[Manuel_D]

The final recipient is going to be able to decrypt the content, right? Regardless of "hidden service connection" or "exit nodes". Charlie is the final recipient and will be able to decrypt the content and know that it's illegal content.

Is there some mechanism that prevents Charlie from knowing who sent the content to him? Fundamentally, you can't stop the government from sniffing at the endpoint. Because they're not really "sniffing" they're just requesting content like any normal Tor user.

[Hizonner]

> Is there some mechanism that prevents Charlie from knowing who sent the content to him?

That is, in fact, the whole point of Tor. In the hidden service case, neither end can identify the other.

[Manuel_D]

Sorry, in case I wasn't clear, I'm not talking about identifying the site hosting the content. I'm talking about the second-to-last hop in the traffic. My understanding is that Tor obfuscates traffic by sending through several hops, each one decrypting a layer of traffic (hence the "onion" network). So we have:

Host -> Node 1 -> Node 2 -> .... -> Bob -> Charlie.

Charlie doesn't know where the Host is. But Charlie does know that Bob sent him illegal content. Or is that final link, from Bob to Charlie, also obfuscated somehow? If so, how did OP get raided by police if he's supposed to be hidden?

[Hizonner]

OK, so there are basically three cases:

1. Charlie is running a client and downloads something. In which case Bob is an entrance node, not an exit node, but it's essentially the same thing. Charlie does know that the next hop is Bob. Depending on whether the ultimate destination is a hidden service or on the clearnet, Charlie may or may not know who's running that service.

2. Charlie is running a hidden service, and somebody uploads something. Charlie knows that it came via Bob, but doesn't know where it came from.

3. Charlie is running a regular clearnet Web server, and somebody uploads something to Charlie via Bob's exit node. Again Charlie sees that the traffic comes from Bob.

In the first two cases, Charlie has to be actually running the Tor software, and knowingly using Tor. So Charlie also knows that (a) Bob is just a relay, (b) Bob doesn't actually host the content, (c) Bob doesn't handle more than a packet or two of the content at a time, and deletes those as soon as they've been relayed, (d) Bob doesn't know, and can't find out, what the content actually is, (e) Bob doesn't know, and can't find out, where the content originally came from, and (f) Bob is really unlikely to keep any record of the whole connection after the session is over, which means probably no more than 10 minutes or so.

If that's enough to go after Bob, then it's enough to go after Bob... but historically it hasn't been. Bob can reasonably claim not only that he doesn't know what that particular traffic was, but that, although he knows there's probably some illegal traffic, most of the traffic he relays is probably legal.

In the third case, it looks to Charlie like Bob is the ultimate user. Unless Charlie does some investigation, Charlie may go raid Bob. But Charlie should then find out all that other stuff.

I think the most common actual case is that Charlie is running a honey pot, either as a hidden service or on the clearnet, and somebody gets the content from Charlie via Bob. But the same basic ideas apply.

The main issue isn't that Charlie doesn't know what the content is, but that Bob doesn't.

[Oh, and on edit, just to be clear: In the first two cases, that "packet or two" that Bob may ephemerally buffer is encrypted so that Bob can't read it, nor can any other relay. In the third case, where Charlie is a clearnet service, the end user is usually still using TLS, so Bob still can't read it. And none of the non-exit relays can read it no matter what.]

[Manuel_D]

> So Charlie also knows that (a) Bob is just a relay, (b) Bob doesn't actually host the content, (c) Bob doesn't handle more than a packet or two of the content at a time, and deletes those as soon as they've been relayed, (d) Bob doesn't know, and can't find out, what the content actually is, (e) Bob doesn't know, and can't find out, where the content originally came from, and (f) Bob is really unlikely to keep any record of the whole connection after the session is over, which means probably no more than 10 minutes or so.?

But at the end of the day Charlie, the government agent, is catching Bob in the act of delivering illegal content.

Imagine a government agent buys drugs on the dark web and arrests the courier. The courier protests, "I didn't know it was drugs, I didn't ask what was in the package". Do you think that defense is going to keep the courier out of prison?

It sounds like Germany is treating Tor operators as common carriers, and not holding them liable for content they delivery. They're being quite generous in that regard, in most countries the node operators are probably not met with such leniency.

[Hizonner]

> Do you think that defense is going to keep the courier out of prison?

Yes. That happens every day.

> It sounds like Germany is treating Tor operators as common carriers,

That's probably because they basically are common carriers. And the service isn't particularly designed for illegal activity, even it can be useful for that. It's especially not designed for activities that tend to be illegal in the "free world".

> in most countries the node operators are probably not met with such leniency.

The Tor network has been running for about 20 years. There are on the order of thousands of relays. Unlike users, relay operators aren't anonymous; there's a public list of their IP addresses. The relays are all over most of Europe, especially Western Europe, and the Americas, especially the US and Canada, with a not-insignificant number of them in other countries.

So far as I know, nobody's ever been arrested, let alone convicted, for running a Tor relay. If they have, it's been in the sort of country where you also get arrested for running a newspaper. That may change soon, but it's still the case so far. Oh, and a good chunk of the funding for development (but not relay operation) comes from the US government.

You say "leniency", I say "not being an authoritarian hellhole".

[alasdair_]

>Imagine a government agent buys drugs on the dark web and arrests the courier. The courier protests, "I didn't know it was drugs, I didn't ask what was in the package". Do you think that defense is going to keep the courier out of prison?

Well, yes, otherwise FedEx and UPS would quickly go out of business.

[Manuel_D]

FexEx and UPS receive immunity as carriers in exchange for several things. Minimum standards around recordkeeping and knowing their customers is one. Assisting the government with law enforcement (tracking down customers, scanning packages, etc.) is another.

Juries aren't stupid, they're not going to buy it when the courier says, "I just saw this online ad for deliveries on the dark web. Sure, it paid way more than normal delivery jobs but that's not cause for suspicion, right?"

And that's exactly what a tor node is doing: delivering content from the dark web. As far as I'm concerned, Germany is being very generous in its decision to let these operators continue to operate despite knowing full well that they are enabling criminal activity.

[cesarb]

> Imagine a government agent buys drugs on the dark web and arrests the courier. The courier protests, "I didn't know it was drugs, I didn't ask what was in the package". Do you think that defense is going to keep the courier out of prison?

I, recently, bought a computer mouse from an online shop. The courier who brought me the package had no idea it contained a computer mouse. It might have been listed on the manifest outside the package, but even then, the courier had no way of knowing whether that was true without opening the package.

So, yes, I do think that defense can keep the courier out of prison.

[Manuel_D]

Reality demonstrates otherwise: plenty of drug mules are in prison because the jury didn't buy into this defense.