing equipment. My wife, God bless her, was
absolutely marvellous throughout the whole thing and never doubted me. I
have read with interest about the need to make Tor faster and that that
largely depends on having more nodes but there is no way I can contemplate
offering my ip address as a service to internet anonymity any more. It was
very frightening for me to be implicated in a serious crime. As a parent of
very young children I have an extensive network of friends and contacts in my
neighbourhood who also have children. As we know the subject of paedophilia
is not one that can be debated with any rationality at all in the UK. It is
surrounded by hysteria. I was terrified that people would find out that my
computer had been taken because of that – ‘no smoke without fire’. I don’t
know what can be done about any of this. To my mind running an exit node is
extremely high risk. I think Tor is important but I don’t have any ideas
about how to support it at the moment.
I would have to assume that plenty of home computers, routers, and Android devices are involved in botnets as well. Do unsuspecting people with malware on their device get visited by the police if criminals are using their computer as a relay?
Actually, yes. I don't have the source on me right now (so you can take what I say with a grain of salt), but I recall a story of someone whose router had been caught in a botnet. This person was visited by the police in much the same way, with their router being confiscated and eventually returned to them.
There was a sibling comment about i3wm as well. I thought this was an interesting read, and an important point for anyone who reads the OP and misses the warnings about exit nodes.
I used to run a relay at home until two things happened. 1) my bank blocked my home internet as it was a listed tor relay node even though it wasn’t an exit node. I just told my wife to use the app and disconnect from WiFi so that wasn’t a big issue. 2) getting called to security at my company as they had some abuse from tor nodes and saw I used a “tor node to vpn to work” and it was pretty brutal. Nothing came of it (because I did nothing wrong) but I obviously stopped running a relay. Just a warning.
The probability of that minor inconvenience is very low and i am going to order Pi's. Today i saw the following news and i don't want this to happen to my country(or any other).
Sure, as long as it meets the minimum requirements you can operate a node. If you are running it at home, I strongly recommend you don't run an exit node but that's up to you. If you want an easy setup, a bootstrap script does exist: https://github.com/mricon/tor-relay-bootstrap-rpi
I ran a exit relay outbound over a VPN Tunnel for its internet access, I was mostly just interested in what kind of traffic people are doing. (Its one of the downfalls of Tor, the Exit Nodes are prone to sniffing) and the sheer amount of porn was amazing.
I'd be interested to know statistics on Tor usage. I get that people espouse it's intended legitimate privacy purposes, but I would expect that even the most ardent supporters would acknowledge that it's probably 1% "legitimate" use and 99% illegal or gray-area use (the latter being things like torrents, or porn that's not illegal but embarrassing if people knew about).
I wonder at what point the supporters of Tor would continue to support it. What if it were 0.0001% genuine needs for privacy, and 99.9999% illegal stuff?
Perhaps I'm totally wrong though. Do such statistics exist?
Tor is a project I want to like and support, but can’t. I feel (and I have no evidence) that for every 1 person using it to protect their privacy, 20 are using it for despicable purposes. I would love to be proved wrong on this.
I don’t want to shut it down, but at the same time I don’t feel I can personally or technically support it.
FWIW, I have been doing all of my non-multimedia browsing over Tor for about a decade now. It provides cover traffic for people who actually need the anonymity and I feel like it is a step in the right direction to frustrate state and corporate surveillance.
Some sites break, but I have observed less and less sites breaking compared to a few years ago. Also browsing is fast enough as to not be distracting, it is like being on a mobile internet connection all the time. It is still lousy to come across sites which don't serve even static content to Tor users. I can understand going into a read-only mode, but throwing an HTTP 403?
Out of curiosity, since you log into accounts via Tor, are you still concerned about exit node snooping these days? Do you enable the strict mode in HTTPS Everywhere, or do you trust that site-enforced HTTPS is enough?
Asking for opinions on pictures of one's private parts while avoiding someone connecting that to your identity. I mean asking "is that pimple on my scrotum an STD", not advertising them.
good example but few non technical people would even know about tor, i am sure there are better options that dont necessarily help criminals hide there tracks
If you lived in a country with strict media censorship would you oppose its relaxation just because you felt that bad people would exploit the resulting situation?
I've read somewhere that over the last decades people in Western countries have accepted a gradual diminution of their civil liberties in order to protect society from terrorists. That's how totalitarian regimes have persuaded populations before, in fact Goering explained how it works at his trial.
Privacy should be the default and just because bad people will exploit that is no reason to deprive society at large of it. The police etc will just need to work with that limitation.
loads of pedos and criminals love hiding via that network, and those who run it likely know it, but they defend it as “privacy” and “freedom” yet this stat shows its being used in somewhat free countries.
I imagine the same is true for the use of guns. I’ve operated a middle/guard relay for little over a year now 24/7, and I keep doing it for that one person who genuinely need it.
Gun is a good analogy I think, and I do support personal gun ownership. But I wouldn’t loan people my gun unless I was 100% sure they wouldn’t use it for anything illegal. Even 99.999% doesn’t really cut it for me.
People use the regular internet for "nefarious" purposes. Should we not support the internet? Cars are used to haul human traffic victims, do we ban cars? How about electricity? It powers everything now, the internet, even cars, do we ban that too? People will find ways to do bad shit in every medium and that doesn't mean the medium is bad.
Maybe a weird question here. I have no doubt there's a disturbing amount of kiddie porn going over Tor. I'm sure it's served somewhere, and those who browse it have good reason to want to hide their IPs, since LE likes to seize the servers and track down everyone who viewed it by IP.
