Donate for the Cryptome archive of 65.000 files from June 1996 to the present

2 December 2011. Add 6 messages.

30 November 2011

Tor Not Another Haystack?

Date: Wed, 30 Nov 2011 13:43:50 +0100
From: Eugen Leitl <eugen[at]leitl.org>
To: tor-talk[at]lists.torproject.org, cypherpunks[at]al-qaeda.net
Subject: Re: [liberationtech] Not another Haystack right?

----- Forwarded message from Evgeny Morozov <evgeny.morozov[at]gmail.com> -----

From: Evgeny Morozov <evgeny.morozov[at]gmail.com>
Date: Tue, 29 Nov 2011 19:42:14 -0800
To: Liberation Technologies <liberationtech[at]lists.stanford.edu>
Subject: Re: [liberationtech] Not another Haystack right?

I was intrigued by two issues on this thread:

1) Brian Conley's question about why BBG's support to Tor does not seem to undermine Tor.

2) Jillian York's statement that the Berkman Center has only received funding for research, which, pushed one step further, means that research of circumvention tools is somehow inconsequential to the broader debate about USG's support of such tools.

To Brian's question: I'm also very intrigued by this. The common explanation that I heard many times is that Tor was conceived as a tool for protecting one's online anonymity , not for circumventing government censorship; the latter was something that users discovered and embraced on their own. While I found this explanation plausible in the past, I'm no longer sure I can buy it without some further evidence. Were Tor's developers really that narrow-minded as not to understand that the tool can also be used for circumventing censorship? We are talking some of the smartest guys out there - and they couldn't anticipate it? Something here doesn't compute. Or was the anonymity talk just a strategic rhetorical device to deflect attention from the intended use? I haven't read all the relevant mailing lists and am just articulating common wisdom so it would be good if some people who have been involved with Tor for a long time would comment.

Secondly, there is another common explanation for Tor's resilience: the fact that instead of going after a particular country, they try to be comprehensive and guard against any threats to users' online anonymity regardless of their location (this is obviously my understanding - please correct if I don't get it right). By this logic, tools that take USG funding and go after a particular country (as, say, Haystack did) make themselves vulnerable to certain conspiracy theories. But this argument, too, doesn't convince me anymore now that Iran has been going after Tor quite systematically and the Tor team have been modifying their product to ensure it works there. My question is: for how long can Tor continue being seen as neutral and not targeting country X if so much of their resources is spent on making sure their tool works in country X?

As for Jillian's assertion that research of circumvention tools is somehow conceptually and ethically different from tool-building or training, well, allow me to disagree. One doesn't need to get in bed with Foucault to grasp that a detailed study of circumvention tools - e.g. ranking of their security features and their choice of tools that they won't study or speculate upon (hello, Haystack!) - is not only performative but is also intricately implicated in the *production *of those very tools (and I'm using the word production here rather loosely).

Are we really naive enough to believe that a "Tool X, as certified by Harvard University" is the same as a "Tool X, as certified by The State University of Ubeki-beki-beki-beki-stan-stan"? I'd venture that, all things being equal, a tool that is funded by USG and endorsed by Harvard is likely to be less suspicious (to local users) than a tool that is funded by USG and not endorsed by anyone. (There are, exceptions, of course). So I'd rather not spare the well-meaning researchers the scrutiny deserve [...]

Please note that this is not some meta-point about the ethics of taking (and offering) USG money to activists and NGOs; my views on this quite complex. It's simply an expression of my continued besument at some folks at the Berkman Center who keep pretending that none of this matters and that "they are only here to help".

