[tor-project] Tor as critical infrastructure
Roger Dingledine
arma at mit.edu
Sun Nov 18 21:42:20 UTC 2018
Tor is critical infrastructure across several very different spectra:
- The underlying Tor proxy is the component that many internet freedom
projects, from Briar to Onion Browser, rely on for their security
properties.
- The Tor Project is the origin and center of the pluggable transports
idea, where our modularity means that tools like Lantern and Tunnelbear
can (and do) directly reuse our obfs4 system for their own censorship
circumvention goals.
- OONI is increasingly becoming recognized as a core building block in
assessing and understanding Internet censorship around the world.
- Our browser changes in Tor Browser are changing the landscape of browser
security, for example with Firefox declaring fingerprinting resistance as
one of their top next priorities, and with Firefox and Brave and others
wanting to bake Tor in to their "actually private browser mode" plans.
- Facebook, New York Times, Securedrop, and many others have adopted
Tor onion services as a safer security layer ("like https but better")
for their users to reach their websites and other services.
Some years ago the US Congress asked DRL to do a study of their funded
projects, and one of the findings was that Tor was central to half of
their projects at the time:
https://www.rand.org/pubs/research_reports/RR794.html
(see pages 73-74)
That is, those projects wouldn't be able to accomplish their goals
without relying on Tor for security and privacy and censorship resistance.
We've always known Tor was in the middle of many efforts to improve lives
around the world, but we would be wise to write this up in a way that
others can recognize.
Here are some potential concrete next steps:
* A blog post with the above details and others that we brainstorm,
to pull together all the parts of Tor that are critical infrastructure
for other projects.
* A condensed version for our future website, so the topic doesn't get
lost in an old blog post.
* A brochure-sized version that we can print out and give out at booths
and conferences, alongside the "run a relay" advocacy brochures.
* An intermediate-size version that we can use in funding proposals to
remind funders of our critical role in this space -- not just for the
traditional "internet freedom" funders but also for foundations and
major donors and others who need help understanding our world.
(On this last point, I had a discussion with one of our DRL program
managers about Tor-as-critical-infrastructure, and he reminded me that
DRL's charter is to not fund infrastructure. But even that is fine:
everybody wants to see the stuff they fund get transitioned to broader
use, and even when we aren't asking them to fund "infrastructure"
directly, we can show them our consistent track record: "when you fund
Tor things, it always ends up benefiting a much larger ecosystem.")
--Roger
More information about the tor-project
mailing list