Support the Tor Project 2016!

Today the Tor Project launches our end-of-year crowdfunding campaign, themed "Tor: at the Heart of Internet Freedom." This is part of our initiative to diversify our funding sources and improve our communications with you, our contributors and supporters. We're using the open-source membership platform CiviCRM to help us manage things, and donors should receive thank-you notes and swag in a timely fashion.

The Tor Project has been around for ten years, making tools that promote and protect the essential human rights of people around the world. Our work protects activists from persecution, whistleblowers from retribution, and vulnerable and marginalized people from further attacks and isolation.

The need for Tor is greater than ever.

Surveillance and censorship harm our freedom to exchange ideas, connect with our families and friends, and improve our lives--matters of the head...and the heart.

The Tor Project is more than a software organization. Tor is a labor of love by an international community passionate about preserving your freedom to express yourself fearlessly and keep private things private.

As another year comes to a close, won't you join us as we provide anonymizing technologies crucial to protecting our human rights? Please support this important work by making a tax-deductible donation now:

Here are some of the things we've accomplished over the last year, thanks in part to donations from our community:

· Updated and released over a dozen stable versions of the Tor Browser, a critical tool for securely and anonymously accessing the Tor Network and all Internet websites, to add features and fix bugs in coordination with new releases of Mozilla Firefox.

· Added additional Pluggable Transports (PTs) to the Tor Browser, making it easier for users under repressive governments to connect to the Tor network and bypass censorship.

· Improved the security and performance of the core Tor program, the underlying proxy software that Tor Browser uses to protect your traffic.

· Researched post-quantum cryptography alternatives for deployment to ensure the security of our systems into the future.

· Upgraded our cryptographic backends to ensure that Tor can provide the widest number of supported cryptographic algorithms, as well as support platform specific implementations.

· Strengthened our external community by ramping up work on better user support and documentation, including a new Tor Browser manual.

· Strengthened our internal community by coming together around the Tor Social Contract, which affirms our commitment to our beliefs, including our promise to never put backdoors into Tor.

· Grew the Community Team to build the network of people around the world doing Tor outreach and to provide them with training resources.

· Empowered people in Brazil, Russia, Turkey, and other countries suffering from increased censorship in 2016.

· Improved GetTor, helping more people who live under oppressive censorship regimes to easily access the Tor Browser and other vital information.

· Released the public beta of OONI Explorer, a global map of Internet censorship (and how well Tor circumvents it) in over 100 countries over the last three years.

· Made great progress toward next-generation Onion Services, including deployment throughout the Debian infrastructure, and tools like OnionBalance, a server tool that helps improve the stability and availability of popular Onion Services.

· Conducted an informal review of our major bugs from the last few years to look for trends and patterns to help us use our time and resources more effectively to write our code more safely over the coming years.

· Served as a founding partner in a Day of Action protesting changes to Rule 41 of the US Federal Rules of Criminal Procedure. This rule will make it easier for the FBI to legally hack into devices that use Tor or a VPN, wherever in the world those devices are located.

· Released an experimental prototype of a Tor Android phone, an important step in providing uncensored Internet access for millions of worldwide mobile device users.

· Built a sandbox system for Tor Browser for Linux, to be released in alpha form by the end of the year, that will help protect users from malicious attacks at the application layer.

· Grew the community of enthusiastic privacy and security developers, including mentoring seven students in the Google Summer of Code program.

· Continued our central role in the privacy research community, pointing academic research groups at the most pressing problems and helping their results to have real-world impact.

In the coming year, we can do so much more! Please help us keep up the good fight. Make your tax-deductible contribution to the Tor Project today:

Thank you for your support!

Shari Steele
Executive Director
The Tor Project


November 23, 2016


What should one specify in a Last Will and Testament (UK) in order to ensure that one could leave money to the Tor Project after death?

Was think of leaving it to the cat's home, but Tor is worth supporting!

