Archive

The Tor talk at 31c3

And on a more cheerful note, I heard that Jake and Roger gave a really excellent talk about Tor at this year's CCC. And the CCC people have thoughtfully put it online! If you didn't see it, you might want to check it out. The talking begins at around 15:16, and the introduction is well worth watching too.

I'm also going to spend a while looking at the other presentations too. Right now the one at the top of the page is an ECC talk by Daniel Bernstein and Tanja Lange; I'm looking forward to having a little time to watch it, and a bunch of others I see there.

Happy new year, everyone!

update (1/1/15): "State of the Onion" is available for download now. You can find torrent and direct links in various formats on C3TV website.

Video: MP4 HD (torrent) - WEBM (torrent) - MP4 (torrent)
Audio: MP3 (torrent) - OPUS (torrent)

Some thoughts on Hidden Services

Hi! Nick here.

I ought to post my own responses to that Andy Greenberg article, too. (Especially since most everybody else around here is at 31c3 right now, or sick with the flu, or both.)

When I saw the coverage of the hidden services study that was presented at CCC today, I was reminded of the media fallout from that old study from the 1990s that "proved" that a ridiculously high fraction of the internet was pornography...by looking at Usenet*, and by counting newsgroups and bytes. (You might remember it; it was the basis of the delightful TIME Magazine "Cyberporn" cover.)

The 1990s researcher wasn't lying outright, but he and the press *were* conflating one question: "What fraction of Usenet groups are 'alt.sex' or 'alt.binaries' (file posting) groups" with two others: "What fraction of internet traffic is porn?" and "What fraction of internet-user hours are spent on porn?"

These are quite different things.

The presentation today focused on data about hidden service types and usage. Predictably, given the results from Biryukov, Pustogarov, Thill, and Weinmann, the researcher found that hidden services related to child abuse are only a small fraction of the total number of hidden service addresses on the network. And because of the way that hidden services work, traffic does not go through hidden service directories, but instead through rendezvous points (randomly chosen Tor nodes): so no relay that knows the hidden service's address will learn the actual amount of traffic transmitted. But, as previously documented, abusive services represent a disproportionate fraction of usage... if you're measuring usage with hidden service directory requests.

Why might that be?

First, some background. Basically, a Tor client makes a hidden service directory request the first time it visits a hidden service that it has not been to in a while. (If you spend hours at one hidden service, you make about 1 hidden service directory request. But if you spend 1 second each at 100 hidden services, you make about 100 requests.) Therefore, obsessive users who visit many sites in a session account for many more of the requests that this study measures than users who visit a smaller number of sites with equal frequency.

There are other confounding factors as well. Due to bugs in older Tor implementations, a hidden service that is unreliable (or completely unavailable) will get many, many more hidden service directory requests than a reliable one. So if any abuse sites are unusually unreliable, we'd expect their users to create a disproportionately large number of hidden service directory requests.

Also, a very large number of hidden service directory requests are probably not made by humans! See bug 13287: We don't know what's up with that. Could this be caused by some kind of anti-abuse organization running an automated scanning tool?

In any case, a methodology that looks primarily at hidden service directory requests will over-rate services that are frequently accessed from a Tor client that hasn't been there recently, and under-rate services that are used via tor2web, and so on. It also depends a lot on how hidden services are configured, how frequently Tor hidden service directories go up and down, and what times of day they change introduction points in comparison to what time of day their users tend to be awake.

The greater the number of distinct hidden services a person visits, and the less reliable those sites are, the more hidden service directory requests they will trigger.

Suppose 10 people use hidden services to look at conspiracy theories, 100 people use hidden services to buy Cuban cigars, and 1000 people use it for online chat.

But suppose that the average cigar purchaser visits only one or two sites to make purchases, and the average chat user joins one or two networks, whereas the average conspiracy theorist needs to visit several dozen forums and wikis.

Suppose also that the average Cuban cigar purchaser makes about two purchases a month, the average chat user logs in once a day, and the average conspiracy theorist spends 3 hours a day crawling the hidden web.

And suppose that conspiracy theory websites come and go frequently, whereas cigar sites and chat networks are more stable.

