Tor Project 2008 Tax Return Now Online
Roger Dingledine
arma at mit.edu
Sat Aug 14 20:32:14 UTC 2010
On Sat, Aug 14, 2010 at 12:26:57PM +0100, Anon Mus wrote:
> It looks like 90% of the funding is from the US, nearly all US government.
If you know any funders outside the US who care about privacy, anonymity,
or circumvention, we're all ears. :)
> Add to this the number of Tor nodes run from US institutions (many at US
> gov funded edu's) and you should be able to see who that "Global
> Adversary" is!
>
> **** US - GOV ****
Conspiracy theories aside, this is an important open research question
that still needs more research attention: if you can watch a given amount
of Internet backbone traffic, how much of the Tor network can you surveil?
Here are three papers to get you started if you want to learn more about
this issue:
http://freehaven.net/anonbib/#feamster:wpes2004
http://freehaven.net/anonbib/#DBLP:conf/ccs/EdmanS09
http://freehaven.net/anonbib/#murdoch-pet2007
Designs like Tor have always accepted that they will be vulnerable to
a global passive adversary:
https://svn.torproject.org/svn/projects/design-paper/tor-design.html#subsec:threat-model
The key point to realize here is that you shouldn't so much think about
the locations of the Tor relays, but instead think about which networks
the communication between Tor users and the Tor network traverses,
and which networks the communication between the Tor network and the
destination services (e.g. websites) traverses. The Internet itself has
bottlenecks that make our task hard even if we could engineer a good
diversity of relay locations.
We can certainly imagine that some pieces of the US government have the
capability to tap large pieces of the Internet:
https://www.eff.org/nsa/faq
But what saves us here is that the US government, like all governments,
is not one person. It's a lot of different groups, all with different
goals and different capabilities. So a) that means some parts of the
government actually want to support freedom of speech and/or need for
themselves the security properties that Tor provides, and b) there's a
huge amount of bureaucracy to slow down coordination between different
pieces of the government -- so even if somebody at NSA can beat Tor,
that doesn't mean somebody at FBI can call him up and ask for answers.
--Roger
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list