Linode vs. TOR and internet privacy

Disclaimer: I was an otherwise happy linode customer for quite some time, and only recently began building out TOR nodes to assist in the propagation of the network that I believe is incredibly vital in global politics today.

The following is a series of interactions I've had with the linode customer service and technical support staff as a result of running a TOR node. Linode claims to hold privacy as one of their paramount values… By this chain of interaction it's up to you to decide if linode really does care about internet privacy, or if they're just overly paranoid, as well as thoroughly hypocritical network managers:

tparker:

Hello,

Please investigate and update this ticket within 24 hours to avoid a disruption in service.

We have received a complaint in connection with the below-pasted details from NBC Universal regarding materials contained in the specified web site that are infringing upon the claimant's intellectual property rights.

We are required by federal law to act expeditiously in removing or disabling access to the infringing materials. We therefore strongly recommend that you immediately remove the infringing materials.

Please note that under the Digital Millennium Copyright Act, you have the right to file a counter-notice claiming that either (a) the Claimant is wrong and that the Infringing Material is lawfully posted on the Web Site or (b) that the Infringing Material has been misidentified. We encourage you to review the procedures for filing a counter-notice which you can send back to us.

Please note that Linode has only passed on the the Claimant's notice and has not sought to determine whether the Infringing Materials on the Web Site do indeed infringe upon the Claimant's intellectual property rights.

Regards,

Trevor

–---------------------------------

Title: House MD (TV)

Infringement Source: BitTorrent

Initial Infringement Timestamp: 19 Jun 2011 20:37:07 GMT

Recent Infringement Timestamp: 19 Jun 2011 20:37:07 GMT

Infringing Filename: House.S07E18.HDTV.XviD-LOL.avi

Infringing File size: 366764352

Infringers IP Address: 74.207.248.163

Infringers DNS Name: horace.dionysian-mind.net

Bay ID: e967df8b4a924fe8df3580c228152d275d92c279|366764352

Port ID: 53786

TOR_zealot:

I run a ToR relay on my linode, which is likely why you see the occasional torrent traffic. I will block torrent traffic from the ToR end-point filtering rules. Though as a general aside, the DMCA can suck it. ;-)

This issue will be rectified shortly.

lsabota:

Hello,

Thank you for your response. Please update this ticket when the copyrighted material has been removed.

Regards,

Lukas

TOR_zealot

No copywritten material exists on my linode, only traffic relating to tiny parts of copywritten material is relayed through my server.

Anyway, I've blocked the most common bittorrent ports (tcp 6881-6900) on the exit policy on my ToR relay. This will mitigate most torrent related traffic, but there's literally no guarantee that people won't find other ways to tunnel torrent traffic through the ToR network, which quite frankly is the entire purpose of the ToR network. Anyway, I've done what I can, I'm not violating any terms of service, so hopefully this takes care of the matter entirely.

lsabota:

Hello,

Thank you for your prompt attention to this matter. We will set this ticket to automatically close as we monitor for additional complaints. We appreciate your cooperation.

Regards,

Lukas

psandin:

Hello,

We have received an other complaint from "". Could you please look in to this complaint and ensure that your exit policy is working as expected?

Regards,

Peter

Title: Van Helsing

Infringement Source: BitTorrent

Initial Infringement Timestamp: 21 Jun 2011 06:16:03 GMT

Recent Infringement Timestamp: 21 Jun 2011 06:16:03 GMT

Infringing Filename: Van Helsing 2004 BRRip {A MnM-RG H264 by Masta}

Infringing File size: 1613881859

Infringers IP Address: 74.207.248.163

Infringers DNS Name: horace.dionysian-mind.net

Bay ID: 5e00eafb67851bcf22f4f3820b25c83d45516ea7|1613881859

Port ID: 58032

TOR_zealot

Yea, what was pretty much my exact point from my first response, there's nothing that's going to stop someone from just changing their ports, or otherwise encapsulate their traffic, and pumping whatever traffic they'd like through the ToR network – in this case changing from ports 6881-6900, to a less standard port of 58032. I guess I'll just fall back to the official legal statement from the ToR organization:

Dear Linode:

Thank you for forwarding me the notice you received from Universal Pictures regarding Van Helsing 2004 BRRip {A MnM-RG H264 by Masta}. I would like to assure you that, contrary to the assertions in the notice, 1) I am not hosting or making available the claimed infringing materials, and 2) you are already protected by the Digital Millennium Copyright Act's ("DMCA") safe harbor from any liability arising from this complaint. The notice is incorrect, probably based upon misunderstandings about law and about some of the software I run.

First, in terms of legal liability, this notice does not create any risk for you as a service provider. As you know, the DMCA creates four "safe harbors" for service providers to protect them from copyright liability for the acts of their users, when the ISPs fulfill certain requirements. (17 U.S.C. � 512) The DMCA's requirements vary depending on the ISP's role. You may be most familiar with the "notice and takedown" provisions of DMCA 512(c), but those apply only to content hosted on your servers, or to linking and caching activity. The "takedown notice" provisions do not apply when an ISP merely acts as a conduit. Instead, the "conduit" safe harbor of DMCA 512(a) has different and less burdensome requirements, as the D.C. Circuit Court of Appeals held in RIAA v. Verizon (see http://www.eff.org/legal/cases/RIAA_v_V … 031219.pdf">http://www.eff.org/legal/cases/RIAAvVerizon/opinion-20031219.pdf) and the Eighth Circuit Court of Appeals confirmed in RIAA v. Charter (see http://www.eff.org/IP/P2P/Charter/033802P.pdf).

Here, any content that came from or through my computers merely passed through your network, so DMCA 512(a) applies. Under DMCA 512(a), you are immune from money damages for copyright infringement claims if you maintain "a policy that provides for termination in appropriate circumstances of subscribers and account holders of the service provider's system or network who are repeat infringers." If you have and implement such a policy, you are free from fear of copyright damages, period.

As for what makes a reasonable policy, as the law says, it's one that only terminates subscribers who are repeat infringers. A notice claiming infringement is not the same as a determination of infringement. The notification you received is not proof of any copyright infringement, and it certainly is not proof of the "repeat infringement" that is required under the law before you need to terminate my account. I have not infringed any copyrights and do not intend to do so. Therefore, you continue to be protected under the DMCA 512(a) safe harbor, without taking any further action.

You might be curious, though, about what did trigger the notice. The software that likely triggered the faulty notice is a program I run called Tor. Tor is network software that helps users to enhance their privacy, security, and safety online. It does not host or make available any content. Rather, it is part of a network of nodes on the Internet that simply pass packets among themselves before sending them to their destinations, just as any Internet host does. The difference is that Tor tunnels the connections such that no hop can learn both the source and destination of the packets, giving users protection from nefarious snooping on network traffic. Tor protects users against hazards such as harassment, spam, and identity theft. In fact, initial development of Tor, including deployment of a public-use Tor network, was a project of the U.S. Naval Research Laboratory, with funding from ONR and DARPA. (For more on Tor, see https://www.torproject.org/.) As an organization committed to protecting the privacy of its customers, I hope you'll agree that this is a valuable technology.

Thank you for working with me on this matter. As a loyal subscriber, I appreciate your notifying me of this issue and hope that the complete protections of DMCA 512 put any concerns you may have at rest. If not, please contact me with any further questions.

Very truly yours,

Your customer, TOR_zealot Nuno

If you feel this legalese is not sufficient, and still believe I am in some violation of terms of service let me know and I'll do what I can to better adhere to your operational guidelines.

psandin

Hello TOR_zealot,

While our terms of service do not prohibit the use of tor or other methods of obscuring the source of a connection, we do state that the account holder is responsible for all traffic in and out of their Linode. If you are not able to block bit torrent traffic from exiting your Linode we will have to ask that you discontinue the use of tor on your Linode. Please let us know when your exit policy has been revised, or other measures have been taken to prevent further bit torrent traffic from being relayed through your Linode.

Regards,

Peter

TOR_zealot

Ok, with all due respect clearly there's something that's not quite being understood about this matter. I would kindly ask that you re-read the official statement from the ToR organization more clearly as it explains in detail the why I am not violating any rule or law. I am in no way hosting data that is copywritten, and in no way hosting files protected under the DMCA. ToR is a very legitimate tool for internet privacy and anonymization, and vital to the development of digital privacy. I could sit around and block random ports all day long as you receive DMCA notices but it wouldn't stem the tide of people using one of the million ways to otherwise by-pass a simple port block – this is simply the nature of internet proxies, not limited to ToR. There is literally no way for ToR relays, or the ToR network in general, to entirely block torrent traffic without dramatic re-engineering (which woud in turn render ToR much more useless as an anonymizing tool).

As I am not running bittorrent, or any other p2p file sharing applications, I fail to see exactly where I am violating any ToS, as the last reply I sent seemed to cover that matter in great detail, as well as any and all possible legal repercussions. There is literally zero legal liability on either your or my behalf from the traffic that ends up passing through or out of any given ToR relay. If there is a more effective way you believe I can use to stem the tide of torrent traffic I'll drop it in place right away, but past what I've done I believe we've more than covered our "legal asses" (so to speak).

Let me know if there's any other specific requests you have for me in changing my ToR relay exit policy. Thanks!

-TOR_zealot

psandin

Hello,

Our policy is more strict than required by law. Under our terms of service you are responsible for all traffic in and out of your Linode regardless or your level of personal interaction with that traffic. At this time we are receiving complaints of copy right material being transmitted through your Linode, and ask that you take steps to prevent further complaints from being generated. If you are able to block bit torrent while still allowing legitimate traffic to exit the tor network via your Linode please feel free to continue to run tor. In any case action needs to be taken to prevent further complaints.

Regards,

Peter

TOR_zealot

Alright, first off I would ask you be a little less rude about this – I've been working with you as best I can. I first explained that those "DMCA Notices" you're getting are 100% false positives -- you can ignore them if you so choose because no law has been broken. But since you seem absolutely intent on NOT ignoring those false positives I ask what exactly you would like me to do, in reference to my ToR exit policy (telling me "just block bittorrent" is a non sequitur). If ToR is an acceptable application on your network, which you've told me is, explain to me the the parameters by which I can configure it. Of course I would ask that these parameters be actually cross-referenced to said written "policy that is more strict than law."

Once I know the actual technical limitations defined by your terms of service I can configure my services accordingly. Thank you in advance for your assistance.

-TOR_zealot

deaton

Hello,

We sincerely apologize for any perception of rudeness from our end. We have no intention of being rude or inconsiderate while explaining Linode's policy.

We do have other customers that successfully operate Tor exit nodes and do not generate complaints. I believe this is accomplished by dynamically filtering bittorrent traffic (as opposed to blocking specific ports), but there may be other technical means of accomplishing this. There are other services that sometimes need to be blocked as well to avoid receiving complaints, such as SPAM and (block outbound attempts to port 25) and ssh brute force attempts (block outbound attempts to port 22).

If you'd like to continue running ToR, then you'll have to find a way to block the traffic that is generating complaints. Unfortunately if you cannot successfully block Bit Torrent traffic coming from your Linode then we'll need to respectfully request that you stop running the ToR service on your Linode.

Please let us know how you plan to proceed. Thank you in advance.

Regards,

Dave

TOR_zealot

Ok, that's starting to get to more of the information that I need… but not quite. I guess I'm curious as to why the false positive DMCA notices are an issue in any way? Presuming I finagle a way to block traffic enough to cease generating DMCA notices, it doesn't logically follow that I've actually blocked torrent traffic entirely -- it would be just as likely the torrent traffic still exists but is encrypted / not using public trackers / etc. etc. etc.

Basically I'm just trying to get the point across that what we're actually talking about is ANONYMIZING PROXY traffic, NOT bittorrent traffic. If I was running bittorrent software, or other P2P software, generating mass connections to pull down the latest CAM of The Hangover 2, I would be in clear violation of your terms of service, but I'm not. So I'm failing to see how I am violating any terms of service OR breaking any US laws.

However, if you can hand me a couple lines to throw in my /etc/tor/torrc file that will put someone's mind at ease I'll do it in 2 seconds flat.

deaton

Hello,

We do not actively monitor the network activity of your Linode and only open abuse tickets based on complaints that are received. If you're not getting complaints, in general that is sufficient for our needs.

We are completely aware that ToR anonymizes all traffic, and not just BitTorrent traffic, however, the BitTorrent traffic is the traffic that is generating complaints, and we need it to stop in order to stop getting complaints about your IP address. The traffic is coming from your IP address either way, whether it has passed through the ToR network first or not. Our policy applies either way:

  • https://www.linode.com/tos.cfm

Section 3 Prohibited Usage states:

Linode and the services it provides may only be used for lawful purposes. Transmission, distribution, or storage of any information, data or material in violation of United States or state regulation or law, or by the common law, is prohibited. This includes, but is not limited to, material protected by copyright, trademark, trade secret, or other intellectual property rights. Linode.com's services may not be used to facilitate infringement of these laws in any way.

Your Linode is transmitting copyright material. Whether it originated from the ToR network or from a BitTorrent client running on your Linode, the policy still applies.

As previously stated we aren't aware of the exact configuration that you need to implement to stop complaints from being generated. Feel free to join our active users community for suggestions:

  • http://www.linode.com/community/

Please let us know whether you plan to dynamically block BitTorrent traffic or stop the ToR service completely so we can close this ticket. Thank you for your continued cooperation.

Regards,

Dave

deaton

Hello,

To add to my last update, there's an additional part of section 3 that more directly describes our policy towards the use of ToR:

  • https://www.linode.com/tos.cfm

Linode does not prohibit the use of distributed, peer to peer network services such as Tor, nor does Linode routinely monitor the network communications of customer Linodes as a normal business practice. However, customers are responsible for the contents of network traffic exiting their Linode. Any usage that prompts the receipt of abuse complaints pertaining to violation of United States and/or international copyright law must be promptly discontinued to avoid service cancellation for violation of these terms.

Regards,

Dave

TOR_zealot

Great. So you're not going to be answering any of my questions whatsoever?

deaton

Hello,

My update was based on what I felt was the most applicable information to help get the situation resolved, and I believe I've addressed each of your questions. If you have specific questions that you feel were not addressed then please let us know so we can clarify further.

