Police Go on Fishing Expedition, Search the Home of Seattle Privacy Activists Who Maintain Tor Network


It would be very useful to have a single term for various versions of: "If you're not up to no good, why are you using encryption?" "you've nothing to fear if you've nothing to hide" “Suspicion always haunts the guilty mind; the thief doth fear each bush an officer.” It should be a bit more specific than "police-state".
Did they see the warrant? What did it say?
What @2 and @3 said. Looking forward to some follow-up on this one.

Presumably the warrant said they were searching for evidence of child porn.
My guess is that they were there to plant spyware as part of a fusion center operation. Was any of the hardware unattended by the owners at any time? Did the officers plug a USB drive or other device into the system? If so, I would at a minimum reflash the firmware of the computer, router, modem, and any peripherals connected to the system during or since the search, do a low-level reformat of any drives, and reinstall OS, drivers, and apps from clean sources -- from scratch, from non-rewritable optical media. Safest would be to replace the system and absolutely everything connected to it with off-the-shelf hardware from a brick-and-mortar store. The feds have self-reinstalling spyware that can hide in the most unexpected places. I would also do a thorough bug sweep of the premises.

One more guess: the information upon which the warrant was based is the result of parallel construction to mask prior illegal searches and seizures, and the reviewing court will not require the SPD to prove that it is not.

Most importantly, the NSA is confirmed to have actively assisted federal and local law enforcement agencies and Wall Street banks in tracking Occupy activists and suppressing the Occupy movement. I wouldn't be surprised if they do the same for the Sanders campaign, the Greens, Socialist Alternative, and the like. Tor is not just for pedophiles, drug dealers, and terrorists; it's for politically engaged citizens, as well. [Personal anecdote: I get my Internet from Comcast. Back when Comcast was trying to merge with Time Warner Cable, I wanted to file a public comment opposing the merger. In three different browsers on a traceable connection, where Comcast could identify the destination, I kept being redirected to the wrong page over and over again, no matter what tricks I tried. I fired up Tor Browser, where Comcast had no idea what I was connecting to, and was able to file my public comment on the first attempt. A couple of years earlier, I was subjected to Comcast's injection of fake hang-ups into BitTorent transfers. (No, I wasn't pirating movies or music; I was downloading Linux distros, which took up to 24 hours instead of 15 minutes, thanks to Comcast's interference.) Given their established history, I have no trouble believing that Comcast injected redirects into my open-line connection to the FCC.] So, to theophrastus @ 1, I would ask: "Up to no good" according to whom?
If, for example, someone was using peer-to-peer and the Tor network to share child abuse photos - that would pass through their Tor exit, right? Hence the search warrant. An IP address led SPD to their condo as the FBI monitors peer-to-peer networks. I assume that since those "streaming packets" were never saved or rendered; that's why SPD found no evidence.
@7: Warrant to search where for what? I asked SPD earlier ("What did your detectives tell the court they expected to find if authorized to search the Tor exit node in my friends' home?") but the didn't respond.
@7: Tor publishes the addresses of exit nodes. An IP address in this case should have led SPD staff to a dead-end. It's as if they found that a letter was dropped in a street-side postal box, but they still showed up to search the area around the box (worse, because in this case, the search was of private property nearby). Are we to assume that they are incompetent, and didn't bother to look into the IP address before they went and rifled through my friends' home? It looks like harassment to me.
Thanks for the clarifications, Phil.

Sure, but do you have any doubt that they had everything they needed on paper?
@10: I suspect you mean that the corresponding warrant application would have such.

But would it? What I was taught (and I think most of us were taught) is that police tell a judge, "We believe that if we search this place that we are not authorized to search, we will find that is evidence of ," and the judge decides whether or not a search is warranted, authorizing the search or denying the request for such. In practice, I suspect they get something much more like a general warrant, simply convincing a cooperating judge that someone likely committed a crime and searching through that person's private property is likely to turn up unspecified evidence of such. People fought a revolution over this abuse, but we're so deferential to police at this point that most of us don't bat an eye at it.

I'm anxious to see all of the related records.