Evgeny

On Tue, Nov 29, 2011 at 5:05 PM, Brian Conley <brianc[at]smallworldnews.tv>wrote:

> Also, GV is avowedly opposed to taking USG funding, as it's been related
> to me recently by Ivan Sigal, their Executive Director. I believe they have
> always been opposed to it, including funding via a pass through or as a
> subcontractor or subgrant receiver. My understanding is that this is
> primarily due to the attitude about USG funding in the Middle East, whereas
> GV *does* receive funding from other organizations connected to governments
> other than the United States.
>
> Brian

> On Tue, Nov 29, 2011 at 3:58 PM, Jillian C. York <jilliancyork[at]gmail.com>wrote:

>> Katrin,
>>
>> First off, while this debate may not be pertinent *to this thread*(admittedly, I only brought it up because I misunderstood Brian's
>> comments), I do think it's a useful discussion to have, as many tool
>> developers don't seem to think about the impact of their funding on users.
>>
>> Now, facts: I've been publicly critical of USG (and specifically,
>> State/DRL) funding since I worked at Berkman, so I'm not sure what kind of
>> "gotcha" you're trying to pull here.  Berkman incubated Global Voices (but
>> did not receive USG funding for it, nor has GV ever received USG money to
>> my knowledge), and Berkman received USG funding for *research*.  I don't
>> see what either of those facts have to do with USG funding of *tools* *or
>> trainings*, both of which have direct impact on individuals (whereas
>> research does not, though of course impact may be indirect).
>>
>> To be clear, I'm not wholly opposed to USG funding.  There are obvious
>> pluses and minuses, but speaking narrowly, if we take circumvention as a
>> singular example, it's extremely clear that USG has in the past and perhaps
>> continues to fund tools that are not vetted, not secure, and not safe.  Add
>> to that the fact that some folks in MENA, and likely elsewhere, don't trust
>> the USG, tool developers would be well-advised to tread with caution.
>>
>> You may think this debate is off the mark, and again, it is clearly not
>> relevant to the original thread (and for that I apologize).  But given that
>> it's at the top of the list for discussion at *every single Arab
>> blogging-type event I've ever been to*, I don't think you're in a place
>> to call it irrelevant.
>>
>> Best,
>> Jillian

>> On Tue, Nov 29, 2011 at 3:02 PM, Katrin Verclas <katrin[at]mobileactive.org>wrote:

>>
>>> Eh, Jillian - it's not that your former employer, the Berkman Center,
>>> ever received USG funding or supported a bloggers network...oh wait...
>>>
>>> I think this debate is really off the mark, unhelpful and needlessly
>>> ideologically narrow as well as playing into all sorts of conspiracy
>>> theories.  In the end, the ethics, quality of the work and the transparent
>>> conduct and legitimacy of the organization and any local partners speaks
>>> far louder than where the funding comes from.  And yes, speaking as a USG
>>> grantee who treads very carefully to make sure that our work and conduct
>>> speaks for itself in the end.
>>>
>>> Now, go ahead and beat on me as y'all are want to do ... :)
>>>
>>> Katrin

>>> On Nov 29, 2011, at 2:16 PM, Jillian C. York wrote:

>>>
>>> > I'm desperately curious as to why anyone thinks that USG funding makes
>>> something somehow more valid in the eyes of the tool's recipients/users.
>>>  "Viability" perhaps, but validity?  Surely you don't believe that.
>>> >
>>> > On Tue, Nov 29, 2011 at 10:53 AM, Michael Rogers <m--[at]gmx.com> wrote:

>>> > Hi Brian,
>>> >
>>> > Thanks for the questions - answers below.
>>> >

>>> > On 29/11/11 18:22, Brian Conley wrote:

