All times are UTC + 1 hour




Post new topic Reply to topic  [ 32 posts ]  Go to page 1, 2, 3, 4  Next
Author Message
 Post subject: Traffic Monitoring
PostPosted: Wed Apr 04, 2012 13:24 

Joined: Wed Apr 04, 2012 13:12
Posts: 17
Since I understand no logs are kept, the only way to see what Jondo users are doing is by realtime monitoring all mixes in the cascade simultanously. And so no activities performed before the realtime monitoring started can be tracked.

Apart from hacking all mixes in the cascade, is it possible that legal authorities are secretly monitoring? I.e. court orders are kept secret and the mix operators are legally forced to keep there mouthes shut. Could that be possible in operator countries?


Top
 Profile  
 
 Post subject: Re: Traffic Monitoring
PostPosted: Wed Apr 04, 2012 18:35 
Pantomine wrote:
Since I understand no logs are kept, the only way to see what Jondo users are doing is by realtime monitoring all mixes in the cascade simultanously. And so no activities performed before the realtime monitoring started can be tracked.
This is correct.
Quote:
Apart from hacking all mixes in the cascade, is it possible that legal authorities are secretly monitoring? I.e. court orders are kept secret and the mix operators are legally forced to keep there mouthes shut. Could that be possible in operator countries?
You mean each of the operators gets a court order saying: "You have to log every traffic in order to deanonymize every user on the cascade."? And is complying? Sure, this is possible in the future depending on the development of the laws of the countries where the mix servers are located (see the current development in Great Britain https://www.privacyinternational.org/bl ... -programme and apply that to all other countries). At the moment it is not possible (assuming neither the judges are corrupt nor our operators).


Top
  
 
 Post subject: Re: Traffic Monitoring
PostPosted: Wed Apr 04, 2012 23:34 

Joined: Wed Apr 04, 2012 13:12
Posts: 17
Thanks for the answer.

The article you linked to is quite disturbing. But that was fortunately not what I meant. If authorities can convince a judge they have a sound reason to monitor traffic of a mix operator (criminal activities or whatever comes into their minds), can they force a mix operator to not tell the Jondo organisation?


Top
 Profile  
 
 Post subject: Re: Traffic Monitoring
PostPosted: Thu Apr 05, 2012 0:23 

Joined: Mon Jan 24, 2011 18:59
Posts: 191
Pantomine wrote:
Thanks for the answer.

The article you linked to is quite disturbing. But that was fortunately not what I meant. If authorities can convince a judge they have a sound reason to monitor traffic of a mix operator (criminal activities or whatever comes into their minds), can they force a mix operator to not tell the Jondo organisation?


The way it works is thus:

In any given cascade, there are two (as in the free service) or three (as in the premium service) servers. If a court order is issued, it would have to be issued for each operator in a cascade--separately.

For example:

Operator 1 may be in Austria
Operator 2 may be in Bulgaria
Operator 3 may be in America

A court order would have to be issued for each operator individually to capture data for a specified time on each of the three servers. Generally, this is very difficult to do, since it would require an International cooperation of law enforcement and judiciaries.

I would imagine that the court order for a given operator would have to originate in the operator's country; therefore, each country would have to issue an individual court order, though this may not always be the case.

Therefore, one court order for operator is not sufficient to de-anonymize the network; it takes three court orders, in usually three different jurisdictions, to de-anonymize a cascade, though sometimes the court orders may be limited to a website.


Top
 Profile  
 
 Post subject: Re: Traffic Monitoring
PostPosted: Thu Apr 05, 2012 0:32 

Joined: Wed Apr 04, 2012 13:12
Posts: 17
Thanks for the thorough explanation. I however already did understand that. Unfortunately it still doesn't answer my question, can mix operators be forced to not tell there is an court order for monitoring. And I do understand that monitoring one step in the mix will fortunately reveal nothing ;-) It is just a legal question.


Top
 Profile  
 
 Post subject: Re: Traffic Monitoring
PostPosted: Thu Apr 05, 2012 0:42 

Joined: Mon Jan 24, 2011 18:59
Posts: 191
My mistake. I was going to answer that and I went off...

By law, when issued a court order, the operator cannot notify their network traffic that they are being monitored.

Users will never know if there is a court order, for which cascade, or for how long.

Otherwise, this defeats the whole purpose of the court order.