Thanks for thinking of it! I actually don't know the answer, especially for UK.

I would suggest asking a finance / accounting person in the UK, since I bet that's a simple question for such a person.

Also, you could contact giving@tpo (where tpo is "") to ask this question, which will hopefully get it escalated to our accounting people in case they can help.

I know that Shari has been working on ways to streamline giving stocks, etc, since many Tor supporters also happen to have jobs at large tech companies. I would bet that the answers are related.

Let us know what you learn!


November 23, 2016


In the middle of the year, Tor (the company) used its money to make investigation into the sex-life of a former employee. This might be a standard procedure for a company in the us (in similar cases). I still thinks that's ethically just wrong (as is trail-by-rumour) and therefore I made the choice not to support the company but instead to donate money to tails ( ) and

Thanks for supporting parts of the Tor ecosystem! All the parts of the Tor ecosystem are working towards the same goals, and we'll be strongest if all of them succeed.

As for the investigation, there sure has been a lot of confusion around that topic. I think Tor needed to do its own investigation after the complaints -- to figure out for ourselves about what happened. I also think it is a mistake though to blame all of the problems on the investigation: that is getting the order of things wrong.

All of that said, I encourage us to focus here on the future and what we all still need to do to make the world safe.

I certainly have confusion around the investigation. Last I heard, TP had started an investigation after said employee had already resigned. I didn't hear anything after that. What did the investigation find? Not asking for details, but was it worth it? I don't recall seeing a press release or anything after the investigation, although I could be wrong. The OP makes a good point, and I would understand why people might be apprehensive about donating in light of that.

> All of that said, I encourage us to focus here on the future and what we all still need to do to make the world safe.

I tend to agree, but I sure hope that in future Tor Project is determined to avoid hiring any more CIA moles, eh?

Without taking any stance on the credibility of very serious accusations against the former Tor employee who exposed DC, as a Tor user I would urge all Tor employees to consider that despite working for such a tiny organization, they are effectively high profile people simply because they work for Tor Project, and should accordingly possibly consider attempting to avoid doing anything at work--- or outside work--- which our enemies could exploit to damage the Project, without any greater gain to the cause of civil liberties and human rights. This might entail curtailing some of the very activities which you are working so hard to ensure ordinary citizens can engage in without fear of government (or corporate) reprisals.

I.e. live like a monk or a nun and avoid entanglements with dangerous persons (e.g. people allied with USIC) in order that others may live boldly. Just a suggestion.

If Tor Project becomes more internationally secure and more diversely funded, I hope that the current global trend toward authoritarianism, organized sectarian violence, and brutal repression of anyone who is "different" will reverse, possibly to the point where even those under constant government scrutiny can relax and enjoy life a bit more than may be realistically possible for the foreseeable future.


November 23, 2016


To all the Tor Project members: A BIG THANK YOU!!!!

We owe you so much for helping us protect our right to privacy.

I hope you continue your progress over the years!


November 23, 2016


Follow these steps if you want to never get a Tor tshirt:

- Donate $100 via the Tor Project website
- Run dozens of exit nodes and relays
- Email multiple times and get zero response
- Join the Tor IRC channels and ask for help

I'm just going to give up on ever getting a shirt now. It's been 6-7 months and 0 luck and 0 shirt LOL.

I'm sorry to hear that! We didn't do a good job in the past of handling tshirts, I agree. I'm under the impression that we are caught up on all the swag from last year's donation campaign, so if you have fallen through the cracks, please do contact us, at giving@tpo (where tpo is and let us know the details.

That part is actually what Shari meant by mentioning the civicrm installation for doing our logistics better -- "donors should receive thank-you notes and swag in a timely fashion" left out phrases like "This time," but those of us from last year could see that it was implicit. :)


November 23, 2016


donate with paypal or creditcard, the NSA will register you as suspicious and track your records. great deal!