Regards,

Dave

TOR_zealot

Ok guys, I don't want this to be some sort of "flame war" pissing contest, but I have to say I'm becoming increasingly unimpressed about your persistence about this total non-issue – that being a false positive DMCA notice. You have utterly failed to answer any question I've posed because your shoddy copy/paste work doesn't apply to any terms of service I'm violating. The phrase "dynamically block torrent traffic from your ToR relay" is as meaningless to me as I presume it was to you in typing it. But I'm very quickly losing interest in this purely academic debate, because it's clear that your technical/customer support department doesn't posses a proper understanding of the technical concepts at play, let alone the political or legal ones.

I will go on record as saying, in all honesty you provide a great product, but absolutely terrible customer and technical support.

I'm throwing in some iptables rules that block packet contents based upon criteria that are involved in torrent connection negotiation, however that will in no way effect encrypted connections -- in fact NOTHING that currently exists in the iptables/ipfw/pf/or layer7 filtering code-base will effectively block encrypted p2p traffic. If this isn't good enough you will either need to ignore the false DMCA notices, provide me better technical documentation about filtering p2p traffic, or just shut off my service and I'll take my money to one of the hundreds of other hosting services that won't harass me over false alarms.

I apologize in advance if this is insulting, my patience has simply been exhausted.

deaton

Hi,

Thanks for your feedback. Please update this ticket once you've put the iptables rules in place, and we'll let you know if further complaints are received. Thanks for your cooperation.

Regards,

Dave

TOR_zealot

They're in place. If you get another notice please don't bother me about it unless you can provide me with a better solution for mitigating the traffic.

lsabota

Hello,

Before closing this abuse ticket, you will need to provide us with what measures you have taken on your Linode to ensure that we do not receive further complaints in the future. If you are not comfortable filtering illegitimate traffic through your Tor node, than we kindly ask that you stop running a Tor node on your Linode. You are responsible for all traffic that exists your Linode, regardless of whether you are running a Tor on your Linode or not.

Let us know how you wish to proceed. Thanks in advance.

Regards,

Lukas

TOR_zealot

Still not appreciating being further insulted – I am comfortable with providing internet privacy, and that is what I intended on continuing to provide via legitimate services as they are advertised. If you are naive enough to believe illegitimate traffic can be completely blocked than perhaps it's you that shouldn't be involved in a hosting or ISP company. Here are the iptables I have put into place:

*raw

:PREROUTING ACCEPT [2905091:2327058312]

:OUTPUT ACCEPT [2056573:2358689029]

-A PREROUTING -m string –string "GET /announce?info_hash=" --algo bm --to 65535 -j DROP

-A PREROUTING -m string --string "GET /scrape?info_hash=" --algo bm --to 65535 -j DROP

-A PREROUTING -m string --string "GET /announce.php?info_hash=" --algo bm --to 65535 -j DROP

-A PREROUTING -m string --string "GET /scrape.php?info_hash=" --algo bm --to 65535 -j DROP

-A PREROUTING -m string --string "GET /announce.php?passkey=" --algo bm --to 65535 -j DROP

-A PREROUTING -m string --string "GET /scrape.php?passkey=" --algo bm --to 65535 -j DROP

-A PREROUTING -m string --hex-string "|13426974546f7272656e742070726f746f636f6c|" --algo bm --to 65535 -j DROP

-A OUTPUT -m string --string "GET /announce?info_hash=" --algo bm --to 65535 -j DROP

-A OUTPUT -m string --string "GET /scrape?info_hash=" --algo bm --to 65535 -j DROP

-A OUTPUT -m string --string "GET /announce.php?info_hash=" --algo bm --to 65535 -j DROP

-A OUTPUT -m string --string "GET /scrape.php?info_hash=" --algo bm --to 65535 -j DROP

-A OUTPUT -m string --string "GET /announce.php?passkey=" --algo bm --to 65535 -j DROP

-A OUTPUT -m string --string "GET /scrape.php?passkey=" --algo bm --to 65535 -j DROP

-A OUTPUT -m string --hex-string "|13426974546f7272656e742070726f746f636f6c|" --algo bm --to 65535 -j DROP

*mangle

:PREROUTING ACCEPT [5097:4369803]

:INPUT ACCEPT [5097:4369803]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [2988:4316273]

:POSTROUTING ACCEPT [2990:4316547]

-A PREROUTING -j CONNMARK –restore-mark --nfmask 0xffffffff --ctmask 0xffffffff

-A PREROUTING -m mark ! --mark 0x0 -j ACCEPT

-A PREROUTING -m ipp2p --edk -j MARK --set-xmark 0x1/0xffffffff

-A PREROUTING -m ipp2p --bit -j MARK --set-xmark 0x1/0xffffffff

-A PREROUTING -m mark --mark 0x1 -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff

-A FORWARD -m mark --mark 0x1 -j REJECT --reject-with icmp-port-unreachable

deaton

Hello,

Thank you for providing that information. We do apologize for any perception that we have tried to insult you, but I can assure you that is not the case. The action you have taken thus far will be sufficient for our needs, however, we can't say with any certainty whether or not this will prevent us from receiving further complaints.

With regard to future DMCA complaints, we will need to open a new ticket and let you know about it, and if it becomes a recurring problem then we'll require you to take further action, such as shutting down the ToR application completely. This policy applies to all of our customers (including others running ToR) and unfortunately are unable to make an exception for you in this case. We regret any inconvenience this causes you, but hope to continue having you as a customer and hope that we can avoid having to open tickets of this nature in the future.

Regards,

Dave

TOR_zealot

I assure you such a policy has no legal nor technical basis. "Illegitimate" traffic travels through your datacenter every day, all day, without interruption. Just some of it gets flagged, sometimes legitimately, sometimes not (obviously in this case not). Had you bothered to read the legal statement provided by the ToR Foundation you would better understand some of these intricacies. If I am asked to shut down my ToR node I assure you I will cancel my account (you might want to note I have been a happy customer for some time), and will advise anyone I can of your company's utter lack of respect for the privacy they claim to hold in high regard. I hope your department can be more reasonable in the future, to minimize such needless ordeals.

-TOR_zealot

Next ticket:

theckman

Greetings,

We've received a report of malicious activity originating from an IP address assigned to you. The activity appears to be spamming of a WordPress blog's comments. Please investigate this report within 24 hours to avoid a disruption of service.

I've attached the full report in a separate ticket update.

Regards,

Tim

theckman

Reported-From: [email protected]

Category: info

Report-Type: info

Service: badbot

Version: 0.1

User-Agent: Fail2BanFeedBackScript blocklist.de V0.1

Date: Thu, 23 Jun 2011 11:07:01 +0200

Source-Type: ip-address

Source: 74.207.248.163

Port: 80

Report-ID: [email protected]

Schema-URL: http://www.x-arf.org/schema/info_0.1.0.json

Attachment: text/plain

Timezone +0200 (CEST)

Lines containing IP:74.207.248.163

74.207.248.163 - - [23/Jun/2011:11:06:57 +0100] "POST /index.php HTTP/1.0" 200 12565 "-" "-"

wpSection:

wpTextbox1: perfect design thanks Range Rover Models 991099 Chelda Child Model 32867 Model Seven Ls 6779 Perfect Teen Model nnkz Inna Model Bbs %( Child Models Samples 330 Young Model Princess fhq Brazil Child Model 02175 Ass Crack Modeling 941 Bikinis Models Topleess %-[[[ [Tinymodels F

orum]( hxxp://peperonity.com/go/sites/mview/dyhogihiqe ) %OO Image Model Teen =) Lexus 2007 Model rco Young Model Natalie >:-]]] Nude Newbie Models fnfqv Littel Teen Model >:-(( Erotic Model Russian =DDD Free Naked Supermodels =-O 14yo Teenmodels Pics dcfjw Nnude Childs Models lygv

Timestamp: 1308819999

wpSummary: fRvOkoRxYXrSXye

wpSave: Seite speichern

TOR_zealot

I'll look around at what's going on, but my general assumption is that this is just more related traffic from my ToR exit node. I certainly don't want people to be running attacks through ToR nodes and generating malicious traffic, but it seems like we're going to continually come back to this little game of whack-a-mole, when you've already told me "it's alright to run a ToR node" (assuming you understand both the positive and negative connotations therein).

ToR, at it's foundation, is an internet privacy tool that can do anything from keeping browsing traffic anonymous for people in Iran so their government doesn't break their kneecaps and throw them in prison. On the other end ToR is a technology used by P2P file sharers and script kiddies who want to make the internet a shitty place. Unfortunately we can't throw the baby out with the bathwater.

At this point I am genuinely interested in all these people you've told me run ToR end-points on your network that don't get similar complaints. Are their actually people that run ToR nodes that don't have to spend HOURS a day trying to catch this-and-that packet? I've done nothing but read through ToR and IPtables traffic manipulation articles, including in your own forums of customers claiming to run a ToR node, to minimize malicious traffic, but I'm starting to run out of ideas. Do I just block ALL web traffic? Wouldn't that continue to defeat the purpose of running a ToR node in the first place?

If your technical support could actually provide technical support instead of just bothering me about some script kiddie it would be far more helpful. What traffic shaping, iptables, or snort IDS filtering would you suggest I put in place that would actually stop this from happening in the first place?

tparker

Hello,

We appreciate you looking into this. We have an obligation to pass along complaints to customers at the corresponding IP addresses. At the same time, we are an unmanaged service and you are responsible for the services that you choose to run on your Linode. By the same token, you are responsible for ensuring that whatever complaints that we receive regarding traffic from your IP address are resolved to the satisfaction of the complainant. We can't resolve these issues on your behalf. We also can't silently ignore complaints as they are received simply because they may have passed through your Linode by way of ToR.

Again, we really do appreciate your time and effort in finding a solution to this matter. However, that time and effort is not in itself a resolution to complaints or a valid reason to ignore future complaints.

Regards,

Trevor

TOR_zealot

Do not insult my understanding of what an unmanaged service is. But so far you've mostly been bothering me over NON-ISSUES that are FALSE ALARMS – I would genuninly hope that your technical department is able to tell the difference, but obviously not.

I'm not trying to dirty your IP space, but it's clear your terms of service are bullshit and poorly understood not only by your technical staff but by your legal staff as well, you don't want people running ToR nodes on your network, and you have absolutely no respect for internet privacy as a whole. Please give me 72hrs to migrate my services off your network and then you'll never see a dime from me, or anyone else I know, ever again.

psandin:

Hello,

Unfortunately these complaints are not false alarms or non-issues, they are legitimate complaints regarding malicious activity passing through an IP address that you are responsible for.

Please understand that we have no objection to Tor in principle. However we can not allow abusive traffic to pass through our network, running Tor or any other piece of software, does not absolve a Linode's owner of responsibility for the traffic passing through it.

We are not trying to drive you away, we are simply trying to prevent further abuse from passing through our network.

Regards,

Peter

TOR_zealot

Now you've managed to reach the level of just persistent absurdity. You people are dreadfully uninformed, and stubbornly ignorant. Before I begin final migration away from your network, and proceed to cancel my account, I believe there are at least a few points you should make note of before you next harass a customer to the point of leaving your service:

1.) While you publicly state you have "no objection to Tor in principle." It is quite clear you have many objections to Tor in technical operation, in ways I'm not convinced you fully understand:

Tor is a public anonymizing internet proxy. By setting up and running a Tor node, as an operator, you acknowledge that there's no way to control the intentions of those using the network. That means you understand and must be comfortable with the fact that you're handling the traffic of political dissidents, husbands trying to hide their porn browsing, people trying to circumvent their ISPs ToS or avoid DMCA violations, and some misguided script kiddie trying to mess with some one's wordpress site. While there are many ways to augment or filter some of this traffic, it is a guaranteed inevitability people will continue to use the network for their own purposes (legitimate or otherwise)

2.) This harassment on your part began with what was absolutely, without any doubt, a FALSE POSITIVE DMCA NOTICE. Companies pursuant to DMCA violations use very crude methods by which to identify infringers – that being locating the IP of the person suspected of the infringement. However it has been very thoroughly established in the United States legal system (among others) that an IP address is in no way a form of identification of an actual physical person, but is merely a tool used in internet routing. Had you bothered reading the legalese provided by the Tor Project you would have gleaned a particularly important part of this:

The "takedown notice" provisions do not apply when an ISP merely acts as a conduit. Instead, the "conduit" safe harbor of DMCA 512(a) has different and less burdensome requirements, as the D.C. Circuit Court of Appeals held in RIAA v. Verizon (see http://www.eff.org/legal/cases/RIAA_v_V … 031219.pdf">http://www.eff.org/legal/cases/RIAAvVerizon/opinion-20031219.pdf) and the Eighth Circuit Court of Appeals confirmed in RIAA v. Charter (see http://www.eff.org/IP/P2P/Charter/033802P.pdf)

3.) Finally, had you understood points 1 and 2 you would further understand that not only is there nothing I can technically do to prevent some douchebag trying to screw up a wordpress site with some malformed POSTs, but I am absolutely not responsible for the traffic itself -- otherwise every network operator in the world, plus any sucker that ever plugged in a router, would be just as responsible and open to litigation. I can do the best anyone else can to limit the flow, but there flat out is no existing technical way to entirely squelch such traffic, nor is there any legal burden on me or Linode should such traffic pass our way. If it is in Linodes policy that running a Tor node is ok, Linode is accepting the total roll of the dice that some of the traffic that will comes out of it is legit, and some of it won't be.

In closing I'll just say I am terribly disappointed in how your customer and technical service representatives have chosen to blindly handle this situation. Instead of offering any assistance in how I might better adhere to impossible technical standards I have just been given copy/pasted TOS crap that didn't apply to me in the first place, and obviously made no sense to the person who found it in the first place. Total fail, guys. Game over.

Maybe I over-reacted in canceling my account and moving all my services away from the Linode network, purely as a principled statement. But I leave it up to the rest of the linode customer base to decide if Linode actually cares about internet privacy, or if they merely use the phrase as lip service to attract the open source community that is often foremost concerned with the ever changing issue of privacy in our digital age.

The one thing I will say is that through this utterly stupid process I've discovered what a great service Rackspace Cloud Hosting is. I highly recommend dissatisfied customers look in to the many better and more affordable options out there!

