this post was submitted on 23 Jul 2023
444 points (100.0% liked)

Technology

37717 readers
458 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

William Weber, a LowEndTalk member, was raided by Austrian police in 2012 for operating a Tor exit node that was allegedly used to distribute child pornography. While he was not arrested, many of his computers and devices were confiscated. He was later found guilty of supporting the distribution of child pornography through his Tor exit node, though he claims it was unintentional and he was simply supporting free speech and anonymity. He was given a 5 year probation sentence but left Austria shortly after. Though some articles portray him negatively, it is debatable whether he intentionally supported child pornography distribution or simply operated in the legal grey area of Tor exit nodes.

you are viewing a single comment's thread
view the rest of the comments
[–] housepanther@lemmy.goblackcat.com 10 points 1 year ago (3 children)

Child pornography is in no way acceptable and cannot be rationalized as normal. He got what he had coming to him as far as I am concerned.

[–] Chozo@kbin.social 105 points 1 year ago (4 children)

He wasn't searching for it or knowingly distributing it. The way Tor exit nodes work is that you're hosting a machine that lets other people on the Tor network communicate with the internet. You're essentially routing a portion of the entire network's traffic through your machine. You can't really control who is using it or what it transmits at that point.

He got punished because somebody else shared CP, using his equipment to do so. It's like being jailed for having your car stolen and being used to hit a pedestrian.

[–] housepanther@lemmy.goblackcat.com 53 points 1 year ago (2 children)

Ah, okay. I probably should have read closer. I will delete my comment.

[–] Addv4@kbin.social 56 points 1 year ago* (last edited 1 year ago) (1 children)

Please don't, the misunderstanding is common, and it just reinforces the point of the rebuttal. I've seen sooo many anti CP laws trying to be forced through congress, but most of it is just bullshit surveillance or drm stuff but it gets the support from people like you who (understandably) hear about the propagation of CP and support stopping it via those laws.

[–] housepanther@lemmy.goblackcat.com 21 points 1 year ago (2 children)
[–] AWildMimicAppears@kbin.social 10 points 1 year ago

Thank you for being as mature as you are, so many people are not able to learn from their mistakes! be proud of yourself!

[–] DogMuffins@discuss.tchncs.de 8 points 1 year ago

You're a legend mate.

I find it infuriating when people refuse to be wrong at all costs, and just delete their comment when they are found to be indisputably wrong.

It's nice to see someone who can just acknowledge that they misunderstood, as do we all at times.

[–] Lanthanae@lemmy.blahaj.zone 30 points 1 year ago* (last edited 1 year ago) (1 children)

It would be better for you to leave the original comment, use markdown to strike it through*, and create an edit showing that you realized it was wrong.

It shows humility and reflects positively on you, but it also allows the history of this conversation to remain preserved.

~~*not sure if this is possible on Lemmy yet~~

Edit: it is :)

[–] Cube6392@beehaw.org 13 points 1 year ago

It very much is

[–] skulblaka@kbin.social 28 points 1 year ago (2 children)

It's like being jailed for having your car stolen and being used to hit a pedestrian.

Exactly this, except that nobody stole your car. You are providing free and no-questions-asked open access to your car for any member of the public who needs to use it. Many other people also used the car that day for legitimate business or for fun, but then one guy got in it and ran over 32 people in a furious rampage.

Clearly the driver is at fault here, but a case can be made (and apparently, was) that this would not have been possible had you not provided access to the car to the perp in question.

[–] Kleinbonum@feddit.de 30 points 1 year ago (3 children)

Clearly the driver is at fault here, but a case can be made (and apparently, was) that this would not have been possible had you not provided access to the car to the perp in question.

This is the equivalent of holding gun manufacturers culpable if someone buys a gun from them and then uses it to commit murder - right?