Answer #1: That's why the privacy policy on the donate page talks so much about the risks of giving your info to paypal, and offers suggestions on ways to donate where you actually retain your anonymity:
and question 23 on

Answer #2: Unfortunately, I worry that the model of "if you do something suspicious, you'll get tracked" is outdated. The new model is simply "you'll get tracked". It's easier for them to just collect all the data and hope they will make sense of it later.

Answer #3: If you're in a position where you can stand up and declare that you think privacy is important and valuable in the world, then do it publicly! A lot of the battle here is whether we can normalize privacy in the world -- i.e., whether we can make it so everybody thinks you're reasonable and normal for supporting privacy, rather than worrying about threats or retaliation.

Over the past few years, I've chosen #3, and I've found it's contagious and overall a good thing. In light of recent leaks and disclosures, most namely the Snowden revelations, it's become more generally acceptable to care about privacy and realize the possibility that various companies and agencies are spying on us. We still have progress to make, but I've found that in some cases, coming out about your privacy awareness might be just enough to cause the same reaction from the acquantances you'd least expect. Long story short, the more people that openly care about privacy, the less each of them stick out from the crowd.

(Sorry for hijacking a thread about PayPal donations -- I just thought it would be an interesting anecdote.)

> offers suggestions on ways to donate where you actually retain your anonymity

One of the suggestions is bitcoin, but your bitcoin donation link blocks Tor users. And I don't really know how to buy bitcoin anonymously. I'd look at Localbitcoins, but they block Tor users. I looked at various online brokers some time ago, and none had very clear information on whether/when proof of identity would be required (I might be willing to be less than fully anonymous on that end, but no way in hell would I send a scan of an identity document). I've heard of bitcoin ATMs but they seem to often have biometric requirements; I'd use the Internet Archive's system if I were anywhere near SF.

The pages you linked don't mention anything specific about postal money orders. Can non-US people use these, and would we have to get something USD-denominated? Does the postal worker need to know who the recipient(s) will be?

You still don't get it? The whole point about the Surveillance State is that *everyone* is regarded as eternally suspicious! *Everyone* is tracked. Always. 24/7/365.

What you meant to say is that some people are temporarily regarded as "more" suspicious than others. And everyone is continually reviewed for a possible "upgrade" in their level of suspicion.

They also register you as suspicious if you read LinuxJournal or vote libertarian.
As described above you can donate anonymously.


November 24, 2016


Whew! You've been so quiet that I was seriously worried!

That's a fine summary of all the great work Tor Project is doing (reaching for my checkbook)! Glad to see you mentioned all my favorite things :)

Three requests, if I may:

1. Can you provide an update on the last-minute push to stop the changes to Rule 41 before Monday 28 Nov 2016?

Congress returns from a long weekend at 9AM or so and will in principle have a dozen working hours left to stop the changes before midnight Thu 1 Dec 2016. I still hope we can get many US Tor users to call their representatives in the House and Senate and

o explain that we are not in fact using Tor for child pron (the only thing US Asst Attorney General Caldwell mentions as things someone might use Tor for in his DOJ blogs arguing for the changes),

o remind our representatives of

+ FBI's political interference in the recent election, decried (at different points) by both major parties,

+ FBI's standard practice of lying to judges, juries and even prosecutors about how it collects evidence presented in criminal cases; for example, ACLU has obtained under FOIA internal documents showing FBI teaches local LEAs how to disguise the fact that "cell-site simulators" or criminal informations were used, apparently illegally,

+ FBI's renewed habit of bugging people and places they shouldn't; for example, civil rights groups in CA discovered that FBI had bugged courthouse lobbies, planters outside the courthouse, and bus shelters near the courthouse, in order to listen in on attorney-client conversations,

+ In one recent instance of "using an investigative technique" (FBI doublespeak for sending malware), FBI apparently sent phishing emails to *every* user account at, apparently trying to locate a single person they thought *might* have an account there--- in other words, FBI intentionally sent malware laden phishing emails to thousands of unknown persons they knew were not suspected of any crime.