156 Replies

Move your stupid torrents with movies away from Linode, I don't want to read news like "FBI has seized servers from Linode's datacenter for investigation, 5000 VPS were on these servers, one of them is suspected".

Kids with TOR… Who really wants to find you will always be able to find.

You was asked (not banned!) to remove some illegal torrents (traffic, yes) and if you can't do this - it's your problems, your software, and nobody's else.

Tor by it's nature is a flawed technology to run on many networks due the it's anonymity, in a world where everyone played fair and people didn't use it for abuse then it would be a wonderful solution to bypassing oppressive government firewalls etc, of course in a world where everyone played fair there would be no need for Tor.

Linode's TOS states that transmission of illegal data is against the TOS, Tor = transmission.

In the cause of Linode you could run a Tor relay but an exit node is a very complex and time consuming thing to run, if you really want to run an exit node, run it on your home ISP I doubt they will care (I've done it).

I don't see the problem here, I would spell out why but Linode has already done that (several times, by the looks of it) and you still believe yourself to be the injured party, so I don't think there's really a point. I do want to point out though, that throughout that Linode's staff was professional and courteous while you were combative and belligerent (you felt Linode was being rude to you and insulting? really? I bet no one else will get that impression reading the transcription).

I'd just like to add my vote that Linode is in the right here and it has nothing to do Internet privacy.

I understand Linode is in a difficult situation here, but there must be a better way to handle this. The way Linode reacts means anyone can easily close anyone else's Linode account simply by sending Linode a few DMCA take down notices.

Judging from this exchange, whether notices are real or bogus, Linode will keep bugging the customer to change his behavior "so the notices will stop", and will eventually shut down his nodes "if he doesn't change his behavior sufficiently enough for the notices to stop".

@neo:

I understand Linode is in a difficult situation here, but there must be a better way to handle this. The way Linode reacts means anyone can easily close anyone else's Linode account simply by sending Linode a few DMCA take down notices.

The guys running Tor it's most likely they're real, if someones running a normal webserver and someone sends a DMCA you just send one of those "you're talking crap" letters back. The fact complainant is running a open network that anyone can do pretty much anything with means they're just asking for trouble.

@obs:

@neo:

I understand Linode is in a difficult situation here, but there must be a better way to handle this. The way Linode reacts means anyone can easily close anyone else's Linode account simply by sending Linode a few DMCA take down notices.
The guys running Tor it's most likely they're real, if someones running a normal webserver and someone sends a DMCA you just send one of those "you're talking crap" letters back. The fact complainant is running a open network that anyone can do pretty much anything with means they're just asking for trouble.
If you read the exchange, Linode clearly states they do not actively monitor network activity and consider continued complains a criterion for non-compliance.

@neo:

I understand Linode is in a difficult situation here, but there must be a better way to handle this. The way Linode reacts means anyone can easily close anyone else's Linode account simply by sending Linode a few DMCA take down notices.

Judging from this exchange, whether notices are real or bogus, Linode will keep bugging the customer to change his behavior "so the notices will stop", and will eventually shut down his nodes "if he doesn't change his behavior sufficiently enough for the notices to stop".

Linode is just doing what they have to by law. If you don't like that (assuming you're a US citizen), contact your state senators and representative.

You, as the linode purchaser, are responsible for traffic through your linode by virtue of your contract with linode. Your linode has been used to abuse other sites (blog spamming) and to facilitate piracy (torrent traffic). Even though you, yourself, may not be possessing or storing such data (and thus the DMCA is irrelevant), you're are facilitating such traffic and abuse. Therefore it is your responsibility.

Running a tor endpoint would appear to be incompatible with being a responsible netizen because there appear to be no controls on the responsible usage of the network. If such controls are possible then it's your responsibility to ensure they're applied, not Linode's. You don't know how to do this, and (apparently) can't get such information from the Tor guys, which leads me to believe that it isn't really possible.

I fully understand the desire for net-anonymity. 20 years ago, in the UK, I built an anonymous email service for people. It was dialup 'cos the UK was mostly dialup at that time. And it worked well. But, today, the net is a different place; I wouldn't ever run an anonymous service because it will attract abuse. Running a Tor endpoint is making a political statement; "communications may be anonymous" (see the rationale for the original anon.penet.fi service). That's fine for you making such statements, but don't expect others (eg Linode) to defend them on your behalf; it's your responsibility, your choice.

Looking at that exchange, I see insults and beligerancy only flowing in one direction; from you to Linode staff. Linode were perfectly polite and patient with you. To be honest, if I was linode staff I'd be wishing and hoping that you move your service away from my machines asap. But that's another reason why I don't run public services like this, any more! People like you make it hard work.

The issue relates to traffic only. As far as I know, the law has no application here. Linode and the owner of the Tor, are simply routers and have no liability and very limited ability to control what they're routing. It would be like holding ISP's responsible for the contents of your email. It's not possible and it doesn't make much sense either. Nonetheless, the owner of the Tor did make efforts to limit the problem traffic as a goodwill gesture.

Linode say they will leave well alone until something legal forces them to act. It's clearly stated with specific reference to Tor in their Terms of service. I don't find that unreasonable and unless they're handing out your personal details at the first sign of trouble, I don't see what it has to do with privacy either. Support seemed a touch unaware of the technicalities, but that only prolonged the inevitable outcome.

They aren't doing what's required by law, they're doing what's required when organizations with many lawyers and deep pockets come knocking. The issue is not really with Linode, or tor_zealot, or anyone else. It's that the law is imperfect and one party can heap pressure on another without reasonable cause. Something I notice in common with internet activists (/moreappropriateword) is a slight naivety in expecting the world to work a certain way because it should and then being shocked to find out that it doesn't. I don't think the issue is clear-cut enough to take sides, but my prevailing thought is reality check.

I'm impressed at the level of professionalism displayed by the Linode employees you communicated with. If I were caker, I'd be very proud.

You come across as stubborn, arrogant, and extremely self centered. Clearly you're looking for a fight, and seeking as much attention as you can get. You're just a troll, and the Linode folks were extremely patient with you. Despite constant abuse from you, they continued to apologize for rudeness and insults that didn't even exist.

As a customer, I'm glad to see Linode handled this situation as responsibly as they did.

@JshWright:

@neo:

I understand Linode is in a difficult situation here, but there must be a better way to handle this. The way Linode reacts means anyone can easily close anyone else's Linode account simply by sending Linode a few DMCA take down notices.

Judging from this exchange, whether notices are real or bogus, Linode will keep bugging the customer to change his behavior "so the notices will stop", and will eventually shut down his nodes "if he doesn't change his behavior sufficiently enough for the notices to stop".

Linode is just doing what they have to by law. If you don't like that (assuming you're a US citizen), contact your state senators and representative.
Does the law require Linode to assume every DMCA take down notice they receive is legitimate and not bogus and/or fake?

@neo:

Does the law require Linode to assume every DMCA take down notice they receive is legitimate and not bogus and/or fake?

No, but when the result to passing on the DMCA takedown is:

a) I don't care or

b) I can't really stop it:

@tor_zealot:

–---------------------------------

Title: House MD (TV)

Infringement Source: BitTorrent

Initial Infringement Timestamp: 19 Jun 2011 20:37:07 GMT

Recent Infringement Timestamp: 19 Jun 2011 20:37:07 GMT

Infringing Filename: House.S07E18.HDTV.XviD-LOL.avi

Infringing File size: 366764352

Infringers IP Address: 74.207.248.163

Infringers DNS Name: horace.dionysian-mind.net

Bay ID: e967df8b4a924fe8df3580c228152d275d92c279|366764352

Port ID: 53786

TOR_zealot:

I run a ToR relay on my linode, which is likely why you see the occasional torrent traffic. I will block torrent traffic from the ToR end-point filtering rules. Though as a general aside, the DMCA can suck it. ;-)

@tor_zealot:

Title: Van Helsing

Infringement Source: BitTorrent

Initial Infringement Timestamp: 21 Jun 2011 06:16:03 GMT

Recent Infringement Timestamp: 21 Jun 2011 06:16:03 GMT

Infringing Filename: Van Helsing 2004 BRRip {A MnM-RG H264 by Masta}

Infringing File size: 1613881859

Infringers IP Address: 74.207.248.163

Infringers DNS Name: horace.dionysian-mind.net

Bay ID: 5e00eafb67851bcf22f4f3820b25c83d45516ea7|1613881859

Port ID: 58032

TOR_zealot

Yea, what was pretty much my exact point from my first response, there's nothing that's going to stop someone from just changing their ports, or otherwise encapsulate their traffic, and pumping whatever traffic they'd like through the ToR network – in this case changing from ports 6881-6900, to a less standard port of 58032.

Then.. that's NOT a "No, I'm not using my bandwidth for anything copyright."

@tor_zealot:

Disclaimer: I was an otherwise happy linode customer for quite some time, and only recently began building out TOR nodes to assist in the propagation of the network that I believe is incredibly vital in global politics today.

Grow up, stop relaying illegal materials or keep doing it, get busted and go to prison.

@jebblue:

or keep doing it, get busted and go to prison.
Calm down, man, it looks like a blind rage.

He just doesn't understand possible consequences of his whims for other users of Linode.

I agree that if anyone sounded rude in ANY of those interactions, it was you, not Linode. Seriously, you think Linode just happens to hire people who are rude and dismissive? I think not, and IMHO, they were awesome. As one other poster commented, advising them to FO and ignore false positives is about as arrogant and demanding as a customer can get.

(I mean, seriously, how is Linode to determine if a request is a false positive or not? Should they monitor every request, and personally analyze it? Should they hire additional staff just to respond to these false positives, so that you don't have to be bothered? Arrogant!)

The bottom line here is that if Linode gets served with C&D's, investigatory briefs, subpoenas or whatever, then they are perfectly within their rights to request that you fix things. They are doing what is in the best interest of THEIR company!

Maybe you don't want to move your Tor (and BTW I fully appreciate and support TOR's ideas, by the way) to another host? Well, how would you like it if Linode went under from lawsuits (or threats of lawsuits, and defending them in court) and took your sites with them? Then you would have to find a new host anyhow. Just jump now and MOVE.

Any decent and caring ISP will do the same thing. It's how you legally handle these things. Get a complaint, have the offending customer fix it and be nice. If that doesn't work on a continued basis, then boot the customer and let them take their political statement somewhere else. Personally, I applaud Linode for staying with you all this time already.

Look, I appreciate what you're trying to do. I just don't think the way you're going about it is all that cool. If you feel so strongly about making this a political statement, find a hosting company that is more lenient towards this type of application. There are MANY. But let's not point the finger back at Linode, and let's not take down the rest of Linode's customers just so you can keep hosting here.

I would like to see where you are in three months. Still at Rackspace? Huh. Did you know they have one of the highest boot rates in the hosting business? Wonder why…?

Thanks,

Bruce

> psandin

Hello,

Our policy is more strict than required by law. Under our terms of service you are responsible for all traffic in and out of your Linode regardless or your level of personal interaction with that traffic.

That sums up the issue.

Tor_zealot makes a valid point that running a Tor exit node that relays copyright-infringing BitTorrent traffic may not be illegal in the U.S. (or at least that's what EFF says.) But the question is not about what is or isn't allowed by U.S. copyright law. The question is about what is or isn't allowed by Linode's TOS, which is stricter than U.S. law. The TOS is a contract between you and Linode, so Linode has every right to enforce it. If you don't like it, find a company with a different TOS.

It's possible to run a Tor exit node without much hassle, but it takes some effort to set it up. You'll need to colocate your own hardware in a good datacenter, and purchase your own IP block from your RIR so that any complaints go directly to you instead of the datacenter.

Tor's philosophy is excellent IMO, but I find libertarians annoying when they expect others (such as Linode) to protect their rights for them all the time. A serious libertarian protects his own rights as much as he can. If you care for anonymity so much, do some real work, spend some real money.

@neo:

Does the law require Linode to assume every DMCA take down notice they receive is legitimate and not bogus and/or fake?
The law is whatever your lawyer can prove in court. Right or wrong has nothing to do with it.

People that think the law is some "written in stone" policy are in for a big shock the first time they set foot into a courtroom.

"Might makes right" might have been coined for governments fighting wars, but it's more appropriately used for lawyers in the courtroom.

What all that means is that LINODE is in the hosting business, not the fighting in court business. There's no (none, zip, zlich, nadda) ROI for them to even attempt to argue this in Court. The RIAA/MPAA would eat them alive. In the end, they'd lose, and lose a ton of money, for what? Protecting some kid's right to run a tor exit on their network?

Meh. If the kid continues to whine, kick him loose.

Just to clarify to many posters – I was not running p2p software, or hosting any copy-written material on my linode, nor was I using it to pump out malicious or illegal traffic. I was simply running a TOR node. Linode claims they're fine with that "in principle" but they clearly don't agree with it in actual technical operation. The phrase "you are responsible for all traffic transmitted by your server" is ludicrous to many degrees, particularly in relation to TOR, because there is no way to control a TOR users intentions.

The bottom line is Linode says it's ok to run a TOR node, but if you actually do they harass you with tickets regarding traffic that nobody could block coming out of a TOR node. You can't say "I agree with TOR in principle" but then complain when garbage traffic comes out of it – that's called THE INTERNET. The person who is legally responsible for the DMCA/etc. infringements is the person who originally transmitted the data, not any of the intermediaries used to relay the traffic.

Nobody cares what you can do with your Tor node and what you can't. You have claims and you can't react adequately, so there is only 1 way - turn off this Tor node.

Nobody should take additional risk just to give you ability to play with lawyers. Not Linode, nor neighbors of your VPS.

@tor_zealot:

Just to clarify to many posters – I was not running p2p software, or hosting any copy-written material on my linode,

Point to somewhere where someone stated that you were?

@tor_zealot:

nor was I using it to pump out malicious or illegal traffic. I was simply running a TOR node.

You were indeed pumping out malicious traffic, as shown in the ticket regarding comment spam. That you did not do that intentionally doesn't change the fact that your node relayed it. Running a tor exit node is not "simple", and it carries with it very serious responsibilities, especially when you don't own your hardware and your IPs.

@tor_zealot:

Linode claims they're fine with that "in principle" but they clearly don't agree with it in actual technical operation.

