Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy

Seattle Police Raid Tor-Using Privacy Activists (thestranger.com) 306

Frosty Piss writes: Seattle police raided the home of two outspoken privacy activists early on March 30th. Jan Bultmann and David Robinson, a married couple and co-founders of the Seattle Privacy Coalition, were awakened at 6:15 a.m. by a team of six detectives from the Seattle Police Department who had a search warrant to examine their equipment. They claimed to be looking for child pornography, however Bultmann and Robinson believe the raid is because they run a Tor exit node out of their home. They said they operated the node as a service to dissidents in repressive countries, knowing full well that criminals might use it as well, much like any other communication tool. The Seattle Police Department acknowledged that no child porn was found, no assets were seized, and no arrests were made. Seattle's blog The Stranger notes that the FBI has conducted many other Tor raids across the country, and Friday quoted a tweet from the co-founder of Seattle's Center for Open Policing addressing the police. "You knew about the Tor node, but didn't mention it in warrant application. Y'all pulled a fast one on the judge... you knew the uploader could have been literally anyone in the world."
This discussion has been archived. No new comments can be posted.

Seattle Police Raid Tor-Using Privacy Activists

Comments Filter:
  • Standard tactics (Score:5, Insightful)

    by Calydor ( 739835 ) on Sunday April 10, 2016 @05:55PM (#51881201)

    This is pretty much standard operating procedure. They can't outlaw anonymizing services, but they can make running them so much hassle that very, VERY few people want to get involved.

    • by Sax Russell 5449D29A ( 4449961 ) <sax.russell@protonmail.com> on Sunday April 10, 2016 @06:34PM (#51881387)

      That's why organizations such as EFF need to be actively involved in promoting the technology and we need to be actively supporting them. They have also lobbying power to some degree, which is of course helpful for the cause.

    • by Etherwalk ( 681268 ) on Sunday April 10, 2016 @07:57PM (#51881627)

      This is pretty much standard operating procedure. They can't outlaw anonymizing services, but they can make running them so much hassle that very, VERY few people want to get involved.

      Things that backfire include pissing off judges. If they knew about the Tor exit node then they almost certainly lacked probable cause. Probable cause requires considering all of the facts, not *just* the ones favoring guilt. If, in fact, they knew about the exit node but failed to include it in the warrant application, they are going to have (1) pissed off a judge who finds out about it, and (2) they have probably opened up their department to a lawsuit for violating the constitutional rights of the people whose home they invaded. While they obtained a warrant, they did it by withholding information they knew to be relevant to the PC determination.

      If they did not know, of course, that analysis changes.

      • Re: (Score:2, Informative)

        by sumdumass ( 711423 )

        How? I mean it doesn't matter if you run TOR or your neighbors use your WiFi, it is not a get out of jail free card so you can run something sleazy. Suppose they were the source of the kiddie porn ? Does the fact they run TOR mean that the cops cannot investigate?

        No, this was handled properly. Suspected illegal activity was investigated and they were quickly found to not be part of it with minimal inconvenience. I'm not sure why this is even a story. Guess what, if you are around a store that gets robbed or

        • by Anonymous Coward

          It's not about search by warrant that is the issue. It's the reasoning behind it and leaving out key information for the judge in deciding the warrant.

          Imagine a warrant for a place that drugs passed through. Fine... Until you find out that it was true 6 years ago. Changes the thought process for the judge.

          • Re: (Score:2, Insightful)

            by sumdumass ( 711423 )

            What would be fundamentally different if the judge knew about the TOR node? I simply don't see it. You go to a judge and say we have evidence that this illegal post came from this ip address and tracked it to this physical address. We need to search for evidence of the illegal posting. So what does knowing of the TOR node change about that other than there is a valid reason evidence may not exist at the physical address? The fundamentals are still the same. The only difference is that they don't take the s

            • by Etherwalk ( 681268 ) on Sunday April 10, 2016 @09:07PM (#51881849)

              Evidence tending to show a lack of probable cause must be included in making a determination of whether PC exists. It's a "totality of the circumstances" test. The TOR exit node tends to show a lack of PC--it is much less likely that there will be evidence there of any kind.

              • Re: (Score:2, Insightful)

                by sumdumass ( 711423 )

                There is no evidence of a lack of probable cause though. The problem is that there was still an illegal post made from that ip address which was assigned to a physical address and specific people. You still have probable cause to look for evidence that it was made from a computer at the physical address or through the TOR node. Nothing about the node changes that other than possibly clearing the person when the evidence doesn't exist.