[–] interolivary@beehaw.org 10 points 1 year ago (2 children)

Well, if weapons manufacturers were handing the guns out literally for free to anyone who has a pulse, I could definitely see them getting in trouble

[–] esaru@beehaw.org 14 points 1 year ago* (last edited 1 year ago)

Why does it make a difference that gun manufacturers charge for their weapens. They make them accessible for basically every adult. If they didn't sell them to basically everyone, many shootings would not happen, as world wide statistics show. Earning income on what they provide makes them even more responsible, because they profit off from the selling. I don't see why they are not being charged for selling it to people that use it to commit crimes, and someone providing an exit point does get charged because he lets people use it while he has no control at all over who uses his access point.

[–] Derproid@lemm.ee 11 points 1 year ago

I mean, car manufacturers do this. And it's much easier to buy a car than a gun.

[–] skulblaka@kbin.social 7 points 1 year ago

That's a bit more of a stretch, but barely. It's in the same spirit, yes.

Please do note that I'm not necessarily agreeing with the ruling here, only trying to draw a more accurate analogy. The problem with equating those two though - the tor node ruling vs gun manufacturers being liable for deaths - fundamentally comes down to a few facts, that guns are sold with the intention of killing people, that guns are sold by corporations with lots of money and power, and that governments don't want tor in the hands of citizens. Tor node keepers are easy to prosecute in many countries, as individuals hosting software that is frequently used for illegal action. Gun manufacturers are not.

[–] ira@lemmy.ml 2 points 1 year ago* (last edited 1 year ago)

Gun manufacturers have special protection, specific legislation at the federal level singling them out to not be liable.

Protection of Lawful Commerce in Arms Act

[–] beejjorgensen@lemmy.sdf.org 6 points 1 year ago (1 children)

This logic holds the ISP and backbone providers liable as well, does it not?

[–] dabaldeagul@feddit.nl 4 points 1 year ago

Somewhere else in the comments it was said that ISPs have legal protection. The laws were changed afterwards,so that individuals could also be recognized as ISPs so that they'd have protection, for situations like these.

[–] jarfil@beehaw.org 7 points 1 year ago (1 children)

It's like being jailed for having your car stolen and being used to hit a pedestrian.

Kind of... only you parked the car in front of a jail, left the door open, keys in the ignition, and a "FREE TO USE" sign next to it.

Hey, maybe the next guy will just use it to go buy some groceries... maybe.

[–] Cube6392@beehaw.org 10 points 1 year ago (1 children)

I hate this analogy. Its more like you parked it in a very public space and said "free to use" and someone who had been to jail used it. There are all kinds of legitimate reasons to use TOR that aren't child porn, and acting like because it can be used to view child porn makes it truly horrible and hosting hardware to use it makes you part of the problem shows a misunderstanding of what its for.

Let me pose it to you this way. Do you use a VPN? Do you know someone who has used a VPN? Have you watched a YouTube video that was sponsored by a VPN? Do you remember the reasons to use a VPN? Those are all things Tor does well. Better even. And for free. Meanwhile, hosting VPN hardware comes with all the same "people could use it to host child porn" downsides as TOR exit nodes

In my personal life, I use Orbot all the time for things like keeping my Syncthing traffic secure and quickly anonymizing my traffic. I also host a relay because Iranian women and Ukrainian soldiers are currently using the Tor network for life and death circumstances.

[–] jarfil@beehaw.org 3 points 1 year ago (2 children)

Its more like you parked it in a very public space and said "free to use" and someone who had been to jail used it.

Iranian women and Ukrainian soldiers

As much as I sympathize and approve of that... try to take a step back and look at it from the side: you're still saying you do it to help others "break the law", it's just someone else's law that you don't agree with, and hopefully it doesn't break the law where you live (stay safe, although running a relay is not the same as running an exit node... but still). My analogy tried to capture that.

BTW, I do use Tor, and may also host a relay or two, but still no exit nodes.

Orbot all the time for things like keeping my Syncthing traffic secure

I thought Syncthing already used encryption with a dual public key system to do the syncing? Is there an extra reason to add Orbot to it?