That's why they keep saying "in principle". You're reading but not comprehending. I am ok with completely free speech "in principle", but in reality, I dislike the idea that someone can shout racial slurs in a public place. Linode is ok with tor in principle, but unfortunately, in practice, it can cause problems.

@tor_zealot:

The phrase "you are responsible for all traffic transmitted by your server" is ludicrous to many degrees, particularly in relation to TOR, because there is no way to control a TOR users intentions.

It doesn't matter if you run tor, apache, an open mail relay, or an NTP server. Your outbound traffic is your responsibility. How is this hard to grasp? Nobody is forcing you to run a tor exit relay. If you chose to run software, you accept the responsibilities for what that software does.

@tor_zealot:

You can't say "I agree with TOR in principle" but then complain when garbage traffic comes out of it

Again, you fail to understand what "in principle" means.

Well obviously it's off, now. I've totally canceled my account and moved all services away from the linode network – rackspace cloud is working very nicely indeed! :)

My main point here is that linode is entirely backwards and hypocritical in their traffic monitoring policy and abuse response. I did everything I could to filter traffic to better suit their requests, but in the end it came down to unreasonable requests on their behalf that would be impossible for any TOR node operator or networking god.

When it comes to trivial complaints that are false alarms I would hope my hosting company would respond accordingly. This may seem a silly issue to some, but if you were a citizen of Pakistan, Iran, Libya, etc. and TOR was the only thing standing between your ability to communicate, and having the government bust down your door and shoot you in the face, you might feel less concerned about somebody sneaking some torrent traffic through TOR to get the latest House MD episode.

There are very many legit uses for TOR. In that I believe in freedom and privacy for all I can accept such things can occasionally be used for less than pious purposes.

It may be cliche, but let's all remember:

"Those who give up their liberty for more security neither deserve liberty nor security." --Benjamin Franklin

@tor_zealot:

"Those who give up their liberty for more security neither deserve liberty nor security." –Benjamin Franklin

What about companies that get put out of business by the DMCA because some shmuck decided to violate their ToS?

My money says that Rackspace does exactly the same thing.

@tor_zealot:

I did everything I could to filter traffic
And again: if you can't do enough, it's same as you can't filter traffic. What you could and what not - doesn't matter.

@tor_zealot:

if you were a citizen of Pakistan, Iran, Libya, etc. and TOR was the only thing standing between your ability to communicate, and having the government bust down your door and shoot you in the face
Are you 17 years old? Your node was used to download "House MD" and other copyrighted crap. If you want to play in politic games, want to work for somebody's freedom - be ready to spend big moneys and large amount of nerves. And using VPS for this games - it's ridiculous.

We'll certainly see. But neither linode, nor I, was in any threat of being taken down by the DMCA, or any other legal power. Seriously guys, read the legalese provided by the TOR project and you'll better understand this. We don't all need to run scared because something says DMCA on it. Chill out.

I'm always very suspicious when people wish to remain "anonymous" on the internet and they assume - incorrectly - that it's their "right" to have privacy online.

I do question why people go to such lengths to try to hide their activity…

I'm surprised that Linode allow TOR nodes at all - it's not worth the hassle for them. I think their support staff were very professional in dealing with you.

@Mr Nod:

I'm always very suspicious when people wish to remain "anonymous" on the internet and they assume - incorrectly - that it's their "right" to have privacy online.

I do question why people go to such lengths to try to hide their activity…

You're right, we should question anyone who seeks privacy – as we all know the desire for privacy is a default admittance of guilt of some atrocious crime. We should round up all these people seeking this whole "privacy" thing and put them in some sort of concentration camp, or prison, or just shoot them and be done with it…

Oh wait! There are actually many 3rd world countries already do that! I highly suggest you move to one of those countries. Freedom and privacy are HUGELY over-rated.

PS. Just an idea, but you might want to read up on the 9th amendment some time. It's good reading.

@vonskippy:

@neo:

Does the law require Linode to assume every DMCA take down notice they receive is legitimate and not bogus and/or fake?
The law is whatever your lawyer can prove in court. Right or wrong has nothing to do with it.
And how is this relevant to the question I asked?

@tor_zealot:

read the legalese provided by the TOR project and you'll better understand this.

Bwahahahahahahahahahahaha.

Wake up snowflake. Words on a piece of paper are just that, words. Until a judge rules on them they don't mean squat (and even then, unless it travels up the judicial food chain, it still might not mean squat).

Go sit in a federal court session for a afternoon and see how the real world operates.

It's not LINODE's job to pay for a ruling on that pie-in-the-sky crap that TOR is spewing out.

tor_zealot, one thing I would agree about with many posters here, is that ultimately you can not expect Linode to fight this for you. What you should have done is created official response to take down notice, asking them to provide specific links to copyrighted material stored on your site, and then ask Linode to relay your response. In other words, this is between you and the morons sending take down notices, Linode is just caught in the middle.

@neo:

tor_zealot, one thing I would agree about with many posters here, is that ultimately you can not expect Linode to fight this for you. What you should have done is created official response to take down notice, asking them to provide specific links to copyrighted material stored on your site, and then ask Linode to relay your response. In other words, this is between you and the morons sending take down notices, Linode is just caught in the middle.

That's a very fair point. But where the interaction with linode primarily began to degrade was their unwillingness to see that agreeing with "principle" and allowing it's actual "technical operation" are mutually exclusive in this case. I don't care about linodes "principles," I care about what I can and cannot run via their service, in parameters provided by them to me. I was more than happy to comply with any changes that needed to be made to my exit node policy, but when they simply come back with "block all malicious/illegal traffic or shut off your TOR node" that's a simple ridiculous response. More-over telling me that I (or even they) are responsible for traffic that did not originate in their network, but was merely relayed through their network, is utterly absurd technically and legally. Through the discourse I at times probably came off as arrogant and slightly rude, but their unwillingness to assist in an actual technical rectification of their complaint was beyond frustrating.

It's quite clear that linode is at odds with their own legal and technical staff, and I'm just not convinced that either parties understand well enough the concepts at play. But since I'm no longer a customer it's really up to the rest of you to decide.

Linode offers a pretty good, solid service, but they clearly fail in many other areas.

@tor_zealot:

If it is in Linodes policy that running a Tor node is ok, Linode is accepting the total roll of the dice that some of the traffic that will comes out of it is legit, and some of it won't be.

In closing I'll just say I am terribly disappointed in how your customer and technical service representatives have chosen to blindly handle this situation. Instead of offering any assistance in how I might better adhere to impossible technical standards I have just been given copy/pasted TOS crap that didn't apply to me in the first place, and obviously made no sense to the person who found it in the first place. Total fail, guys. Game over.

I think you ought to actually read what the ToS says about Tor in particular. It's quite clearly written to be along the lines of "while we don't specifically forbid you to run a Tor exit node, you pretty much can't because the traffic from it will keep violating our terms of service all the time":

> Linode does not prohibit the use of distributed, peer to peer network services such as Tor, nor does Linode routinely monitor the network communications of customer Linodes as a normal business practice. However, customers are responsible for the contents of network traffic exiting their Linode. Any usage that prompts the receipt of abuse complaints pertaining to violation of United States and/or international copyright law must be promptly discontinued to avoid service cancellation for violation of these terms.

Simply, Linode is not the right place to host your Tor services.

@hawk7000:

Simply, Linode is not the right place to host your Tor services.

That much is clear, though that's certainly at odds with the claims of the linode technical staff in the original post, claiming "we do have other customers that successfully operate Tor exit nodes and do not generate complaints."

It would be awesome if any of these such customers could chime in with their experience… Is this true?

@tor_zealot:

That much is clear, though that's certainly at odds with the claims of the linode technical staff in the original post, claiming "we do have other customers that successfully operate Tor exit nodes and do not generate complaints."

It would be awesome if any of these such customers could chime in with their experience… Is this true?

If there are any such customers, they probably have extremely restrictive exit policies. Even if you disallow everything except port 80, your exit node can still post spam comments on other people's sites. Maybe they're using a firewall to block everything except a few specific sites? (Wikipedia would be OK, for example, because they already disallow anonymous edits from Tor IPs.) Or maybe it's just a matter of luck that they haven't generated a complaint yet.

Anyway, as you have now realized, Linode isn't a good place to run a Tor exit node. This has nothing to do with the law or morality; it is simply a matter of costs and benefits. If it takes 5 minutes to process a DMCA complaint and check if it has any merits, and if the employee who does the checking gets paid at least $60 per hour, and if you get at least 1 complaint per week, you're already costing more than the prince of a Linode 512 per month.

Also, if the content owner gets frustrated after sending a few DMCA notices and decides to sue, it can cost Linode a thousand times that (in attorney's fees) even if the lawsuit turns out to have no merit. EFF has lawyers, and they're actually looking for lawsuits to test their claims, so they can show their letter around. But most small businesses cannot afford to go anywhere near a lawsuit. The price of a Linode would go up for everyone if Linode routinely risked lawsuits, and VPS is a very competitive market. It's as simple as that. People love privacy "in principle", but how much money it's worth is a different question.

As I said in a previous comment, the only way you can safely run a Tor exit node is with your own colocated server and your own IP block. See this site for hints. FormlessNetworking runs dozens of Tor exit nodes using their own IP block. Good luck with Rackspace; I doubt that their policies are any different from Linode's when it comes to Tor exit nodes.

@hybinet:

Good luck with Rackspace; I doubt that their policies are any different from Linode's when it comes to Tor exit nodes.

It seems from a quick scout that Rackspace's policy is the same, as noted in Tor's own ISP guide. Friendly in principle, but they'll kick you to the kerb if DMCA's keep coming.

@tor_zealot:

That's a very fair point. But where the interaction with linode primarily began to degrade was their unwillingness to see that agreeing with "principle" and allowing it's actual "technical operation" are mutually exclusive in this case. I don't care about linodes "principles," I care about what I can and cannot run via their service, in parameters provided by them to me. I was more than happy to comply with any changes that needed to be made to my exit node policy, but when they simply come back with "block all malicious/illegal traffic or shut off your TOR node" that's a simple ridiculous response. More-over telling me that I (or even they) are responsible for traffic that did not originate in their network, but was merely relayed through their network, is utterly absurd technically and legally. Through the discourse I at times probably came off as arrogant and slightly rude, but their unwillingness to assist in an actual technical rectification of their complaint was beyond frustrating.

A couple of points:

a) Its an unmanaged service, $20 or even $40 a month is not going to pay for technical services for a service you are choosing to run. In simple words, its your problem to stop the offending content from going through which is causing both DCMA and abuse reports to be sent to Linode for the IP assigned to your node.

b) You, as a Tor end point, are not a "service provider". You can quote, reference, cite all day long what the Tor group put on their web site regarding the legality and legal responsibility of a Tor end-point operator, but that doesn't make it universally correct or necessarily even factual. The only opinion that is going to count is a court's opinion and that can very greatly depending on the jurisdiction.

c) Linode had no problem with you running a Tor end point until they started receiving DCMA and abuse reports filed against the IP address assigned to you. You really thought that was alright? You really expected them to ignore them? They have legal obligations under the DCMA and I would imagine the datacenters at which they are located in also have certain requirements regarding abuse.

d) Regardless of your own moral beliefs, quite bluntly, you violated the terms of service that you agreed to upon signing up for the service. Because they did not agree with you it seems you like to think they were uncooperative, unhelpful and generally a bad service provider but it seems this went on for over a week with multiple abuse reports. Many providers would have just shut you down far earlier and in truth, personally, I believe that is what Linode should have done as well based on your attitude.

e) You've already decided to leave Linode and now you're posting in their forums, after the fact, wanting to complain about Linode? Isn't that just simply trolling? Its not like you're on the second or third abuse complaint asking for configuration help with Tor.

I personally think Tor ought to be banned outright on Linode. That's not a statement against free speech or even not wanting to help individuals that are in areas where free speech is prohibited. Tor, as designed, simply provides a mechanism that is too often and too easily used for abuse and other illegal activities that I don't really support and causes way more trouble as demonstrated by this thread than the good it actually does provide.

@TygerTyger:

Tor's own ISP guide

Interesting. Here's the link if anyone else also wants to know.

@tor_zealot:

We'll certainly see. But neither linode, nor I, was in any threat of being taken down by the DMCA, or any other legal power. Seriously guys, read the legalese provided by the TOR project and you'll better understand this. We don't all need to run scared because something says DMCA on it. Chill out.

Have you ever even read the DMCA? The comments you are making lead me to believe that you have not or have quite a few misunderstandings about what it does and does not do.

From Linode Terms of Service:

> Transmission, distribution, or storage of any information, data or material in violation of United States or state regulation or law, or by the common law, is prohibited.

Case closed.

Also, the world is powered by money, and MPAA, RIAA and similar assholes have tons of it. More than enough to lobby the feds or whoever raid Linode datacenters. Which then puts all of us, Linode customers, at risk of losing our data and service.

Thanks for taking your ideological battle elsewhere.

First off, this issue did not go on over a period of weeks, but a period of several days, I did all I could to promptly put new rules in place to avoid their claimed infractions – perhaps such a short time period means I dramatically over-reacted. But no matter how trivial most people would like to think this matter is, it is at the crux of the issue of personal privacy and how our private informations is becoming increasingly more public every day.

I'm not trying to simply troll, I'm merely bringing what I believe is a very valid point to the linode customer base. I'm not trying to get everyone to cancel their service just because of my personal principles, but instead want people to simply question if linode's policies are truly well founded technically and legally, and if they truly have the respect for privacy they claim to hold in such high regard. The issue of on-line privacy is becoming an increasing fragile issue in today's world, and if every network operator simply throws up their hands in dismay when ever they receive a legal notice that may or may not be valid the internet will cease to be the open platform it is today, and become an increasingly restricted ecosystem.

Though I did not react as if the sky was falling because of a stupid DMCA notice, I in no way ignored the issue, or told them I flat out didn't care -- I personally did everything I could to adhere to their TOS, researched any and all ways to mitigate malicious and illegal traffic, promptly put such traffic filtering rules in place, and went one step further to request if I missed some networking magic that exists, and to please bring it to my attention. What's more, I never at any given point came anywhere close to violating the DMCA -- simply receiving a notice is not proof of infringement. Ultimately I wanted to believe their public statement that operating a TOR exit node was acceptable, but it very quickly became clear that the actual operation of an exit node inherently offends their "principles" and otherwise violated a vague and contradictory TOS.

