[liberationtech] JonDonym (was: Security Focused Live Linux Distros)

[Fabian Keil]

Eugen Leitl <eugen at leitl.org> wrote:

> On Thu, Sep 12, 2013 at 05:08:10PM -0400, John Love wrote:
> > I'm researching security, privacy, and anonymity focused live Linux
> > environments like Liberté Linux, TAILS, JonDoNYM, and Whonix. There's
> 
> JonDoNYM is backdoored, and hence not playing in the same league.
>
> http://en.wikipedia.org/wiki/Java_Anon_Proxy
> 
> In July 2003, the German BKA[8][9] obtained a warrant to force the Dresden
> Mix operators to log access to a specific web address, which had been
> associated with child pornography. AN.ON then decided to introduce a
> crime detection function in the server software in order to make this
> possible.

I don't think so.

According to: http://anon.inf.tu-dresden.de/strafverfolgung/bericht_en.pdf
the backdoor was implemented after being politely asked by the
LKA Hessen without any legal obligation to do so.

The warrant came afterwards and apparently didn't even require the
mix operators to enable the already implemented backdoor (due to being
based on StPO §§ 100 g and h) but the operators decided to do it anyway.

Later on the logged data was handed over to the officials "under protest"
because it was more convenient than potentially getting equipment seized:

| To prevent further damage (through searching of institute rooms and
| confiscation of institute computers) to the TU Dresden and the project
| partners, the logged data was relinquished under protest to the officials.

Given that the court decision was already overruled in September,
it's unlikely that the seized computers would have been analysed in
time (that is, if they were actually seized in the first place).

Fabian