JonDos

Languages

JonDoNews

Version 0.2.5 of the JonDoFox extension
19.05.2010 - 09:26
Maintenance work at the mix Jupiter
06.05.2010 - 10:55
Technical collaborative wiki is online
02.04.2010 - 15:08
Federal Constitutional Court stops German data retention law
02.03.2010 - 12:40

Law enforcement

Log Files at the Anonymization Service

In some countries, providers of telecommunications services are required by law to retain data for the purposes of crime prevention, to provide previously retained data or to log access to specific addresses for a limited amount of time in order to uncover criminal communication. JonDos documents the specific legal basics for as many countries as possible (currently only for german laws).

Retro-active Exposure of Connections through the Mix Cascades

A retro-active exposure is close to impossible. If someone wanted to uncover a certain connection after the fact, he would have to record all incoming and outgoing messages from all mixes in a cascade and present them for de-anonymization. This only makes sense so long the public key of a mix is valid. After a key change, not even the mix itself can decrypt old messages, since the private key is destroyed. This is not yet implemented in the current version, but even the mix operator himself cannot access the key that is temporarily stored in memory.

Surveillance of Future Connections through the Mix Cascades

Surveillance of future connections requires that every mix in a cascade record the incoming-outgoing relationship of a certain message online and in realtime. The connection to be exposed would be marked. The message could then be de-anonymized with the cooperation of all Mixes and Mix operators, respective. The marking of a message would have to be recognizable to all mixes involved in the surveillance. This works similarly to trapping a phone line in the standard telephone network. It would thus be possible to log access to a certain website with this method.

As each Mix Operator has to be individually forced to perform this measure (in Germany by law order after §100a/b StGB), the legal hurdles for such an observation are set very high. Moreover, many JonDonym services with costs could only be observed given authoritative directives for several countries - which might happen in case of a concrete world-wide threat only. Moreover, the needed protocol function is not part of the normal Mix software, but has to be activated by each Operator individually. In JonDo itself, no functionality for making surveillance protocols is contained.

Surveillance reports

Each year, we will publish a short report of all surveillance action that were taken. This comprises

the number of surveillance orders,
the duration of the measurement and
some other information we are allowed to pubish.

In 2006, there has been only one single surveillance court order to single Mix operators. A few exactly specified web addresses were affected. The observation has been stopped after the court order expired (one month).

In 2007, no surveillance court order was given to any Operator, and no user traffic was logged on any Mix.

In 2008, no surveillance court order was given to any Operator, and no user traffic was logged on any Mix.

German