If we create enough fuss, just possibly Congress might act to delay the changes until July.

I suggest that callers begin by saying they

o support House Bill HR 6341, "Review the Rule Act", and the yet unnamed Senate counterpart,

o both bills have bipartisan support.

2. Can you provide some kind of explanation of what steps the Project is taking to ensure that Tor continues to be there for people all over the world who depend upon it, sometimes for their very lives, in case the USG literally or effectively outlaws encryption or anonmyzing software, or declares Tor Project an illegal organization? The threat from FBI's drive to outlaw unbackdoored encryption in the US is very real, despite intense opposition from enormous companies, the Surveillance State now seems to be absolutely uncontrollable by any political process, or even by a new authoritarian President.

In my view, one can only conclude that Tor Project simply must up and leave the USA for a less dangerous home base. Others may feel that is too drastic, but I hope they will review the history of the rise of the Third Reich. Those of us who in childhood knew survivors well remember that they survived because their families were wise enough (and wealthy enough) to leave Germany while they still could. Other intelligent people refused to believe that the most civilized nation ever was descending into genocidal barbarism, and they perished.

In any case, I think everyone will agree that the threats are sufficiently dire that Tor Project needs to move key assets (literally encryption keys, also at least some key employees, and at least some key servers) outside the USA so that the Project can try to reconstitute itself if the USG suddenly strikes at Tor people and servers in the USA.

It seems clear that FBI has every intention of immediately attacking US collectives such as Riseup (Riseup Networks provides a critical part of Tails Project) on midnight 1 Dec 2016, and I have no doubt they will attack every Tor employee too. I hope you have contacted Citizen Labs to arrange for assistance in capturing malware or at least documenting its effects if FBI behaves as badly as I expect.

3. Once the donations from the new funding drive are tallied, can you provide two pie charts similar to what Tails does? (One chart shows where the money comes from, the other how it is spent.) Pie charts were introduced by the pioneering medical statistician Florence Nightingale, and while some modern data scientists dislike them, this is one place where I think they are actually pretty useful. Almost any statistical package should support making them.

If the new funding drive falls short of what the project needs to win independency from the USG-tied three letter entities (SRI, NED), at least Tor users around the world will understand what the Project is facing in terms of surviving while under concerted attack from other three letter USG agencies (NSA, CIA, FBI).

I'd suggest planning a summer fundraising drive for 2017 (those impoverished users who survived their winter heating bills may have a bit more money to share by summer).

At this point things seem so dire wrt USG I'd rather see Tor Project approach foreign governments for funding, as long as no one "block" exceeds say 20% of total funding. Maybe Iceland or Denmark can help?

IMO you may be more truthfully described as "leader of the free world" than a certain unloved politician who is visibly aging even before he takes office (sources say that TS/SCI briefing he just received was a doozy), and I appreciate that your job is not less difficult than the one that person has unfortunately been given.

Tails Project is not yet dead, so we all have something to celebrate this Thanksgiving!

In the short term, I agree with the first half of this post. We have less than a week until Dec 1st. It's do or die -- after that we can put that issue to bed (hopefully only until July 2017). Time to go for broke, I.e. do an updated blog post about Review the Rule Act, possibly reach out to other organizations like the EFF and any civil rights sites that can get exposure to the issue, and/or start (or revive the earlier) social media campaign.

The rest is also important in the long term. I'm not sure moving TP outside the USG will do much more than move the problem elsewhere. It might buy us some time, but it think the key is redundancy (not much can be done with that for employees, but for keys and servers, etc.).

> I'm not sure moving TP outside the [USA] will do much more than move the problem elsewhere. It might buy us some time, but it think the key is redundancy (not much can be done with that for employees, but for keys and servers, etc.).

I don't think we really disagree even there.

