Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Tor and network security/administration

  • From: Jeremy Chadwick
  • Date: Wed Jun 21 22:12:29 2006

On Wed, Jun 21, 2006 at 08:27:18PM -0400, Valdis.Kletnieks@vt.edu wrote:
> So if you get a copyright takedown notice regarding infringing material found
> on your network, as per 17 USC 512, you intend to actually take responsibility
> and liability for your user's infringing material? Or do you intend to take the
> ISP Safe Harbor examption, disclaim liability for the material, and nuke the
> user?

FWIW, I've received such notices in the past, for content my users
hosted.  Most organisations sending take-down notices give you a 48
hour window to remove the offending content before legal action is
taken.  I'm thankful for those windows, since I do tend to sleep 10
hours a day... :-)

In the two instances where it happened, the users were removed from
the system immediately (within about 30 minutes) with all of their
data backed up (so they could be given it later, plus in the case
there was any involvement with law enforcement).  Nothing became of
either situation.

In both scenarios, I was prepared to take full responsibility since
technically speaking the facilities (co-location and bandwidth) I pay
for are under my name.  It's my rear on the line, and my users content
can possibly get my co-location network + cage access removed and my
account with my co-location provider terminated (extreme circumstances,
but I have to assume the worst).  That makes the issue my responsibility,
whether I like it or not -- what goes out from my network is my
responsibility.

In regards to Tor, I'm not referring to "infringing material
found on my network" -- I'm referring to shady individuals using
machines on the Tor network (which are run by willing members of
the network) to do things such as bust root on .gov or .mil boxes
and raise all sorts-of hell.  Since Tor server administrators don't
appear to have any idea of who's using their box for what or when
("I know nothing! I'm innocent! I just installed this Tor daemon
and partook in the whole thing willingly!"), who is going to end
up paying fines and serving jail time for an individual doing
nasty things through aforementioned Tor server?

-- 
| Jeremy Chadwick                                 jdc at parodius.com |
| Parodius Networking                        http://www.parodius.com/ |
| UNIX Systems Administrator                   Mountain View, CA, USA |
| Making life hard for others since 1977.               PGP: 4BD6C0CB |





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.