> Put simply: running a Tor exit node is not a crime<p>In Russia? You sure about that? I wouldn't be, if I lived in Russia, and I'd be much less so today than yesterday. It wouldn't surprise me if this prosecution were intended to make a point, in the characteristically subtle style of the modern Russian government, that regardless of what any potentially relevant legislation might say, running an exit node, and by extension acting in ways that help conceal communications potentially of interest to the state, isn't a very good idea if you cherish whatever stability and comfort your daily life affords.<p>The modern US government, on the other hand, has tended to be rather less blunt about making such points, and to choose different such points to make.
edit: please comment as opposed to downvote -- HN's value is civilized debate and information.<p>I value privacy and support VPN use, but for some reason this seems different to me. Maybe something to do with a VPN being a company using servers to create an obvious layer of identity protection that police can generally subpoena when of importance.<p>By running a Tor exit node, this individual was consciously allowing <i>his</i> IP address to be used for potentially malicious purposes. Why can't it easily be compared to someone making a cover for or assisting a criminal they don't know the identify of, which would be a crime if committed in person? Investigations lead back to him because he put himself in that position.<p>analogy: VPNs seem like concealing your ID from everyone, however police can sometimes work to see it if a court deems it justifiable and necessary. Individuals running Tor exit nodes seem like being given someone else's ID instead, with no trace otherwise.<p>Untraceable VPNs (ones unaffected by subpoenas) are somewhere in the middle, but the primary issue I see with this is the Tor system's use of someone else's ID rather than hiding your own (investigators are aware when they find a VPN service's IP).
If you're going to run a Tor node at home make it a relay, not an exit. There is practically no risk to running a relay. Exits have risk because of situations like this.<p>If you want to run exit nodes use a hosted server. It separates it from your normal traffic and makes it clear that it has a specific purpose.
This is disturbing, but this is how the buck stops, isn't it? All of these cryptographic dataflow concealer technologies have one very unpleasant failure mode: somewhere they have to interface with the physical overworld, where they're subject to all the unpleasantness of both their home jurisdiction (in this case, Russia), and in some cases, the jurisdictions of those who are intent on their laws applying worldwide (such as governments like the United States -- who are absent from this particular case, but not others).<p>No amount of condemnation on part of the EFF and declarations that "running an exit node is not a crime" is going to help Bogatov, where the Russian government has decided it will do what it takes to prove a point. This is how chilling effects work: when it endangers your own freedom and livelihood, you are forced to suddenly re-evaluate your priorities between big abstract issues like freedom of speech and whistleblower protection, vs. holding your head down and hoping you don't get caught up in something much bigger than yourself.<p>It also proves that these anonymizing networks only function in a free society, and break down in the exact situations where they would be most needed.
Why not make exit nodes only able to use secure protocols?<p>Am I missing something or could thing whole problem be put to rest, at the same time the rest of the net is transitioning to https only.