Google Season of Docs 2019: Help Tor Improve Our Documentation

This is a worthy effort and I hope that it results in documentation which helps newcomers quickly learn what they need to know right now to start using Tor Browser, while also making it easy for more experienced users to find up to date information on topics such as encryption used in Tor circuits or links to key papers on theoretical attacks on onions, plus information about real world attacks in the wild.

Because I am a user but neither a coder nor a tech writer I consider myself well qualified :-) to offer some general advice about writing "tech docs for the ordinary citizen".

One basic approach might be to write a core page for newcomers with links to other pages with more specialized/detailed information, or to pages which discuss difficult topics like Tor Project's somewhat troubling (especially for newcomers outside the US) historical origins, criminalization of privacy research (c.f. Ola Bini), or the community response to FBI's "Going Dark" hysteria. I suspect no-one at Tor will be eager to pen a thoughtful admission that Yasha Levine makes some good points in his book Surveillance Valley, but I think acknowledging past mis-steps (such as hiring a former USIC coder to work on sensitive app code) is the best way to convince wary potential users that TP has seriously reformed its character from "US soft power coders" to "international human rights coders".

I was very impressed when I first read the Tails documentation because that was the first site I'd seen which followed the rule of putting the essential stuff first and then adding links to comprehensible explanations of how to use various software bundled with Tails. Infinitely superior to off-putting injunctions to RTFM (meaning the Tor Design Document, which is not really written for users but for coders, and is in any case seriously outdated).

Here and there the writers can possibly insert encouragement to intermediate level users: when we say understanding privacy tech involves surmounting a "steep learning curve", we mean that initially a newcomer might find almost everything confusing or counterintuitive, but if they keep using Tor and trying to learn more about how the magic happens, at some point they will find more and more is rapidly making more and more sense to them.

Because things change so quickly, every page should begin with "last reviewed April 2020" etc. Because many people will come across these documentation via a search engine, and because search engines often link to outrageously outdated and even dangerous misleading information about Tor, regular review and updating should be an essential part of documentation.

Last but not least, rigorous link testing, editing, and some kind of user testing before you launch should be regarded as essential. The recent launch of the "new look" was more rocky than it should have been. I hope that just before you announce the new documents in this blog someone will test the blog post using various security slider selections (by that time there may be four not three as you know!) and if possible using slow as well as fast internet connections. Remember that some Tor users are not in regions with fast internet and we do not want to make life more difficult for them than it already is.

P.S. Please make sure Isabela knows about (and ideally responds to) a troubling opinion piece which calls for (among other things) DARPA funding of anti-GFWC software without even mentioning Tor! Or anonymity or privacy. See:

thehill.com
Tear down the 'Great Firewall' to win the war with China
Bradley A. Thayer and Lianchao Han
29 Apr 2019

When you read this, make sure to note the authors's affiliations:

> Bradley A. Thayer, Ph.D., is a professor of political science at the University of Texas, San Antonio. He is coauthor of “How China Sees the World: Han-Centrism and the Balance of Power in International Politics.”

UT San Antonio has close ties to NSA/TAO, which is situated on the grounds of Lackland AFB in that city. Several companies in San Antonio are essential cybermercenary companies staffed by former US military USIC cyberwarriors. Don't know about Thayer himself, but possible ties to NSA/TAO are concerning.

> Lianchao Han is vice president of Citizen Power Initiatives for China and a visiting fellow at the Hudson Institute. After the Tiananmen Square Massacre in 1989, Dr. Han was one of the founders of the Independent Federation of Chinese Students and Scholars. He worked in the U.S. Senate for 12 years, as legislative counsel and policy director for three senators.

Hudson Institute: conservative think tank founded by thermonuclear extremist Herman Kahn. Don't know about Han himself, but these ties are concerning.

Simultaneously, Pompeo appears to be trying to co-opt HRW's very important revelation of the massive dragnet surveillance/harassment system tracking Uighurs everywhere they go in China (not just in Xinjiang Province) by calling out the CN government for (apparently) incarcerating millions of heads of Uighur households in vast internment camps (called "vocation training centers", with guard towers).

I am concerned that Thayer and Han may be players is a well planned political influence campaign whose goals may include

o delegitimizing (even criminalizing) Tor

o decoupling "anti-censorship" from anonymity, privacy, and even from free speech

o making a show of ideological combat with CN (but certainly not RU!) while quietly encouraging FBI's "Going Dark" ambitions of eliminating all on-line privacy.

Also, I think Isabela may be too young to remember that the Democratic candidate for US President in 2020 who is being heavily promoted by "the establishment", Joe Biden, was one of the chief proponents of NSA's "clipper chip" and other attacks on NSA-defeating public key cryptography. He was also one of the chief architects of one of the most socially destructive laws in US history, the Crime Omnibus (mandatory sentencing, etc). And his son turns out to have invested heavily in the very surveillance app which plays a key role in the CN Uighur-tracking/harassment dragnet.

I hardly need remark that Drump agrees with CN on the "need" for cyberactions (and "kinetic" actions) targeting "troublemakers" (e.g. ACLU, left leaning journalists, community organizers, union leaders) as a "national security matter" [sic], so Pompeo's criticisms will not be taken seriously by the international community.

Further, tech reporter Sean Gallagher, who years ago was not unfriendly to reporting on the Snowden leaks, now appears to have been thoroughly co-opted by the US military/USIC cyberwarrior mythology:

arstechnica.com
Spot the not-Fed: A day at AvengerCon, the Army’s answer to hacker conferences
Army unit's effort brings hacker con culture to the home of military cyber.
Sean Gallagher
2 May 2019

In short, Tor (and the right to privacy, and the right to freedom from cyberassault from the likes of NSA/TAO) has few friends in the US executive, legislature, judiciary, or media.

It follows that Tor Project must redouble its efforts to move to a user funded structure, and to relocate its base of operations to a safer country. So not RU, not CN, not VE, probably not BR or MX, but maybe CH or SE or IS or even Chile? Or those seem too far, what about CA? Not really safe but safer than the US, probably.