One of the most frequently asked questions I receive from readers (from this blog, Twitter and LinkedIn) is "Should I consider TOR private and anonymous?"
This question is interesting with fervent activists on each side [of the issue]. On one side are TOR proponents extolling the virtues of the platform and explaining how it will save humanity from the scourge of privacy-invading networks. On the other side of the discussion are conspiracy theorists that claim TOR is nothing more than an NSA honeypot (a data collection tool).
Like most important topics, the truth is never as clean as we would like it. The truth is that TOR is a little bit of this and a little bit of that. Let's dive straight in.
Who started TOR?
Conspiracy theorists love highlighting the fact that the United States Navy developed TOR. So the first question we need to tackle is regarding this origin statement.
The core privacy functionality of the TOR network, the onion routing, was developed by United State Naval research laboratory employees named Paul Syverson, Michael G Reed and Favid Goldschlag. The purpose of the technology was to protect US intelligence communication.
The TOR Project was launched in September 2002 by Paul Syverson, Roger Dingldine and Nick Mathewson. In 2004, the Naval Research Laboratory released the TOR code under a free license, and the EFF (Electronic Frontier Foundation) began funding the initiative. The Tor project we know and love today was started in December 2006 as a 501(c)(3) non-profit organization with support from the US International Broadcast Bureau, Internews, Human Rights Watch, the University of Cambridge, Google and Stichting NLnet.
It is true that the majority of the funding for the free and open source project came from the US government.
Does the government control TOR entry and exit nodes?
When talking about TOR privacy and confidentiality, there are 2 distinct question most astute users ask:
- Can someone "see into" my traffic?
- Can someone tie TOR traffic back to me?
The first theory I read about consistently was that world governments (particularly the 14 Eyes Countries) control the majority of the TOR Exit nodes thus can "see into the traffic." Looking strictly at the Exit node piece, governments have no deterministic way of knowing where a suspects traffic will exit from the network. As long as they don't control all of the TOR Exit nodes (which we believe they do not), they can't be sure the suspect traffic will flow through their nodes. Additionally, if the site you are visiting is using cheap and easy to implement security (like TLS) then even if the government controls the exit node, they won't be able to "see inside the traffic." Traffic that joins the TOR network to access a TOR hidden service never exits the network so it wouldn't even pass through an Exit node.
What if a government controls both the Entry node and Exit node you use? Assuming you are using TOR to browse the "normal" internet then you will hit an exit node. If the government(s) control enough of the entry and exit nodes, they can use statistical correlation tie traffic back to you.
If you are browsing a site with well-designed security, they still would not be able to see "inside your traffic" but would know that you originated the traffic flow (aka collect metadata).
It is important to remember that the TOR Project isn't just idly sitting on the sidelines watching the government violate its technology. They are actively working to harden the platform and work tirelessly to make it more secure every day. Some of the techniques used by the TOR platform include:
- Switching TOR circuits regularly and unpredictably. Thus making long-term data mining more difficult.
- Ensuring that the TOR nodes used are as randomized as possible. Thus making predictability of route near impossible.
- and more
Has the TOR browser been hacked?
The answer is yes but hold on before you install the TOR browser from your computer. I would submit that almost every commercial or free software has exploitable bugs that would compromise a users privacy and confidentiality. The question isn't whether a product has these types of exploitable bugs but rather what the software "vendor" does about them. The TOR project has been an incredibly honourable steward of the TOR platform. They quickly patch any discovered vulnerability.
The other "trick" for the extra paranoid is to switch the security level in the TOR Browser to high. This will break some sites, but you want strong security don't you?