Business Week just published a long piece on Tor-The Onion Router. It is interesting, though it somewhat buys into the Tor propaganda about it being a tool to protect dissidents, rather than pedophiles.
One thing is passing strange. Not a single mention of Jake Appelbaum, the primary evangelist of Tor. How can that be? Did @ioerror refuse to cooperate? That would be odd, given that Appelbaum has been something of a press whore on the subject of the wonderfulness of Tor as a weapon in the war for privacy and liberty. And if he refused to cooperate, why didn’t the reporter mention that?
Or is it that the reporter just got the impression that Appelbaum is nothing more than a front man, and not really that important?
I don’t know, but I find it very puzzling. Appelbaum and Tor are almost synonymous, so to read an article about Tor that doesn’t mention Appelbaum is curious in the extreme.
The best part of the article is that the reporter interviewed Paul Syverson of the US Navy Research Lab: he is one of Tor’s creators, and also someone who has published research on its vulnerabilities.
Here’s the key Syverson quote:
For the onion router to work properly, the Navy needed to step back from running it. A cloaking system is not useful if all the cloaks say “Navy” on them. “If you have a system that’s only a Navy system, anything popping out of it is obviously from the Navy,” Syverson says. “You need to have a network that carries traffic for other people as well.” Tor Project was incorporated as a nonprofit in 2006 to manage operations.
Translation: the US Navy, and presumably other government agencies, want to use Tor to send communications that are extremely difficult to trace. But it needs to hide its activities. Just bouncing the messages around isn’t much help if all the messages are known to be from a particular source. So it needs to attract other users so that US government communications can hide in the stream of other traffic. And apparently the government isn’t that concerned if the other traffic is child pornography and drug transactions. This is the noise that obscures the signals that the Navy wants to conceal from prying eyes, and any noise serves the Navy’s purposes . It’s not picky.
This opportunistic use of Tor by the govenment raises further questions about what other purposes the government might use it for. In particular, is it used as some sort of trap, intended to attract use by hackers and others so that the government can monitor them–and apprehend them if need be? In which case, articles like this which emphasize the civil liberty/privacy benefits of Tor would suit the government just fine. All the better to lure the flies into the flytrap.
I don’t know. Just throwing that out there. But if you think about those possibilities, it makes the association of outspokenly anti-US government Jake Appelbaum with the Tor project all the more puzzling: he could actually be baiting a trap. And it makes his absence from the article all the more peculiar. The tension between the government sponsorship and use of Tor and its use (and evangelization) by ardent anti-government (and anti-American government) types is obvious and deserves explanation, but the article doesn’t pick up on that.
There are other issues too. For instance, something like the idealized Tor would potentially be of great benefit to the opposition in Ukraine, which desperately needs secure communications. But the real Tor network is not so ideal: it has been infiltrated by 18 malicious exit nodes in Russia: everything emanating from those nodes is vulnerable to being read by the operator of those relays. So the Ukrainian opposition would be in grave danger of being monitored by Russia if it used Tor. And that is tantamount to suicide.
And to loop back to Appelbaum one more time. He, of course, is a confederate–co-conspirator, actually–of Snowden, who is in the grips of the FSB. Which means that Appelbaum could be helping to bait a trap in Russia, using those 18 malicious relays.
Moreover, it means that via Appelbaum, the United States Navy is connected to Edward Snowden (and hence the FSB): who, by the way, has been photographed with Tor decals displayed prominently on his laptop. This is a much closer connection than the Six Degrees of Kevin Bacon variety. If Obama has his way, the NSA will be limited to two “hops” to connect terrorists with American citizens. The US Navy is two hops away from Edward Snowden, with Tor being the connection. Navy->Appelbaum->Snowden/FSB. With Tor providing the common link.
In other words, there are few more tangled webs than Tor. So tangled as to be virtually incomprehensible: my head spins trying to sort through it all. But with Jake Appelbaum’s involvement, I say: beware. For he not just practices to deceive, he is deception incarnate.
In that way, the recent surge of new Tor users, whatever the reason, could do a lot to boost security. The more people on the network, the more volunteers there are to host a relay or exit relay, the harder it is for a would-be attacker to trace and expose the identity of an individual user.
And for the idea of attracting farmers from Iowa, as opposed to pedophiles and drug dealers, to provide traffic to an anonymized network: please. Farmers don’t need anonymizing. Criminals do. The former are unlikely to have any reason to put up with the hassle and reduced performance of using Tor: the latter have many reasons, including 15 to 20 (or more) in the penitentiary.