Transparency, Openness, and our 2015 Financials

After completing the standard audit, our 2015 state and federal tax filings are available. We publish all of our related tax documents because we believe in transparency.

I'm sorry for the delay in posting them: we had everything ready in December, but we had a lot going on at the end of the year (if you haven't seen it yet, check out the Tor at the Heart of Internet Freedom blog post series!), and then time got away from me after the new year.

But the delay brings you something new! Linus Nordberg, one of our new board members, has gathered together a bunch of corporate documents, like the Articles of Organization from founding the organization, our Form 1023 where we applied for non-profit status, and our IRS determination letter where they confirmed it. I've put links to these documents on the same financials page.

From a development perspective, transparency doesn't just mean that we show you our source code (though of course we do). The second layer to transparency is publishing specifications to explain what we thought we implemented in the source code. And the layer above that is publishing design documents and research papers to explain why we chose to build it that way, including analyzing the security implications and the tradeoffs of alternate designs. The reason for all these layers is to help people evaluate every level of our system: whether we chose the right design, whether we turned that design into a concrete plan that will keep people safe, and whether we correctly implemented this plan. Tor gets a huge amount of analysis and attention from professors and university research groups down to individual programmers around the world, and this consistent peer review is one of our core strengths over the past decade.

Some observations to help you read through the 2015 financial documents:

  • Tor's annual revenue in 2015 was up from 2014, at almost $3.3 million. That's good news because it shows our stability in the year where I was interim executive director. At the same time, you should be careful reading too much into yearly (calendar) numbers, because they can vary quite a bit if, say, we finish a big milestone on Dec 15 vs on Jan 15. So you really want to look at many years at a time—and by that metric, we're doing ok.
  • Tor's budget remains modest considering the number of people involved and the impact we have. And it is dwarfed by the budgets that our adversaries are spending to make the world a more dangerous and less free place.
  • Income from individual donations and other non-government things is higher, and also a higher percentage, in 2015 than 2014, but it's still in the 10-15% range. We have more work to do.
  • Check out the comment sections on the previous posts for previous years' versions of the usual "omg government funding" and "omg transparency" discussions. You might find this comment more useful than the rest.
  • A brief crash course on two common contract models for organizations that take government funding: Some of our funding (NSF, State Dept) is what's called the "cost reimbursement" model, where we have to show that we've spent the money in order to get paid (which is designed to make sure organizations spend the money in the way they've agreed to spend it), whereas others of our funding (RFA/OTF, SRI) is what's called the "milestone based" model, where we give the funder a set of deliverables and prices, and when we tell them a deliverable is done, they pay us that amount. The milestone based model gives us more flexibility to do all the things that need to get done (e.g. we can choose prices that accurately reflect the maintenance costs too), but it can also be more risky because it's on us if we underestimate costs.
  • More generally, I should take a brief moment to explain how funding proposals work, for those who worry that governments come to us wanting to pay us to do something bad. The way it works is that we try to find groups with funding for the general area that we want to work on, and then we go to them with a specific plan for what we'd like to do and how much it will cost, and if we're lucky they say ok. There is never any point where somebody comes to us and says "I'll pay you $X to do Y."
  • In 2015 we counted $498000 in "donated services", that is, volunteers helping with translations, website hosting, and so on. So far we have been quite limited in what donated services we count, because our past accounting people told us to be conservative. Other people have told us that we don't have to be that conservative, so I am excited to try harder in future financial documents to count many more aspects of volunteering—activism and education, sysadmin time, relay operation, finding and analyzing bugs, providing user support, etc.

In closing, remember that there are many different ways to get involved with Tor, and we need your help. For examples, you can donate, volunteer, and run a Tor relay.

Tsadik

April 21, 2017

Permalink

Thanks for staying consistent, the important paragraph for me:

Tor's budget remains modest considering the number of people involved and the impact we have. And it is dwarfed by the budgets that our adversaries are spending to make the world a more dangerous and less free place.

Tsadik

April 22, 2017

Permalink

There needs to be an emoticon for tipping ones hat. Thank you for Tor. All of you.

Tsadik

April 23, 2017

Permalink

Many thanks for sharing this information. What was the Tor Solutions Corporation for, and why was it dissolved?

Check out this answer:
https://lists.torproject.org/pipermail/tor-talk/2013-September/030166.h…

We dissolved it because we only made it for that one purpose, years ago, and for a while we thought it wasn't costing us anything to keep around (so why not keep it around in case we find a use for it later), but then we realized it was a non-trivial burden in the annual audits, so we decided to get rid of it.