I think the political situation in the US is so dire that TP must immediately move critical assets (money, people, servers, encryption material) outside the US, to the extent this can be done rapidly without doing more harm than good.

But as I have said many times, all the world's governments seem to be taking a sharp turn toward authoritarianism of the worst kind-- authoritarianism heavily tinged with the sort of state-sponsored ethnic hatreds which always presage genocides.

It follows that TP should remove as much as possible from the USA as quicly as possible, and then to diversify and decentralize as much as possible.


November 24, 2016


When you will get rid of directory authorities, to make Tor fully decentralized and trustless? Now it takes only nine subverted machines to demolish Tor security. I am able to pay large sums of money to anyone who will free Tor from "directory authorities" and dependence on "Tor Browser Bundle" to easily configure things. I am thinking about something like AdvOR (which is not updated, unfortunately). Please somebody make Tor the *real* thing!

I share your concern about a critical component of Tor not yet being decentralized (I also worry a lot about Tor Project and so many Tor People being located in a dangerous country, although these days it might be hard to name a country which is *not* dangerous).

However, my understanding is that despite considerable research no-one yet knows how to safely replace the current setup for the Directory Authorities.

By the way, does anyone have any information on the rumored secret NSA/FBI/DHS program (Stifle) to shut down the Tor network entirely "in an emergency"?

I have no info of "stifle" but Tor has been DDoS'd before.
To maintain access, save a few obfs4 bridges in case of DPI censoring.
Set up I2P and Freenet in case whole Tor goes down.
Set up mesh networking (e.g. Serval/Rumble) in case Internet goes down.
You don't have to run them 24/7, just have them set up for if ever needed.

I've recently experienced a strange problem while trying to connect to the Tor network via bridges in which the clock appeared to be skewing wildly, as if the time had been off by hours. I disconnected and checked carefully, and the system time on my computer was correct.

Since many servers use an insecure protocol (NTP) to try to keep their clocks accurate, and since accurate clocks are necessary for hidden services to work, I worry that this might be yet another problem which needs to be addressed.

The fixes you suggest are far beyond my current capability.

Several years ago, i2p did poorly in a security audit. Were the problems fixed?

Earlier today I could not connect to Tor at all, and was worried that FBI had struck a fatal blow even before midnight 1 Dec 2016.

Then I noticed my ethernet cable had been mysteriously severed, which has led to an unpleasant and somewhat one-sided conversation in which I angrily accused my pet stoat of being an American agent. Fortunately replacing an ethernet cable is one thing I know how to do.

Directory authorities are a strength, if they can be trusted then it is straightforward to show that the network's design is sound.

Without directory authorities, it is hard to find a source of trust, and it is hard to have security without trust.

I'm pretty sure I2P does it fully decentralized just by hardcoding bootstrap hosts and keys in the application. Okay that's not "fully decentralized" either, but what else can you do but brute force the whole IP address space looking for peers? The point is that there's nothing special about those bootstrap nodes, they're just regular peers. Of course, using this approach would imply that Tor is willing to move towards a peer-to-peer design, but it shows it is possible to introduce nodes to a network without centralized servers and without sacrificing trust. I haven't read the tech docs in a long time, but as I recall there is a detailed article on about bootstrapping.


November 24, 2016


Seeing Crimea not included into Russia in OONI Explorer makes it harder to state you are not a biased organization.

That's because it's an occupied territory like Western Sahara (by Morocco), Abkhazia and South Ossetia (by Russia). As a long as the occupation isn't recognized by any international body, why should the tor project change the status of this region on its maps?

Tor Project is a nonpartisan humans rights NGO. That said, no human rights organization anywhere in the world, that I know of, approves of invasions in order to grab territory, or for that matter is particularly enthusiastic about the Putin regime.