An Internet IP address is not a person. Network traffic originating at a particular IP address should not be treated as indication that any particular person caused those data to be sent simply based on his or her association with an IP address (as an ISP's subscriber, etc.) I don't yet run a Tor exit node, but I've run an open Wi-fi network for years. It's the neighborly thing to do, and only an incompetent detective would attribute activity originating *somewhere in the electromagnetic spectrum surrounding my home* to me simply because of that origin.
Slog didn't like my angle brackets. With caps this time: "We believe that if we search this place that we are not authorized to search, we will find SOME-ITEM-OR-ITEMS that is evidence of SOME-CRIME-OR-CRIMES."
@12 perhaps they did have "everything they needed on paper" legally. On the other hand, perhaps they didn't. I'd certainly like to find out specifically how they justified probable cause in this case, and it wouldn't surprise me if the search warrant doesn't hold up. I'm also curious what sort of recourse the searchees might have if the warrant wasn't valid.
#7 is right.

Don't get me wrong. This is shitty. And probably intimidation. But I get the impression a lot of folks think TOR is safer and more anonymous than it is.

TOR was hacked by Carnegie Mellon--and thus, law enforcement--years ago. So, if you're running a TOR node and child porn goes through it, it can appear as if it ended up on your PC. I used Tribler for a few days last year and had tens of thousands of torrents come through my IP address before I realized what was going on. I'm pretty sure some of it was child porn. And as for an IP address not being damning evidence in court--call a lawyer and ask about that. People are arrested all the time on evidence based on IP addresses. Most ACTUAL child porn arrests happen based on a search warrant obtained because of IP evidence--just as happened here.

Again--I think it's bullshit. But the idea that there wasn't enough probable cause IN THIS DAY AND AGE--is silly. If your IP address is and the cops can show a judge torrent records showing that a film of two twelve year olds blowing each other was uploaded from that IP address--guess what? A judge is going to sign a warrant. And just in case people aren't aware--all anyone needs to do to get your IP address is download the same thing you're downloading--it's that easy. No paperwork, no warrants, no probable cause, no nothing. It's just the way bittorrent works. No one has to be suspicious of you--you're not the original target--the offensive material being downloaded is. It's like they find child porn---or plant it, or, recently, just use servers that they seized from child pornographers--and they stake it out. Someone come along, starts downloading, and bingo--the cops have your IP address.

I'm not saying that's what happened here, but it is NOT an unreasonable assumption AT ALL.
Blaming the exit node operator for traffic exiting the Tor network at that exit point makes no more sense than blaming ISPs for encrypted traffic they pass, blaming Internet backbone providers for the same, or blaming the US Postal Service for delivering contraband that was locked undetectably in a shipping carton.

Well Phil, et. al.--unfortunately, law enforcement--and the TOR developers--don't see it the way you do. From the TOR site:

"Should I run an exit relay from my home?
No. If law enforcement becomes interested in traffic from your exit relay, it's possible that officers will seize your computer. For that reason, it's best not to run your exit relay in your home or using your home Internet connection."

I'm kind of surprised that *they* were surprised that it could happen. Like I said, I only ran Tribler for a few days--and not even as a full TOR node--and I was freaked out when I realized what could happen. And I'm not some paranoid super-user--just a guy who pays attention to tech news.


You don't understand how warrants work in practice. LE can get any warrant they want. A good attorney may be able to get a bad warrant thrown out after the fact, but that only applies if there are charges. If the goal is harassment, there is little you can do. (You can sue for harrassment.)

Warrant applications are like grand juries, the go the prosecutor's way nearly all the time.
TOR capabilities are often used by people like myself,who travel globally. In countries where there are internet filters the reasons can be as simple as a video chat with people at home, which is much less expensive than using the cell carrier. It can also be used to stream movies from your own home network. The point is there are many uses for utililizing TOR services, just like there are many reasons to encrypt your storage media. Frankly the underlying reasons are the same, privacy and security.
Read this follow-up article from International Business Times, who referenced this post. Most astonishing:

Since Tor has now been around since 2002 and had its first stable release in 2015, law enforcement agencies must be slowly catching on that IP addresses don't always lead you to culprits, the going is slow and it is still happening.
I'm suprised they even needed a warrant. Remember, the Patriot Act is Still in effect. Any person or persons can be searched, held without bond or notice indefinitely IF Suspicion of Terrorist°☆ Activity is occurring .