Tsadik

April 23, 2017

Permalink

Now that https://translate.google.com/ and https://web.archive.org have stopped working with JavaScript disabled (probably because of an NSL ordering them to help infect people), what is a good way to read news/blogs/documents/etc hosted with fascist weapons such as Great of China and even worse CloudFlare?

Tsadik

April 25, 2017

In reply to by Anonymous (not verified)

Permalink

Use something like startpage.com or ixquick.eu or searx.me (they all have a proxy button)

Tsadik

April 24, 2017

Permalink

Regarding "the budgets that our adversaries are spending", can you give some examples of who these adversaries are? If you're talking about corporate web tracking, this statement makes sense, but I'm sure many readers of this blog post infer from it that Tor considers FVEY agencies to be its adversaries. But hasn't "the GPA" (global passive adversary) always been explicitly *not* included in Tor's threat model? Thanks in advance for clarifying what you mean here.

This phrase 'threat model' is a tricky one.

In the crypto world, the threat model is exactly the strongest (albeit funny-shaped) adversary that cannot defeat your system.

In the applied security world, it seems like your threat model should be the threats you expect to see in reality.

There's definitely a contradiction there, and I much prefer the second definition.

I guess said another way, if when you say "that's not in Tor's threat model", you mean "Tor is not good at defending against that right now", that's right. But if you mean "that's not something that Tor wishes it could defend against", that's not at all right. I would love to have some better defenses against large-scale adversaries, because they seem to be a growing trend around the world these days, and they keep trying to overreach the power that the people gave them.

*That* said, I definitely don't want to position Tor as a tool aimed only against government surveillance. There are so many threats out there these days, and I would like people to have the opportunity to be protected against every one of them.

Thank you the detailed explanation.
I am still confused, aren't there tons of entries in the Tor FAQ saying that such and such defense will never be considered since it would only be needed against global passive (or active) adversaries and Tor team has decided to never spend any resources against those?
Isn't that why even a basic mixnet-like design, adding only enough delays to stop end-to-end timing attacks without making the Internet unusable, are 100% out of the question for Tor?

To simply put (in my view): Tor defines itself as to aim at protecting people's privacy and anonymity and security on Internet, so any party (individuals, companies, governments,...) aiming at breaking people's privacy and anonymity and security on Internet can be deemed "our adversaries" in Tor perspective.

FWIW IIRC there's some Phd student working on a design where there's dummy traffic up to the middle relay or guard (can't remember exactly)

But it's definitely not something "100% out of the question".

Tsadik

April 24, 2017

Permalink

You really are paid so much, for so little (anyone who doubts it's little should watch commits and irc) and have become addicted to it, and now you think it's normal. If you weren't so greedy and corrupt you would have no reason to desperately chase after people with more money than sense and wave lies at them in the hope they're gullible (or corrupt) enough to pay you again for even more bullshit.

Tsadik

April 24, 2017

Permalink

"...so I am excited to try harder in future financial documents to count many more aspects of volunteering—activism and education, sysadmin time, relay operation, finding and analyzing bugs, providing user support, etc. "

You simply... can't! If someone whispers to the POTUS that "Mr. President, Tor is so great, we must find some ways to help them", how many dollars would that "volunterring" be counted for??? xD

Tsadik

May 01, 2017

Permalink

TP must be funded by people who actually value human rights, citizen democracy, and civil rights. Until that is the case, TP will always be in imminent danger of simply being shut down by a simple funding cut in the US Congress.

> Income from individual donations and other non-government things is higher, and also a higher percentage, in 2015 than 2014, but it's still in the 10-15% range.

That's a looming disaster. Your funding still comes almost entirely from a government which is now headed by an orange-haired monster (and controlled by the US Surveillance-Military-Financial Industrial complex).

The alarming implication (coupled with NSA's recent "upstream" changes): the Surveillance-Military-Financial Industrial complex has decided it can track Americans more easily by controlling TP than by shutting it down. If true, if TP ever improved its technology to the point where it once again can thwart NSA's tracking, USG will simply eliminate it by removing its funding.

> We have more work to do.

I had hoped the "Tor at the Heart" series would increase private donations much more than it did. It is heartbreaking that all the work TP people did on that did not result in more small donations from ordinary citizens.

I wish I had some suggestions, but I don't.

> Your funding still comes almost entirely from a government which is now headed by an orange-haired monster...
> The alarming implication (coupled with NSA's recent "upstream" changes): the Surveillance-Military-Financial Industrial complex has decided it can track Americans more easily by controlling TP than by shutting it down.

