cnet News is reporting that researchers from the University of Colorado and the University of Washington could face charges for snooping the Tor network. The researchers could face up to five years in prison for breaking the Wiretap Act. Tor (The Onion Router) anonymous proxy network is a free software that allows users to surf the Internet anonymously through a circuit of networked computers that encrypt and transmit the data.
Two graduate students and three professors never had a legal review of the project or had been authorized by the university's Human Subjects Committee. The academic paper was presented at the Privacy Enhancing Technology Forum and intended to shed light on exactly what kind of information was flowing over Tor. The results found "some of Tor's users include pro-democracy dissidents, journalists and bloggers in countries like China, Egypt and Burma who would otherwise face arrest and torture for their work."
To study Tor, the researchers set up an exit node in December 2007 and recorded and stored the first part of each network packet passing through the node. This gave them information as to what kind of information was being passed and what websites people are visiting. They then ran an entry node which gave them the users' IP addresses as they passed through the node, allowing them to see which countries used Tor the most. The two studies recorded and stored different types of information so users could not be cross-referenced.
They found German users were on Tor the most, while 58% of bandwidth used on Tor was from web browsing. A massive 40% of the bandwidth was used by torrent users, even though these users only amounted for 3% of the total.
The researchers spoke with a lawyer and felt that it was unnecessary to get a second opinion or to contact the university's Institutional Review Board, even though Tor's policy is not to attach such recording programs because it could result in criminal and civil charges. The team did not follow proper protocol in any way...could it perhaps be that the university would have a problem with their researchers spying and recording people's information without their consent?
No comments:
Post a Comment