The feds pay for 60 percent of Tor’s development. Can users trust it?

torWashington Post – by Brian Fung

This week, we learned that the NSA had managed to circumvent much of the encryption that secures online financial transactions and other activities we take for granted on the Internet. How? By inserting backdoors into the very commercial software designed to keep sensitive medical records, bank files and other information private.  

The NSA’s sustained attempt to get around encryption calls into question many of the technologies people have come to rely on to avoid surveillance. One indispensable tool is Tor, the anonymizing service that takes a user’s Internet traffic and spits it out from some other place on the Web so that its origin is obscured.

So far there’s no hard evidence that the government has compromised the anonymity of Tor traffic. But some on a Tor-related e-mail list recently pointed out that a substantial chunk of the Tor Project’s 2012 operating budget came from the Department of Defense, which houses the NSA.

(The Tor Project)

(The Tor Project)

Last year, DoD funding accounted for more than 40 percent of the Tor Project’s $2 million budget. Other major donors include the U.S. State Department, which has an interest in promoting Internet freedom globally, and the National Science Foundation. Add up all those sources, and the government covers 60 percent of the costs of Tor’s development.

Tor Executive Director Andrew Lewman wrote in an e-mail to users that just because the project accepts federal funding does not mean it collaborated with the NSA to unmask people’s online identities.

“The parts of the U.S. and Swedish governments that fund us through contracts want to see strong privacy and anonymity exist on the Internet in the future,” Lewman wrote. “Don’t assume that ‘the government’ is one coherent entity with one mindset.”

And Roger Dingledine, a founder of the Tor Project, says that the Defense Department money is much more like a research grant than a procurement contract.

“They aren’t ‘buying products’ from us,” Dingledine tells me. “They’re funding general research and development on better anonymity, better performance and scalability and better blocking-resistance. Everything we do we publish in the open.”

Dingledine acknowledges that “bad guys” could conceivably introduce vulnerabilities into Tor’s open-source code. But one of the major advantages of open-source software is that the product can be inspected by anyone for defects, which raises its security somewhat. There’d only be a problem if the NSA were somehow able to insert malicious code that nobody recognized.

The NSA didn’t immediately respond to a request for comment Friday afternoon.

Update: Roger Dingledine writes in to explain why the government has never asked the Tor Project to install a backdoor:

I think this is mainly due to two reasons:

A) We’ve had that faq entry up for a long time, including the part where
we say we’ll fight it and that we have lots of lawyers who will help us
fight it. So they know it won’t be easy.

B) I do a lot of outreach to various law enforcement groups to try to
teach them how Tor works and why they need it to be safe. See e.g.
the first two paragraphs of this:

I think ‘A’ used to be a sufficient reason by itself, but now we’re
reading about more and more companies and services that have tried to
fight such a request and given up. The architecture of the Tor network
makes it more complex (there’s no easy place in the deployed network to
stick a backdoor), but that doesn’t mean they won’t try.

I guess we rely on ‘B’ for now, and see how things go.


Brian Fung

Brian Fung covers technology for The Washington Post, focusing on electronic privacy, national security, digital politics and the Internet that binds it all together. He was previously the technology correspondent for National Journal and an associate editor at the Atlantic. His writing has also appeared in Foreign Policy, Talking Points Memo, the American Prospect and Nonprofit Quarterly.

Start the Conversation

Your email address will not be published. Required fields are marked *