The Tor Project – a private nonprofit known as the “NSA-proof” gateway to the “dark web,” turns out to be almost “100% funded by the US government” according to documents obtained by investigative journalist and author Yasha Levine.
The Tor browser, launched in 2001, utilizes so-called “onion routing” technology developed by the US Navy in 1998 to provide anonymity over computer networks.
In a recent blog post, Levine details how he was able to obtain roughly 2,500 pages of correspondence via FOIA requests while performing research for a book. The documents include strategy, contract, budgets and status updates between the Tor project and its primary source of funding; a CIA spinoff known as the Broadcasting Board of Governors (BBG), which “oversees America’s foreign broadcasting operations like Radio Free Asia and Radio Free Europe.”
By following the money, I discovered that Tor was not a grassroots. I was able to show that despite its indie radical cred and claims to help its users protect themselves from government surveillance online, Tor was almost 100% funded by three U.S. National Security agencies: the Navy, the State Department and the BBG. Following the money revealed that Tor was not a grassroots outfit, but a military contractor with its own government contractor number. In other words: it was a privatized extension of the very same government that it claimed to be fighting.
The documents conclusively showed that Tor is not independent at all. The organization did not have free reign to do whatever it wanted, but was kept on a very short leash and bound by contracts with strict contractual obligations. It was also required to file detailed monthly status reports that gave the U.S. government a clear picture of what Tor employees were developing, where they went and who they saw. –Yasha Levine
The FOIA documents also suggest that Tor’s ability to shield users from government spying may be nothing more than hot air. While no evidence of a “backdoor” exists, the documents obtained by Levine reveal that Tor has “no qualms with privately tipping off the federal government to security vulnerabilities before alerting the public, a move that would give the feds an opportunity to exploit the security weakness long before informing Tor users.”
Cybersecurity experts have noted for years that while Tor may be technically anonymous in theory – the ‘exit nodes’ where traffic leaves the secure “onion” protocol and is decrypted can be established by anyone – including government agencies.
Anyone running an exit node can read the traffic passing through it.
In 2007 Egerstad set up just five Tor exit nodes and used them to intercept thousands of private emails, instant messages and email account credentials.
Amongst his unwitting victims were the Australia, Japanese, Iranian, India and Russia embassies, the Iranian Foreign Ministry, the Indian Ministry of Defence and the Dalai Lama’s liaison office.
He concluded that people were using Tor in the mistaken belief that it was an end-to-end encryption tool.
It is many things, but it isn’t that.
Dan Egerstad proved then that exit nodes were a fine place to spy on people and his research convinced him in 2007, long before Snowden, that governments were funding expensive, high bandwidth exit nodes for exactly that purpose. –Naked Security
Interestingly, Edward Snowden is a big fan of Tor – even throwing a “cryptoparty” while he was still an NSA contractor where he set up a Tor exit node to show off how cool they are.
In a 2015 interview with The Intercept’s (Wikileaks hating) Micah Lee, Snowden said:
LEE: What do you think about Tor? Do you think that everyone should be familiar with it, or do you think that it’s only a use-it-if-you-need-it thing?
SNOWDEN: I think Tor is the most important privacy-enhancing technology project being used today.
“Tor Browser is a great way to selectively use Tor to look something up and not leave a trace that you did it. It can also help bypass censorship when you’re on a network where certain sites are blocked. If you want to get more involved, you can volunteer to run your own Tor node, as I do, and support the diversity of the Tor network.”