[tor-talk] [liberationtech] Not another Haystack right?

Eugen Leitl eugen at leitl.org
Wed Nov 30 17:05:48 UTC 2011


----- Forwarded message from Joss Wright <joss at pseudonymity.net> -----

From: Joss Wright <joss at pseudonymity.net>
Date: Wed, 30 Nov 2011 11:21:42 +0000
To: Evgeny Morozov <evgeny.morozov at gmail.com>
Cc: Liberation Technologies <liberationtech at lists.stanford.edu>
Subject: Re: [liberationtech] Not another Haystack right?
User-Agent: Mutt/1.5.21 (2010-09-15)

On Tue, Nov 29, 2011 at 07:42:14PM -0800, Evgeny Morozov wrote:
 
> To Brian's question: I'm also very intrigued by this. The common explanation
> that I heard many times is that Tor was conceived as a tool for protecting
> one's online anonymity , not for circumventing government censorship; the
> latter was something that users discovered and embraced on their own. While I
> found this explanation plausible in the past, I'm no longer sure I can buy it
> without some further evidence. Were Tor's developers really that narrow-minded
> as not to understand that the tool can also be used for circumventing
> censorship? We are talking some of the smartest guys out there - and they
> couldn't anticipate it? Something here doesn't compute. Or was the anonymity
> talk just a strategic rhetorical device to deflect attention from the intended
> use? I haven't read all the relevant mailing lists and am just articulating
> common wisdom so it would be good if some people who have been involved with
> Tor for a long time would comment. 

I'm not affiliated with Tor in any way, but have known the lead
developers for a number of years now and hopefully won't represent them
too poorly here. (Apologies to all involved if I do.)

There are a couple of answers to this point. One is that the original
idea of roughly-Tor-style onion routing was developed largely by Paul
Syverson and others. The main intention, as I understand it, was to
allow untraceable communications (in the "resistant to traffic
analysis") sense. More precisely, the goal was to ensure unlinkability
between the sender and the recipient of a communication. They realised
early on that the best way to achieve this was through a system that was
distributed geographically and organizationally, thereby preventing any
one entity (up to the state level) from being "trusted". (Where "trust"
can best be expressed as "you lose the game if they're dishonest".)

I wouldn't be at all surprised if they noticed /relatively/ early on
that this might bypass filtering, but remember that the original
protocol was published in 1996 ("Hiding Routing Information" by
Goldschlag et al. in the first Information Hiding Workshop.). The
importance of the web at that time was much less than currently; the
Chinese Great Firewall project wasn't due to start for another two
years, and wouldn't actually be switched on for another seven. To have
directly aimed this at bypassing the type and level of internet
censorship we deal with today would have been quite prescient.

Having said that, Roger Dingledine's original project was the creation
of an online data haven called "Freehaven" (www.freehaven.net is still
running.) Tor, and a high-latency anonymous email system called
MixMinion were originally meant to be components of that project.
Obviously, Tor ended up dwarfing the entire project, but in one sense
Roger started with the intention of preventing blocking and filtering.

>From what I understand of Freehaven, though, it was more intended to be
an online store of data which would prevent censorship of information.
It was not intended to be an anti-censorship system for the general
web/internet. In that sense, I think that the anti-censorship properties
of Tor were more emergent than planned.

>From my interactions with the Tor project, there certainly seemed to be
a notable shift from treating Tor as a pure "untraceability" tool to an
"untraceability and circumvention" tool a few years ago. It's certainly
not correct to say that users embraced the filtering on their own, but
it's also not meaningful to say that it was some hidden design goal from
the start.

> Secondly, there is another common explanation for Tor's resilience: the fact
> that instead of going after a particular country, they try to be comprehensive
> and guard against any threats to users' online anonymity regardless of their
> location (this is obviously my understanding - please correct if I don't get it
> right). By this logic, tools that take USG funding and go after a particular
> country (as, say, Haystack did) make themselves vulnerable to certain
> conspiracy theories. But this argument, too, doesn't convince me anymore now
> that Iran has been going after Tor quite systematically and the Tor team have
> been modifying their product to ensure it works there. My question is: for how
> long can Tor continue being seen as neutral and not targeting country X if so
> much of their resources is spent on making sure their tool works in country X? 

