Tor, Germany, and Data Retention
With the "enforcement" phase of Germany's data retention law coming into effect on January 1 2009, it's time to start considering design modifications for Tor to make us more resistant. There are many different pieces to consider, including
- How should we change path selection so Tor clients are less at risk from German ISPs that decide to log?
- What exactly will German ISPs log, and who is supposed to have access to it?
- What suggestions should we give to German Tor relay operators, and German privacy advocates in general, about how they should fight this law without putting themselves too much at risk?
I propose some technical changes to Tor in this or-dev post:
http://archives.seul.org/or/dev/Oct-2008/msg00001.html
Stay tuned for the policy suggestions -- perhaps we'll cover those at 25C3!
Comments
Please note that the comment area below has been archived.
Not just Germany
I'm certain that you have not missed that this data retention is not only a problem in Germany, but in all of the European Union, already or soon-to-be.
We in Denmark have had data retention laws in effect since September 15th, 2007 (http://en.wikipedia.org/wiki/Telecommunications_data_retention#Data_ret…) . And it is very far-reaching. Luckily, the privacy and anonymity-aspects of this have recently been discussed openly, but I am sure there are many people who still have to fully comprehend the consequences of the direction we are heading.
I am aware that Denmark has very few Tor operators, compared to Germany, but none the less, it is a problem for the network as well, I suspect. No?
German ISPs
These are important questions since often when I log on thru Tor I find myself on a German server.
Not that I know what I'm
Not that I know what I'm talking about but; would it be reasonable to have TOR send out dummy connections with dummy data? That may create speed issues however it can be made as an option people can enable or disable.
is this data retetention
is this data retetention programme will affect the clients outside europe lie asia & middle east countries.
SORM in Russia works since 1995
That work for a long time in Russia (since 1995), and it's called SORM :(
And most peoples just don't care.
http://en.wikipedia.org/wiki/SORM
How do I know if exit nodes
How do I know if exit nodes are faking SSL certificates, espescially on IRC networks?
confirm the ssl fingerprint
You could ask the irc network to confirm the ssl cert fingerprint.
China is watching all the
China is watching all the traffic all the time, that really sucks!
SORM(correctly speaking for
SORM(correctly speaking for Internet it will be SORM-2,SORM-1 is for phones) in Russia. Well, it's (basically) required to get ISP's license which is necessary for their operations, it's not 'total monitoring' system(i.e. it doesn't record ALL data for future use, it allow to monitor specific in real-time)
and hardware involved will cost too much for almost any tor node to install. So this leaves position of Tor in Russia rather..interesting.(Especially if exit node funcionality is enabled).
Sweden will soon start to
Sweden will soon start to log all traffic that goes in and out of the country.
Need tor browser bundle
Need tor browser bundle updates . previous tor browser bundle 14 is saying no authority certificate. please update it
The problem was one of the
The problem was one of the directory authorities expired. It's fixed now. the browser bundle works fine.
thanx anon !
thanx anon !
Too low browsing speed
Firefox is too slow when tor button is activated. Any ideas for improvement?
https://wiki.torproject.org/n
https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#WhySlow
Firefox is too slow
Firefox is too slow when tor button is activated. Any ideas for improvement? Thanks in advance.
The people of JonDo are planning legal action
https://www.jondos.de/en/uieforum?c=showthread&ThreadID=2265
what is german privacy
what is german privacy foundation and why do i keep getting routed to the site when i try to access an onion site