>>> > > 1. what are some use-cases you see for Briar? That is not clear from
>>> > > your site, other than "Briar is a secure news and discussion
>>> > > system designed to be used by journalists, activists and civil
>>> society
>>> > > groups in authoritarian countries. "
>>> > >
>>> > > How would they use it? What would they do with it? What are their
>>> goals,
>>> > > and for what reasons would they choose Briar over, say, secret
>>> Facebook
>>> > > groups run over TOR and HTTPS (there may be lots of problems with
>>> that
>>> > > example, its just an example that I think activists are likely to
>>> > > utilize, and I know of at least one case where a "secret facebook
>>> group"
>>> > > has been used to coordinate actions in an Arab country, though I
>>> doubt
>>> > > they were using any additional security in most cases)
>>> >
>>> > I hope people will use Briar for anything they currently use blogs,
>>> > mailing lists, Facebook groups and private emails for. But since it's
>>> > inconvenient to adopt new tools, I'd imagine its main appeal will be to
>>> > users who feel they're at risk of surveillance or censorship.
>>> >
>>> > When compared to Facebook, the advantages of Briar would include:
>>> > * Messages can be posted anonymously or pseudonymously
>>> > * Facebook and its partners don't have access to private messages
>>> > * Users in the same country don't need to "climb the wall" to
>>> > communicate with each other
>>> >
>>> > Of course, there are disadvantages too - not least of which is that
>>> > Facebook can be accessed from any computer with a browser.
>>> >
>>> > > With regard to its use by journalists especially, how will sources be
>>> > > able to be identified? Although you may not want people to know that
>>> > > Brian Joel Conley who lives in Portland OR, etc said X, Y, and Z, a
>>> > > journalist will need to know that X, Y, and Z were all said by the
>>> same
>>> > > source, among other needs.
>>> >
>>> > If someone needs to prove that two or more messages come from the same
>>> > source, she can sign those messages with a pseudonym. The pseudonym
>>> > doesn't need to be connected to her real identity in any way, and she
>>> > can use multiple pseudonyms without anyone, including her trusted
>>> > contacts, being certain that those pseudonyms belong to her.
>>> >
>>> > If someone needs to confirm that a pseudonym belongs to a specific
>>> > individual, she has to meet that individual face-to-face. Briar has
>>> > nothing equivalent to PGP's web of trust that could be used to attest
>>> > that "key X belongs to person Y according to person Z".
>>> >
>>> > > 2. who is funding your project? Are you being public about this? If
>>> not,
>>> > > it raises some concerns for the validity and viability of the
>>> project,
>>> > > though it may also be understandable given the subject matter. If
>>> it's
>>> > > not being funded by the Broadcast Board of Governors already, and
>>> you're
>>> > > willing to consider USG funding, let me know and I'm happy to put
>>> you in
>>> > > touch with some folks who may be able to assist.
>>> >
>>> > Thanks, that would be fantastic! The project has previously been funded
>>> > by the Small Media Initiative but isn't currently receiving any
>>> funding.
>>> > If we do, we'll be transparent about it.
>>> >
>>> > Cheers,
>>> > Michael
>>> > _______________________________________________

>>> > liberationtech mailing list
>>> > liberationtech[at]lists.stanford.edu
>>> >
>>> > Should you need to change your subscription options, please go to:
>>> >
>>> > https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>> >
>>> > If you would like to receive a daily digest, click "yes" (once you
>>> click above) next to "would you like to receive list mail batched in a
>>> daily digest?"
>>> >
>>> > You will need the user name and password you receive from the list
>>> moderator in monthly reminders.
>>> >
>>> > Should you need immediate assistance, please contact the list
>>> moderator.
>>> >
>>> > Please don't forget to follow us on
>>> http://twitter.com/#!/Liberationtech

[Balance of multiple message signers omitted. For complete file see liberationtech archive.]

----- End forwarded message -----

--

Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org

______________________________________________________________

ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

2 December 2011. Add 6 messages.

[Message 1]

Date: Thu, 1 Dec 2011 22:10:40 -0500
From: andrew@torproject.org
To: tor-talk@lists.torproject.org
Subject: [tor-talk] [Re: [liberationtech] Not another Haystack right?]

For those who want to see the 'official response' to this thread as forwarded by Eugene yesterday.

----- Forwarded message from me ------

On Tue, Nov 29, 2011 at 07:42:14PM -0800, evgeny.morozov@gmail.com wrote 33K bytes in 765 lines about:

: 1) Brian Conley's question about why BBG's support to Tor does not seem to
: undermine Tor.

If you do not trust Tor, do not use it.  If you do not trust Jake,
Roger, me, and others at Tor, then do not use our software. If you
are able to review the code, designs, and empirical evidence of people
successfully using Tor in dangerous situations, then please make your own
decision as to whether you should use Tor.  I can talk endlessly about
transparency, free software, open code, designs, published research,
published data, etc. But none of this matters if your mindset is that
Tor is a mouthpiece of the US Government. Being under surveillance by
the DoJ is just a ruse, clearly. But everyone likes Sweden, right? What
if Saudi Arabia funded us?