                • No evidence (Score:5, Interesting)

                  by Etherwalk ( 681268 ) on Sunday April 10, 2016 @11:20PM (#51882301)

                  There is no evidence of a lack of probable cause though. The problem is that there was still an illegal post made from that ip address which was assigned to a physical address and specific people. You still have probable cause to look for evidence that it was made from a computer at the physical address or through the TOR node. Nothing about the node changes that other than possibly clearing the person when the evidence doesn't exist.

                  The Node highly changes the likelihood that there is evidence of the crime there. Tor exit nodes are designed not to know anything about the sender. This was about posts made from that node. While it is hypothetically possible for a research institution or government agency to modify an exit node, add sniffers, etc..., there is no reason to expect a civilian running an exit node to be doing that. While it is also possible for someone who owns a machine at that address to be the guilty party, the fact that an exit node is present makes it much, much, much less likely. It has a direct impact on the totality-of-the-circumstances analysis someone should use in determining whether PC exists.

                • Re: Standard tactics (Score:4, Informative)

                  by lgw ( 121541 ) on Monday April 11, 2016 @03:25AM (#51882811) Journal

                  There is no evidence of a lack of probable cause though.

                  Do you understand the difference between "probable" and "might possibly be"? It seems like you don't, but "probable" means "more than 50%". If you know it's a TOR exit node, what are the odds? Ultimately, it's the judge's call, but being a TOR exit node dramatically changes those odds.

                  • If the ip address in question was used exclusively as a TOR exit node you would have a point. However it was not so your point is basically saying the cops couldn't follow the evidence in front of them because it might lead to a dead end. Sounds silly if you ask me.

                    • by lgw ( 121541 )

                      Are you seriously proposing that someone operating a TOR exit node would then go on to do something sketchy without using TOR?

                • by AmiMoJo ( 196126 ) on Monday April 11, 2016 @06:29AM (#51883169) Homepage Journal

                  We need to stop thinking that an IP address is a useful identifier in the real world. Actions like this create a chilling effect on people running open Wifi and TOR nodes.

        • by arth1 ( 260657 ) on Sunday April 10, 2016 @09:24PM (#51881897) Homepage Journal

          No, this was handled properly. Suspected illegal activity was investigated and they were quickly found to not be part of it with minimal inconvenience. I'm not sure why this is even a story

          Because to obtain a warrant, you need probable cause, not possible cause.
          This difference is quite important to many of us who want to feel protected from our country turning into a police state.

          • by KGIII ( 973947 )

            Again, that's probability concerning there being evidence. Do not confuse a search warrant with an arrest warrant. Is there probable cause to believe that they'll be able to collect evidence that helps them determine guilt or innocence, find the guilty party, etc... An arrest warrant and a search warrant are entirely separate things. Was there a probability that they'd discover evidence there? The answer is yes. In fact, they did discover evidence. They discovered it was someone using TOR. I know it sounds

        • by Nethead ( 1563 ) <joe@nethead.com> on Sunday April 10, 2016 @09:41PM (#51881967) Homepage Journal

          Exactly, how would they know there was a TOR exit node there? From a local radio report I heard one of the cops was a geek that knew what TOR was. That's why it was handled quickly. All the cops had was an IP and got the address from WaveG in a legal manor. The next thing was to get a warrant and go talk to the guy, that's what they did. The brought along a geek cop too to translate, so to speak. They had the warrant because it could have been a pedo. They brought the geek cop because it could have been an open WiFi and he could help them secure it, and then setup up a honeypot WiFi to catch the pedo which would have been near. Come to find out it's an exit node. Sorry to wake you, I hope you understand. The cops don't like TOR because it causes false hits like this and costs time and money.

          Given the case, this went down just like it should. Sure it was early, but cops do that so they can talk to you before you get your coffee and your mind about you. That's standard.

          They knocked, waited for him to come to the door. No pets were shot.

          Given the description in the warrant there's some sick fuckers out there twiddlin' kids. Yes we want the cops to try to find them. Read the warrant (if you have the stomach) and see how much time has been put into the investigation. Of course they were unhappy that an exit node caused a dead end. But they did NOT take the computer or anything. They were professional about it.

