Kludge
09-01-2011, 08:20 AM
Sorry for old news, but didn't see it posted elsewhere.
"Given the various domain seizures and other efforts by ICE to act as Hollywood's personal police force, it long ago became clear that they're not particularly technically competent. As if to demonstrate how technically illiterate they are, ICE recently seized six computer hard drives from the home of Nolan King (https://www.eff.org/deeplinks/2011/08/why-ip-addresses-alone-dont-identify-criminals) as part of a criminal investigation. ICE's evidence in getting a warrant? Solely an IP address. Yet, as the EFF notes in the link above, if ICE were even mildly technically competent, it would have been able to tell before it seized the machines that King was running a Tor exit node, and thus was not the person connected to the IP (nor could he say who was).
We've seen this before. Earlier this year we wrote about law enforcement in Europe beingequally confused (http://www.techdirt.com/articles/20110530/22003714465/austrian-police-seize-computers-tor-exit-node.shtml) by a Tor exit node.
Of course, some people will claim that this is "the price you pay" for running a Tor exit node. In fact, after the EFF gave ICE agents basic remedial training in how the internet works, it returned King's hard drives, but told him "this could happen again." Sure, it could. But it shouldn't. The fact that law enforcement is clueless over the fact that an IP address is not a unique identifier, and yet seems to rely on it as if it does, shouldn't place more of a burden on users. It should indicate that law enforcement should be required to do more than simply identify an IP address.
An IP address alone is not probable cause that a person has committed a crime. Furthermore, search warrants executed solely on the basis of IP addresses have a significant likelihood of wasting officers' time and resources rather than producing helpful leads.
In the case of Tor, the police can avoid mistakenly pursuing exit relay operators by checking the IP addresses that emerge in their investigations against publicly available lists (https://metrics.torproject.org/data.html#exitlist) of exit relays published on the Tor Project's web site. TheExoneraTor (https://metrics.torproject.org/exonerator.html) is another tool that allows anyone to quickly and easily see whether a Tor exit relay was likely to have been running at a particular IP address during a given date and time. The Tor Project can also help law enforcement agencies set up their own systems to query IP addresses easily. These simple checks will help officers concentrate their investigative resources on tracking down those actually committing crimes and ensure that they don't execute search warrants at innocent people's homes."
Article by Mike Masnick of Techdirt. Original article with comments @
http://www.techdirt.com/articles/20110825/13360915683/ice-screws-up-seizes-tor-exit-node-vows-not-to-learn-its-mistake.shtml
"Given the various domain seizures and other efforts by ICE to act as Hollywood's personal police force, it long ago became clear that they're not particularly technically competent. As if to demonstrate how technically illiterate they are, ICE recently seized six computer hard drives from the home of Nolan King (https://www.eff.org/deeplinks/2011/08/why-ip-addresses-alone-dont-identify-criminals) as part of a criminal investigation. ICE's evidence in getting a warrant? Solely an IP address. Yet, as the EFF notes in the link above, if ICE were even mildly technically competent, it would have been able to tell before it seized the machines that King was running a Tor exit node, and thus was not the person connected to the IP (nor could he say who was).
We've seen this before. Earlier this year we wrote about law enforcement in Europe beingequally confused (http://www.techdirt.com/articles/20110530/22003714465/austrian-police-seize-computers-tor-exit-node.shtml) by a Tor exit node.
Of course, some people will claim that this is "the price you pay" for running a Tor exit node. In fact, after the EFF gave ICE agents basic remedial training in how the internet works, it returned King's hard drives, but told him "this could happen again." Sure, it could. But it shouldn't. The fact that law enforcement is clueless over the fact that an IP address is not a unique identifier, and yet seems to rely on it as if it does, shouldn't place more of a burden on users. It should indicate that law enforcement should be required to do more than simply identify an IP address.
An IP address alone is not probable cause that a person has committed a crime. Furthermore, search warrants executed solely on the basis of IP addresses have a significant likelihood of wasting officers' time and resources rather than producing helpful leads.
In the case of Tor, the police can avoid mistakenly pursuing exit relay operators by checking the IP addresses that emerge in their investigations against publicly available lists (https://metrics.torproject.org/data.html#exitlist) of exit relays published on the Tor Project's web site. TheExoneraTor (https://metrics.torproject.org/exonerator.html) is another tool that allows anyone to quickly and easily see whether a Tor exit relay was likely to have been running at a particular IP address during a given date and time. The Tor Project can also help law enforcement agencies set up their own systems to query IP addresses easily. These simple checks will help officers concentrate their investigative resources on tracking down those actually committing crimes and ensure that they don't execute search warrants at innocent people's homes."
Article by Mike Masnick of Techdirt. Original article with comments @
http://www.techdirt.com/articles/20110825/13360915683/ice-screws-up-seizes-tor-exit-node-vows-not-to-learn-its-mistake.shtml