The Tor Project aim to prevent Tor from being blocked or blockable
anywhere, as you say. Clearly, states that aim to block it will receive
more attention as they aim to work around the blocks. From the point of
view of the Tor developers, as opposed to the perception that the tool
has in the eyes of a given community, I would say that they're more
focused on defeating blocking approaches than on defeating a nation's
blocks.

It's also probably worth noting that certain types of Tor blocking, such
as Iran's blocking based on the Diffie-Hellman parameter used by Tor in
its TLS handshake, were relatively easy to fix when they were noticed.
(In that case the fix was a relatively trivial few lines of code.)
China's blacklisting of Tor nodes and bridges is not so easy to fix, and
so requries a much greater effort on the part of the developers. What's
convenient is that there are a relatively limited number of ways to go
about blocking Tor, and so fixing any one method prevents any other
country from using the same technique.

Of course, the question here isn't really whether they are targeting a
country, but whether they are perceived as targeting a country. This is
exactly the same point as whether receiving funding from the US
government biases a tool: the actuality is of little importance, the
perception in the minds of the potential users is paramount. Tor
certainly receives a constant low level of criticism that it's just a
tool of the US government to monitor the internet; no amount of open
source, open design and transparent funding can convince someone who is
predisposed to the conspiracy theory.

Whether having the endorsement of an academic institution, no matter how
prestigious, has any truly significant effect in the global usage of a
tool, particularly when weighed against other factors such as its ease
of use, functionality, word-of-mouth reputation or availability, seems
questionable.