          • >Sure it was early, but cops do that so they can talk to you before you get your coffee and your mind about you. That's standard.

            It's still a dick move of the highest order.

            • This is why it's important to remember that if LEOs are executing a search warrant, they are not your friends. They will be professional, even polite, but they will use every interrogation tactic available (eg coming before dawn, attempting to split up to search other parts of the house, etc). You will have to decide for yourself whether or not to answer questions in a situation like this without legal representation. The warrant is escalatory; this is an order of magnitude higher than a couple of detective
          • No pets were shot.

            Probably because the guy didn't have any...

            • No pets were shot.

              Probably because the guy didn't have any...

              Or because the police execute hundreds of search warrants every day but if you only ever get your opinions from the media you would think that fatal incidents are involved every damn time.

          • The police department itself answered some of your questions before you posted them here. From one of the links in the summary (emphasis mine):

            [Seattle Police Department] spokesperson Sean Whitcomb said the department understands how Tor works and that before executing the search, officers knew that Bultmann and Robinson operated the Tor node out of their apartment.

            As you said, they had done a thorough investigation in advance, which turned up the fact that the couple was running a TOR exit node. So, the question "how would they know there was a TOR exit node there?" is rather moot, given that the police did know the exit node was there (aside: TOR exit nodes are public info, easily searched online [torproject.org]). As for the justification th

        • by Etherwalk ( 681268 ) on Sunday April 10, 2016 @11:27PM (#51882323)

          No, this was handled properly. Suspected illegal activity was investigated and they were quickly found to not be part of it with minimal inconvenience. I'm not sure why this is even a story. Guess what, if you are around a store that gets robbed or some other crimes the cops will investigate also.

          Also, "Minimal Inconvenience" compared to what? The guy had six cops show up at his home at 6:15, barge in, intimidate him, watch as he got dressed, etc...

          Yes, it's a minimal inconvenience compared to them arresting him or sending him to federal prison. And it's GREAT that somebody on-scene had the good sense to say they don't even have to seize any assets. But it's still a MASSIVE intrusion into his life, one that the Constitution exists to protect him from.

          Most cops are trying to go a good job, so when an officer and a judge sign off on this kind of intrusion without better cause, it makes them all look bad, because it means they wind up hurting the community, hurting the trust between the community and the police, and wasting resources that could be spent going after actual criminals.

          • They don't need better cause just probable cause. They had plenty of probable cause as the totality of the evidence to that point correctly shows the post in question came from that address. They followed the trail from the message board to the provider to the people who provisioned it. The presence of tor changes nothing until after they check the person who provisioned the ip.

        • Comment removed based on user account deletion
          • That is a valid concern but I fail to see how it is reason to not investigate illegal activity within your country.

            Could you imagine if someone hacked your computer, stole your financial information then drained your bank account and charged up all your credit cards and the cops say we tracked it back to this person but aren't going to check because they run a tor exist node and it might cause strife for dissidents in other countries?

            Those other countries could run the exit nodes themselves and cause more

      • This is pretty much standard operating procedure. They can't outlaw anonymizing services, but they can make running them so much hassle that very, VERY few people want to get involved.

        Things that backfire include pissing off judges. If they knew about the Tor exit node then they almost certainly lacked probable cause.

        And what was the probable cause for the kiddie porn?

        • And what was the probable cause for the kiddie porn?

          From the warrant, some pretty disgusting stuff posted on 4chan. Which is totally a legit basis for a warrant, standing on its own.

          The only question is whether the cops knew about the TOR exit node and decided that raiding the house still made sense (which would be a very strange judgment call), or failed to disclose it to the judge (which would be really stupid and could open them up to a lawsuit).

      • This is assuming of course that the judge would be favorable to the (wrongly) accused. Which is rather unlikely, once the words "child pornography" are trotted out, especially if it is a female judge. I know a case here in Luxembourg where a guy got convicted for running dpkg --purge somepackage because the forensic "expert" convinced the (female) judge that this is a command used to hide child porn. Fortunately, his sentence got considerably reduced on appeal.
      • (1) pissed off a judge who finds out about it,
        I don't know about the state level courts in Washington, but close to half of Federal judges are former prosecutors.

        I'm not sure how "pissed off" these judges would be if their origin is anything like Federal court. More likely, as former prosecutors, they are sympathetic to the police and are willing to accept whatever reasoning the police have for probable cause.

