Bugtraq mailing list archives
Re: Popular Net anonymity service back-doored
From: Richard Stevens <mail () richardstevens de>
Date: Fri, 22 Aug 2003 00:35:13 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, first, let me make one thing clear, I think what happened is very bad. They should have done anything else but secretly bug their system. But your logic is seriously flawed.
German police have no jurisdiction in the US, for instance, just as the US police have no jurisdiction in Germany -- apart from whatever agreement Germany has made with the US regarding post-WWII treaties or whatever.
Very unpleasant for sure but also higlhly irrelevant. The people running AN.ON are German entities operating under German laws being situated in Germany. They were the ones that received the court order so they had to do something. If there are international users or not is really highly irrelevant in this case. Nobody claimed that German police or courts had juristiction in the US.
Still, I do not think anyone would be pleased if it was found that the NSA backdoored a US product. How much moreso of a problem would this be if local police backdoored a system such as this anonymity system?
Well, you can be sure, people are not pleased here, either. But do you really think if american police or better yet the FBI would demand some kind of tracking for an anonymizer in the US, they'd care about international users? Maybe the individuals operating the anonymizer would react better but I'd be surprised if american law enforcement agencies wouldn't use similar measures if they could by law (not sure about american laws).
This kind of crime sends a message to would be hackers. It says that it is okay to hack if the end is justified. Hackers, you may not have jurisdiction in Germany, but if you are hacking pedophiles or Neo-Nazis, they are law breakers, so your means must be okay. Do people really want this? Can anyone really be trusted with this? Wouldn't they hit the wrong people and make all sorts of bad mistakes for which they would not be held accountable for?
Not really. It's not a crime. You can argue about the correctness of their decision to secretly implement this backdoor in an *anonymizer* instead of standing up and tearing the service down. But following a valid court order is not a crime. Even though I really don't like those laws but spying on people seems to be hip after the events of Septembre 11th. Regards, Richard -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/RUkkCfA4EwqVdIQRAh7JAJ9Tgt7ZqhaQAuJ7eWt+bp0AlStjaACg7Hrc W0PYxdAfEnCot0ORC2LlS+s= =25Si -----END PGP SIGNATURE-----
Current thread:
- Popular Net anonymity service back-doored Thomas C. Greene (Aug 21)
- Re: Popular Net anonymity service back-doored Florian Weimer (Aug 21)
- Re: Popular Net anonymity service back-doored Thomas C. Greene (Aug 21)
- Re: Popular Net anonymity service back-doored Aron Nimzovitch (Aug 21)
- RE: Popular Net anonymity service back-doored Drew Copley (Aug 21)
- Re: Popular Net anonymity service back-doored Bernhard Kuemel (Aug 26)
- Re: Popular Net anonymity service back-doored Alex Russell (Aug 21)
- Re: Popular Net anonymity service back-doored nordi (Aug 22)
- Re: Popular Net anonymity service back-doored Thomas C. Greene (Aug 21)
- Re: Popular Net anonymity service back-doored Florian Weimer (Aug 21)
- Re: Popular Net anonymity service back-doored Andreas Kuntzagk (Aug 21)
- RE: Popular Net anonymity service back-doored Drew Copley (Aug 21)
- Re: Popular Net anonymity service back-doored Richard Stevens (Aug 21)
- RE: Popular Net anonymity service back-doored Drew Copley (Aug 21)
- Re: Popular Net anonymity service back-doored MightyE (Aug 21)
- JAP unbackdoored Kristian Koehntopp (Aug 27)