For me, I use Tor daily, for just about everything. It works. I used
Tor before I met Roger and Nick. If Tor goes off the rails and gets
involved in actual conspiracies, then I'll quit and move on. I think
everyone at Tor would do the same. We produce technology. How people
use it is up to them.

Tor does not focus on any one country. We focus on attacks and defenses
in the computer security sense of the words. If one country successfully
attacks Tor via DH parameter blocking, chances are others will try that
too. We resolve the attack and move on.  There's always a new attack
or novel way someone will try to break Tor; some real, some imagined,
some merely created for the global press. Some countries, like Iran,
Syria, China, and others are better at electronic repression than
others. We find the technology interesting and are involved in an arms
race. We want to make sure Tor works in these more-advanced situations.

We also respond to where users ask us for help. I've been involved with
Tunisia a bit for years. I'm involved in others that 90% of the world
doesn't care about enough to keep them in the press. I can understand
how it looks like we're focusing on one country over another.
I do work with victims of stalking and domestic violence in America. I've
met former sex slaves from Eastern Europe and educated them on
Internet privacy and anonymity. Others work with LGBT youth, some with
law enforcement officers globally, some just focus on the technology
because they find it interesting. Clearly we need to be better at
communitcating what we do and where we do it.

We publish our monthly progress for everyone,

https://archive.torproject.org/monthly-report-archive/

and on the blog,

https://blog.torproject.org/category/tags/progress-report.

Comically,
I have to email it to our US Government funders because they cannot get
to torproject.org without using Tor or violating their own IT policies.

The core of the angst here is that Tor receives US Government and
Swedish Government funding. We publish this every year. Our 990, audit
statements, and State of Massachusetts Form PC are all published and on
our website. The 990 is a public document by law. If you want to see
how much funding we get, who we pay, and who pays us, feel free. It's
all right here,

https://www.torproject.org/about/financials.html.en.

We get paid to work on research and development on a defined project and
deliverable basis. We publish our deliverables and current work state
at

https://trac.torproject.org/projects/tor/wiki/org/sponsors.

Now, let's talk about what being a US Government sub-contractor is
like. Here's a typical day in my life (imagine Ke$ha's Tik Tok as the
soundtrack to this exposé):

I wake up in the morning and talk to Hills about the world (Hillary
and I are on nickname basis). We talk about code. We talk about how we
can use the C coding language to produce more freedom and democracy
in the world. She tells me about this new library she read about on
reddit/r/programming called libfreedom. She has her staff remind me to
avoid buffer overflows in the libfreedom integration. I decide noon is a
fine time to get out of bed, take a walk on the beach, and hop into my
helicopter to fly to the palatial tor offices in a secret location. I
could have taken the Bugatti today, but I figure it is more green to fly
directly there.

And then General Alexander calls me and gives me the run down on the
plans for the day and asks for feedback. Keith and I have a lulzy chat
about the Internet memes trending and then renew our bets about who can
get on cryptome or pgpboard first today.

And then Wen J from China skypes me and trolls me that they are going
to roll out a new GFW today that is super duper good at blocking all
encryption. Wen is doing it for the lulz.

And if you believe the last four paragraphs, well, then I'm sorry
for you.

Are we done with the conspiracy theories? Or shall I talk about the secret
moon base we're building so the grey's can have interplanetary anonymity?

----- End forwarded message -----

--

Andrew

pgp key: 0x74ED336B

_______________________________________________

tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[Message 2]

Date: Fri, 2 Dec 2011 10:07:51 +0100
From: Eugen Leitl <eugen@leitl.org>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] [liberationtech] Not another Haystack right?

----- Forwarded message from Evgeny Morozov <evgeny.morozov@gmail.com> -----

From: Evgeny Morozov <evgeny.morozov@gmail.com>
Date: Thu, 1 Dec 2011 09:44:25 -0800
To: Liberation Technologies <liberationtech@lists.stanford.edu>
Subject: Re: [liberationtech] Not another Haystack right?