        Plus the warrant was handled with kid gloves by police standards -- no flashbangs, nothing taken a

    • by qbast ( 1265706 )
      If they actually wanted to hassle the TOR operators, they would seize equipment for multi-month 'analysis' every time.
  • More Information (Score:5, Informative)

    by Frosty Piss ( 770223 ) * on Sunday April 10, 2016 @05:59PM (#51881225)

    More about it here... [seattleprivacy.org]

  • by Frosty Piss ( 770223 ) * on Sunday April 10, 2016 @06:10PM (#51881285)

    This is not the first time the Seattle Police have made forays into spying on the citizenry [thestranger.com].

  • I'm rather shocked and surprised equipment wasn't seized. Isn't that pretty much standard operating procedure when it comes to computer crime? Seize the equipment and examine it elsewhere. Something isn't right here. Are police sophisticated enough to do in-home examination of computer equipment to see if it contains 'contraband' data?

    Something doesn't add up here, if you asked me. There is no way a 'higher up' would trust goons in the field to make an exhaustive search of the equipment for 'contraband

    • I'm rather shocked and surprised equipment wasn't seized. Isn't that pretty much standard operating procedure when it comes to computer crime? Seize the equipment and examine it elsewhere. Something isn't right here. Are police sophisticated enough to do in-home examination of computer equipment to see if it contains 'contraband' data? Something doesn't add up here, if you asked me.

      Exactly. This is why the privacy guys shit-canned the servers and brought in new equipment.

    • An external hard drive and a boot USB and you can copy everything for examination later. That's a rather powerful exemption from copyright laws, letting the police make trillions of dollars (RIAA accounting) in copies, with no oversight at all. I would think those copies would count as expropriation of assets if they keep them.
  • by JThundley ( 631154 ) on Sunday April 10, 2016 @06:29PM (#51881371)

    I hate to be the one defending the cops, but it really sounds like they did things the right way here. They raided a little early, but not in the middle of the night. They knocked on the door instead of ramming it down, they didn't throw flashbangs, they didn't shoot any dogs or anything else for that matter. The cops didn't steal a bunch of unrelated stuff and there were no bullshit charges leveled against the couple.

    The real test will be seeing what they do next. If they learned from this raid and generally leave them alone, I have no complaints. If they do this every other week when someone else uses their Tor node for child porn, then and only then is it harassment.

    • by phantomfive ( 622387 ) on Sunday April 10, 2016 @08:06PM (#51881657) Journal

      I hate to be the one defending the cops, but it really sounds like they did things the right way here. They raided a little early, but not in the middle of the night. They knocked on the door instead of ramming it down, they didn't throw flashbangs, they didn't shoot any dogs or anything else for that matter. The cops didn't steal a bunch of unrelated stuff and there were no bullshit charges leveled against the couple.

      That's a really low standard for "did the right thing."

  • by wirefarm ( 18470 ) <jim@@@mmdc...net> on Sunday April 10, 2016 @06:36PM (#51881403) Homepage

    I read the warrant affidavit (https://www.seattleprivacy.org/wp-content/uploads/2016/04/154-AFFIDAVITCONDOINTERENTWAVEG401PARKPLACECEN.pdf) and they were not just "searching for child porn" but searching for the uploader of a specific file to a specific post on 4chan.
    This specificity makes me think that they sincerely thought they could find the uploader of the child porn clip in question, but didn't understand how TOR works, or how exit nodes work, at least.

    If you run an exit node, there's the chance that some pedo is going to use it and their actions are going to be stamped with your IP address.

    Given the level of technical knowledge required to understand the technologies involved, I can't even chalk this up to incompetence on the part of the law enforcement officers.

    • by Nethead ( 1563 )

      A local report I heard on the radio (KIRO or KPLU, can't find it now) says that one of the cops was enough of a geek to know what TOR was and that is why the issue was cleared up so quickly. I mean how were they going to find out it was an exit node anyway? They got an IP and an location, got a warrant and then went to talk to the guy. Should they have tapped his connection first to find out it was an exit node? How would you tell just from the exit traffic anyway? I suspect they weren't thinking TOR b

      • by bigfinger76 ( 2923613 ) on Sunday April 10, 2016 @09:17PM (#51881877)
        Ohh, so that's why cops don't like TOR. Gotcha!
        • by Nethead ( 1563 )