In this analysis, even though there are far more people buying cigars, users who use it for obsessive behavior that spans multiple unreliable hidden services will be far overrepresented in the count of hidden service directory requests than users who use it for activities done less frequently and across fewer services. So any comparison of hidden service directory request counts will say more about the behavioral differences of different types of users than about their relative numbers, or the amount of traffic they generated.

In conclusion, let's spend a minute talking about freedom and philosophy. Any system that provides security on the Internet will inevitably see some use by bad people that we'd rather not help at all. After all, cars are used for getaways, and window shades conceal all kinds of criminality. The only way to make a privacy tool that nobody abuses is to make it so weak that people aren't willing to touch it, or so unusable that nobody can figure it out.

Up till now, many of the early adopters for Tor hidden services have been folks for whom the risk/effort calculations have been quite extreme, since--as I'd certainly acknowledge--the system isn't terribly usable for the average person as it stands. Roger noted earlier that hidden services amount to less than 2% of our total traffic today. Given their privacy potential, I think that's not even close to enough. We've got to work over the next year or more to develop hidden services to the point where their positive impact is felt by the average netizen, whether they're publishing a personal blog for their friends, using a novel communications protocol more secure than email, or reading a news article based on information that a journalist received through an anonymous submission system. Otherwise, they'll remain a target for every kind of speculation, and every misunderstanding about them will lead people to conclude the worst about privacy online. Come lend a hand?

(Also, no offense to Andy on this: he is a fine tech reporter and apparently a fine person. And no offense to Dr. Owen, who explained his results a lot more carefully than they have been re-explained elsewhere. Now please forgive me, I'm off to write some more software and get some sleep. Please direct all media inquiries to the email of "press at torproject dot org".)

* Usenet was sort of like Twitter, only you could write paragraphs on it. ;)

Tor: 80 percent of ??? percent of 1-2 percent abusive.

Hi, Nick here.

Roger's at 31c3, so I'll post his statement about that article you might have seen:

Tor hidden service traffic, which Dr. Gareth Owen discussed in his talk this afternooon, is only 1.5% of all Tor traffic. Tor gets about 2 million users per day total.
The researcher ran a set of Tor relays for a six month period, and recorded how many times somebody attempted to look up a hidden service (this lookup is one of the steps in visiting a hidden service). Then at the end of that period, he scanned the hidden services he'd learned about, to find out what sort of content was on them.

Dr. Owen's data shows that there's a lot of churn in hidden services, so nearly all of the sites were gone by the time he did these scans. His graphs only show data about the sites that were still up many months later: so his data could either show a lot of people visiting abuse-related hidden services, or it could simply show that abuse-related hidden services are more long-lived than others. We can't tell from the data.

Without knowing how many sites disappeared before he got around to looking at them, it's impossible to know what percentage of fetches went to abuse sites.

There are important uses for hidden services, such as when human rights activists use them to access Facebook or to blog anonymously. These uses for hidden services are new and have great potential.

PS: Law enforcement agencies use Tor to stay anonymous while they catch bad guys. Law enforcement agencies use and run hidden services, too.

More info to follow.

Tor Weekly News — December 24th, 2014

Welcome to the fifty-first issue in 2014 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Stem 1.3 is out

“After months down in the engine room”, Damian Johnson announced version 1.3 of Stem, the Tor controller library written in Python. Among the many improvements in this release, Damian singled out the new set of controller methods for working with hidden services, as well as the 40% increase in descriptor parsing speed.

Please see the changelog for full details of all the new features.

Miscellaneous news

The team of researchers working on the collection of hidden service statistics asked relay operators for help by enabling these statistics on their relays in the coming days and weeks. They included a step-by-step tutorial for enabling this feature, which has recently been merged into Tor’s main branch.

Building on Andrea Shepard’s recently-merged work on global cell scheduling, Nick Mathewson announced that the KIST socket management algorithm proposed earlier this year to reduce congestion in the Tor network is now “somewhat implemented” for Linux. You can follow the testing and reviews on the associated ticket.

Nick also asked for feedback on the proposal to increase the interval at which Tor relays report their bandwidth usage statistics from fifteen minutes to four hours : “Will this break anything you know about?”

