Hacker News

As I understand it --- I haven't read deeply enough to confirm this, it's what I've pieced together from the Reddit thing --- the Tor stuff came long before any of this. What I gather is:

1. Back in 2014 this person committed a pretty grave computer offense, which was not at the time prosecuted.

2. Some time after that, he became a high-profile Tor relay operator.

3. Some time after that, he was asked to subvert those Tor relays by the DOJ.

4. In 2019 he was prosecuted for the computer offenses, and convicted.

5. In 2021, he was released on parole.

(I think there's a long string of parole issues after that, and then)

6. In 2025 he was accused by the probation office of violating his parole in a bunch of ways and taken into custody.

shagie 2 days ago [ - ]

The setup of Tor has some specific dates in the transcript. Page 10

     3 Q. So, Ms. Routh, having been acknowledged of his
     4 obligations to monitor and pay for the service on
     5 August 29th, can you please tell the Court how
     6 Mr. Rockenhaus complied or didn't comply with the terms
     7 of his release?
     8 A. Yes. On September 22nd the defendant did
     9 successfully download the monitoring software program
    10 on his computer. On October 11th Officer Ramos
    11 contacted the defendant regarding his lack of computer
    12 usage. So he reviewed some reports and realized that
    13 nothing was appearing, indicating that he was using his
    14 computer.

Page 11 and 12

    22 So Mr. -- Officer Ramos spoke to Phillip
    23 Danford with IPPC Technology and he stated that, yes,
    24 the defendant had downloaded the software. They showed
    25 that on September 22nd he said that the defendant --
     1 they see that the defendant looking at, it's called the
     2 TOR Network website on September 23rd, which is where
     3 you download software to access the dark web.

If I read this correctly... in August he was required to install the monitoring software (likely within 1 month).

On September 22nd, 2019, the monitoring software was downloaded. On September 23rd, Tor was installed. No internet activity was detected for the remainder of September or October by the monitoring software.

I don't believe that 2 or 3 come into play in terms of the parole violations (including the subverting of the monitoring software).

tptacek 2 days ago [ - ]

It would have been extraordinarily dumb for someone on parole electronic monitoring to install Tor, but my understanding of Tor's role in the bigger story is that it's about stuff that was happening many years ago. There's nothing about Tor in the parole violation warrant; just that he had an unauthorized iPhone, and when they did a forensic inspection of it, there were no further violations discovered on that phone.

shagie 2 days ago [ - ]

https://trellis.law/doc/district/8373835/united-states-v-roc...

The defendant plead nolo contendere (no contest) in 2014. Any activity between 2014 and 2019 was under supervision restrictions. Any use of Tor during that period would likely be an issue.

Page 6 of 8:

    You must not purchase, possess, have contact with, or otherwise use any device that can be connected to the Internet or used to store digital materials, other than that approved by the U.S. Probation Office. You must allow the U.S. Probation Office to install software on any approved device that is designed to record any and all activity on the device the defendant may use, including but not limited to capture of keystrokes, application information, Internet use history, e-mail correspondence, pictures, and chat conversations. You will pay any costs related to the monitoring of his authorized device and must advise anyone in the household that may use an authorized device in question that monitoring software has been installed. If you need access to an employer owned Internet-equipped device for employment purposes, you must advise your probation officer before using the device. The probation officer will ensure the employer is aware of the criminal history, and you must agree to use the device for work purposes only.

    You must not attempt to remove, tamper with, or in any way circumvent the monitoring software, and must disclose all on-line account information, including usernames and passwords, to the U.S. Probation Office. If requested, you must provide a list of all software/hardware on your computer, as well as telephone, cable, or Internet service provider billing records, and any other information deemed necessary by the probation office to monitor your computer usage.

    You must not access Tor or participate in any online social environment (i.e., Facebook, Twitter, Second Life, Linkedin, Craigslist, FaceTime, WhatsApp, video/audio, etc.) or texting applications, which allow the user interaction unless pre-approved and authorized by the probation officer and Court.

His activity, no matter how it is framed, was in violation of the supervision orders.

Furthermore, he worked to circumvent the monitoring software in September of 2019 and had no internet activity recorded in October of 2019.

> 1. Back in 2014 this person committed a pretty grave computer offense, which was not at the time prosecuted.

> 2. Some time after that, he became a high-profile Tor relay operator.

> 3. Some time after that, he was asked to subvert those Tor relays by the DOJ.

It wasn't prosecuted because he plead no contest. After that, the use of Tor was in violation of supervision. I read #3 as "you're not running the monitoring software as required" which would subvert the exit nodes... but he shouldn't have been running them in the first place.

tptacek 2 days ago [ - ]

I don't think this is accurate. I think the charged conduct occurred in 2014, but from what I see on PACER, the prosecution (and subsequent plea) was in 2019.

shagie 2 days ago [ - ]

Hmm... You have something there (and I was likely off in my timeline). The case was filed in August 2019. The document was filed in 2022(?). The transcript was from 2020.

Given the plea in 2019 and those conditions... as shown in the judgement document, the things that were alleged in the 2020 transcript were a clear violation of those conditions.

Where there any pretrial bond conditions prior to 2019?

tptacek 2 days ago [ - ]

There wasn't any "pretrial" before 2019, because he hadn't been charged.

2 days ago [ - ]

[deleted]

gtowey 2 days ago [ - ]

If this is true then it sounds like the FBI targeted him specifically because they figured his previous crimes made for good leverage.

It seems his mistake was not realizing that he was caught between a rock and a hard place. More colloquially he's in the FO stage after FA.

It doesn't seem like anyone is morally in the right, but it also seems like the defendant here was in a legal grey area to begin with.

__turbobrew__ 2 days ago [ - ]

I don’t think willingly destroying your former employers property is a grey area. It is pretty cut and dry it is a crime. The feds used this as a wedge to get him out of the TOR game.

tptacek 2 days ago [ - ]

I mean, no, the defendant was definitely not in a legal grey area. You might think it's a moral grey area? But he broke into a data center facility and unplugged a bunch of servers, and brought a company down for a month in the process, out of spite. That's a pretty normal crime. He was lucky not to have been prosecuted, and his luck ran out.

gtowey a day ago [ - ]

I called it a grey area because there were mentions in this thread that the statute of limitations to prosecute those crimes were close to expiring. That means it looked like he could have gotten away with it without major consequences if not for the fact that he was doing enough shady stuff to attract the attention of the FBI.

tptacek a day ago [ - ]

He was prosecuted within the statute of limitations for the crime, and probably not too far out of the normal bounds between a criminal act and a federal prosecution. Federal prosecutions are relatively rare compared to state prosecutions, federal prosecutors don't take nearly as many "flyers" as states do, and the feds very often wait a long time before pouncing; this is all consistent with their M.O.

In this particular case, I don't disagree that there was probably motivation to the prosecution! They probably did want something from Rockenhaus, and, when they didn't get it straight up, looked for leverage. Unfortunately for Rockenhaus, he had given them a lot of leverage. It looks like it was a lay-up case.

You can call that a moral grey area and I won't disagree, but my point is just, it's not remotely a legal grey area. Rockenhaus' experience of this prosecution is probably no different than that of a typical federal defendant.