If you enjoy your linode service and find it a good value I encourage you all to continue using them as your VPS provider. However, if you are passionate about internet privacy I encourage you to contact Linode with your concerns about how they handle these matters.

@tor_zealot:

I personally did everything I could to adhere to their TOS

Except disabling your tor exit node. By your admission, your tor exit node was bound to generate questionable traffic. By Linode's ToS, such traffic was unacceptable. Thus, the only solution is to stop running an exit node.

My question is: why did you not simply switch from a tor exit node to a relay? Then you could help support your beloved internet privacy, and immediately solve all problems with everyone.

@tor_zealot:

But no matter how trivial most people would like to think this matter is, it is at the crux of the issue of personal privacy and how our private informations is becoming increasingly more public every day.

Perhaps it is. But this is not the place to prove that point, not when your actions are putting every other Linode customer at risk.

@tor_zealot:

I personally did everything I could to adhere to their TOS,

No you didn't. You said earlier:

@tor_zealot:

More-over telling me that I (or even they) are responsible for traffic that did not originate in their network, but was merely relayed through their network, is utterly absurd technically and legally.

This clearly shows that you either did not read Linode TOS or don't understand it. The part from the TOS I quoted earlier includes TRANSMISSION. Operating a TOR exit node that transmits illegal content (including what appears as Wordpress hacking attempt to promote child porn) is in violation of the TOS.

Your concerns about overall privacy on the Net may be valid, but let's be honest. Human nature is what it is. Any opportunity to operate on the Net anonymously and without the risk of being caught WILL (by statistical certainty) result with abuse. Across all protocols and ports, from p2p, http, smtp, pop3, imap, you name it. And to prevent that you'd have to shut down port by port effectively rendering your node useless.

@tor_zealot:

What's more, I never at any given point came anywhere close to violating the DMCA – simply receiving a notice is not proof of infringement.

That is irrelevant. Linode HAS to respond to DMCA notices, has to inform you and has the obligation to shut down your server if the notices persist. If you think that is unfair, you're welcome to file anti-DMCA claim and even sue whoever is (wrongly) accusing you.

Which is not Linode. They're just protecting their business and doing so, they're protecting our business.

@akerl:

My question is: why did you not simply switch from a tor exit node to a relay? Then you could help support your beloved internet privacy, and immediately solve all problems with everyone.

Actually that's an awesome question that cuts nicely into the heart of the matter! Initially I just kept running it as an exit node simply because:

A.) The technical staff told me they had others that ran exit nodes on their network without complaints.

B.) There are fewer exit nodes in the US, so I wanted to help build a better geographic dispersal of exit nodes.

While changing it to a relay certainly would be a perfectly valid solution to mitigate the false-positive DMCA notices, etc. But my point about the technical operation of the TOR network would still stand – the exact same malicious / illegal traffic that they were complaining about would still be "transmitting" out my IP and through their network, they just wouldn't know as much about it.

So that's the big issue right there: "evil" traffic travels through not just the TOR network, but virtually every ISP and data center in the world, all day, every day. But in this case, instead of spending their time sending complaints to the actual people who are the real source of the traffic (the people bittorrenting House, or the retarded script kiddies), they harass me about it, as if there was something I could really do about it, as if I was in any way responsible. Instead of threatening to take my server off-line because they don't like complaints about traffic that travels through TOR, maybe they could spend more time and effort locating the real problem, or even just be willing to work with me in actually trying to build a better TOR exit node policy, as I do have fairly advanced networking knowledge. OR they could just be up front and change their TOS to read "You absolutely can't run a TOR exit node on our network because we've already submitted to strong-arm lawyers that aren't even going to sue us over this anyway."

@hybinet:

@TygerTyger:

Tor's own ISP guide
Interesting. Here's the link if anyone else also wants to know.
Here is another list.

Interestingly, they list a few US hosting providers which allow running TOR exit nodes pretty much unconditionally. This basically disproves the theory presented here that hosting provider has no choice but to comply with any DMCA take down notice, irrespective of validity. I have no experience in this matter, but I guess these hosting providers simply send some standardized "get lost" reply to DMCA take down notices after verifying these notices refer to TOR exit nodes and not some stored material. Because contrary to what most people here seem to believe, no one was ever sued for running TOR node (including exit node) or any other similar service. And if I had to guess why overzealous RIAA/MPAA lawyers never sued anyone over this, I would guess that EFF lawyers are probably right when they say this activity is completely legal under current US law (unlike hosting copyrighted material without permission of copyright owner).

So, if other US hosting providers can do it, why not Linode?

@neo:

@hybinet:

@TygerTyger:

Tor's own ISP guide
Interesting. Here's the link if anyone else also wants to know.
Here is another list.

Interestingly, they list a few US hosting providers which allow running TOR exit nodes pretty much unconditionally. This basically disproves the theory presented here that hosting provider has no choice but to comply with any DMCA take down notice, irrespective of validity. I have no experience in this matter, but I guess these hosting providers simply send some standardized "get lost" reply to DMCA take down notices after verifying these notices refer to TOR exit nodes and not some stored material. Because contrary to what most people here seem to believe, no one was ever sued for running TOR node (including exit node) or any other similar service. And if I had to guess why overzealous RIAA/MPAA lawyers never sued anyone over this, I would guess that EFF lawyers are probably right when they say this activity is completely legal under current US law (unlike hosting copyrighted material without permission of copyright owner).

So, if other US hosting providers can do it, why not Linode?

Thank you. :)

Have either one of you actually read the DMCA laws, or at the very least the Wikipedia entries regarding the subject? If you do, you should be able to answer your own questions.

@AVonGauss:

Have either one of you actually read the DMCA laws, or at the very least the Wikipedia entries regarding the subject? If you do, you should be able to answer your own questions.
Have you actually read [insert something] on this subject?

If you do, you should be able to understand my position.

See how this way of having a discussion works?

Like it?

Or, in this specific case it clearly (for the most part) spells out a provider's obligation in this situation to prevent them from becoming a target themselves.

@AVonGauss:

Or, in this specific case it clearly (for the most part) spells out a provider's obligation in this situation to prevent them from becoming a target themselves.

Linode was in no risk of being a target of legal action – your, and their, assumption was simply submitting to the FUD that the MPAA/RIAA has tried to instill in the American public, but failed to actually fully and successfully follow through on in any court system. Seriously, I've worked for an ISP and seen the exact process from beginning to end. Don't worry guys, no matter how many DMCA notices Linode gets nobody is going to break down their doors and shut off all their servers.

This may shock you, but you don't need to be guilty to be taken to court. The fact that technically, you and Linode are not liable for your tor exit traffic doesn't mean that someone who is determined enough couldn't drag Linode into court and whatnot.

@tor_zealot:

Linode was in no risk of being a target of legal action …
This is just your opinion, and I have a suspicion that you are not a lawyer. You go on to say: "… but failed to actually fully and successfully follow through on in any court system." – clearly showing that there is indeed some risk of Linode being dragged into court as the *AA and others continue with their litigious activities. When you go on to say "Don't worry guys, no matter how many DMCA notices Linode gets nobody is going to break down their doors and shut off all their servers.", you obviously haven't been following the news lately.

@tor_zealot:

I've totally canceled my account and moved all services away from the linode network
And yet you're still here blathering on.

Shoo, move along now, shoo.

@tor_zealot:

Linode was in no risk of being a target of legal action – your, and their, assumption was simply submitting to the FUD that the MPAA/RIAA has tried to instill in the American public, but failed to actually fully and successfully follow through on in any court system. Seriously, I've worked for an ISP and seen the exact process from beginning to end. Don't worry guys, no matter how many DMCA notices Linode gets nobody is going to break down their doors and shut off all their servers.

Let's set the somewhat undecided issue of copyright infringement aside… The issue of network abuse still exists (blog comment spam), which means you were certainly in violation of the ToS.

@vonskippy:

Shoo, move along now, shoo.
Yeah, let's stick a fork in this one – it's done.

Seriously, guys – I, nor linode, was responsible for torrenting anything or spaming anyone's wordpress page. Certainly this issue has been well written off by those unwilling to do the research. When ever anybody hears about somebody being taken to court for running a TOR node please let me know directly -- I would be greatly interested in hearing about how that turns out.

@tor_zealot:

Seriously, guys – I, nor linode, was responsible for torrenting anything or spaming anyone's wordpress page. Certainly this issue has been well written off by those unwilling to do the research.

Seriously, @tor_zealot, I think it has been made clear enough that the issue has nothing to do with who torrented a movie or who spammed a blog. Of course it wasn't you, we know that. But the fact of the matter is that Linode doesn't want to get involved with anybody whose IP address keeps getting mentioned in DMCA complaints, regardless of who did it. This, too, has been made plenty clear.

You have every right to disagree with Linode's policy, but Linode also has the right to refuse to do business with you. A company has the right to refuse business with anybody for any reason whatsoever. It doesn't need to be legally necessary or anything like that. If they want to kick you out because they don't like the color of your eyelashes, they can do so. Likewise, if you hate Linode because you don't like the font in the logo, you can do so.

@tor_zealot:

When ever anybody hears about somebody being taken to court for running a TOR node please let me know directly – I would be greatly interested in hearing about how that turns out.

The very fact that no clear precedent exists with respect to Tor might be considered a good reason, at least for some people, to stay clear of it altogether. Again, you might disagree. But different people and different businesses have different priorities and different standards of risk-taking, and what seems unreasonable to you might be the most natural thing to do for other people. Law is a complicated and very expensive thing. It's not unreasonable to stay far, far away from it, even if there is no chance of losing a lawsuit.

Get yourself some fucking toleration. There are thousands of hosts out there. Find a host that offers what you want. Leave alone those who don't agree with you.

@tor_zealot:

Seriously, guys – I, nor linode, was responsible for torrenting anything or spaming anyone's wordpress page. Certainly this issue has been well written off by those unwilling to do the research. When ever anybody hears about somebody being taken to court for running a TOR node please let me know directly -- I would be greatly interested in hearing about how that turns out.

No, you're just not getting it, you're trying to express your opinion as fact or as a legal opinion which it is not. Any provider, including Linode, must pass along DMCA information or become potentially liable themselves. As far as the abuse relating to child pornography, are you really trying to defend that?

You don't get it, and you're not listening, which means this is just trolling.

As far as responsibility regarding the DMCA complaints, if you really felt the conviction you are expressing in the forums you would have followed the long established procedure of responding to the DMCA requests in a normal and professional manner. Instead, you want the provider of an unmanaged service to deal with your irresponsibility and try to justify your actions. For what, $20 a month? Really?

@hybinet:

You have every right to disagree with Linode's policy, but Linode also has the right to refuse to do business with you. A company has the right to refuse business with anybody for any reason whatsoever. It doesn't need to be legally necessary or anything like that. If they want to kick you out because they don't like the color of your eyelashes, they can do so. Likewise, if you hate Linode because you don't like the font in the logo, you can do so.

Linode disagrees with their own policy! They say TOR is alright, but then harass people when it's in use. The primary issue here is not how they offended my personal principles regarding internet freedom and privacy. What I'm actually taking issue with is the fact that Linode CLAIMS one thing, then ACTS entirely opposite to that claim. They market directly to a demographic of the open source community that is most often foremost concerned with with matters of personal privacy and liberty, but back-peddle when actually faced with the matter.

To be a responsible and honest company they should either change their TOS to say you can't run a TOR node, or provide customers with acceptable parameters in which they can operate their TOR node. But spouting some bullshit about how "we have other customers that run tor nodes and that's ok" but then threatening to turn off my service when I randomly get hit with a false-positive complaint due to running a service THEY SAID I COULD is just flat out poor business practices.

Linode is welcome to set whatever policy they like and then enforce it at their own whim. But being hypocritical about their own policy is an entirely different matter that I believe their customers deserve to know about and seriously consider when they pay linode their own hard earned money.

Like I've said before – linode offers a pretty technically solid service. I was a happy customer before this, and I certainly wouldn't disagree with those who think I may have slightly over-reacted, or was maybe rude/arrogant/[insert negative adjective here]. If you like your service with Linode, by all means keep using it. But on the other hand, if you are one of those Linode customers who does actually care passionately about digital privacy and is disturbed by the implications of the lip service they pay to such matters, I highly encourage you to be critical of their policies, and possibly explore the many other VPS providers out there that show a little more informed legal competence and backbone. That's all…

@tor_zealot:

@hybinet:

You have every right to disagree with Linode's policy, but Linode also has the right to refuse to do business with you. A company has the right to refuse business with anybody for any reason whatsoever. It doesn't need to be legally necessary or anything like that. If they want to kick you out because they don't like the color of your eyelashes, they can do so. Likewise, if you hate Linode because you don't like the font in the logo, you can do so.

Linode disagrees with their own policy! They say TOR is alright, but then harass people when it's in use. The primary issue here is not how they offended my personal principles regarding internet freedom and privacy. What I'm actually taking issue with is the fact that Linode CLAIMS one thing, then ACTS entirely opposite to that claim. They market directly to a demographic of the open source community that is most often foremost concerned with with matters of personal privacy and liberty, but back-peddle when actually faced with the matter.

To be a responsible and honest company they should either change their TOS to say you can't run a TOR node, or provide customers with acceptable parameters in which they can operate their TOR node. But spouting some bullshit about how "we have other customers that run tor nodes and that's ok" but then threatening to turn off my service when I randomly get hit with a false-positive complaint due to running a service THEY SAID I COULD is just flat out poor business practices.

Linode is welcome to set whatever policy they like and then enforce it at their own whim. But being hypocritical about their own policy is an entirely different matter that I believe their customers deserve to know about and seriously consider when they pay linode their own hard earned money.

Like I've said before – linode offers a pretty technically solid service. I was a happy customer before this, and I certainly wouldn't disagree with those who think I may have slightly over-reacted, or was maybe rude/arrogant/[insert negative adjective here]. If you like your service with Linode, by all means keep using it. But on the other hand, if you are one of those Linode customers who does actually care passionately about digital privacy and is disturbed by the implications of the lip service they pay to such matters, I highly encourage you to be critical of their policies, and possibly explore the many other VPS providers out there that show a little more legal competence and backbone. That's all…

They are not hypocritical, they don't prevent any services including TOR from operating on their equipment. However, as expressly stated in their terms of services, once you violated the terms of service by allowing your node to become party to questionable content they required you to take action. It's not bullshit or any other slander you would like to throw out, you were simply unable or unwilling to prevent abuse reports from being routinely filed because YOU decided to run a TOR exit node.