You don't have to worry so much for Americans: they may be the smallest group of civil citizens using Tor -- and the small group would include "citizens" like Ross William Ulbricht (of Silkroad, and so for Jame B. Comey to track these CRIMINALS is as necessary as sending the letters to U.S. Congress on Nov. 01 and 05, 2016).

One of Tor's priorities is to enforce FREEDOM of SPEECH in regions like China, Middle East,... (and in the near future is in the European Union as well) -- where the privilege right has been (and "will soon be", in the case of EU) ripped out of the people. Those people have no worry with everything you listed there; they even can feel happy with that, and if you're from European Union, you will feel the same soon -- in the near future!

You mentioned our principal American enemy, who is currently the only thing members of the US federal Congress can agree on... hating:

https://www.techdirt.com
At Senate Hearing, Comey Hints At Expanded NSL Powers And Encryption Backdoors
from the now-has-a-president-willing-to-cater-to-his-desires dept

> James Comey testified in front of the Senate Judiciary Committee today where he faced an oddly-unified bipartisan group of senators irritated with the FBI (but for different reasons).
> ...
> [The Hearing] managed to make it clear the current administration would be far more sympathetic to Comey's other backdoor plan. Both Sen. Orin Hatch and Sen. Dianne Feinstein spoke favorably about encryption backdoors. Comey noted the Obama Administration wasn't interested in passing bills containing encryption bans or backdoors, but the new team in the White House has possibly expressed an interest in doing just that.
> ...
> [Comey] still wants the government to solve his "going dark" problem, even though the problem has been greatly exaggerated and no amount of harder nerding is going to generate a safe, government-only backdoor in encryption.

The fact that powerful figures such as Hatch and Feinstein continue to express support for Comey's most dangerous desire poses a clear and present threat to the immediate future of the Tor community. The countervailing fact that they both despise him from the utter depths of their poisonous hearts is a very good thing, because he heads the most dangerous criminal organization in America.

If TP can somehow manage to find better sources of funding (perhaps inside the EU) before USG declares it an illegal organization, perhaps there is still some hope.

> Americans ... may be the smallest group of civil citizens using Tor

My understanding is that Tor Project's "official usage stats" suggest otherwise. Because of the design of Tor, TP --- and USG--- know which IPs are joining the Tor network, and of course they know where those IPs are geolocated, as you probably know.

To be sure, it is possible that some of the connections from US IPs are actually from US based VPNs to which customers are connecting (not by Tor) from outside the US. Perhaps Roger or another TP employee will care to comment on this point.

> enforce FREEDOM of SPEECH in regions like China, Middle East...

I believe the word you want is "enable".

[Too many] governments *enforce* oppression; human rights organizations *enable* freedom.

I am afraid I could not decipher what you were trying to predict concerning the future (or not?) of the EU. I can't even tell whether you are for or against the rising tide of authoritarianism in EU countries. I can say that in my opinion things have progressed much further down the path towards totalitarianism in USA than in most EU countries (Spain is an exception, and the situation in France is quite dangerous). I hope EU voters will resist those who wish to lead the continent down the same path of self destruction which it has followed previously--- within living memory in fact.

Just remember, if the EU hangs together for a bit longer, Europe stands to benefit enormously from the self-destruction of the USA.

Everything you put in here is baseless information of "In my understanding" type; there is ZERO trustworthiness from this kind of information:

>> ...because he heads the most dangerous criminal organization in America.
>> My understanding is that Tor Project's "official usage stats" suggest otherwise.
>> I believe the word you want is "enable".
>> [The Hearing], [Comey], [To many]

+) FBI is "the most dangerous criminal organization in America"?! You must support Eric Eoin Marques (Freedom Hosting), Ross William Ulbricht (Silk Road), and the like?
+) YOUR understanding means NOTHING! Even if you want to cite some sources, the trustworthiness of the sources must be able to be checked and confirmed.
+) If I had wanted the word "enable", I would have used the word "enable". It's ENFORCE -- the word I wanted and used. I don't need anyone to talk on my behalf!
+) I don't know what the hell has to do with the [ridiculous] square brackets: the sentences would be the same with or without the useless brackets. If you don't know its [grammatical] functions, don't use it (grammatical correctness doesn't work here!).

This kind of information can only be categorized to be PERSONAL OPINION, and If you want to express your OPINION here, feel free: I may not care!

All the bests.

Tsadik

May 07, 2017

In reply to by Anonymous (not verified)

Permalink

According to what I have been reading, there is every reason to think Bogatov has been framed by people (the "authorities") who do not much care that it is fairly obvious that he has been framed. Very troubling.