Moritz Bartl invited Tor relay operators to a meet-up at the upcoming Chaos Communication Congress in Hamburg: “We will do quick presentations on recent and future activities around Torservers.net, talk about events relevant to the Tor relay community, and what lies ahead.”

Thanks to Thomas White for keeping the community updated following a brief period of suspicious activity around his exit relays and Onionoo application mirrors!

This week in Tor history

A year ago this week, Tor Browser hit version 3.5, bringing with it a pioneering deterministic build system that set a new standard in software distribution security, and has since drawn interest from many other projects, including the Debian operating system. It also laid the long-obsolete Vidalia graphical controller to rest, replacing it with the faster, sleeker Tor Launcher. The privacy-preserving browser is now approaching version 4.5, and users can look forward to a security slider offering finer-grained tuning of security preferences, as well as features that restore some of Vidalia’s circuit-visualization capabilities.


This issue of Tor Weekly News has been assembled by Harmony and Karsten Loesing.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Stem Release 1.3

in

Greetings wonderful people of the world! After months down in the engine room I'm delighted to announce the 1.3.0 release of Stem.

For those who aren't familiar with it, Stem is a Python library for interacting with Tor. With it you can script against your relay, descriptor data, or even write applications similar to arm and Vidalia.

https://stem.torproject.org/

So what's new in this release?


Better Hidden Service Support

Now it's easier than ever to spin up hidden services!

Thanks to contributions from Federico Ceratto and Patrick O'Doherty we now have a set of methods specifically for working with hidden services. Check it out in our new tutorial...

Over the River and Through the Wood


Faster Descriptor Parsing

This release dramatically improves the speed at which Stem can parse decriptors. Thanks to optimizations from Nick Mathewson and Ossi Herrala we can now read descriptors 40% faster!


This is just the tip of the iceberg. For a full rundown on the myriad of improvements and fixes in this release see...

https://stem.torproject.org/change_log.html#version-1-3

Cheers! -Damian

Possible upcoming attempts to disable the Tor network

The Tor Project has learned that there may be an attempt to incapacitate our network in the next few days through the seizure of specialized servers in the network called directory authorities. (Directory authorities help Tor clients learn the list of relays that make up the Tor network.) We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use.

We hope that this attack doesn't occur; Tor is used by many good people. If the network is affected, we will immediately inform users via this blog and our Twitter feed @TorProject, along with more information if we become aware of any related risks to Tor users.

The Tor network provides a safe haven from surveillance, censorship, and computer network exploitation for millions of people who live in repressive regimes, including human rights activists in countries such as Iran, Syria, and Russia. People use the Tor network every day to conduct their daily business without fear that their online activities and speech (Facebook posts, email, Twitter feeds) will be tracked and used against them later. Millions more also use the Tor network at their local internet cafe to stay safe for ordinary web browsing.

Tor is also used by banks, diplomatic officials, members of law enforcement, bloggers, and many others. Attempts to disable the Tor network would interfere with all of these users, not just ones disliked by the attacker.

Every person has the right to privacy. This right is a foundation of a democratic society. For example, if Members of the British Parliament or US Congress cannot share ideas and opinions free of government spying, then they cannot remain independent from other branches of government. If journalists are unable to keep their sources confidential, then the ability of the press to check the power of the government is compromised. If human rights workers can't report evidence of possible crimes against humanity, it is impossible for other bodies to examine this evidence and to react. In the service of justice, we believe that the answer is to open up communication lines for everyone, securely and anonymously.

The Tor network provides online anonymity and privacy that allow freedom for everyone. Like freedom of speech, online privacy is a right for all.

[Update Monday Dec 22: So far all is quiet on the directory authority front, and no news is good news.]
[Update Sunday Dec 28: Still quiet. This is good.]

Tor Weekly News — December 17th, 2014

Welcome to the fiftieth issue in 2014 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Solidarity against online harassment

Following “a sustained campaign of harassment” directed at a core Tor developer over the past few months, the Tor Project published a statement in which it declared “support for her, for every member of our organization, and for every member of our community who experiences this harassment”: “In categorically condemning the urge to harass, we mean categorically: we will neither tolerate it in others, nor will we accept it among ourselves. We are dedicated to both protecting our employees and colleagues from violence, and trying to foster more positive and mindful behavior online ourselves… We are working within our community to devise ways to concretely support people who suffer from online harassment; this statement is part of that discussion. We hope it will contribute to the larger public conversation about online harassment and we encourage other organizations to sign on to it or write one of their own.”