You're not advocating equal rights, freedom of speech or anything even close to the same, just irresponsibility which I am personally glad they they did not accept. It should also be mentioned you decided to leave on your own, at no time did you mention they disrupted your service or took direct action against you. Personally, I think they should have shut you down based on your increasing hostile reactions based on the tickets you decided to post here.

Good luck with Rackspace, but I am personally glad you're gone.

@AVonGauss:

whine

I apologize for offending the delicate sensibilities of the portion of linode's customer base who fails to understand what a private internet proxy is, the legal responsibilities of it's operator within the bounds of technical feasibility, and the inability to control the intentions of said proxies users.

You can sleep soundly knowing as happy you are about my departure, I am equally as satisfied at disassociating myself from a community that believes hallow legal threats trumps personal privacy and liberty.

Good luck, guys. It's been a blast. :)

@tor_zealot:

@AVonGauss:

whine

I apologize for offending the delicate sensibilities of the portion of linode's customer base who fails to understand what a private internet proxy is, the legal responsibilities of it's operator within the bounds of technical feasibility, and the inability to control the intentions of said proxies users.

You can sleep soundly knowing as happy you are about my departure, I am equally as satisfied at disassociating myself from a community that believes hallow legal threats trumps personal privacy and liberty.

Good luck, guys. It's been a blast.

… and even after all the posts, you still don't get it.

@tor_zealot:

What I'm actually taking issue with is the fact that Linode CLAIMS one thing, then ACTS entirely opposite to that claim.

This is total nonsense. Now I'm sure you're just trolling and my vote goes for you to be banned.

Because your flawed logic can be easily extended to include:

  • open relay MTAs. So, by your logic, Linode should explicitly prohibit SMTP servers because some people keep open relays either by mistake, ignorance or on purpose.

  • IRC clients or servers. Those should be prohibited as well because some people want to control their botnets with it.

  • FTP or HTTP servers. These especially, because some people may share illegal content.

  • Torrent servers! Linode should ban those, no? Well, I have a torrent service and I'm happy to seed CentOS discs. I do not violate Linode TOS or any law for that matter.

So, do you see the pattern? You're blaming Linode for not explicitly prohibiting TOR while at the same time you totally (and I'd say deliberately) ignore the provisions of the TOS that put the responsibility of your traffic into your hands and prohibit illegal, unlawful content.

@tor_zealot:

Linode disagrees with their own policy! They say TOR is alright, but then harass people when it's in use.
@tor_zealot:

being hypocritical about their own policy
@Linode TOS:

Linode does not prohibit the use of distributed, peer to peer network services such as Tor ….. However ….. Any usage that prompts the receipt of abuse complaints pertaining to violation of United States and/or international copyright law must be promptly discontinued to avoid service cancellation for violation of these terms.
I still have no idea how you could misinterpret this paragraph. According to the TOS, Tor is allowed as long as it does not produce abuse complaints. Is it so difficult to understand what the conditional clause means? According to your definition of hypocrisy, it would be hypocritical for a government to say that you may drive as long as you're not drunk. They must have lied when they said you could drive! But that's absurd.

The TOS also makes it very clear that it doesn't matter who is actually responsible for copyright infringement. As soon as your Tor exit node prompts the receipt of DMCA complaints, you have to shut it down. Notice that the TOS doesn't say anything about the legality of said complaints. As soon as any DMCA complaints are received by Linode, the TOS applies to you.

Linode dealt with your case exactly the way the TOS said it would. The policy might be wrong according to some moral standard, but at least there was nothing "hypocritical" about it.

I run a Tor relay to use my spare bandwidth, but not as an exit node to avoid exactly these problems. I reccomend that you do the same. Linode's ToS and AUP are perfectly clear and not unfair in any way from my PoV. If you disagree, you should probably host elsewhere.

@Brian Puccio:

I run a Tor relay to use my spare bandwidth, but not as an exit node to avoid exactly these problems. I reccomend that you do the same. Linode's ToS and AUP are perfectly clear and not unfair in any way from my PoV. If you disagree, you should probably host elsewhere.
That's awesome. If you're not receiving complaints simply because you're lucky enough not to have "bad traffic" come out your end node, the gamble turned out well for you. On the other hand if you actually have some special way of managing your end-node that you believe is the key to avoiding complaints please share it on this thread so that other (customers that are still with linode) can continue to operate their nodes without harassment – this has been my primary request from the VERY BEGINNING. If there are such operators out there on the linode network tell me what you're doing right and what I did wrong (other than obviously be an asshole, as some would discern), because I certainly didn't just throw a base install of an ubuntu VM up there with a stock torrc file and no iptables rules (please presume that I have real professional networking and systems administration knowledge and experience, and that I'm not a total retard, or 13 years old).

Until I see such technical proof of how a node can be managed as such it still appears to me it's simply a roulette wheel gamble if your end node will generate enough complaints to warrant linode to "take action," or not, regardless of any steps taken by the operator to mitigate the "evil" traffic. This has been my entire point from the beginning -- maybe that doesn't make linode out-right hypocrites, but it certainly doesn't make them up-front and helpful.

From the general consensus it seems people believe I was entirely in the wrong and should take the traffic that comes out of any Tor exit node I run very personally, as if I generated the traffic myself, as if I could in any way stop or stem the tide. But seriously, people, I'm not a retard, so tell me what magic iptable/snort/layer5 filtering rule that's going to stop some jackass from spamming a wordpress site. Then tell me how I'm any more responsible than any other Tor relay/bridge/exit node or even big ISP network operator, such traffic was "transmitted" through. Tell me what I really did wrong other than run a Tor node and do everything I could to stop / mitigate complaints, only to have the linode continually reply with blanket-statement non sequiturs. Otherwise I just assume those that seem so personally offended at my point (as if a few DMCA notices alone were going to shut down Linode's datacenters entirely) simply don't understand both the nature of the internet, let alone privatized proxies, nor the technical and political concepts at play in running and operating the Tor network. I certainly recognize if Linode doesn't posses the pair of balls to be progressive on these matters, and is too afraid of "big bad layers" with their empty threats and deep pockets, it's well within Linode's right to stop the operation of any given piece of software -- I'm just not going to give them my money if they act accordingly (but still welcome other happy customers to continue their service).

PS. my exit node has been running on rackspace cloud for about two weeks with nary a DMCA or malicious traffic complaint. Hell of a lot longer than the 72hrs I made it on the linode network. YMMV

Did you even ready what you quoted? He said he was not running as an exit node in order to avoid the problems you had.

And the general consensus wasn't that you were in the wrong or that you should take it personally, but that you weren't doing enough to comply with the Linode ToS. Doing enough is essentially "don't run an exit node". As many told you before, Linode is in a business to sell virtual hosting, not legal protection services. Whether you believe it to be true or not, that is what you are asking them to do.

Congratulations. Don't say you weren't warned when you do receive complaints or are deactivated.

@carmp3fan:

Did you even ready what you quoted? He said he was not running as an exit node in order to avoid the problems you had.

Totally my bad, I did misread his post. Anyway, that just ties back to my point back on page 2 or so, that the same traffic is still being routed through their network, Linode just isn't getting complaints about it because that's the whole point of Tor relays (not being able to see the contents of the traffic you're passing, which technically gives you less of an ability to filter malicious traffic) – so Linode should just come right out and say: "You can't run an exit node on our network." Problem solved. But it didn't play out that way either because they don't understand the technology they're dealing with, or they're aforementioned hypocrites (as inflammatory an adjective as that may be). I wasn't looking for legal protection, and linode wasn't at real risk of legal action. If you believe otherwise I highly encourage you to research the current legal state of such matters. No party involved, other than the REAL originator of the traffic, was at fault – linode just wanted to hassel me about it, so I'm no longer a customer, and I encourage other similarly minded "internet activists" to do the same. Everyone else, go about your day, don't get upset about my opinions, and don't worry a single moment about the matter. Internet privacy will slowly fade away and it won't matter to you anyway.

@tor_zealot:

so I'm no longer a customer, and
and now it's time to stop trolling.

@OZ:

@tor_zealot:

so I'm no longer a customer, and
and now it's time to stop trolling.
Agreed.

And the winner for the Can't STFU Award goes to…..

tor_zealot

Who just like a bad Mother-in-law, doesn't know when it's time to pack her bags and go home.

@OZ:

@tor_zealot:

so I'm no longer a customer, and
and now it's time to stop trolling.
I'm sorry that you feel a continued discussion qualifies as trolling. My best advice to you is to not read the thread, or anything that offends you. Unless I misunderstood these are public forums, this sub-forum in particular being devoted to customer testimonials, which I certainly have.

Furthermore I find the discussion of this issue a particularly interesting matter, a poignant one to the open source community (who linode markets to), and a few people on here have brought up some really great points on both sides of the coin that I enjoy furthering intelligent discourse. If this is not your intention I suggest perhaps you are "trolling."

I'm not trolling, or at least not trying to; I'm not just generating posts by quoting things from page 2 just to keep the thread at the top of the page. If nobody else has anything to say I assume the thread will slowly drift down the page and be forever forgotten. But you certainly won't see me responding to anyone unless I feel they have at least a somewhat valid point to make that I find interesting. I hope that's alright with everyone – otherwise you can message an admin to have my account disabled because you feel I've been abusive in some way. It's great how these forum systems work.

Actually I'm surprised the thread broke more than a page, I figured it would be ignored. :)

These are examples of what I consider to be trolling posts (posts unrelated to subject of this forum and this thread, designed to provoke flame war):

@OZ:

@tor_zealot:

so I'm no longer a customer, and
and now it's time to stop trolling.

@carmp3fan:

@OZ:

@tor_zealot:

so I'm no longer a customer, and
and now it's time to stop trolling.
Agreed.

@vonskippy:

And the winner for the Can't STFU Award goes to…..

tor_zealot

Who just like a bad Mother-in-law, doesn't know when it's time to pack her bags and go home.

@neo:

These are examples of what I consider to be trolling posts (posts unrelated to subject of this forum and this thread, designed to provoke flame war):

and what would you call your post then? :roll:

Yes, I must have been trolling for agreeing that this thread should die.

@neo

Next time take the blue pill.

I too worry that the actions of a zealot defending a principle will negatively affect my service. I am sympathetic to the pragmatic position Linode has taken. Although this thread appears to have been beaten to death, there might be one worthy observation:

One apparent point of widespread agreement between many posters and indeed, Linode managerment is this:

We are supportive of the notion of protecting privacy, and thus the running of Tor "in theory." But in practice we are not. Like having one's cake and eating it.

Well, talk is cheap.

@xcosi2:

We are supportive of the notion of protecting privacy, and thus the running of Tor "in theory." But in practice we are not. Like having one's cake and eating it.

Well, talk is cheap.

More like "We don't have anything against Tor as itself, but we explicitly forbid any malicious and illegal traffic. So if you are able to magically make your Tor note relay only traffic that's not illegal (in our country of operaton) and not malicious, you're welcome to use it. Otherwise, tough luck for ya.".

As a practical matter, this incident demonstrates that one may not run a Tor exit node on Linode. Maybe Linode should reexamine any statement to the contrary because it is demonstrably disingenuous in light of recent events. Tor, by its nature, will support nefarious activities, just as a toll road will support the transport of stolen property. But we typically would not require the owner of a toll road to inspect the content of every passing vehicle or hold them responsible for illegal commerce. We do value privacy enough sometimes to pay a price for it. I did not read the DMCA legal text closely, but understood it to be analogous. I trust that I will be disabused of any misconceptions. There are certainly legal parallels to the operation of the PSTN: Carriers don't manage content. Wiretaps require court orders. Well, they did at one time in the past - but I digress.

So this is a double-edged sword; any way you handle it, you risk blood:

If Linode wishes to avoid hassles by caving to mild pressure on one side, it might find itself setting a precedent from which we assume that it considers itself responsible for such filtering (and raising such expectations in its customer base) and thus liable for future failures to police traffic. So given the inherent nature of Tor, can we not infer in this context that they are negligent in allowing its use? But if they prohibit it, what else is on the list? Torrent? SMTP? NNTP? IRC? Might they be better served by leaving law enforcement to official law enforcers and cooperating with such agencies when courts require it, but otherwise keeping at an arms length from specific issues? I know, the anonymity is the rub, but the parallels still apply.

Also, consider the specific complaints. To wit, traffic supporting an illegitimate purpose has come out of the Tor network. We consider it impossible to regulate the purposes for which Tor is used. Therefore, isn't the complainant's accusation tantamount to demanding that Linode cooperate in shutting down the Tor network? You can support anonymity in principle and practice, or you can oppose it. But if you want to be neutral…

It might be naive to think that a Linode practice of "just make it go away" is sustainable indefinitely. So Linode finds itself in a tough place, and that's business, cupcake. Does Linode really want to be doing the job of the courts and the police? I wouldn't want to. Ideally, Linode would be "hands off" and our intrepid Tor operator would be assuming responsibility for dealing with the complaints associated with the IP he controls. It's an "unmanaged" service, right? Or is it only unmanaged when it's convenient (or expedient) to be unmanaged?

The applicable guidelines would seem to be found in the Privacy Policy, Section 3(1):

Linode does not disclose customer information to other third parties except where required under applicable state and federal laws for purposes of investigation of criminal complaints, or where required by court order.

Will Linode support me if I become the target of bogus accusations? It's a legitimate question, regardless of the particulars of this recent incident. It goes right to the heart of the question of the day regarding the advisability of using cloud services.

Maybe a tougher stance in terms of adhering to legal procedures and standing with customers might serve Linode's long-term interests better.

@xcosi2:

Maybe a tougher stance in terms of adhering to legal procedures and standing with customers might serve Linode's long-term interests better.

Reasonably written and accurate.

The problem is Linode is stuck in the middle, and either choice they make, comply or dispute, costs them time (which is money) and money (which is money).

The legal system in America, is heavily biased to the rich. Fair and just are just buzz words, rich and powerful are the superior hand in court.