Andrew: I had a good laugh reading this but I think you have misunderstood
the point of the question. Few of us on this list have any doubts about the
independence of Tor from the US government. The really interesting question
- which I think still remains unanswered - is why this has also been the
case for people who are not on this list, who don't know Tor team
personally and who would normally draw a very straight conspiratorial line
from "Project X gets funding from USG" to "Project X is used by USG for
Agenda Y".

That's an interesting sociological question that you can't just explain
away by saying "but that's because they trust us!", because it's this very
trust that needs to be explained. Besides, if we do find a good answer to
this question, it will surely help other projects (which, of course, you
may or may not be interested in).

[Andrew Lewman message, above, omitted.]

[Message 3]

Date: Fri, 2 Dec 2011 10:08:02 +0100
From: Eugen Leitl <eugen@leitl.org>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] [liberationtech] Not another Haystack right?

----- Forwarded message from "Jillian C. York" <jilliancyork@gmail.com> -----

From: "Jillian C. York" <jilliancyork@gmail.com>
Date: Thu, 1 Dec 2011 09:47:40 -0800
To: Evgeny Morozov <evgeny.morozov@gmail.com>
Cc: Liberation Technologies <liberationtech@lists.stanford.edu>
Subject: Re: [liberationtech] Not another Haystack right?

I don't have an answer for that, but again, I would suggest that Tor has
been far more open and transparent about their position than most of the
other tools under State or BBG funding at the moment.  The fact that I
(someone who worked on this stuff for nearly three years) can only name
three such tools from the 2011 round speaks volumes.

[Evgeny Morozov second message, above, omitted.]

[Message 4]

Date: Fri, 2 Dec 2011 10:12:42 +0100
From: Eugen Leitl <eugen@leitl.org>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] [liberationtech] Not another Haystack right?

----- Forwarded message from Brian Conley <brianc@smallworldnews.tv> -----

From: Brian Conley <brianc@smallworldnews.tv>
Date: Thu, 1 Dec 2011 10:40:01 -0800
To: Evgeny Morozov <evgeny.morozov@gmail.com>
Cc: Liberation Technologies <liberationtech@lists.stanford.edu>
Subject: Re: [liberationtech] Not another Haystack right?

I'm pleasantly surprised, given that I think Evgeny and I may disagree on
quite a number of other issues in this space, but I have to +1 Evgeny's
entire reply.

>From my end there was no interest to demonize Tor, quite the opposite is
true, because for my part I've often been walking the line on whether or
not to take funding from USG sources. My feeling has been that if you are
honest, transparent, and producing work that speaks for itself and is
responsive to the local need and local voices then you should be fine.

That said, I'm not sure that tracks when conspiracy theories get involved,
so its especially interesting to me to see how Tor evades such conspiracy
talk. This has been a very enlightening discussion for me from that end.

cheers

brian

[Message 5]

Date: Fri, 2 Dec 2011 10:19:19 +0100
From: Eugen Leitl <eugen@leitl.org>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] [liberationtech] Not another Haystack right?

----- Forwarded message from Nathan of Guardian <nathan@guardianproject.info> -----

From: Nathan of Guardian <nathan@guardianproject.info>
Date: Thu, 01 Dec 2011 14:26:31 -0500
To: liberationtech@lists.stanford.edu
Subject: Re: [liberationtech] Not another Haystack right?

On 12/01/2011 01:40 PM, Brian Conley wrote:

> so its especially interesting to me to see how Tor evades such
> conspiracy talk

I agree this should be a dissertation, but here are some throughts from
a product design perspective. I think that if a tool has demonstrable
value, people, as user or consumers of a tool, and are able to deal with
the cognitive dissonance that might be caused by paranoia or actual
information that, on its own would be troubling, but in context of the
task at hand, is secondary.