As of this writing, there are 448 signatories to the statement, including Tor developers and community members, academics, journalists, lawyers, and many others who are lending their support to this movement in its early stages. If you want to add your name to the list, please send an email to tor-assistants@lists.torproject.org.

Tails 1.2.2 is out

The Tails team announced a pointfix release of the amnesic live operating system. The only difference between this version and the recent 1.2.1 release is that the automatic Tails Updater now expects a different certificate authority when checking for a new Tails version. As the team explained, “On January 3rd, the SSL certificate of our website hosting provider, boum.org, will expire. The new certificate will be issued by a different certificate authority […] As a consequence, versions previous to 1.2.2 won’t be able to do the next automatic upgrade to version 1.2.3 and will receive an error message from Tails Upgrader when starting Tails after January 3rd”.

This, along with a bug that prevents automatic updates from 1.2.1 to 1.2.2, means that all Tails users will need to upgrade manually: either to version 1.2.2 before January 3rd or (if for some reason that is not possible) to version 1.2.3 following its release on January 14th. Please see the team’s post for more details and download instructions.

Miscellaneous news

George Kadianakis, Karsten Loesing, Aaron Johnson, and David Goulet requested feedback on the design and code they have developed for the Tor branch that will enable the collection of statistics on Tor hidden services, hoping to answer the questions “Approximately how many hidden services are there?” and “Approximately how much traffic in the Tor network is going to hidden services?”: “Our plan is that in approximately a week we will ask volunteers to run the branch. Then in a month from now we will use those stats to write a blog post about the approximate size of Tor hidden services network and the approximate traffic it’s pushing.” Please join in with your comments on the relevant ticket!

Philipp Winter announced an early version of “zoossh”, which as the name implies is a speedy parser written in Go that will help to “detect sybils and other anomalies in the Tor network” by examining Tor’s archive of network data. While it is not quite ready for use, “I wanted folks to know that I’m working on that and I’m always happy to get feedback and patches.”

Yawning Angel announced the existence of “basket”, a “stab at designing something that significantly increases Tor’s resistance to upcoming/future attacks”, combining post-quantum cryptographic primitives with “defenses against website fingerprinting (and possibly end-to-end correlation) attacks”. You can read full details of the cryptographic and other features of “basket” in Yawning’s post, which is replete with warnings against using the software at this stage: “It’s almost at the point where brave members of the general public should be aware that it exists as a potential option in the privacy toolbox… [but] seriously, unless you are a developer or researcher, you REALLY SHOULD NOT use ‘basket’.” If you are gifted or foolhardy enough to ignore Yawning’s advice and test “basket” for yourself, please let the tor-dev mailing list know what you find.

Sukhbir Singh and Arlo Breault requested feedback on an alpha version of Tor Messenger. It is an instant messaging client currently under development that intends to send all traffic over Tor, use Off-the-Record (OTR) encryption of conversations by default, work with a wide variety of chat networks, and have an easy-to-use graphical user interface localized into multiple languages.

TheCthulhu announced that his mirrors of two Tor network tools are now available over Tor hidden services. Globe can be accessed via http://globe223ezvh6bps.onion and Atlas via http://atlas777hhh7mcs7.onion. The mirrors provided by the Cthulhu run on their own instance of Onionoo, so in the event that the primary sites hosted by Tor Project are offline, both of these new mirrors should still be available for use either through the new hidden services or through regular clearnet access.

The Tails team published a signed list of SHA256 hashes for every version of Tails (and its predecessor, amnesia) that it had either built or verified at the time of release.