Even a neutral stance by Linode could cost a small fortune, a cost that will either be passed on to all their clients, or cause them to go out of business.

In either instance, I don't care about somebody elses "privacy" enough to jeopardize my VPS vendor of choice. I don't use Linode because they are the Champion of Freedom (or justice or privacy), I use them because they provide a good VPS service at a good price, period.

Political battles are just that, and fighting them inside Linode's business model is neither efficient (you don't have control) and pretty much unreasonable (it's their livelihood you're gambling with).

@rsk:

@xcosi2:

We are supportive of the notion of protecting privacy, and thus the running of Tor "in theory." But in practice we are not. Like having one's cake and eating it.

Well, talk is cheap.
More like "We don't have anything against Tor as itself, but we explicitly forbid any malicious and illegal traffic. So if you are able to magically make your Tor note relay only traffic that's not illegal (in our country of operaton) and not malicious, you're welcome to use it. Otherwise, tough luck for ya.".
Seems accurate to me…

Anyway, I thought I'd poke my nose into this thread (hi, by the way) because a couple years ago when I was with Slicehost, I had pretty much the same experience as the original poster, and they seem to have (or had) similar policies as Linode with respect to Tor. My experience would suggest that a fairly restrictive exit policy can do a lot to cut down on the chance of a Tor node generating a DMCA notice, since I got my notice about a day after starting up my Tor node, but after implementing a restrictive exit policy I've been running it for two years without incident. I wrote a few blog posts at the time that might be useful information for people who are into this sort of thing.

@diazona:

I wrote a few blog posts at the time that might be useful information for people who are into this sort of thing.

In the third post you wrote:
> ExitPolicy accept *:21-23,accept *:53,accept *:80,accept *:110,accept *:143,accept *:443,accept *:992-993,accept *:995,reject :
To a first approximation that's a pretty good policy. I doubt many torrent systems will use those well-known-ports (it is technically possible, but I just can't make myself think this'll ever be wide-spread) so this policy should allow for "good" anonymous communication while blocking torrents. It won't prevent blog-comment-spam, but this is a good start.

Thanks for posting that.

Yeah, that was basically my thought process as well. And like I said, it seems to work pretty well in practice. Good to know the information is useful :D

Many users use common ports for BitTorrent to evade ISP throttling. 1723 is pretty common, since it's PPTP's port (for control anyhow)

@rsk:

@xcosi2:

We are supportive of the notion of protecting privacy, and thus the running of Tor "in theory." But in practice we are not. Like having one's cake and eating it.

Well, talk is cheap.

More like "We don't have anything against Tor as itself, but we explicitly forbid any malicious and illegal traffic. So if you are able to magically make your Tor note relay only traffic that's not illegal (in our country of operaton) and not malicious, you're welcome to use it. Otherwise, tough luck for ya.".
If this was the position of Linode I would agree with it completely. But it is not. If you read what Linode support repeatedly said, the position is very different: we will allow you to do whatever you want as long as we don't receive complaints claiming that what you are doing is illegal.

@neo:

@rsk:

More like "We don't have anything against Tor as itself, but we explicitly forbid any malicious and illegal traffic. So if you are able to magically make your Tor note relay only traffic that's not illegal (in our country of operaton) and not malicious, you're welcome to use it. Otherwise, tough luck for ya.".
If this was the position of Linode I would agree with it completely. But it is not. If you read what Linode support repeatedly said, the position is very different: we will allow you to do whatever you want as long as we don't receive complaints claiming that what you are doing is illegal.
"You can do what ToS allow; when we NOTICE you are breaking them, we'll act.". "Noticing" may be due to a complaint, may be due to investigation who and why chokes a network device with a six-digit number of connections, may be you yourself admitting it on the forums…

@rsk:

"You can do what ToS allow; when we NOTICE you are breaking them, we'll act.". "Noticing" may be due to a complaint, may be due to investigation who and why chokes a network device with a six-digit number of connections, may be you yourself admitting it on the forums…
Linode TOS is the whole problem:
> Any usage that prompts the receipt of abuse complaints pertaining to violation of United States and/or international copyright law must be promptly discontinued to avoid service cancellation for violation of these terms.
In other words, Linode will cancel services if you continue doing something which "prompts the receipt of abuse complaints", not if you "continue to do something illegal". I am not suggesting Linode doesn't have a right to include whatever they want into TOS agreement. I am suggesting this paragraph in Linode TOS agreement is unreasonable and ultimatly not in the best interest of either Linode clients or Linode itself.

@neo:

I am suggesting this paragraph in Linode TOS agreement is unreasonable and ultimatly not in the best interest of either Linode clients or Linode itself.

How is that? The Linode TOS are, I'm sure, crafted by Linode's lawyers to protect Linode. Linode shouldn't be put in the position to play detective and determine if the complaint is valid. Linode appears to pass on the full complaint information to their client. If the complaint is not valid and the client is not doing anything illegal, they (the client) needs to call up their lawyer and have them respond to have the complaints stopped. If the client can't afford a lawyer, they may want to rethink what types of activities they perform on their node (e.g. running a TOR exit node).

If Linode has to get involved in every complaint, beyond forwarding it to the client, Linode's costs go up. If Linode's costs go up, guess who has to pay for it?

@neo:

> Any usage that prompts the receipt of abuse complaints pertaining to violation of United States and/or international copyright law must be promptly discontinued to avoid service cancellation for violation of these terms.
In other words, Linode will cancel services if you continue doing something which "prompts the receipt of abuse complaints", not if you "continue to do something illegal". I am not suggesting Linode doesn't have a right to include whatever they want into TOS agreement. I am suggesting this paragraph in Linode TOS agreement is unreasonable and ultimatly not in the best interest of either Linode clients or Linode itself.

You can argue that clients may prefer that linode fight all their legal battles for them, sure, but how is that policy not in the best interest of linode itself?

Let me boil it down for you. when you get complaints, linode staff have to pass them on. That takes time and therefore money. get more than a couple and linode isn't making money providing you service anymore. If it gets to that point, why would they keep you around as a customer? They're running a VPS business, not a legal charity.

I read as far as your username and gave up on the fact that I knew it was going to be a pointless argument.

@neo:

In other words, Linode will cancel services if you continue doing something which "prompts the receipt of abuse complaints", not if you "continue to do something illegal".

Why didn't you quote the whole paragraph? Here, I'll do it and I'll highlight the parts that explain the "prompts" part:

> Linode does not prohibit the use of distributed, peer to peer network services such as Tor, nor does Linode routinely monitor the network communications of customer Linodes as a normal business practice. However, customers are responsible for the contents of network traffic exiting their Linode. Any usage that prompts the receipt of abuse complaints pertaining to violation of United States and/or international copyright law must be promptly discontinued to avoid service cancellation for violation of these terms.

It means Linode can't know what you're doing unless:

1. They receive a complaint

2. They monitor your service, which probably means deep packet inspection because port number does not prove anything.

And they're not going to monitor because it is pointless, technically very difficult unless you're in business of monitoring traffic and would probably open a privacy violation pandora's box somewhere and somehow, if they did.

So yes, they rely on complaints to act upon. And no, don't twist the words, the TOS prohibits you from doing anything illegal, period.

@glg:

You can argue that clients may prefer that linode fight all their legal battles for them, sure, but how is that policy not in the best interest of linode itself?
Clearly Linode has to look at validity of complaints at least to some standard, otherwise anyone would be able to bring down anyone else's site just by repeatedly sending Linode bogus complains.

And the argument related to this particular case (running TOR node) is that over so many years of operation not a single person or hosting provider was ever sued over running TOR node (including exit nodes). Most probably because this activity is completely legal under current US law, as many prominent lawyers conclude.

Other US hosting providers support running TOR exit nodes. They probably choose to send some standard "get lost" replies to complains related to TOR nodes. And, as I said, none of them (or their customers) was ever sued for running a TOR node (including exit nodes) over many years of operation. If others can do it, why not Linode?

@neo:

Other US hosting providers support running TOR exit nodes.

Then go away. Linode has stated their policy, and that it will not change.

If you want a host that has a ToS other than Linode's, use a different host.

Goodbye, and good riddance.

Now lets let this thread die.

@akerl:

@neo:

Other US hosting providers support running TOR exit nodes.

Then go away. Linode has stated their policy, and that it will not change.

If you want a host that has a ToS other than Linode's, use a different host.

Goodbye, and good riddance.

Now lets let this thread die.
I don't run TOR node and I don't intend to run it. I am having a discussion with other Linode customers in Linode support forum about an issue related to Linode service. If you have no interest in this discussion you are more than welcome to ignore it.

@akerl:

Now lets let this thread die.

agreed. pretty pointless arguing with this kid

@bjl:

@neo:

I am suggesting this paragraph in Linode TOS agreement is unreasonable and ultimatly not in the best interest of either Linode clients or Linode itself.

How is that? The Linode TOS are, I'm sure, crafted by Linode's lawyers to protect Linode. Linode shouldn't be put in the position to play detective and determine if the complaint is valid. Linode appears to pass on the full complaint information to their client. If the complaint is not valid and the client is not doing anything illegal, they (the client) needs to call up their lawyer and have them respond to have the complaints stopped. If the client can't afford a lawyer, they may want to rethink what types of activities they perform on their node (e.g. running a TOR exit node).

If Linode has to get involved in every complaint, beyond forwarding it to the client, Linode's costs go up. If Linode's costs go up, guess who has to pay for it?
Clearly Linode has to look at validity of complaints at least to some standard, otherwise anyone would be able to bring down anyone else's site just by repeatedly sending Linode bogus complains.

@Azathoth:

@neo:

In other words, Linode will cancel services if you continue doing something which "prompts the receipt of abuse complaints", not if you "continue to do something illegal".

Why didn't you quote the whole paragraph? Here, I'll do it and I'll highlight the parts that explain the "prompts" part:

> Linode does not prohibit the use of distributed, peer to peer network services such as Tor, nor does Linode routinely monitor the network communications of customer Linodes as a normal business practice. However, customers are responsible for the contents of network traffic exiting their Linode. Any usage that prompts the receipt of abuse complaints pertaining to violation of United States and/or international copyright law must be promptly discontinued to avoid service cancellation for violation of these terms.

It means Linode can't know what you're doing unless:

1. They receive a complaint

2. They monitor your service, which probably means deep packet inspection because port number does not prove anything.

And they're not going to monitor because it is pointless, technically very difficult unless you're in business of monitoring traffic and would probably open a privacy violation pandora's box somewhere and somehow, if they did.

So yes, they rely on complaints to act upon. And no, don't twist the words, the TOS prohibits you from doing anything illegal, period.
I don't see how the other text in paragraph changes the meaning of the part I quoted. I never suggested Linode should monitor traffic, nor I suggested it should ignore complaints. I suggested it is wrong to treat continued "receipt of abuse complaints" by itself as grounds for termination, unless Linode looked into those complaints at least to some standard and assessed complaints to likely be valid. And Linode probably already does that, otherwise anyone would be able to bring down anyone else's site just by repeatedly sending Linode bogus complaints. So the question is: should Linode start treating complaints about TOR exit nodes as bogus, like other US hosting providers already do?

@neo:

So the question is: should Linode start treating complaints about TOR exit nodes as bogus, like other US hosting providers already do?
What makes you think these complaints are bogus? Running a TOR exit node can cause actual malicious or illegal traffic to exit the Linode instance. Complaints would be bogus if this traffic did not actually exit the Linode.

@Zr40:

@neo:

So the question is: should Linode start treating complaints about TOR exit nodes as bogus, like other US hosting providers already do?
What makes you think these complaints are bogus? Running a TOR exit node can cause actual malicious or illegal traffic to exit the Linode instance. Complaints would be bogus if this traffic did not actually exit the Linode.
The complaint in case of TOR exit node is bogus because according to many prominent lawyers running TOR exit node (with any kind of exit traffic) is completely legal under current US law. This opinion is also strongly supported by the fact that no person or hosting provider was ever sued for running TOR node (including exit node) in many years of operation.

No competent lawyer will say such a claim is bogus until such a claim has been tested in court. At best they'll provide an opinion that they think it is bogus (or so my friendly lawyer tells me:-)).

I feel that a competent prosecutor could easily lay a groundwork for contributory infringement; "one who, with knowledge of the infringing activity, induces, causes or materially contributes to the infringing conduct of another."

The defense would have to argue that it didn't know, but given multiple warnings from the service provider that the exit node had been used to transit infringing traffic then this would be a weak defence; the defendant would have known their resource was being used to assist in copyright infringement, which would also take care of the "safe harbor" provision of the DMCA.

The Sony Betamax defence (other legitimate uses) is also weak, since sites have been taken down in the past or had rulings made against them; the prosecution must merely show that the majority of traffic flowing through the exit node was infringing traffic and that legitimate uses were negligible. Given the size of a typical torrent, that shouldn't be hard!

If I was running linode then I'd not want to take the risk. As a customer of linode I don't want them to take the risk. I believe linode's position is prudent and correct.

I don't know about you, but I am not a lawyer, and I think it would be beyond naive for me to discuss specifics of possible legal arguments. I know that many prominent lawyers say in their opinion TOR exit nodes are completely legal under current US law. I also know no one was ever sued for running TOR exit node over many years of operation.

There is always a risk, regardless of what one chooses to do or not to do. Is the risk in this case grave enough to go the path of alienating (and losing business of) a few customers? Perhaps.

@neo:

many prominent lawyers say in their opinion TOR exit nodes are completely legal under current US law
"citation needed"

> Is the risk in this case grave enough to go the path of alienating (and losing business of) a few customers? Perhaps.
And gaining customers because of reduced risk of being caught up as an innocent bystander in DoS attacks, court rulings against the service provider, etc etc. Hell yes.

@neo:

The complaint in case of TOR exit node is bogus because according to many prominent lawyers running TOR exit node (with any kind of exit traffic) is completely legal under current US law.
TOR might be completely legal, but the outgoing traffic it causes might not be. There is no problem with TOR itself, but there is with the traffic. So I ask again. What makes you think the complaints about the traffic are bogus?