> Please note that this is not some meta-point about the ethics of taking (and
> offering) USG money to activists and NGOs; my views on this quite complex. It's
> simply an expression of my continued besument at some folks at the Berkman
> Center who keep pretending that none of this matters and that "they are only
> here to help". 
> 
> Evgeny
> 
> On Tue, Nov 29, 2011 at 5:05 PM, Brian Conley <brianc at smallworldnews.tv> wrote:
> 
>     Also, GV is avowedly opposed to taking USG funding, as it's been related to
>     me recently by Ivan Sigal, their Executive Director. I believe they have
>     always been opposed to it, including funding via a pass through or as a
>     subcontractor or subgrant receiver. My understanding is that this is
>     primarily due to the attitude about USG funding in the Middle East, whereas
>     GV *does* receive funding from other organizations connected to governments
>     other than the United States.
> 
>     Brian
> 
> 
>     On Tue, Nov 29, 2011 at 3:58 PM, Jillian C. York <jilliancyork at gmail.com>
>     wrote:
> 
>         Katrin,
> 
>         First off, while this debate may not be pertinent to this thread
>         (admittedly, I only brought it up because I misunderstood Brian's
>         comments), I do think it's a useful discussion to have, as many tool
>         developers don't seem to think about the impact of their funding on
>         users.
> 
>         Now, facts: I've been publicly critical of USG (and specifically, State
>         /DRL) funding since I worked at Berkman, so I'm not sure what kind of
>         "gotcha" you're trying to pull here.  Berkman incubated Global Voices
>         (but did not receive USG funding for it, nor has GV ever received USG
>         money to my knowledge), and Berkman received USG funding for research. 
>         I don't see what either of those facts have to do with USG funding of
>         tools or trainings, both of which have direct impact on individuals
>         (whereas research does not, though of course impact may be indirect).
> 
>         To be clear, I'm not wholly opposed to USG funding.  There are obvious
>         pluses and minuses, but speaking narrowly, if we take circumvention as
>         a singular example, it's extremely clear that USG has in the past and
>         perhaps continues to fund tools that are not vetted, not secure, and
>         not safe.  Add to that the fact that some folks in MENA, and likely
>         elsewhere, don't trust the USG, tool developers would be well-advised
>         to tread with caution.
> 
>         You may think this debate is off the mark, and again, it is clearly not
>         relevant to the original thread (and for that I apologize).  But given
>         that it's at the top of the list for discussion at every single Arab
>         blogging-type event I've ever been to, I don't think you're in a place
>         to call it irrelevant.
> 
>         Best,
>         Jillian
> 
> 
>         On Tue, Nov 29, 2011 at 3:02 PM, Katrin Verclas <
>         katrin at mobileactive.org> wrote:
> 
>             Eh, Jillian - it's not that your former employer, the Berkman
>             Center, ever received USG funding or supported a bloggers
>             network...oh wait...
> 
>             I think this debate is really off the mark, unhelpful and
>             needlessly ideologically narrow as well as playing into all sorts
>             of conspiracy theories.  In the end, the ethics, quality of the
>             work and the transparent conduct and legitimacy of the organization
>             and any local partners speaks far louder than where the funding
>             comes from.  And yes, speaking as a USG grantee who treads very
>             carefully to make sure that our work and conduct speaks for itself
>             in the end.
> 
>             Now, go ahead and beat on me as y'all are want to do ... :)
> 
>             Katrin
> 
>             On Nov 29, 2011, at 2:16 PM, Jillian C. York wrote:
> 
>             > I'm desperately curious as to why anyone thinks that USG funding
>             makes something somehow more valid in the eyes of the tool's
>             recipients/users.  "Viability" perhaps, but validity?  Surely you
>             don't believe that.
>             >
>             > On Tue, Nov 29, 2011 at 10:53 AM, Michael Rogers <m-- at gmx.com>
>             wrote:
>             > Hi Brian,
>             >
>             > Thanks for the questions - answers below.
>             >
>             > On 29/11/11 18:22, Brian Conley wrote:
>             > > 1. what are some use-cases you see for Briar? That is not clear
>             from
>             > > your site, other than "Briar is a secure news and discussion
>             > > system designed to be used by journalists, activists and civil
>             society
>             > > groups in authoritarian countries. "
>             > >
>             > > How would they use it? What would they do with it? What are
>             their goals,
>             > > and for what reasons would they choose Briar over, say, secret
>             Facebook
>             > > groups run over TOR and HTTPS (there may be lots of problems
>             with that
>             > > example, its just an example that I think activists are likely
>             to
>             > > utilize, and I know of at least one case where a "secret
>             facebook group"
>             > > has been used to coordinate actions in an Arab country, though
>             I doubt
>             > > they were using any additional security in most cases)
>             >
>             > I hope people will use Briar for anything they currently use
>             blogs,
>             > mailing lists, Facebook groups and private emails for. But since
>             it's
>             > inconvenient to adopt new tools, I'd imagine its main appeal will
>             be to
>             > users who feel they're at risk of surveillance or censorship.
>             >
>             > When compared to Facebook, the advantages of Briar would include:
>             > * Messages can be posted anonymously or pseudonymously
>             > * Facebook and its partners don't have access to private messages
>             > * Users in the same country don't need to "climb the wall" to
>             > communicate with each other
>             >
>             > Of course, there are disadvantages too - not least of which is
>             that
>             > Facebook can be accessed from any computer with a browser.
>             >
>             > > With regard to its use by journalists especially, how will
>             sources be
>             > > able to be identified? Although you may not want people to know
>             that