Vlad Tsyrklevich raised the issue of the discoverability risk posed to Tor bridges by the default setting of their ORPorts to 443 or 9001. Using data from Onionoo and internet-wide scans, Vlad found that “there are 4267 bridges, of which 1819 serve their ORPort on port 443 and 383 serve on port 9001. That’s 52% of tor bridges. There are 1926 pluggable-transports enabled bridges, 316 with ORPort 443 and 33 with ORPort 9001. That’s 18% of Tor bridges… I realized I was also discovering a fair amount of private bridges not included in the Onionoo data set.” Vlad recommended that operators be warned to change their ORPorts away from the default; Aaron Johnson suggested possible alternative solutions, and Philipp Winter remarked that while bridges on port 443 “would easily fall prey to Internet-wide scanning”, “they would still be useful for users behind captive portals” and other adversaries that restrict connections to a limited range of ports.

Alden Page announced that development will soon begin on a free-software tool to counteract “stylometry” attacks, which attempt to deanonymize the author of a piece of text based on their writing style alone. “I hope you will all agree that this poses a significant threat to the preservation of the anonymity of Tor users”, wrote Alden. “In the spirit of meeting the needs of the privacy community, I am interested in hearing what potential users might have to say about the design of such a tool.” Please see Alden’s post for further discussion of stylometry attacks and the proposed countermeasures, and feel free to respond with your comments or questions.

Tor help desk roundup

Because Tor Browser prevents users from running it as root, Kali Linux users starting Tor Browser will see an error message saying Tor should not be run as root.

In Kali, all userspace software runs as root by default. To run Tor Browser in Kali Linux, create a new user account just for using Tor Browser. Unpack Tor Browser and chown -R your whole Tor Browser directory. Run Tor Browser as your created Tor Browser user account.


This issue of Tor Weekly News has been assembled by Harmony, TheCthulhu, Matt Pagan, Arlo Breault, and Karsten Loesing.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Solidarity against online harassment

One of our colleagues has been the target of a sustained campaign of harassment for the past several months. We have decided to publish this statement to publicly declare our support for her, for every member of our organization, and for every member of our community who experiences this harassment. She is not alone and her experience has catalyzed us to action. This statement is a start.

The Tor Project works to create ways to bypass censorship and ensure anonymity on the Internet. Our software is used by journalists, human rights defenders, members of law enforcement, diplomatic officials, and many others. We do high-profile work, and over the past years, many of us have been the targets of online harassment. The current incidents come at a time when suspicion, slander, and threats are endemic to the online world. They create an environment where the malicious feel safe and the misguided feel justified in striking out online with a thousand blows. Under such attacks, many people have suffered — especially women who speak up online. Women who work on Tor are targeted, degraded, minimized and endure serious, frightening threats.

This is the status quo for a large part of the internet. We will not accept it.

We work on anonymity technology because we believe in empowering people. This empowerment is the beginning and a means, not the end of the discussion. Each person who has power to speak freely on the net also has the power to hurt and harm. Merely because one is free to say a thing does not mean that it should be tolerated or considered reasonable. Our commitment to building and promoting strong anonymity technology is absolute. We have decided that it is not enough for us to work to protect the world from snoops and censors; we must also stand up to protect one another from harassment.

It's true that we ourselves are far from perfect. Some of us have written thoughtless things about members of our own community, have judged prematurely, or conflated an idea we hated with the person holding it. Therefore, in categorically condemning the urge to harass, we mean categorically: we will neither tolerate it in others, nor will we accept it among ourselves. We are dedicated to both protecting our employees and colleagues from violence, and trying to foster more positive and mindful behavior online ourselves.

Further, we will no longer hold back out of fear or uncertainty from an opportunity to defend a member of our community online. We write tools to provide online freedom but we don't endorse online or offline abuse. Similarly, in the offline world, we support freedom of speech but we oppose the abuse and harassment of women and others. We know that online harassment is one small piece of the larger struggle that women, people of color, and others face against sexism, racism, homophobia and other bigotry.

This declaration is not the last word, but a beginning: We will not tolerate harassment of our people. We are working within our community to devise ways to concretely support people who suffer from online harassment; this statement is part of that discussion. We hope it will contribute to the larger public conversation about online harassment and we encourage other organizations to sign on to it or write one of their own.

