In March of 2017, Linux Magazine published an article titled Invisibility Cloak in which they described the Tails operating system and how it provides anonymity via Tor (Thommes 2017).  Several months later, Engadget ran a story called ‘Karma's New Hotspot Gives Users a Cloak of Invisibility’, describing a new Tor enabled router (England 2017).  Perhaps this conception of an invisibility cloak was best summed up in a Gizmodo article from 2014 titled ‘Tor Is Still Safe’, the first sentence of which reads “Tor is having a bit of a crisis, as it's become increasingly clear that the wildly popular network isn't the internet invisibility cloak it was once thought to be.” (Aguilar 2014)  While this notion of an invisibility cloak is attractive for many reasons - even romanticized in folklore and popular fiction - the focus on the technology itself perpetuates a dangerous misconception about anonymity on the Internet, and misses the real story of Tor: a conflict over what the cloak conceals.

In 1995, researchers at the US Naval Research Lab (NRL) started working on a new problem.  How, in the face of increasing Internet surveillance, could US operatives communicate digitally without revealing their identities and locations?  As Michael G. Reed, one of the main NRL researchers put it “Can we build a system that allows for bi-directional communications over the Internet where the source and destination cannot be determined by a mid-point?” (Reed 2011)  Over the next six years, Reed, along with colleagues David Goldschlag and Paul Syverson would develop an answer in the form of Onion Routing.  First described by the trio in their paper Hiding Routing Information, Onion Routing refers to a method of layering encrypted communications, much like the layers of an onion, across multiple random hosts before finally arriving at the destination (Goldschlag et al. 1996).  The resulting communication channel anonymizes a request such that the requestor’s location appears to be a host - or layer - within ‘the onion’, instead of the requestor’s actual location. Additionally, no single node within the onion can fully decrypt the communication.  Though this may sound like an invisibility cloak of sorts, there is a key difference: a physical invisibility cloak renders the wearer invisible such that someone looking at her wouldn’t know anything was there. Instead, ‘invisibility’ on the Internet - in this case - refers to encryption, the physical analog of which would be seeing something human sized, but being unable to determine who or what it was.  

The problem, and the reason the invisibility cloak analogy is so dangerous stems from this difference.  If it’s known that only one entity possesses the cloak, its value is severely limited, providing little benefit beyond what a direct encrypted channel would offer: privacy, but not anonymity [1].  Anyone seeing the human-shaped object would know who was under it, despite not being able to actually see them. For US operatives to be effectively anonymized then, required that Onion Routing be used by a variety of people for a variety of activities.  As Rolling Stone reported, “..Syverson and his team made a decision [Syverson] calls ‘central to the security of the system’: They designed Tor to be freely available online and open-sourced…” (Kushner 2015).

Following the patenting of the NRL’s Onion Routing design in 2001, Syverson, along with MIT students Roger Dingledine and Nick Mathewson began building an open-source implementation (Reed et al. 2001).  They called themselves the ‘Tor’ Project, originally for ‘The onion routing project’ (The Tor Project 2018). On September 20, 2002, Dingledine announced version 0.0.0 of Tor writing “The onion routing network is functional and deployed” followed by instructions for acquiring and running an “onion proxy.”  He continued “It's not terribly diverse yet, but heck, it's just for show for now.” (Dingledine 2002) Since that announcement, Tor has grown enormously. Speaking at DEFCON in October of 2017, Dingledine reported that there were likely about two million daily tor users. (Dingledine 2017)

One aspect of the Tor Project which harkens back to its military roots are its sources of funding.  According to the Tor Project’s website, these have included the Defense Advanced Research Projects Agency (DARPA), the Office of Naval Research (ONR), the NRL, the US Department of State’s Bureau of Democracy, Human Rights and Labor, and the National Science Foundation (NSF).  Germany’s Federal Foreign Office even briefly sponsored Tor in 2015 (The Tor Project 2018). At the same time, the National Security Agency (NSA) has been trying to compromise it. An NSA presentation leaked by Edward Snowden in 2013 titled ‘Tor Stinks’ outlined a combined British - via their NSA-like organization the Government Communications Headquarters (GCHQ) - and American effort to deanonymize Tor users (Snowden 2012).  While reporters love to ask Tor representatives about this seeming conflict of interest, Tor Project affiliates brush this off as typical. In a BBC interview in 2014, then Tor Project executive director Andrew Lewman quipped “..it's sort of funny because it also came out that GCHQ heavily relies on Tor working to be able to do a lot of their operations”, continuing “it's typical within governments or even within large agencies that you have two halves of the same coin going after different parts of Tor. Some protect it, some try to attack it.” (Lewman 2014)

