Over the past year, we have received many requests for us to accept bitcoin donations. After careful consideration and research, we are thrilled to announce that effective today The Tor Project is accepting bitcoin donations. In partnership with Bitpay, bitcoins can easily and directly be donated to support Tor’s ongoing mission of being the global resource for privacy technology advocacy, research and education in the ongoing pursuit of freedom of speech, privacy rights online, and censorship circumvention. Check out our donations page now. Bitcoin donations received by The Tor Project will be converted directly to US Dollars.
Our decision to accept bitcoins has been well thought out and researched from a financial accounting perspective with an eye on passing our required annual A-133 audit. We believe we are the first US 501(c)3 non-profit organization to test acceptance of bitcoins and attempt to pass the US Government A-133 Audit Standard. Our 2013 audit results, along with our past financial documents, will be made available on our website once complete in 2014.
Why is this important? The Tor Project needs your donations to continue our mission and to keep the Tor suite of technologies ahead with the growing threats to privacy and anonymity around the world. Your donation made TODAY, through bitcoin, Paypal, Amazon Payments, Givv.org, checks, money orders or bank transfers, will provide greater security and privacy for millions around the world who use Tor every day.
Help us continue our mission!
Due to several requests received today from members of the press community and others we felt it was in the best interest of time and consistency to provide a statement regarding today's developments and stories surrounding the NSA Prism surveillance program.
The Tor Project is a nonprofit 501(c)(3) organization dedicated to providing tools to help people manage their privacy on the Internet. Beyond our free, open source technology and extensive research we actively foster important conversations with many global organizations in order to help people around the world understand the value of privacy and anonymity online. As a result, members of the core Tor team and the greater Tor community are out in the world sharing knowledge and insights with countless individuals every day - many times handing out free Tor stickers; with no donation requested or expected. Edward Snowden, like tens of thousands of people, put Tor stickers on their devices. He likely got it at a conference from one of us in the past year.
Today, as always, the team at Tor remains committed to building innovative, sustainable technology solutions to help keep the doors to freedom of expression open.
For more on our view on this situation visit also our blog post:
For further questions please contact us at email@example.com.
On July 5 and 6 we are holding an open hackfest at the Università degli Studi di Firenze in Florence, Italy.
Please attend if you have some interest in programming, advocacy, marketing, or (network security/anonymity/computer science/etc) research with Tor, or are willing to be persuaded to entertain an interest. :) Tor's a small project (in terms of number of developers) that could really use your help.
The majority language will be English, but there will be some Italian speakers at the hackfest.
More details can be found on the Florence Hackfest wiki page.
See you in Florence!
Our progress report for March 2012 is now available. Highlights include lots and lots of metrics work, bridge infrastructure work, new tor alpha release, support queue stats, and some press and speaking slots.
Available as a pdf with full color graphs, https://archive.torproject.org/monthly-report-archive/2012-March-Monthly...
or as a plain text file for portability and readability, https://archive.torproject.org/monthly-report-archive/2012-March-Monthly...
The Tor network is run by volunteers, and for the most part is entirely independent of the software development effort led by The Tor Project, Inc. While The Tor Project, Inc is a 501(c)3 non-profit that is happy to take donations to create more and better software, up until recently there was no way for you to fund deployment of more relays to improve network capacity and performance, aside from running those relays yourself.
Noisebridge is a US 501(c)3 non-profit, which means that for US citizens, donations are tax deductible. Torservers.net is a German non-profit organization whose donations are tax deductible for German citizens (and also potentially for citizens of other EU member states).
What are the pluses and minuses of donating as opposed to running your own relay? Glad you asked!
While it is relatively easy and risk-free to run a middle relay or a bridge, running an exit can be tough. You have to seek out a friendly ISP, explain Tor to them, and then navigate a laundry list of Internet bureaucracies to ensure that when abuse happens, the burden of answering complaints falls upon you and not your ISP.
These barriers are all made easier the larger your budget is. On top of this, like most things, bandwidth is cheaper in bulk. But not just Costco cheaper: exponential-growth cheaper, all the way up into the gigabit range (and perhaps beyond, but no one has run a Tor node on anything faster).
At these scales, large exit nodes can pay as little as $1/mo per dedicated megabit/second. Sometimes less. This means that adding $30/mo to the hosting budget of a large exit node can buy almost 40 times more full-duplex dedicated bandwidth than a similarly priced business upgrade to your home ADSL line would buy, and about 50 times more bandwidth than Amazon EC2 instances at the entry-level price of $0.08 per half-duplex gigabyte, not counting CPU costs. (Bridge economics in terms of IP address space availability might still favor Amazon EC2, but that is a different discussion).
The downside to donation is that network centralization can lead to a more fragile and a more observable network. If these nodes fail, the network will definitely feel the performance loss. In terms of observability, fewer nodes also means that fewer points of surveillance are required to deanonymize users (though some argue that more users will make such surveillance less reliable, no one has yet rigorously quantified that result against actual attacks).
