Tor Logo

Recently, Seattle police raided the home of a privacy activist who maintained a Tor exit node, claiming they were informed child pornography was downloaded from his IP address. This raid was very unusual in the sense that none of the accused computers were seized. After explaining he ran a Tor exit node and giving up his passwords, the police examined his computers and left1. Later it was discovered that the police knew about the Tor exit node and didn’t inform the judge during the warrant process2. Given the unusual way in which the raid was executed, it is quite possible this was intentionally a means to harass someone simply for maintaining a Tor exit node.

In a case where officials in Germany believed bomb threats came from an individual who ran a Tor node, Alex Janssen was searched and integrated by police in 2007. The police in this situation were so ignorant of how Tor nodes worked that even though they searched the accused house and confiscated his equipment, they didn’t even touch the actual Tor node running in a data center nearly 500km away3.

Even though it didn’t help him, Janssen had enough sense not to run a Tor exit node from his house, as did the person in the Seattle incident. Running a Tor exit node from a home is not recommended by Tor developers. Various FAQs on starting a Tor node suggest that nodes be on separate IP address and networks from any non-Tor traffic. Janssen decided to stop running a Tor node after the incident. That same year, Germany passed StGB Section 202c, making it a crime to produce and distribute security software within the country. Due to the vague wording of the law, projects such as KisMAC decided to move their hosting and operations outside the country4, and the legality of running Tor exit nodes in Germany entered a dangerously gray area.

“The United States government can’t simply run an anonymity system for everybody and then use it themselves only. Because then every time a connection came from it people would say, ‘Oh, it’s another CIA agent.’ If those are the only people using the network.” —Roger Dingledine, co-founder of the Tor Network, 20045

Despite all the fear surrounding Tor, it’s interesting to note that Tor was originally funded by US government defense agencies including DARPA and the US Navy6. It’s being put under the cross-hairs of different arms of the same government that created it, potentially to hide their own clandestine operations.

Advocates for Tor claim it can benefit people who live under oppressive governments by providing a way past government censorship. One might assume such technology wouldn’t be necessary in a nation that protected freedom of speech and expression. However, a recent paper by the Centre for International Governance Innovation in Canada shows that Tor usage is on a u-shaped curve, with the highest usages found in both oppressive regimes and highly liberal contexts7. Although the study uses data prior to the Snowden revelations, research by the Pew Research Center shows that many Americans are less likely to discuss political issues on social media, specifically, the Snowden revelations, on public social forums8.

Intelliagg, a network security firm, recently did an analysis of anonymous Tor sites. According to their numbers, nearly a third of of sites accessible by .onion addresses (sites designed to be semi-anonymous and accessible only within the Tor network) did not contain illegal content9. I acknowledge the methodology for searching what they refer to as a Tor darknet, and how they classify both legal and illegal content, is questionable. Surely the search for hidden anonymous websites cannot be exhaustive. Still, the fact remains that there is still a considerable amount of content, not just on Tor, but on other anonymous networks such as FreeNet and I2P, that is not illegal. It may even be political speech, written by those afraid to speak their opinions publicly, even in progressive nations that profess to have freedom of speech.

In 2014, Tor suffered an attack in which a large number of malicious nodes were added to the network in an attempt to deanonymise users. In 2015, it was confirmed that Carnegie Mellon’s University (CMU) Software Engineer Institute was the group that led this attack on the behalf of the US Federal Government10. Tor developers do not believe the CMU were subpoenaed for this attack, but rather were paid for an operation that didn’t target specific individuals, but comprised the anonymity of all users on the Tor network11.

The Tor network seems to be under attack by the very same government that funded and created it. According to a survey by the Global Survey on Internet Security and Trust, 71% of global citizens say they want the “dark net” to be shut down12 (also showing that 71% of those surveyed are ignorance as to exactly what the dark net is and how abstract concepts cannot be shut down).

Tor is network for accessing systems on the Internet anonymously. Funded by entities of the American military and Department of Defense, the motivations for the Tor network’s existence are often called into question. Still, it is considered an essential component in anonymity on the Internet today.

With continued attacks by other arms of the same government, combined with harassment of Tor node operators, Tor still remains a strong network infrastructure. The attacks we see today do generate considerable media attention and noise, but do not seem to affect the long term strength and stability of the overall network. It may even be that the conflict about Tor is manufactured; enforced by one hand of the US government in order to drive knowledge, awareness and popularity of the service, allowing more covert operations to continue to use it for their own nefarious purposes. Although Tor is an important tool in the fight for privacy and against censorship, the attention that is drawn to it should be carefully scrutinized under a lens of discernment for the propaganda that it is.