Despite the resources at the disposal of agencies interested in undermining Tor, like the NSA, it is today widely considered to be the most effective method for maintaining anonymity online (Thomson 2017) (“User Advocate” 2018).  During the Arab Spring, it was a key piece of the dissident tool-kit, allowing revolutionaries in Arab countries like Egypt to communicate, organize themselves and perhaps most critically, access social media in spite of wide-scale Internet censorship (Brown et al. 2012).  Its effectiveness, in part, prompted the Egyptian government to take the unprecedented action of disabling nearly all Internet access in the country (Williams 2011), however this was seen as desperation on the part of the government, and emboldened the dissidents ("Egypt" 2012).  Within a month of cutting most Internet access, Hosni Mubarak, Egypt’s then president, abdicated. During the Arab Spring, social media was so important that the revolutions are often referred to as either ‘Facebook’, or ‘Twitter’ revolutions (Shearlaw 2016). Given this, and that the embattled regimes often tried to cut access to social media, the importance of Tor providing the means to circumvent governmental restrictions cannot be understated.

The Arab Spring narrative places Tor in a positive light, as a technology which helped promote democracy and free speech, and which helped topple such autocratic regimes as Mubarak’s. However an alternative, darker, narrative exists.  A narrative often heralded by intelligence and law enforcement agencies like the FBI, NSA and GCHQ. This alternative gained traction in 2011 with the explosive, and unprecedented popularity of the ‘The Silk Road’. The public’s awe at the online drug marketplace hidden within the Tor network, produced headlines like The Underground Website Where You Can Buy Any Drug Imaginable and From Marijuana to LSD, Now Illegal Drugs Delivered on Your Doorstep (Gayathri 2011) (Chen 2011).  The story grew to the point where US congressman Chuck Schumer publicly called on the Drug Enforcement Agency (DEA) to shut it down (Greenberg 2014). The saga ended with the sensational take down of the Silk Road architect and chief operator Ross Ulbricht aka ‘Dread Pirate Roberts’ in October of 2013, who, like Capone before him, was taken down by the Internal Revenue Service (Popper 2015).

In a 2014 speech at MIT, then GCHQ chief Robert Hannigan said that though there were legitimate uses for Tor, it was “these days dominated in volume by criminality of one sort or another.” (Worth 2016)  The Tor Project, which publicly publishes all data it collects, has reported since 2014 that the amount of traffic accessing hidden services, or those sites which may be criminal yet protected from traditional law enforcement by Tor, is around three percent of total Tor traffic (Dingledine 2017).  Perhaps this disparity between rhetoric and evidence is best seen in the dramatic change in Lewman’s pronouncements on Tor from when he was the Project’s executive director, compared to those he made once he began working in a private security firm. During his 2014 interview with the BBC, Lewman responded to a question about crime and Tor by saying “Tor is spun out to be some big bogeyman to scare people into giving agencies more funding, and that's exactly what I'd expect agencies to do.” (Lewman 2014)  Three years later, as the vice president of OWL Cybersecurity - whose website’s ‘Our Story’ section begins “We are the darknet experts” - he claimed “What’s changed most about Tor is the drug markets have taken over.” (“Our Story” 2018) (O’Neill 2017) While Lewman goes on to explain that he’s talking about specifically about Tor’s hidden services, the difference in tone is apparent.

Clearly, intelligence organizations have an odd, multifaceted relationship with Tor.  They benefit from it directly, as their agents can make use of it to communicate anonymously, while at the same time being in conflict with it, as their adversaries can cloak themselves with the same technology.  This duality appears clearly when examining the users of Tor, which include both intelligence operatives - like those it was originally conceived of to protect - and criminals like Ulbricht. It appears also in Tor’s sources of funding, which have included governmental sources as close to the intelligence community as the ONR and DARPA, as well as non-governmental organizations and human-rights watchdog groups.  The conflict in rhetoric between those looking to cast Tor in a negative light, like Hannigan and Lewman, and those supporting it, like privacy advocates such as Dingledine, may remain rhetorical. Being an anonymity network, Tor is by design difficult to collect data on. Even during large-scale events like the Arab Spring, it’s difficult - if not impossible - to say with certainty whether or not Tor was instrumental.  Directly after the event, however, general consensus held that Tor was indispensable, and for now, that consensus remains largely unshaken (Greenberg 2017) (Brown et al. 2012).

Notes:

  1. Generally, privacy is the assurance that messages you send will not be readable by anyone other than their intended recipient.  Anonymity is the security property of being able to send a message without being identified as the sender. Through encryption, standard Internet traffic (like IP using TLS and certificates) assures privacy to a high degree, while there are no assurances of anonymity.