The question is whether - or not - Crimea is and was ever part of the republic of Ukraine, de jure - that is, whether its administrative tranfer, by an internal "ukaz" of the then government and/or communist party of the USSR (actually, by Khruchev's fantasy), from the (soviet federative) republic of Russia to the (soviet) republic of the Ukraine has any standing in international law - which it has none (opinions may vary).

As you wrote, the Torproject is nonpartisan & hence, it should not take a position (pro or against) Russia, Putin, and/or the Ukraine and her US sockpuppet, so-called president.

But of course, it TP did as you suggest, the Ukraine government could make the same argument, with the countries (Ukraine, RU) transposed.

TP is currently facing existential threats--- technical, legal, political--- from numerous sources, and has very limited resources to devote to confronting lesser matters. But you have to give credit to Mike Perry for allowing you to raise the point, even at the risk of being included in the next edition of the list of supposed "pro-Putin websites" just published by a mysterious US-based entity. (That list includes a number of legit media sites which just so happen to be critical of numerous governments, including US, RU, and CN.)

In a comment to this blog I made a year or two ago, I gently mocked the RU government for the crude nature of its US-aimed propaganda, compared to the much more subtle--- and highly effective--- propaganda from the CN government, which is mostly aimed at US businesspersons rather than consumers or activists.

Maybe the agentura took my criticism to heart?


November 24, 2016


Congrats on coming this far.
hope that U.S. Hacking thing doesn't become reality, seriously freedom to hack into any computer they want, what a joke.
seriously i'll vote for radicalism if they get that sort of freedom, just sayin'.

I'd like to order a red baseball cap with this slogan;) Esp. because of all the trouble and the purge this year.


November 24, 2016


Unfortunately some of your developers couln't care less for actual users who out of choice or necessity are not running the greatest, newest and most expensive computers ! I won't name names, but as an example - whereas Tor itself - the core onion router - runs and works perfectly on AMD athlon XP processors, "obfuscated" transports (such as obfs4) do NOT - only because the developer, when asked politely, stated in reply he would never "get out of his way" (sic) and recompile his stuff the without improper options (the tyranny of the default; that needlessly force the compiled obsfproxy to use SS2 hence preventing it from running on AMD K7 and earlier.)

With this (absolutely disgusting) example in mind and a few more dubious recent moves, I won't - regretfully- contribute financially although I've been a Tor fan years before the "Torproject" existed as such... IMHO you ceased helping those that most need Tor in favor of whatever other goals, hidden or not

Sorry you had a bad experience.

Can someone check the claims? I agree with the principle that the Project should try to take account of the fact that people in some of the most dangerous places may not have access to latest and bestest hardware. OTH, I also agree with the principle that when making changes would probably break other parts of Tor, the changes shouldn't be made until those issues are resolved.…

Judge for yourself. Instructions on how to solve the problem (which require a full toolchain rebuild, because the compiler makes the assumption that SSE2 is available on x86 targets unless told otherwise) were provided first.

As a side note, I am responsible for a grand total of 0 binary packages, so this was more a question/request better directed at people who actually do make binary begin with.

I don't think anyone can reasonably be said to be assuming the "latest and bestest hardware" when they ship binaries that use CPU instructions first introduced in 2001, that happen to break on a hardware line that ceased production in 2005.

It's bad to hear this from devs! You state that them can't cope with compilers and don't understand why SSE2 is bad (as a part of the greatest crap in history from Intel - P4), and why only lamers (e.g. recent Mozilla) use supplementary instructions as mandatory!

Unfortunately the developer you're referring to has been extremely busy with other projects (such as sandboxing) it would be very dishonest to blame him for not making something work on 0.01% of processors in the world

I do NOT have go installed - like 99.998% of us Tor /users/ -
Since - as you are confirming here, it is a "trivial" fix to configuration files that is needed to get rid of the evil dependency to SSE2 in obfs4proxy.exe, it goes without saying that this trivial change should be implemented by the good people in charge with official Tor compiles, ASAP - doesn't it ?