Imagine sitting your home one day enjoying a movie with the spouse when suddenly the police burst through the door. They confiscate your computers and charge you with possession and/or transmission of unlawful photographs. You might legitimately have no idea what they’re talking about, but a Tor server you’ve been running in the back room out of the kindness of your own heart has been linked to the transmission of illegal materials.
This is the reality for one Austrian IT professional who has been charged as the result of one of seven Tor exit nodes he operated out of his home. One of the Tor users had apparently been using the network to mask their illegal habits, and the police were able to trace the activity to one of the nodes operating out of the man’s home.
You might be thinking that this is just a case where the law hasn’t caught up to technology, and it’s obvious he had no idea what was being transmitted through his servers.
The Tor Project (otherwise called The Onion Router) is a freely available project where users exchange a little of their bandwidth in order to gain a significant amount of privacy online. In theory, you should be able to browse, converse, and download information without being easily tracked or traced. Your information (encrypted) goes back and forth through a network of other Tor users and servers hosted all across the globe. For all the site owner would know, you’re accessing a page from Tokyo instead of Tacoma.
The origins of the Tor Project stem from designs created by the US Naval Research Laboratory in order to safeguard the identities and information of operatives in unfriendly territory. It has been utilized by law enforcement and whistleblowers in order to protect assets. In general, the Tor network is about as anonymous as you can get.
Unfortunately, this means hosts in the Tor network are willingly allowing users to utilize their bandwidth for whatever it is they’re doing online. This could include whistleblower information or illegal data. The person running the Tor host has no clue what’s really flowing through their servers. It’s all encrypted at that point and might as well be a bundle of useless bits and bytes of information.
What Else Can You Do?
There really isn’t a lot you can do to safeguard your identity or activity online these days. In many countries, ISPs are required to store detailed logs for up to five years. You could opt to use public networks and systems such as the ones available at a local library though there are other more immediate security concerns these types of solutions present.
Bottom line, there’s risk inherent in doing anything that has the potential of connecting you to activities that are out of your control. Running a Tor node out of your home is a great way to contribute to the ideal of providing a safe platform for political dissidents and whistleblowers, but its open nature comes with the drawback of also being an appealing stomping ground for the seedier members of society.
I’ll open this question to you, the reader. How would you safeguard your identity online? Do you use or contribute to the Tor Project? What measures do you take to protect yourself?
Image: Tom Raftery