For questions about Tor, its work, its staff, its funding, or its world view, we encourage people to directly contact us (Media contact: Kate Krauss, press @ torproject.org). We also encourage people join our community and to be a part of our discussions:
https://www.torproject.org/about/contact
https://www.torproject.org/docs/documentation#MailingLists



In solidarity against online harassment,

Roger Dingledine
Nick Mathewson
Kate Krauss
Wendy Seltzer
Caspar Bowden
Rabbi Rob Thomas
Karsten Loesing
Matthew Finkel
Griffin Boyce
Colin Childs
Georg Koppen
Tom Ritter
Erinn Clark
David Goulet
Nima Fatemi
Steven Murdoch
Linus Nordberg
Arthur Edelstein
Aaron Gibson
Anonymous Supporter
Matt Pagan
Philipp Winter
Sina Rabbani
Jacob Appelbaum
Karen Reilly
Meredith Hoban Dunn
Moritz Bartl
Mike Perry
Sukhbir Singh
Sebastian Hahn
Nicolas Vigier
Nathan Freitas
meejah
Leif Ryge
Runa Sandvik
Andrea Shepard
Isis Agora Lovecruft
Arlo Breault
Ásta Helgadóttir
Mark Smith
Bruce Leidl
Dave Ahmad
Micah Lee
Sherief Alaa
Virgil Griffith
Rachel Greenstadt
Andre Meister
Andy Isaacson
Gavin Andresen
Scott Herbert
Colin Mahns
John Schriner
David Stainton
Doug Eddy
Pepijn Le Heux
Priscilla Oppenheimer
Ian Goldberg
Rebecca MacKinnon
Nadia Heninger
Cory Svensson
Alison Macrina
Arturo Filastò
Collin Anderson
Andrew Jones
Eva Blum-Dumontet
Jan Bultmann
Murtaza Hussain
Duncan Bailey
Sarah Harrison
Tom van der Woerdt
Jeroen Massar
Brendan Eich
Joseph Lorenzo Hall
Jean Camp
Joanna Rutkowska
Daira Hopwood
William Gillis
Adrian Short
Bethany Horne
Andrea Forte
Hernán Foffani
Nadim Kobeissi
Jakub Dalek
Rafik Naccache
Nathalie Margi
Asheesh Laroia
Ali Mirjamali
Huong Nguyen
Meerim Ilyas
Timothy Yim
Mallory Knodel
Randy Bush
Zachary Weinberg
Claudio Guarnieri
Steven Zikopoulos
Michael Ceglar
Henry de Valence
Zachariah Gibbens
Jeremy M. Harmer
Ilias Bartolini
René Pfeiffer
Percy Wegmann
Tim Sammut
Neel Chauhan
Matthew Puckey
Taylor R Campbell
Klaus Layer
Colin Teberg
Jeremy Gillula
Will Scott
Tom Lowenthal
Rishab Nithyanand
Brinly Taylor
Craig Colman-Shepherd
A. Lizard
M. C. McGrath
Ross MacDonald
Esra'a Al Shafei
Gulnara Yunusova
Ben Laurie
Christian Vandrei
Tanja Lange
Markus Kitsinger
Harper Reed
Mark Giannullo
Alyssa Rowan
Daniel Gall
Kathryn Cramer
Camilo Galdos AkA Dedalo
Ralf-Philipp Weinmann
Miod Vallat
Carlotta Negri
Frederic Jacobs
Susan Landau
Jan Weiher
Donald A. Byrd
Jesin A.
Thomas Blanchard
Matthijs Pontier
Rohan Nagel
Cyril Brulebois
Neal Rauhauser
Sonia Ballesteros Rey
Florian Schmitt
Abdoulaye Bah
Simone Basso
Charlie Smith
Steve Engledow
Michael Brennan
Jeffrey Landale
Sophie Toupin
Dana Lane Taylor
Nagy Gabor
Shaf Patel
Augusto Amaral
Robin Molnar
Jesús Cea Avión
praxis journal
Jens Stomber
Noam Roberts
Ken Arroyo Ohori
Brian Kroll
Shawn Newell
Rasmus Vuori