References:

  • Aguilar, Mario. 2014. "Tor Is Still Safe". Gizmodo.Com. https://gizmodo.com/tor-is-still-safe-1669011966.
  • Brown, Heather, Emily Guskin, and Amy Mitchell. 2012. "The Role Of Social Media In The Arab Uprisings". Pew Research Center's Journalism Project. http://www.journalism.org/2012/11/28/role-social-media-arab-uprisings/.
  • Chen, Adrian. 2011. "The Underground Website Where You Can Buy Any Drug Imaginable". Gawker. https://web.archive.org/web/20110613040631/http://gawker.com/5805928/the-underground-website-where-you-can-buy-any-drug-imaginable.
  • David M. Goldschlag, Michael G. Reed, and Paul F. Syverson. 1996. Hiding Routing Information. In Proceedings of the First International Workshop on Information Hiding, Ross J. Anderson (Ed.). Springer-Verlag, London, UK, UK, 137-150.
  • Dingledine, Roger. 2002. "Pre-Alpha: Run An Onion Proxy Now!". Archives.Seul.Org. http://archives.seul.org/or/dev/Sep-2002/msg00019.html.
  • Dingledine, Roger. 2017. "Next Generation Tor Onion Services". Presentation, DEF CON 25, , 2017.
  • "Egypt". 2012. Freedomhouse.Org. https://freedomhouse.org/report/freedom-net/2012/egypt.
  • England, Rachel. 2017. "Karma's New Hotspot Gives Users A Cloak Of Invisibility". Engadget. https://www.engadget.com/2017/08/02/karmas-new-hotspot-gives-users-a-cloak-of-invisibility-security/.
  • Gayathri, Amrutha. 2011. "From Marijuana To LSD, Now Illegal Drugs Delivered On Your Doorstep". International Business Times. http://www.ibtimes.com/marijuana-lsd-now-illegal-drugs-delivered-your-doorstep-290021.
  • Greenberg, Andy. 2014. "NY Senator Calls For Renewed Crackdown On Dark Web Drug Sales". WIRED. https://www.wired.com/2014/10/schumer-crackdown-on-dark-web-drug-sales/.
  • Greenberg, Andy. 2017. "How To Use Tor And Go Anonymous Online". WIRED. https://www.wired.com/story/the-grand-tor/.
  • Kushner, David. 2015. "The Darknet: The Battle For 'The Wild West Of The Internet'". Rolling Stone. https://www.rollingstone.com/politics/news/the-battle-for-the-dark-net-20151022.
  • Lewman, Andrew. 2014. Tor Project's struggle to keep the 'dark net' in the shadows. Interview by Leo Kelion. In person.
  • O'Neill, Patrick Howell. 2017. "Tor's Ex-Director: 'The Criminal Use Of Tor Has Become Overwhelming' - Cyberscoop". Cyberscoop. https://www.cyberscoop.com/tor-dark-web-andrew-lewman-securedrop/.
  • "Our Story". 2018. Darkowl - Darknet Big Data. https://www.darkowl.com/our-story/.
  • Popper, Nathaniel. 2015. "The Tax Sleuth Who Took Down A Drug Lord". Nytimes.Com. https://www.nytimes.com/2015/12/27/business/dealbook/the-unsung-tax-agent-who-put-a-face-on-the-silk-road.html.
  • Reed, Michael, Paul Syverson, and David Goldschlag. 2001. Onion Routing Network For Securely Moving Data Through Communications Networks. 6266704, and issued 2001.
  • Reed, Michael. 2011. "[Tor-Talk] Iran Cracks Down On Web Dissident Technology". Lists.Torproject.Org. https://lists.torproject.org/pipermail/tor-talk/2011-March/019913.html.
  • Shearlaw, Maeve. 2016. "Egypt Five Years On: Was It Ever A 'Social Media Revolution'?". The Guardian. https://www.theguardian.com/world/2016/jan/25/egypt-5-years-on-was-it-ever-a-social-media-revolution.
  • Snowden, Edward. 2012. "Tor Stinks". Presentation, NSA, , 2012.
  • The Tor Project, Inc. 2018. "Tor Project: FAQ". Torproject.Org. https://www.torproject.org/docs/faq.html.en#WhyCalledTor.
  • Thommes, Ferdinand. 2017. "Invisibility Cloak". Linux Magazine, , 2017.
  • Thomson, Iain. 2017. "Dark Web Doesn't Exist, Says Tor's Dingledine. And Folks Use Network For Privacy, Not Crime". Theregister.Co.Uk. https://www.theregister.co.uk/2017/07/29/tor_dark_web/.
  • "User Advocate”. 2018. Torproject.Org. https://www.torproject.org/about/jobs-useradvocate.html.en.
  • Williams, Christopher. 2011. "How Egypt Shut Down The Internet". Telegraph.Co.Uk. https://www.telegraph.co.uk/news/worldnews/africaandindianocean/egypt/8288163/How-Egypt-shut-down-the-internet.html.
  • Worth, Dan. 2016. "GCHQ Director Says Tor Is A 'Brilliant Invention'". Http://Www.Theinquirer.Net. https://www.theinquirer.net/inquirer/news/2450117/gchq-director-says-tor-is-a-brilliant-invention..com/marijuana-lsd-now-illegal-drugs-delivered-your-doorstep-290021.
# Reads: 2654