Russian Tor Exit Node Operator, Arrested

Posted on the 24 April 2017 by Darkwebnews @darkwebnews

Russian Tor exit node operator Dmitry Bogatov, who was accused of inciting mass riots and terrorism amongst other charges, still faces preventative detention until June 8, 2017.

Bogatov was arrested on April 6 after Russian law enforcement tied his IP address to incendiary comments on several forums through the Tor anonymity network.

All of the computer equipment at his home was seized.

Bogatov is a mathematics instructor for high school and graduate students in Moscow.

Dmitry Bogatov works for the Moscow Finance and Law University (MFUA).

He is an outspoken privacy activist, develops free and open-source software, and contributes to the Tor network.

He has been caught in the crosshairs of a significant penal case that is being overseen by Russia's Investigation Committee, which has been tied to the Russian protests that were held on April 2 in Moscow.

Bogatov has been accused of inciting mass riots through the inflammatory comments.

The Investigation Committee reported that he was posting the comments on sysadmin.ru; these messages called for violent action.

One post from March 29th suggested that protestors should bring a number of potentially dangerous items including gasoline, bottles, turpentine, foam plastic, and fabric to the Red Square.

According to the Investigation Committee, expert analysis of the messages revealed the psychological and linguistic feature of incitation to terrorist acts.

The accused insisted that he had nothing to do with the messages, and the available evidence seems to support his claim - both due to the technical nature of Tor and his alibi.

These developments highlight the challenges faced by privacy advocates who contribute to the Tor anonymity network.

The Investigation Committee requested the judge who heard the initial case to extend Bogatov's detention period.

Judge Evgeny Naidenov denied this request citing Russia's criminal code.

According to Article 212 of the criminal code, preventative detention is not an option for defendants who face the possibility of less than 2 years in prison.

Dmitry was freed and given an order not to leave the country.

However, he was not released, as the Committee forwarded two more charges against him, warranting a 72-hour extension of his detention.

The Investigative Committee needed to interrogate him further.

The Committee presented more serious charges against Bogatov after an interrogation that lasted the entire night.

These charges carried a 5 to 7-year imprisonment sentence.

The committee gave this as justification for preventative detention at the hearing that was held on April 10, and their request for preventative detention was granted.

Dmitry Bogatov pleaded not guilty at this hearing, and the detention was granted even though no proof was presented of his direct involvement in the alleged crime.

It looks as though the issue stems from Bogatov being an operator of aTor exit node.

He was administrating the Tor node from his home.

The Tor network operates by relaying traffic through a network of relays; the Tor exit nodes serve as encryption layers where traffic can be anonymized to ensure user privacy.

A website will detect The IP address of a Tor user as the IP address of the Tor exit node where the traffic originates.

This is how Russian law enforcement agencies were able to trace the messages back to Bogatov's Tor exit node, hosted on his system.

The user who posted the incendiary messages goes by the name Airat Bashirov.

Bashirov was using Tor, and this could work in Bogatov's favor.

On the April 7 hearing in Presnensky Court in Moscow, Bogatov's lawyer, Alexei Teptsov, insisted on his innocence citing this aspect of the Tor network.

Russian news agency, Tass, reported that Bogatov had a solid defense despite his two-month preventative detention.

At the hearing, his lawyer presented surveillance footage that proved Dmitry Bogatov was away from his computer at the time the messages were posted.

Bogatov had checked into a fitness center with his wife and went to a supermarket that recorded one of the videos.

In addition, Bashirov continued using Tor to post inflammatory messages during Bogatov's detention, with the final message posted on April 11.

The two-month preventative detention period serves to give the Investigation Committee time to investigate the computer devices that they seized from Bogatov's home.

This case highlights the complications of Tor-related investigations.

Tor exit node administrators may not be safe from law enforcement agencies even if they are innocent.

Disclaimer:

You need to enable JavaScript to vote