Therefore, if you are able to run a high capacity relay or exit yourself (or have access to cheap/free/unused bandwidth at your work/school), running your own relay is definitely preferred. If you are part of the Tor community and want to accept donations, we'd love to add you to our recommended donor list. Please join us on the tor-relays mailing list to discuss node configuration and setup.
However, if configuring and maintaining a high capacity relay is not for you, donating a portion of the monthly hosting budgets of either of these organizations is an excellent way to support anonymity, privacy, and censorship circumvention for very large numbers of people.
What do you use Tor for? Why do you need it? What has Tor done for you? We need your stories.
We have plenty of practice explaining how Tor works, from technical specifications, design documents, academic papers, and popular presentation. And of course, the code is all open-source.
But explaining why Tor is important is more of a challenge. We can speak in the abstract about the importance of free speech and privacy on the internet, but no abstract statement is quite so persuasive as a real-world example.
We know these examples are out there. We regularly hear from vulnerable populations and people who need to cope with surveillance. We are approached by people who need Tor to stay safe at work, whether they are going after criminals on behalf of their governments, or going after the criminals who run their governments, or just regular people trying to preserve their privacy.
But naturally, most of these stories are ones that we don't have permission to share. After all, it would hardly be in keeping with our pro-privacy beliefs to publish tech-support requests!
Similarly, because we don't gather sensitive data on our network, we cannot (as some networks do) publish regular reports on what kinds of uses we are seeing. (We do not collect this data because we believe that a privacy network should put privacy foremost, and that the best way to protect people's information is not to collect it in the first place.) This is fantastic when it comes to protecting users against advertisers, censors, miscellaneous snoops, and the secret police of authoritarian regimes. But it isn't working out so well when we are asked by donors and other potential allies who want to know what supporting Tor means in less technical terms.
Furthermore, we work on Tor because everybody has the right to their own voice. So while this is on the one hand a plea for information we can use to tell the world about the importance of what we're accomplishing (and try to get donations to do more of it), it's also a request born of the notion that nobody is more qualified to tell your own story than you are.
So, please send us your stories so we can share them with the world. If email works, you can send it to firstname.lastname@example.org, subject line "Why I Use Tor". And of course, you can just post a comment here.
We won't use names, but if too many details can reveal who you are, please err on the side of caution. There is no point in responding to our request if it puts you in danger. That said: why do you use Tor? Whether you use it to look at cute cats or political blogs, we'd like to know. And since we designed Tor with privacy in mind, we can't know unless you tell us.
The June 2011 progress report is at the bottom of this post and at https://blog.torproject.org/files/2011-June-Monthly-Report.pdf.
Highlights include ECC improvements, updated translations, software releases, arm progress, vidalia updates, and thandy progress.
The May 2011 progress report is available at the bottom of this post and at https://blog.torproject.org/files/2011-May-Monthly-Report.pdf.
Highlights include an experimental tor release, experimental vidalia release, some timing attack resistance work, some ECC work, updates on obfsproxy, and a datagram protocol comparison.
Thank you to all who showed up for the hackfest at MIT on Saturday the 19th. Roughly 50 people attended the event at some point throughout the day. People traveled from the local area, Maine, New York, Connecticut, and one person rearranged their flights from California to hack with us. The free pizza, drinks, and donuts were provided to all thanks to some generous attendees.
And a final thank you to the Center for Future Civic Media who once again offered the facilities and support for our hackfest.
Now that you've met us, are interested in helping the world, and want to learn more, here are some ideas on getting involved: http://www.torproject.org/getinvolved/volunteer
Updated 06/30/2010: Mention Reduced Exit Policy, ISP Shopping Tips, and Abuse Response Templates
Updated 08/30/2010: Update exit policy with svn, git, hg, Kerberos, remote admin panels, IRC, others
Updated 01/12/2011: Suggest creation of LLC for large exit nodes, provide links to ARIN forms and process.
Updated 02/25/2015: Torservers.net abuse templates URL has changed.
I have noticed that a lot of new exit nodes have recently appeared on the network. This is great news, since exit nodes are typically on the scarce side. Exits usually occupy 30-33% of network by capacity, but are currently at a whopping 38.5% (156 MBytes/sec out of 404 total).
However, I want to make sure that these nodes stay up and don't end up being shut down due to easily preventable abuse complaints. I've run a number of exit nodes on a few different ISPs and not only have I lived to tell about it, I've have not had one shut down yet. Moreover, I've only received about 4 abuse complaints in as many years of running exit nodes. This is in stark contrast to other node operators following a more reactive strategy. I'm convinced this is largely because I observe the following pro-active guidelines. This guide is primarily US centric. Operators in other countries may have slightly different best practices (such as registering with RIPE and not ARIN). read more »