As an example, seemingly no matter what Facebook does, you cannot get
people to quit it, and by people I mean activists, human rights
organizations, etc. The value or pleasure it provides is greater than
the perceived risk of being exposed to its subtle brand of evil. Same
goes with all the hardcore activists I know who use iPhones without
second thought about the closed OS, app censorship, manufacturing
practices, premium cost, etc. They just want a phone that works, that
can take good pictures, stream video and doesn't add more hassle to
their already hassled lives.

If you live somewhere where you cannot get to Facebook or Twitter, and
you really have a need to do that, and Tor works for you, I think
however you feel about Tor being funded by the USG in part, it matters
less than your need to update your status and connect with your global
community. Maybe somewhere down the road, you might take up building
your own version of Tor, but right now, when the rubber hits the road,
you have to use what works.

This also works against Tor in many cases, where people might understand
it is the best option, but will use a less safe VPN or single-hop proxy,
because they want something 'faster' or need to stream a YouTube video
in Flash. In that case, they are following the wrong instincts, but it
is the same mechanic at play.

To bring the discussion back to the top, the problem with Haystack was
not USG funding. The problem was that it didn't work the way it claimed
to, and had no process in place to transparently assure its users that
it could solve problems as they arose. Haystack went from 0 to 60, in
months, trying to solve a problem that takes years of hard work to even
understand. Tor should get credit for playing the long game and showing
up every day, ready to work, even through their software does play Ray
Charles' version of "America the Beautiful" every time you boot it up.

+n

[Message 6]

Date: Fri, 2 Dec 2011 10:21:33 +0100
From: Eugen Leitl <eugen@leitl.org>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] [liberationtech] Not another Haystack right?

----- Forwarded message from liberationtech@lewman.us -----

From: liberationtech@lewman.us
Date: Thu, 1 Dec 2011 14:38:54 -0500
To: Liberation Technologies <liberationtech@lists.stanford.edu>
Subject: Re: [liberationtech] Not another Haystack right?

On Thu, Dec 01, 2011 at 09:44:25AM -0800, evgeny.morozov@gmail.com wrote 15K bytes in 331 lines about:

: Andrew: I had a good laugh reading this but I think you have misunderstood
: the point of the question. Few of us on this list have any doubts about the

I felt a few things coming from the thread, so I figured I would try to
address the broader questions.  Also, cryptome and others need some
new fodder. ;)

Without getting into a broader debate on trust, there are a few things
that Tor works to provide. We work to gain the trust of individuals. We
work to make sure we, and by extension Tor, are trustworthy. Whether
it's a political activist having already lived a nightmare, or an abuse
victim, or some normal person worried about leaking their medical history
to search engines and advertising networks, the first thing they have to
do is to trust that say what we do and do what we say.

Very few people can read our code and understand our designs and
specifications. In many cases, it comes down to person to person
interaction or making a judgement call on the text of our website. Or
they can outsource that trust to a friend who made the decision for them
and just do what the friend does.

I get feedback all the time on how we're doing for trust and
trustworthiness. The feedback doesn't come in the framing of trust, but
rather as feedback about our website, our presentations, our emails,
our published docs, etc. Having a website, clear text on the website,
clear and consistent communications, and actually being honest seem
to be what works. Making claims and backing them up with research and
publications seems to help as well. All of these bits seem to add up to
more trust from the community and forming a more trustworthy
organization.

: That's an interesting sociological question that you can't just explain
: away by saying "but that's because they trust us!", because it's this very
: trust that needs to be explained. Besides, if we do find a good answer to
: this question, it will surely help other projects (which, of course, you
: may or may not be interested in).

I want to help other technologies and projects. I've seen these small
projects have a huge impact in the world. We as a libtech community are
frequently going up against, or routing around, massive organizations
with billions in funding on the other side. There is a large
asymmetry. There is no repressiontech list that I know of, because one
doesn't need to exist.

In my mind, anywhere there is a large asymmetry, there exists
opportunity. We've just begun to see the innovation and competition in
this space. Why do people trust Google? Apple? others? There are entire
MBA courses taught on consumer trust and loyalty.

I'm as interested as others in this topic. I'm not sure a rehashing of
trust is on-topic for this specific email list.

--

Andrew

pgp key: 0x74ED336B