>             > > Brian Joel Conley who lives in Portland OR, etc said X, Y, and
>             Z, a
>             > > journalist will need to know that X, Y, and Z were all said by
>             the same
>             > > source, among other needs.
>             >
>             > If someone needs to prove that two or more messages come from the
>             same
>             > source, she can sign those messages with a pseudonym. The
>             pseudonym
>             > doesn't need to be connected to her real identity in any way, and
>             she
>             > can use multiple pseudonyms without anyone, including her trusted
>             > contacts, being certain that those pseudonyms belong to her.
>             >
>             > If someone needs to confirm that a pseudonym belongs to a
>             specific
>             > individual, she has to meet that individual face-to-face. Briar
>             has
>             > nothing equivalent to PGP's web of trust that could be used to
>             attest
>             > that "key X belongs to person Y according to person Z".
>             >
>             > > 2. who is funding your project? Are you being public about
>             this? If not,
>             > > it raises some concerns for the validity and viability of the
>             project,
>             > > though it may also be understandable given the subject matter.
>             If it's
>             > > not being funded by the Broadcast Board of Governors already,
>             and you're
>             > > willing to consider USG funding, let me know and I'm happy to
>             put you in
>             > > touch with some folks who may be able to assist.
>             >
>             > Thanks, that would be fantastic! The project has previously been
>             funded
>             > by the Small Media Initiative but isn't currently receiving any
>             funding.
>             > If we do, we'll be transparent about it.
>             >
>             > Cheers,
>             > Michael
>             > _______________________________________________
>             > liberationtech mailing list
>             > liberationtech at lists.stanford.edu
>             >
>             > Should you need to change your subscription options, please go
>             to:
>             >
>             > https://mailman.stanford.edu/mailman/listinfo/liberationtech
>             >
>             > If you would like to receive a daily digest, click "yes" (once
>             you click above) next to "would you like to receive list mail
>             batched in a daily digest?"
>             >
>             > You will need the user name and password you receive from the
>             list moderator in monthly reminders.
>             >
>             > Should you need immediate assistance, please contact the list
>             moderator.
>             >
>             > Please don't forget to follow us on http://twitter.com/#!/
>             Liberationtech
>             >
>             >
>             >
>             > --
>             > jilliancyork.com | @jilliancyork | tel: +1-857-891-4244 | google
>             voice: +1-415-562-JILL
>             >
>             >
>             >
>             > _______________________________________________
>             > liberationtech mailing list
>             > liberationtech at lists.stanford.edu
>             >
>             > Should you need to change your subscription options, please go
>             to:
>             >
>             > https://mailman.stanford.edu/mailman/listinfo/liberationtech
>             >
>             > If you would like to receive a daily digest, click "yes" (once
>             you click above) next to "would you like to receive list mail
>             batched in a daily digest?"
>             >
>             > You will need the user name and password you receive from the
>             list moderator in monthly reminders.
>             >
>             > Should you need immediate assistance, please contact the list
>             moderator.
>             >
>             > Please don't forget to follow us on http://twitter.com/#!/
>             Liberationtech
> 
> 
>             Katrin Verclas
>             MobileActive.org
>             katrin at mobileactive.org
> 
>             skype/twitter: katrinskaya
>             (347) 281-7191
> 
>             Check out the new Mobile Media Toolkit at
>             http://mobilemediatoolkit.org. To "Making Media Mobile!"
> 
>             A global network of people using mobile technology for social
>             impact
>             http://mobileactive.org
> 
> 
> 
> 
> 
>         --
>         jilliancyork.com | @jilliancyork | tel: +1-857-891-4244 | google voice:
>         +1-415-562-JILL
> 
> 
> 
> 
>         _______________________________________________
>         liberationtech mailing list
>         liberationtech at lists.stanford.edu
> 
>         Should you need to change your subscription options, please go to:
> 
>         https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
>         If you would like to receive a daily digest, click "yes" (once you
>         click above) next to "would you like to receive list mail batched in a
>         daily digest?"
> 
>         You will need the user name and password you receive from the list
>         moderator in monthly reminders.
> 
>         Should you need immediate assistance, please contact the list
>         moderator.
> 
>         Please don't forget to follow us on http://twitter.com/#!/
>         Liberationtech
> 
> 
> 
> 
>     --
> 
>      
> 
>     Brian Conley
> 
>     Director, Small World News
> 
>     http://smallworldnews.tv
> 
>     m: 646.285.2046
> 
>     Skype: brianjoelconley
> 
> 
> 
>     _______________________________________________
>     liberationtech mailing list
>     liberationtech at lists.stanford.edu
> 
>     Should you need to change your subscription options, please go to:
> 
>     https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
>     If you would like to receive a daily digest, click "yes" (once you click
>     above) next to "would you like to receive list mail batched in a daily
>     digest?"
> 
>     You will need the user name and password you receive from the list
>     moderator in monthly reminders.
> 
>     Should you need immediate assistance, please contact the list moderator.
> 
>     Please don't forget to follow us on http://twitter.com/#!/Liberationtech
> 
> 

> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders.
> 
> Should you need immediate assistance, please contact the list moderator.
> 
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech


-- 
Joss Wright
http://www.pseudonymity.net
_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE


More information about the tor-talk mailing list