But how would Tor be used in human trafficking? I guess the people running it might email each other or something, but why bother doing that over Tor? I would guess the victims are mostly found in-person in low-income areas, probably no internet involved at all, so no point in using Tor. I would also think that if we're talking sex trafficking, the customers are also more of a street corner or in person deal than over the net. Even if the customers are finding it over the net, I haven't heard of anyone seizing whole servers for it and tracing them by IP. Am I missing something here? I just don't see it.
Author here. I thought of it as "is one person escaping an authoritarian regime to communicate freely worth more or less than ten people buying drugs?". A criminal will always find another way to engage in criminal activities, but can a news reporter or activist find another safe way to communicate? I felt as though the benefits to users using tor for legitimate purposes, outweighed the users who used tor maliciously.
Purely speculation but I strongly suspect the subset of malicious tor users engaging in child pornography and human trafficking is extremely, extremely small. The largest group of malicious users is most likely drug and cybercrime related. Is it worth decrying tor as a heaven for pedophiles or human traffickers if they make up a negligible number of users? If so, the same could easily be said about bitcoin or any other decentralised cryptocurrency. The benefits given to journalists, activists, or any individual who wants anonymity for the sake of pricacy is worth more, to me, than maybe helping a negligible number of users. Further, those malicious users would likely find another way to engage in their activities but could the legitimate users?
There are a bunch of similar projects where such people could (and likely already are) move: I2P, Freenet, GNUnet, and probably some others. So closing (or not supporting) Tor just because some bad actors are there is pointless. Every tool can be used for both good and bad things.
If you feel like people use technology for despicable purposes, wouldn't you also think that bad governments would do even worse things if Tor did not exist?
I think we call things rights only if someone potentially wants to take them. If no one ever took or would ever take a specific right from anyone, I don't see what's the point of calling that a right.
for every right, there are situations where someone stands to gain something from denying it. Therefore financial gain, stopping the bad guys are not in themselves sufficient excuse to deny innocent people their rights.
This admittedly causes an asymmetry making the abolition of rights much costlier than their recognition.
but I'd argue that's a good thing, as it reduces ladder pulling where people only recognize rights in the periods where it suits them. And in the long run results in people having more recognized rights.
Real strange that the mob here is downvoting you - you are right, tor is used by criminals. i’d stay away from it as it has nothing to do with being “anonymous” for...”privacy”.
I run most of my in-home apps as Tor hidden services, simply because it's a very easy way to get traffic in past multiple layers of NATs and firewalls, given that I always have a Tor enabled browser available on my remote phones and other devices.
I highly doubt that 95% are using it for despicable purposes, so I have no ethical concerns with running a Tor relay at home, using Tor regularly, and financially supporting the Tor project.
Why? Well, the most obvious "usable for despicable purposes" feature is .onion services. Today, .onion service traffic makes up about 2% of Tor traffic[1] and the largest .onion service by far is Facebook[2] (served at https://facebookcorewwwi.onion/). So even if we assume that all traffic other than to Facebook is for nefarious purposes (which is not correct given that we know there are other very popular and legal services operating as .onion services), you're looking at much less than 2% of all Tor traffic at best being nefarious. I doubt that the same statistic for clearnet traffic is significantly better.
Now, you might argue that most of the clearnet browsing over Tor is nefarious and that focusing on Onion services is a distraction. But that doesn't really match up with reality either. CloudFlare has claimed in the past that 94% of (clearnet) Tor traffic they see is malicious (meaning "DDoS or spam" not "illegal or immoral content")[3] but they provided no justification for this figure, and at the same time Akamai published a study[4] which found that there is no statistically significant difference when it comes to e-commerce behaviour when comparing Tor users and the regular internet. The Tor Project postulated[5] that this claim by CloudFlare was based on them marking exit nodes as being malicious rather than individual connections from exit nodes and CloudFlare hasn't really responded to that in the past 4 years.
My point is that the 95% figure you posited doesn't pass the sniff test. That means that 1.9 million of the daily users of Tor are all using it for nefarious purposes. If you just count a handful of countries with well-known internet censorship (Brazil, Venezuela, Iran, Egypt, and China) you already have passed the 5% mark of daily Tor users.
[1]: If you compare the onion service and total daily Tor traffic (https://metrics.torproject.org/), you find that it's about 4 Gbit/s out of a total 200 Gbit/s -- so around 2% at time of writing.
It's actually not that far of the mark. There's a LOT more cash out there than you probably think, and no one really know where is it and what's it being used for.
As an example, 80% of the bills in circulation in the US are 100$ bills. It's so much cash that "The average person would be having to carry around 35 or 36 of them in their house or in their wallet. This is for every man, woman, and child."
And according to the federal reserve, the demand for large bills comes mostly from border states - Florida, California and Texas.
Most likely, the vast majority are not in circulation but stored somewhere and are outside the US anyway. A stack of $100 bills is probably the best long-term investment for illegal funds that will be used at some point in the future. It's relatively easy to transport, valid until eternity (other than e.g. UK where bills are taken out of circulation every few years or decades) and accepted world wide.
Found this FAQ quite interesting https://2019.www.torproject.org/eff/tor-legal-faq.html.en
Particularly
~Has anyone ever been sued or prosecuted for running Tor? No, we aren't aware of anyone being sued or prosecuted in the United States just for running a Tor relay. Further, we believe that running a Tor relay — including an exit relay that allows people to anonymously send and receive traffic — is legal under U.S. law.
~Should I run an exit relay from my home? No. If law enforcement becomes interested in traffic from your exit relay, it's possible that officers will seize your computer. For that reason, it's best not to run your exit relay in your home or using your home Internet connection.