Alexandre Guédon
Seamus Tuohy
Virginia Lange
Nicolas Sera-Leyva
Jonah Silas Sheridan
Ross McElvenny
Aaron Zauner
Christophe Moille
Micah Sherr
Gabriel Rocha
Yael Grauer
Kenneth Freeman
Dennis Winter
justaguy
Lee Azzarello
Zaki Manian
Aaron Turner
Greg Slepak
Ethan Zuckerman
Pasq Gero
Pablo Suárez-Serrato
Kerry Rutherford
Andrés Delgado
Tommy Collison
Dan Luedders
Flávio Amieiro
Ulrike Reinhard
Melissa Anelli
Bryan Fordham
Nate Perkins
Jon Blanchard
Jonathan Proulx
Bunty Saini
Daniel Crowley
Matt Price
Charlie McConnell
Chuck Peters
Ejaz Ahmed
Laura Poitras
Benet Hitchcock
Dave Williams
Jane Avriette
Renata Avila
Sandra Ordonez
David Palma
Andre N Batista
Steve Bellovin
James Renken
Alyzande Renard
Patrick Logan
Rory Byrne
Holly Kilroy
Phillipa Gill
Mirimir
Leah Carey
Josh Steiner
Benjamin Mako Hill
Nick Feamster
Dominic Corriveau
Adrienne Porter Felt
str4d
Allen Gunn
Eric S Johnson
Hanno Wagner
Anders Hansen
Alexandra Stein
Tyler H. Meers
Shumon Huque
James Vasile
Andreas Kinne
Johannes Schilling
Niels ten Oever
David W. Deitch
Dan Wallach
Jon Penney
Starchy Grant
Damon McCoy
David Yip
Adam Fisk
Jon Callas
Aleecia M. McDonald
Marina Brown
Wolfgang Britzl
Chris Jones
Heiko Linke
David Van Horn
Larry Brandt
Matt Blaze
Radek Valasek
skruffy
Galou Gentil
Douglas Perkins
Jude Burger
Myriam Michel
Jillian York
Michalis Polychronakis
SilenceEngaged
Kostas Jakeliunas
Sebastiaan Provost
Sebastian Maryniak
Clytie Siddall
Claudio Agosti
Peter Laur
Maarten Eyskens
Tobias Pulls
Sacha van Geffen
Cory Doctorow
Tom Knoth
Fredrik Julie Andersson
Nighat Dad
Josh L Glenn
Vernon Tang
Jennifer Radloff
Domenico Lupinetti
Martijn Grooten
Rachel Haywire
eliaz
Christoph Maria Sommer
J Duncan
Michael Kennedy Brodhead
Mansour Moufid
Melissa Elliott
Mick Morgan
Brenno de Winter
George Scriban
Ryan Harris
Ricard S. Colorado
Julian Oliver
Sebastian "bastik" G.
Te Rangikaiwhiria Kemara
Koen Van Impe
Kevin Gallagher
Sven "DrMcCoy" Hesse
Pavel Schamberger
Phillip M. Pether
Joe P. Lee
Stephanie Hyland
Maya Ganesh
Greg Bonett
Amadou Lamine Badji
Vasil Kolev
Jérémie Zimmermann
Cally Gordon
Hakisho Nukama
Daniel C Howe
Douglas Stebila
Jennifer Rexford
Nayantara Mallesh
Valeria de Paiva
Tim Bulow
Meredith Whittaker
Max Hunter
Maja Lampe
Thomas Ristenpart
Lisa Wright
August Germar
Ronald Deibert
Harlan Lieberman-Berg
Alan L. Stewart
Alexander Muentz
Erin Benson
Carmela Troncoso
David Molnar
Holger Levsen
Peter Grombach
John McIntyre
Lisa Geelan
Antonius Kies
Jörg Kruse
Arnold Top
Vladimir G. Ivanovic
Ahmet A. Sabancı
Henriette Hofmeier
Ethan Heilman
Daniël Verhoeven
Alex Shepard
Max Maass
Ed Agro
Andrew Heist
Patrick McDonald
Lluís Sala
Laurelai Bailey
Ghost
José Manuel Cerqueira Esteves
Fabio Pietrosanti
Cobus Carstens
Harald Lampesberger
Douwe Schmidt
Sascha Meinrath
