mailing list archives
Re: Popular Net anonymity service back-doored
From: Richard Stevens <mail () richardstevens de>
Date: Fri, 22 Aug 2003 00:35:13 +0200
-----BEGIN PGP SIGNED MESSAGE-----
first, let me make one thing clear, I think what happened is very bad. They
should have done anything else but secretly bug their system. But your logic
is seriously flawed.
German police have no jurisdiction in the US, for instance, just as the
US police have no jurisdiction in Germany -- apart from whatever
agreement Germany has made with the US regarding post-WWII treaties or
Very unpleasant for sure but also higlhly irrelevant. The people running AN.ON
are German entities operating under German laws being situated in Germany.
They were the ones that received the court order so they had to do something.
If there are international users or not is really highly irrelevant in this
case. Nobody claimed that German police or courts had juristiction in the US.
Still, I do not think anyone would be pleased if it was found that the
NSA backdoored a US product. How much moreso of a problem would this be
if local police backdoored a system such as this anonymity system?
Well, you can be sure, people are not pleased here, either. But do you really
think if american police or better yet the FBI would demand some kind of
tracking for an anonymizer in the US, they'd care about international users?
Maybe the individuals operating the anonymizer would react better but I'd be
surprised if american law enforcement agencies wouldn't use similar measures
if they could by law (not sure about american laws).
This kind of crime sends a message to would be hackers. It says that it
is okay to hack if the end is justified. Hackers, you may not have
jurisdiction in Germany, but if you are hacking pedophiles or Neo-Nazis,
they are law breakers, so your means must be okay. Do people really want
this? Can anyone really be trusted with this? Wouldn't they hit the
wrong people and make all sorts of bad mistakes for which they would not
be held accountable for?
Not really. It's not a crime. You can argue about the correctness of their
decision to secretly implement this backdoor in an *anonymizer* instead of
standing up and tearing the service down. But following a valid court order
is not a crime. Even though I really don't like those laws but spying on
people seems to be hip after the events of Septembre 11th.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
-----END PGP SIGNATURE-----