[–] AnonStoleMyPants@sopuli.xyz 2 points 1 year ago (1 children)

you’re still saying you do it to help others “break the law”, it’s just someone else’s law that you don’t agree with

I don't quite understand this. How is this different from this case: a substance is prohibited in a country X, but not in yours. You sell the produce in your country, and people from country X come to visit your store and buy the produce. They might take it back home, and hence, break the law. Or they might use it down the street.

How are you to blame for this? Though in OPs case the produce is given away.

[–] jarfil@beehaw.org 1 points 1 year ago (1 children)

It's not different, and many countries have established laws against "drug tourism", "sex tourism", "abortion tourism", or other stuff punishable under their law that people would seek to do in other more permissive countries.

Those laws often include punishments for the enablers, so while Iran may not be able to punish you in your own country, beware of ever visiting Iran, or any other country whose laws you may be helping people to break... or getting doxxed for some "extreme law defending enthusiast" to pay you a visit (see cases like Charlie Hebdo).

[–] AnonStoleMyPants@sopuli.xyz 1 points 1 year ago

Those laws often include punishments for the enablers

I did not know this but I guess it makes sense. But yes many countries do have these kinds of laws. Then sure, it is a good idea to know the laws regarding this of the country you are visiting.

[–] Findmysec@infosec.pub 1 points 4 months ago (1 children)

And you'd rather have Iranian women and Ukranian men not being able to voice their opinions because you don't agree with helping them "break" laws?

[–] jarfil@beehaw.org 1 points 4 months ago (1 children)

Did you create a new account just to misinterprete a year old comment of mine? That's amazing.

[–] Findmysec@infosec.pub 1 points 4 months ago* (last edited 4 months ago) (1 children)

Pray tell me how I misinterpreted it? If running an exit node is going to help marginalized communities bring forth their voice (even the fringe cases that I don't agree with, because I believe technology should be accessible to everyone), why shouldn't one do it? Other than mortal risks like jail time because stupid senators can't be bothered to get their heads out of each others asses.

The reason to use Orbot is to obfuscate the IP

Edit: I'm a different guy from the one you responded to earlier

[–] jarfil@beehaw.org 1 points 4 months ago (1 children)

You keep focusing on exit nodes, and your favorite groups of people... while missing that relay nodes still help, and in either case you don't get to choose whom you're helping.

Laughing off the risk of actually getting killed, is also too naive, in a world with zealots just too happy to travel anywhere you might be.

In any case, I don't feel like risking even jail time for maybe helping some people I might like, while most likely helping people I definitely don't. If you do find that risk acceptable, then go for it.

Orbot, aka Tor, doesn't just obfuscate the source IP, it hides it. What does that bring to the table with Syncthing?

PS: I don't know who you are, other than you created a new account just to have this conversation, which strikes me as a bit odd.

[–] Findmysec@infosec.pub 1 points 4 months ago (1 children)

And I'm running 2 relay nodes. The TOR network desperately needs exit nodes to relieve the bottleneck at the exits, and that's where I want to help.

Of course, it's not for everyone, which is why one could just donate to the TOR foundation (or whatever they are called) and that money goes into infrastructure.

I'm not a native speaker, I assumed obfuscate meant hiding the IP address. I mentioned it because you asked.

I didn't make a new account just for this lol, it's just that I'm passionate about it.

[–] jarfil@beehaw.org 1 points 4 months ago* (last edited 4 months ago)

The Tor network was designed for spies. In particular, for US&friends spies to have a plausible deniability when "phoning home". It is pretty much guaranteed to have exit nodes with a traffic capacity of "whatever spies need × whatever amount is needed to preserve plausible deniability".

That means it doesn't "desperately need" exit nodes, the required amount of exit nodes keeps being financed by the spy agencies involved. Overhead capacity just happens to be a nice thing for everyone, but is not a goal, so non-sponsored exit nodes that provide extra capacity, run all the risks, without any of the protections of some higher-ups waving any denounces away.