Top
 Profile  
 
 Post subject: Re: Traffic Monitoring
PostPosted: Thu Apr 05, 2012 8:08 

Joined: Mon Dec 29, 2008 15:58
Posts: 3565
Quote:
can they force a mix operator to not tell the Jondo organisation?
No, a mix operator can say: "I need the support of the JonDos developer to enable the law enforccement function of my mix. There is no documentation about the law enforccement function available."

If a mix operator want to inform JonDos, he can go this way. If he don't want to inform JonDos, he isn't a good mix operator. ;-)

Quote:
Users will never know if there is a court order, for which cascade, or for how long.
By German law a user has to be informed about a telecommunication surveillance after the surveillance was closed. (I know, only in 1 of 5 cases the information is send to the user.)

In other countries the law is changing at the moment. The same process we can see in UK at the moment is running in US too. The NSA can monitor traffic without court orders.

_________________
OTR fingerprint: 58EC26E5 ED164B16 67FB5207 B30EFEEB 1C61B9CF
PGP fingerprint: 8F1E 7F49 912F 0D9B 7358 6C90 8CD5 1D2D 7E36 E399


Top
 Profile  
 
 Post subject: Re: Traffic Monitoring
PostPosted: Fri Apr 06, 2012 8:50 

Joined: Mon Mar 12, 2012 22:04
Posts: 39
"The same process we can see in UK at the moment is running in US too. The NSA can monitor traffic without court orders."


It begs the question then, if the NSA can monitor traffic without court orders - why do we have US mix's ?? (and soon UK)

Why not move over to better protected countries ??


Top
 Profile  
 
 Post subject: Re: Traffic Monitoring
PostPosted: Fri Apr 06, 2012 9:28 

Joined: Mon Dec 29, 2008 15:58
Posts: 3565
Quote:
why do we have US mix's ??
Mix servers or mix operators? What's your question?

US exit mixes where requested by user to use websites which are only aviable for user with US IP addresses.

Our US mix operator does NOT cooperate with in the NSA in the warrantless wiretapping programm. ISPs are not forced by law to cooperate with the NSA. It is possible to run an non-logging mix server without NSA-backdoor.

Quote:
Why not move over to better protected countries ??
May be, the UK mix operators will go this way, if the new law is really comming and mix operators are affected by the law. But at the moment there are only rumors, not a real law. It is not easy to make a decision based on rumors.

_________________
OTR fingerprint: 58EC26E5 ED164B16 67FB5207 B30EFEEB 1C61B9CF
PGP fingerprint: 8F1E 7F49 912F 0D9B 7358 6C90 8CD5 1D2D 7E36 E399


Top
 Profile  
 
 Post subject: Re: Traffic Monitoring
PostPosted: Sat Jun 23, 2012 23:42 

Joined: Wed Apr 04, 2012 13:12
Posts: 17
cane wrote:
Quote:
can they force a mix operator to not tell the Jondo organisation?
No, a mix operator can say: "I need the support of the JonDos developer to enable the law enforccement function of my mix. There is no documentation about the law enforccement function available."

If a mix operator want to inform JonDos, he can go this way. If he don't want to inform JonDos, he isn't a good mix operator. ;-)

So a not so good mix operator is able to enable the law enforcement function of his mix on it´s own and doesn´t need Jondos for this?

If Jondos is informed will Jondos tell it´s users about it? Or are they obliged to not make this public, even if the court order is issued in a different country and targets a non-German mix operator.

Can you explain what exactly is monitored if the law enforcement function is enabled?


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 32 posts ]  Go to page 1, 2, 3, 4  Next

All times are UTC + 1 hour


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Free Trial for Premium Services
Free Trial for Premium Services
JonDonym News
New OpenPGP signatur key
Tue, 11 Nov 2014
New SSL certificate for webserver
Fri, 31 Oct 2014
Speaker's Corner
UK Data Retention and Investigation Powers Bill
Fri, 11 July 2014
NSA and Tor
Fri, 04 July 2014
For your web site - free!
Get your free IP check image for your web site or forum here!
Latest software releases
JonDo 0.19.001
Tue, 29 Aug 2013
JonDoFox 2.12.0
Thu, 13 Jul 2015
JonDo Live-DVD 0.9.84.2
Sat, 29 Aug 2015