@sweh:

@neo:

many prominent lawyers say in their opinion TOR exit nodes are completely legal under current US law
"citation needed"
Here is TOR legal FAQ written by EFF attorneys:

https://www.torproject.org/eff/tor-legal-faq
> we believe that running a Tor node, including a Tor exit node that allows people to anonymously send and receive traffic, is lawful under U.S. law.
And here is the list of said EFF attorneys:

https://www.eff.org/about/staff

@sweh:

> Is the risk in this case grave enough to go the path of alienating (and losing business of) a few customers? Perhaps.
And gaining customers because of reduced risk of being caught up as an innocent bystander in DoS attacks, court rulings against the service provider, etc etc. Hell yes.
This is just a speculation. I might as well speculate that TOR friendly service will attract people who dislike RIAA/MPAA (probably a majority of US population), people who support privacy and anonymity on the Internet (again, quite a sizable crowd), etc., etc.

@Zr40:

@neo:

The complaint in case of TOR exit node is bogus because according to many prominent lawyers running TOR exit node (with any kind of exit traffic) is completely legal under current US law.
TOR might be completely legal, but the outgoing traffic it causes might not be. There is no problem with TOR itself, but there is with the traffic. So I ask again. What makes you think the complaints about the traffic are bogus?
I am afraid I will have to give you the same answer again. According to many prominent lawyers, running TOR exit node (with any kind of exit traffic) is completely legal under current US law. This opinion is also strongly supported by the fact that no person or hosting provider was ever sued for running TOR node (including exit node) in many years of operation.

In other words, even if some of the node exit traffic is "illegal", the node operator or his hosting provider are not legally liable (again, according to many prominent… you know the drill).

Okay, so you believe that complaints about illegal or malicious traffic are bogus if they originate from your TOR exit node.

If complaints about illegal or malicious traffic were ignored only because they originated from your TOR exit node, you would be able to get the following scenario:

1. Run a TOR exit node on your Linode.

2. You perform illegal or malicious activities yourself, on the same Linode.

3. Linode receives complaints and forwards them to you.

4. You say: "See! I run a TOR exit node!"

5. Linode says: "Oh okay, carry on."

The fact is, the illegal or malicious traffic exits from your Linode. There is nothing wrong with TOR itself, but there is with the traffic it causes.

Here's an analogy for you. There is nothing illegal about knives, but stabbing people with a knife is. Should stabbing with knives be allowed because knives are legal?

@neo:

Here is TOR legal FAQ written by EFF attorneys:

https://www.torproject.org/eff/tor-legal-faq
> we believe that running a Tor node, including a Tor exit node that allows people to anonymously send and receive traffic, is lawful under U.S. law.
And here is the list of said EFF attorneys:

https://www.eff.org/about/staff
I'll believe you when I see RIAA/MPAA lawyers agree with the EFF. I don't doubt that EFF knows what it's doing, but Tor is their pet project so there's a good chance they're biased in favor of it.

Besides, legal opinion is worthless until it has been proven in court. In common-law countries such as the U.S., law is what the judge says it is. So far, no judge has said anything about Tor. This only means that the risk is unknown; it does not mean that there is no risk. In fact, I'd feel a lot more comfortable about Tor if somebody actually got sued and won. Consider the GPL: a lot of people doubted its legal validity until a couple of cases actually went to court and won.

Nobody would have imagined that it was "illegal" (in the sense that it warrants damages in a civil suit) to serve hot coffee without a warning message until that McDonald's lawsuit came along. This is a ridiculously litigious country you live in, and it is not unreasonable for people to be cautious.

@hybinet:

@neo:

Here is TOR legal FAQ written by EFF attorneys:

https://www.torproject.org/eff/tor-legal-faq
> we believe that running a Tor node, including a Tor exit node that allows people to anonymously send and receive traffic, is lawful under U.S. law.
And here is the list of said EFF attorneys:

https://www.eff.org/about/staff
I'll believe you when I see RIAA/MPAA lawyers agree with the EFF. I don't doubt that EFF knows what it's doing, but Tor is their pet project so there's a good chance they're biased in favor of it.

Besides, legal opinion is worthless until it has been proven in court.

Exactly. The keyword from the EFF page is "believe". That belief and a dollar will get you a cup of coffee.

@hybinet:

I'll believe you when I see RIAA/MPAA lawyers agree with the EFF.
Indirectly they already have. By not filing a single lawsuit against any operator (or his hosting provider) for running a TOR exit node in many years of operation.

@neo:

@hybinet:

I'll believe you when I see RIAA/MPAA lawyers agree with the EFF.
Indirectly they already have. By not filing a single lawsuit against any operator (or his hosting provider) for running a TOR exit node in many years of operation.

Sure kid. You feel so certain about this, go start your own TOR friendly host and let us know how it goes.

@glg:

Exactly. The keyword from the EFF page is "believe". That belief and a dollar will get you a cup of coffee.
EFF employs a lot of attorneys, many with very impressive credentials. But at the end of the day, yes, any opinion anyone expresses on any subjects is "just his beliefs".

@glg:

@neo:

@hybinet:

I'll believe you when I see RIAA/MPAA lawyers agree with the EFF.
Indirectly they already have. By not filing a single lawsuit against any operator (or his hosting provider) for running a TOR exit node in many years of operation.

Sure kid. You feel so certain about this, go start your own TOR friendly host and let us know how it goes.
I have no interest in starting my own hosting provider, TOR friendly or otherwise.

May I kindly ask you to refrain from discussing me personally and keep discussion on subject, if at all possible? Thank you very much.

@Zr40:

Okay, so you believe that complaints about illegal or malicious traffic are bogus if they originate from your TOR exit node.

If complaints about illegal or malicious traffic were ignored only because they originated from your TOR exit node, you would be able to get the following scenario:

1. Run a TOR exit node on your Linode.

2. You perform illegal or malicious activities yourself, on the same Linode.

3. Linode receives complaints and forwards them to you.

4. You say: "See! I run a TOR exit node!"

5. Linode says: "Oh okay, carry on."

The fact is, the illegal or malicious traffic exits from your Linode. There is nothing wrong with TOR itself, but there is with the traffic it causes.

Here's an analogy for you. There is nothing illegal about knives, but stabbing people with a knife is. Should stabbing with knives be allowed because knives are legal?
If you perform malicious activities yourself, than you are breaking the law. If you run TOR exit node and malicious traffic comes from TOR node, than you are not breaking the law. There is no contradiction here.

Not only TOR by itself is legal (whatever you think that means), but running TOR exit node (with inevitable outcome that some of the exit traffic will be malicious) is legal too (according to… see above).

@neo:

@sweh:

@neo:

many prominent lawyers say in their opinion TOR exit nodes are completely legal under current US law
"citation needed"
Here is TOR legal FAQ written by EFF attorneys:

https://www.torproject.org/eff/tor-legal-faq
> we believe that running a Tor node, including a Tor exit node that allows people to anonymously send and receive traffic, is lawful under U.S. law.
Ah, note the word "believe". That doesn't mean it's a fact. Funny how I pointed that out earlier.

Also note that this may have the presumption that the traffic is, itself, legal. This is comment on the legality of anonymity, not of facilitating illegal activities.

Also note that the EFF has been on the losing side of many a court case. The EFF attorneys (who need not be lawyers, as it so happens) are frequently wrong. All the way back in 2005 there were questions about how good the EFF were (eg http://www.theregister.co.uk/2005/12/06 … ds_to_die/">http://www.theregister.co.uk/2005/12/06/effneedsto_die/ ). I support the ideas the EFF fight for, but they don't do a very good job and I sure as hell wouldn't trust them unless I had no other choice.

@sweh:

Ah, note the word "believe". That doesn't mean it's a fact. Funny how I pointed that out earlier.
Do you mean to suggest any opinion anyone expresses on any subject could be anything other than "just his beliefs"?

You may be right about EFF attorneys, maybe they aren't good, but I think the fact that overzealous RIAA/MPAA lawyers never sued anyone for running TOR exit node over many years of operation strongly supports opinion of EFF attorneys on this subject.

@neo:

If you perform malicious activities yourself, than you are breaking the law. If you run TOR exit node and malicious traffic comes from TOR node, than you are not breaking the law. There is no contradiction here.

Not only TOR by itself is legal (whatever you think that means), but running TOR exit node (with inevitable outcome that some of the exit traffic will be malicious) is legal too (according to… see above).

What exactly as a TOR exit node operator makes you believe you have any safe harbor protection status? That's just the civil side of the equation, for the criminal side of activities I can almost guarantee you won't be looked upon as an innocent provider.

You can argue ideology all you want, but that doesn't set aside the legal and ethical responsibilities. Think of this way, you own a property containing an abandoned building - if you don't take reasonable means to secure the property you can be liable for activities occurring on that property.

@neo:

@glg:

@neo:

Indirectly they already have. By not filing a single lawsuit against any operator (or his hosting provider) for running a TOR exit node in many years of operation.

Sure kid. You feel so certain about this, go start your own TOR friendly host and let us know how it goes.
I have no interest in starting my own hosting provider, TOR friendly or otherwise.

May I kindly ask you to refrain from discussing me personally and keep discussion on subject, if at all possible? Thank you very much.

As you've been championing TOR and indirectly the "right" to run a TOR exit node for the last 8 pages, glg's comment seems quite on topic and well placed to me.

@AVonGauss:

@neo:

If you perform malicious activities yourself, than you are breaking the law. If you run TOR exit node and malicious traffic comes from TOR node, than you are not breaking the law. There is no contradiction here.

Not only TOR by itself is legal (whatever you think that means), but running TOR exit node (with inevitable outcome that some of the exit traffic will be malicious) is legal too (according to… see above).

What exactly as a TOR exit node operator makes you believe you have any safe harbor protection status? That's just the civil side of the equation, for the criminal side of activities I can almost guarantee you won't be looked upon as an innocent provider.
Once again, combination of these two things make me (not a lawyer) believe that running TOR exit node is legal under current US law:

1) EFF lawyers say so.

2) Overzealous RIAA/MPAA lawyers never sued anyone running TOR exit node over many years of operation.

@AVonGauss:

You can argue ideology all you want, but that doesn't set aside the legal and ethical responsibilities. Think of this way, you own a property containing an abandoned building - if you don't take reasonable means to secure the property you can be liable for activities occurring on that property.
When did I argue any ideology?

@neo:

@sweh:

Ah, note the word "believe". That doesn't mean it's a fact. Funny how I pointed that out earlier.
Do you mean to suggest any opinion anyone expresses on any subject could be anything other than "just his beliefs"?

It means the statement is not a statement of fact, yet you've been pushing it as one. The EFF lawyers are not saying that it's legal to run a Tor node; they're saying they believe it is legal. Many many people have lost in court doing things they believe are legal.

@sweh:

@neo:

@sweh:

Ah, note the word "believe". That doesn't mean it's a fact. Funny how I pointed that out earlier.
Do you mean to suggest any opinion anyone expresses on any subject could be anything other than "just his beliefs"?
It means the statement is not a statement of fact, yet you've been pushing it as one. The EFF lawyers are not saying that it's legal to run a Tor node; they're saying they believe it is legal. Many many people have lost in court doing things they believe are legal.
Whenever EFF lawyers (or anyone else) state anything, they are always stating their beliefs. Adding "I believe" at the beginning of every statement one makes is factually correct but logically redundant.

@neo:

@AVonGauss:

]You can argue ideology all you want, but that doesn't set aside the legal and ethical responsibilities. Think of this way, you own a property containing an abandoned building - if you don't take reasonable means to secure the property you can be liable for activities occurring on that property.
When did I argue any ideology?

When? How about this entire thread? This thread was originally started by a former customer, under the guise of privacy protection, to whine that they were being required by Linode to provide a remedy after Linode received multiple DCMA and abuse complaints about their VPS.

Everything after that is why tor_zealot and yourself believe a person should be able to run a TOR exit node without any responsibility or consideration for traffic and how you believe a service provider should not have any problem with a user doing so. You both are attacking this from different angles, but you both are outright ignoring a service provider's legal obligations and ethical responsibilities in this situation.

@neo:

@sweh:

It means the statement is not a statement of fact, yet you've been pushing it as one. The EFF lawyers are not saying that it's legal to run a Tor node; they're saying they believe it is legal. Many many people have lost in court doing things they believe are legal.
Whenever EFF lawyers (or anyone else) state anything, they are always stating their beliefs. Adding "I believe" at the beginning of every statement one makes is factually correct but logically redundant.
Nope; that's why lawyers nearly always phrase in terms of "belief", because it is not redundant. It evokes different conclusions from the readers mind.

@neo:

running TOR exit node is legal under current US law:
OK, let's say it's legal. But web hosts are under no obligation to allow everything that is legal in their jurisdiction. For example, a nontrivial number of hosts have a blanket ban on adult content, despite the fact that most porn is perfectly legal in most of the developed world. Other hosts (including Linode's Atlanta datacenter) often block IRC, even though there's nothing illegal about IRC. Tor could be in the same category of "potential nuisances" even if it were somehow guaranteed to be legal. Ethical obligations? I don't think so, when there are plenty of other ways you can run a Tor exit node.

If I were a sysadmin working for the adult content industry, I wouldn't complain about any host for not wanting to do business with me. The same applies to Tor. Linode staff has probably seen enough of this thread by now. It's their servers, so let them decide.

@AVonGauss:

@neo:

@AVonGauss:

]You can argue ideology all you want, but that doesn't set aside the legal and ethical responsibilities. Think of this way, you own a property containing an abandoned building - if you don't take reasonable means to secure the property you can be liable for activities occurring on that property.
When did I argue any ideology?

When? How about this entire thread? This thread was originally started by a former customer, under the guise of privacy protection, to whine that they were being required by Linode to provide a remedy after Linode received multiple DCMA and abuse complaints about their VPS.

Everything after that is why tor_zealot and yourself believe a person should be able to run a TOR exit node without any responsibility or consideration for traffic and how you believe a service provider should not have any problem with a user doing so. You both are attacking this from different angles, but you both are outright ignoring a service provider's legal obligations and ethical responsibilities in this situation.
I argued that running TOR node does not seem to be illegal under current US law. I never stated my opinion of this law. For all you know I might be bitterly opposed to any laws which allow any kind of privacy and anonymity on the Internet. Assessment of law applicability and approval or disapproval of the law are two unrelated subjects.

So, once again, when did I argue any ideology?