If you think you can run an exit node as a non-sponsored/protected individual, go for it... but the chances are not in your favor. Donating to the Tor foundation is much safer, buy I don't think they host exit nodes either, they just develop the software (which is also important).

Relay nodes are mostly safe, since there is no way for you to know any of the traffic, and they don't link your IP to any of it, while they do help with the overall robustness and capacity of the network. Relay nodes also add capacity when accessing hidden sites, without running any of the risks.


"Obfuscating" means to make it hard to find out, while "hiding" means there is no way to find it out, at all.

And you did make a new account, it's visible in the "about" info. The account hasn't had any other interactions either... but whatever.

[–] atocci@kbin.social 1 points 1 year ago (2 children)

This is the first I've heard of it. Why would someone willingly host an exit node when the risks are so high?

[–] conciselyverbose@kbin.social 20 points 1 year ago* (last edited 1 year ago)

Because they believe in what tor represents. It absolutely is used for terrible things, but it is also a pretty critical resource to a lot of people in a lot of dangerous parts of the world where thought crimes get people killed.

But yeah, no way am I running one. The potential costs are way too high.

[–] Cube6392@beehaw.org 5 points 1 year ago (1 children)

Because Iranian women deserve to tell their stories. Because Ukrainian soldiers need the most secure relays for their messaging services possible. Because the Chinese government's great firewall is designed to keep people from seeing reality. Because Facebook, Amazon, Netflix, and Google want to control the future of the web, and that future includes willing participation in incomplete police action that gets minorities and people of color killed. Because control of your personal identity is a matter of grand security when it comes to preventing the most successful kinds of attacks: social engineering. Because all of these things can either be accomplished with a paid VPN owned by a corporation who might ALSO be complicit in all of the problems above, or they can be acheived on donated computing time, and be more effective in their application.

Child porn happens on the internet. I don't see anyone clamoring to shut down the whole thing. So which do you want? To destroy every single tool that can be used to acquire it, or to foster a more fact and policy based government that performs root cause analyses and works to make a better society rather than doling out punishment and asking quearions later

[–] AWildMimicAppears@kbin.social 3 points 1 year ago

You can even add half the USA with their anti abortion laws to your list! Remember people, what you have to hide is not yours to decide.

[–] vlad76@lemmy.sdf.org 15 points 1 year ago (1 children)

The feds in multiple countries have used the tactic of hacking someone's computer, putting charlie papa content on it, and then using that as a reason for arrest. I'm with you that partaking in it is completely unexcusable and sick, however that fact is why it's used by governments to gain more control. "Think of the children."

[–] housepanther@lemmy.goblackcat.com 10 points 1 year ago (1 children)

I have heard of this happening. It is why I have a healthy distrust and dislike of law enforcement. Law enforcement serves the wealthy, powerful, and the interests of the state itself. It is almost like the wealthy have their own paramilitary to do their bidding for them.

[–] sin_free_for_00_days@lemmy.one 15 points 1 year ago (1 children)

In Capitalism, police protect capital.

Police protect both monetary and political capital. They're dogs licking the boots of their masters. Caveat: I am ex-cop. I was fired because I refused to arrest someone for smoking pot peacefully and not bothering anybody. This was in the late 90s.

[–] ChaosSauce@wizanons.dev 3 points 1 year ago* (last edited 1 year ago) (3 children)

Why can't I downvote this?

I just noticed that lemmy doesn't have downvotes lol.

[–] sin_free_for_00_days@lemmy.one 9 points 1 year ago (1 children)

It depends on the instance you signed up with. Mine, and it looks like yours, doesn't have downvotes. It's the host's decision. Annoying at times like this, huh?

[–] lemann@lemmy.one 2 points 1 year ago

Oooh a fellow lemmyone user 😁🙋‍♂️

[–] root@precious.net 6 points 1 year ago

Lemmy has downvotes, but some specific instances (servers) do not allow them.