C. Waters
Bruce Schneier
George Danezis
Claudia Diaz
Kelley Misata
Denise Mangold
Owen Blacker
Zach Wick
Gustavo Gus
Alexander Dietrich
Frank Smyth
Dafne Sabanes Plou
Steve Giovannetti
Grit Hemmelrath
Masashi Crete-Nishihata
Michael Carbone
Amie Stepanovich
Kaustubh Srikanth
arlen
Enrique Piracés
Antoine Beaupré
Daniel Kahn Gillmor
Richard Johnson
Ashok Gupta
Alex Halderman
Brett Solomon
Raegan MacDonald
Joseph Steele
Marie Gutbub
Valeria Betancourt
Konstantin Müller
Emma Persky
Steve Wyshywaniuk
Tara Whalen
Joe Justen
Susan Kentner
Josh King
Juha Nurmi
John Saylor
Jurre van Bergen
Saedu Haiza
Anders Damsgaard
Sadia Afroz
Nat Meysenburg
x3j11
Julian Assange
Skyhighatrist
Dan Staples
Grady Johnson
Matthew Green
Cameron Williams
Roy Johnson
Laura S Potter-Brown
Meredith L. Patterson
Casey Dunham
Raymond Johansen
Kieran Thandi
Jason Gulledge
Matt Weeks
Khalil Sehnaoui
Brennan Novak
Casey Jones
Jesse Victors
Peter DeChristo
Nick Black
Štefan Gurský
Glenn Greenwald
hinterland3r
Russell Handorf
Lisa D Lowe
Harry Halpin
Cooper Quintin
Mark Burdett
Conrad Corpus
Steve Revilak
Nate Shiff
Annie Zaman
Matthew Miller (Fedora Project)
David Fetter
Gabriella Biella Coleman
Ryan Lackey
Peter Clemenko
Serge Egelman
David Robinson
Sasa Savic
James McWilliams
Arrigo Triulzi
Kevin Bowen
Kevin Carson
Sajeeb Bhowmick
Dominik Rehm
William J. Coldwell
Niall Madhoo
Christoph Mayer
Simone Fischer-Hübner
George W. Maschke
Jens Kubieziel
Dan Hanley
Robin Jacks
Zenaan Harkness
Pete Newell
Aaron Michael Johnson
Kitty Hundal
Sabine "Atari-Frosch" Engelhardt
Wilton Gorske
Lukas Lamla
Kat Hanna
Polly Powledge
Sven Guckes
Georgia Bullen
Vladan Joler
Eric Schaefer
Ly Ngoc Quan Ly
Martin Kepplinger
Freddy Martinez
David Haren
Simon Richter
Brighid Burns
Peter Holmelin
Davide Barbato
Neil McKay
Joss Wright
Troy Toman
Morana Miljanovic
Simson Garfinkel
Harry Hochheiser
Malte Dik
Tails project
„nuocu
Kurt Weisman
BlacquePhalcon
Shaikh Rafia
Olivier Brewaeys
Sander Venema
James Murphy
Chris "The Paucie" Pauciello
Syrup-tan
Brad Parfitt
Jerry Whiting
Massachusetts Pirate Party
András Stribik
Alden Page
Juris Vetra
Zooko Wilcox-O'Hearn
Marcel de Groot
Ryan Henry
Joy Lowell
Guilhem Moulin
Werner Jacob
Tansingh S. Partiman
Bryce Alexander Lynch
Robert Guerra
John Tait
Sebastian Urbach
Atro Tossavainen
Alexei Czeskis
Greg Norcie
Greg Metcalfe
Benjamin Chrobot
Lorrie Faith Cranor
Jamie D. Thomas
EJ Infeld
Douglas Edwards
Cody Celine
Ty Bross
Matthew Garrett
Sam P.
Vidar Waagbø
Raoul Unger
Aleksandar Todorović
John Olinda
Graham Perkins
Casa Casanova
James Turnbull
Eric Hogue
Jacobo Nájera
Ben Adida


If you would like to be on this list of signers (please do — you don't have to be a part of Tor to sign on!), please reach us at tor-assistants @ torproject.org.

Syndicate content