So I just finished up reading Quinn Norton defending TOR in a counter-piece to Yasha Levine’s initial questioning of the funding behind the developers that create TOR, and while there were some things I think that she said well, particularly in how systems like TOR work and the math that underlies strong-cryptography, I still found myself shaking my head by the end of the article from some of the things that she left unsaid.
First off, what she gets right:
I want to say immediately that when Yasha Levine went looking at the project’s funding, he was following a tradition of vital and good journalism. “Follow the money” is a maxim of investigation that will rarely lead you wrong, especially in matters of political policy. There are only a few places where funding can’t influence the contents of the outcome – maybe fundamental physics, and math, and not much else. Math is as far from policy as human endeavor gets. Math either works or it doesn’t work, and that is true for everyone in this galactic cluster, at the very least. What makes Tor different from the usual thesaurus-full of government projects is that Tor is essentially a very elaborate math trick, using layers of math puzzles to create a network-within-the-network. That math is being implemented in front of a global audience of millions of sophisticated watchers. It is likely the most examined codebase in the world. It has been subjected to multiple public audits. The math, well known and widely standardized, will work for everyone, or it will not, whoever pays the bills.
This is spot-on from a technical standpoint. Policy decisions don’t change math, anymore than ignoring climate change will make it go away. My initial view of Yasha Levine’s article was much in the same vein that Norton’s take on it above is: from a journalistic standpoint he was doing his due diligence, but from a technical standpoint the funding didn’t matter. So far so good.
But there’s a problem with taking a purely technical angle on this: any project like TOR, math and all, *is* subject to subversion in any number of scenarios. To expand on that, first I’ll quote Norton again:
Occasionally the stars align between spooks and activists and governments and anarchists. Tor, like a road system or a telephone network or many pieces of public infrastructure, is useful to all of these people and more (hence the debate on child pornographers and drug markets), because it’s just such a general architecture of encryption. The FBI may want Tor to be broken, but I promise any spies who are counting on it for mission and life don’t. Once again, math makes the final call — a bug in Tor exposes the US Government users as surely as it does a Silk Road-style site. A “backdoor” could get concealed in code or in the particular implementation of the cryptographic math, but there’s no way it could only be a backdoor for the US Government, and there’s no way anyone using such a flaw could ever know if it was being used by someone else.
There’s an underlying assumption being made by Norton here that deserves being challenged: the idea that the U.S. Government is a monolithic entity, that the bonds of government brotherhood (or even the bonds of practicality) will hold different alphabet soup lettered agencies together. That the FBI wants TOR broken is not speculation, they’ve said as much. That the spies who rely on it don’t want it broken is also a fair assumption. But what Norton has missed here is that not all spies are necessarily working in lockstep. It’s not too difficult to imagine a scenario where, say, the CIA wants TOR to be functional and rock solid for their own purposes – but the NSA, on the other hand would rather TOR have a back door in it. We live in a country that has 17 different intelligence agencies; agencies with different budgets, different people running the show, and even from what we lowly peons can see, often different agendas. And remember: the power that these agencies hold is *staggering* – if you think it’s inconceivable that the NSA would do everything it could to undermine TOR despite the fact that it would weaken it for CIA agents in the field, well I have some beachfront property in Oklahoma to sell you.
Now, all that being said I’m obviously speculating here. For all I know, things stand as Norton has claimed – indeed as someone who’s used TOR extensively in the past, I’d love to believe it does stand this way. But there’s another troubling aspect to this that she fails in her entire post to even mention indirectly: the conduct of the developers behind any given project should be taken into account when that conduct itself is directly counter to their stated aims.
Behind the above board wrangling between various TOR developers and Yasha Levine, something else happened that Norton is certainly aware of, and ought to have mentioned: some of the lead developers of TOR doxxed a critic of theirs. Doxxing, if you’re unfamiliar with the term, is stripping someone’s anonymity online by posting up personal information. It’s a shitty, shitty practice with often life-ruining consequences. The critic in this case was a twitter user by the name of JBJabroni. JB was obnoxious in my view, insulting often, and definitely walked a line of misogyny (again in my view – I’m not particularly interested in debating whether it was or not). But he was also, very very often, putting forth legitimate criticisms. Those of us who interacted with him on twitter usually characterized him as someone who “connected dots”. Again, I’m not defending his ‘trolling’ as the TOR devs have labeled it – because it’s frankly irrelevant. [Note: in case it was unclear from this, I don’t even *provisionally* support doxxing – even if it’s someone I don’t personally agree with. For more on this particular doxxing, and the absolute viciousness behind it, I’d recommend this excellent piece from @RancidSassy] [Note 2: I’m not going to edit it, since I said it I’ll own it, but several people have pointed out that JB really wasn’t misogynist – and I think I agree. Sexist, maybe, but not misogynist]
The TOR devs that performed the doxx (and their supporters) 1) unmasked his anonymity and 2) apparently called his place of work and got him fired.
Think about that for a minute.
TOR’s primary purpose is anonymity. It’s devs pride themselves on keeping activists around the world anonymous, protecting them from the repercussions of having unpopular opinions in regards to power, etc. They champion anonymity as a way for this to work, and they say that TOR is their contribution to that.
And they unceremoniously ripped that anonymity away from someone because they didn’t like what they had to say.
What Quinn Norton’s post misses, as it so deftly explains the math behind cryptography, is that as non-technical users we are forced to trust the motives of the people developing the software that *uses* that math. Yasha Levine’s article was in that vein, even if it was hamfisted in places when it came to the tech – but if that had been the end of it, if the TOR devs had simply said “here’s what we have developed, and here’s our track record of being committed to anonymity” then I’d have very little to say. But how am I supposed to trust TOR now? Given the Chinese government’s history of online censorship, would I trust them if they told me that a tool they’d developed would help me avoid censorship? Like it or not, TOR devs live in a world where most people aren’t as technical as them. They can say until they’re blue in the face that we can trust the code, trust the math, trust the audits, trust that the project is Open Source – but for the average TOR user, they have to trust the people telling them to trust.
When anonymity activists violate someone’s anonymity… well, trust is thin at that point.