          Yep. Cases they are working go cold. Now in a less free society the things cops may be looking for are what we call human rights, why TOR was invented. But the downside is that when cops are working valid cases trying to protect kids human rights of not getting fiddled with, it hampers the investigation. The cops spent a lot of time on the case and because it turned out to be TOR, they are unhappy. But in the US and the rest of the free world, that is the price we pay for trying to protect those that d

          • I'm sooo grateful to live in a free society, where the authorities are only interested in protecting us. All of us, equally.
          • by AmiMoJo ( 196126 )

            Were they actually trying to protect a child being abused here? The link above to affidavit is broken, and it's an important distinction because if they were trying to save a child being actively abused by the poster that carries a lot more weight than trying to hunt down a troll re-posting illegal stuff they downloaded elsewhere to 4chan for the lulz.

  • Is the problem with Tor that the exit node can be used to interact with any web site and that is the problem, the "any" part? Because there could be a Tor like network that only allowed for connection to a very large list of white-listed sites. Given the nodes are all over the world no single government could control the white-list contents therefore genuine users can be provided with a secure channel for legitimate activities without compromising their privacy while drastically limiting the amount of abuse
  • by frovingslosh ( 582462 ) on Sunday April 10, 2016 @06:42PM (#51881417)
    God damn privacy advocates. They are probably a bunch of paranoids who think the government is after them too. This should teach them a lesson.
  • Omission is lying (Score:4, Interesting)

    by BrookHarty ( 9119 ) on Sunday April 10, 2016 @07:21PM (#51881525) Journal

    They knew it was a tor node and knew the warrant was used for harassment only.

    Seems like an easy 4th amendment lawsuit. Pre-filled form warrant, Knew it was a tor node, Expert lied to filled out the warrant.

    But I guess society lets them do it, over and over and over.

    • They knew it was a tor node and knew the warrant was used for harassment only.

      Seems like an easy 4th amendment lawsuit. Pre-filled form warrant, Knew it was a tor node, Expert lied to filled out the warrant.

      But I guess society lets them do it, over and over and over.

      We knew about Hitler, so why didn't we kill him at birth?

      There's this thing called a "timeline" that needs to be put together with all the "evidence". TFA does not state that they knew about the TOR node before executing the search, that's just one random tweet by one person not involved in the process in any way. TFA also has some other wonderfully biased tidbits like quotes about a bunch of people being served a legitimate warrant signed by a judge somehow having their 4th rights violate. Cry me a fucking

    • Comment removed based on user account deletion
  • This sounds similar to the search of Free Talk Live [freekeene.com] in Keene, NH about 2 weeks ago. Early on a Sunday morning, the FBI served a warrant , under which FBI agents walked off with anything with a USB or SATA interface. [vice.com]

  • by BrendaEM ( 871664 ) on Sunday April 10, 2016 @08:33PM (#51881717) Homepage

    That will teach you believing in the U.S. Constitution or the Bill of Rights, or anything our founding fathers fought and died for.

  • So say I leave my wifi public and open to the entire neighborhood. Why would I be surprised if the police gave me a visit to investigate something that was downloaded to my house?
    • If you have relatives of few resources, children and brother-in-laws for example, chances are pretty good your wifi has already been turned into a public one.

      If they need something incriminating to justify kicking the door in, prior to administering some department-approved strikes, I suspect they have it.

      • But those are people who have a certain level of trust in one another. This is not just inviting public use, but any kind of hiding. Some of it will be bad.
  • And what malware or monitoring software did they plant on the computer while they were "searching for child porn"? Hmmmm?

  • Supposing the police were to plant evidence;
    What could you even do to prove in court that the police planted evidence on your computer after it left your custody and entered theirs?

    Full encryption and locking them out might work until you're forced to disclose passwords by a judge, granting them access.
    Perhaps running your own "snapshot" system via backups similar to a git repository?
    Maybe some sort of hardware/software checksum?

    It just seems like a really simple and easy way for pretty much anyone (not jus

  • Oh wait. The Democratic Party has run Seattle since 1969. Forget this post.

    https://en.wikipedia.org/wiki/... [wikipedia.org]

  • I don't trust the police. But I don't trust anyone else either.

    If Bultmann or Robinson have any suspected history in terms of dealing with child porn, it seems quite possible that the police are targeting them based on the totality of evidence and not exclusively the idea of "TOR".

Avoid strange women and temporary variables.

Working...