Strength in Numbers: An Entire Ecosystem Relies on Tor
This post is one in a series of blogs to complement our 2018 crowdfunding campaign, Strength in Numbers. Anonymity loves company and we are all safer and stronger when we work together. Please contribute today, and your gift will be matched by Mozilla.
If the Tor Project, the Tor network, and Tor Browser were to disappear, what would happen? Not only would millions of global, daily users lose access to Tor’s software, but the diverse ecosystem of privacy, security, and anti-censorship applications that rely on the Tor network would cease to function.
The same network and technologies that allow you to use the internet anonymously power the anonymity, circumvention, and privacy features of many third-party web browsers, communications apps, secure operating systems, monitoring tools, and file sharing apps.
Your donation to the Tor Project will have a positive ripple effect on the many vital anonymity and privacy applications that rely on the Tor network and technologies, like:
Whistleblowing, file sharing, and reporting tools that are secure and anonymous
SecureDrop is an open-source whistleblower submission system developed by many Tor core contributors that media organizations can install to accept documents from anonymous sources. GlobaLeaks is an open-source, free software tool intended to enable secure and anonymous whistleblowing initiatives. OnionShare is an open source tool developed by a Tor core contributor that lets you securely and anonymously share a file of any size. All of these tools rely on the Tor network.
More than 75 news outlets, including Al Jazeera, the Associated Press, CBC, The Guardian, The New York Times, and the Washington Post rely on SecureDrop and the Tor network to provide their sources and journalists with a safer way to communicate. More than 60 projects and initiatives utilize GlobaLeaks for activism, anti-corruption, investigative journalism, and corporate whistleblowing work.
Because of the Tor network, we can call attention to injustice with reduced risk.
Pluggable transports, an open source censorship circumvention technique
Many governments determined to block access to the Tor network order ISPs to block the publicly listed IP addresses of Tor relays. In response, we developed bridge relays (“bridges”), which are Tor nodes that are not listed publicly, and are thus more difficult for governments to find and block. As government censorship increases globally, repressive regimes become more sophisticated in their tactics. Some governments employ a censorship technique called Deep Packet Inspection (DPI) to classify Internet traffic flows by protocol. DPI enables a censor to recognize and filter a wide variety of tools, including Tor traffic, even when it connects through a bridge.
In response to these kinds of censorship techniques, the Tor Project developed a flexible circumvention framework known as pluggable transports. Pluggable transports mask Tor traffic to make it look like other kinds of internet traffic, essentially making Tor traffic invisible to adversaries and resistant against DPI censorship tactics.
The Tor Project is the origin of the pluggable transports concept. Popular circumvention and VPN tools like Lantern and Tunnelbear directly reuse Tor’s open source obfs4 pluggable transport system for their own censorship circumvention services. Developers can take advantage of OONI’s dataset on internet censorship, likely the largest publicly-available resource to-date, to inform the circumvention methods they develop.
Because of the Tor Project, we all have a robust ecosystem of options for circumvention in the face of sophisticated censorship.
Onion services, a method for further anonymizing internet use
Most privacy protection tools provide end-to-end encryption, which can protect users against surveillance techniques that are focused on the content of their conversations. But these tools don’t protect metadata--information like: who talks to who, when, and how much they say--which can be used to build behavioral maps (revealing a user’s contacts and the frequency with which they communicate, for example). As government censorship becomes more sophisticated, metadata surveillance has become a technique used to track individuals and their activities.
In fact, some human rights organizations report that many surveillance tools target metadata, and bad actors can use this metadata to support further actions of oppression, such as public defamation or doxing, arrest, and censorship.
Our solution for this problem is onion services. An onion service is a website or any other internet service that is available through the secure Tor network.
Take Debian’s onion service, for example: when you keep your Debian-based operating system up-to-date via automated updates through Debian’s onion service, you ensure that the Debian Project cannot target your computer specifically. If you update your Debian machine at home via your ordinary, public, relatively unchanging IP address, in theory, a bad actor Debian administrator could target you specifically by shipping you a backdoored package. But when you update your system via Debian’s onion service, you become an anonymous user accessing their anonymous services. A bad actor would have to attack all users that access the onion service, which would likely be discovered and mitigated more quickly than a targeted attack on a single individual.
Another example of the use of onion services is Haven, an app developed by the Guardian Project with Freedom of the Press Foundation and Edward Snowden. Haven can turn any Android device into a motion, sound, vibration, and light detector, watching for unexpected guests and unwanted intruders. All event logs and captured media can be remotely and privately accessed through an onion service.
Many other important projects and organizations--including Facebook, The New York Times, Riseup.net, ProPublica, Privacy International, and OnionShare--have adopted Tor’s onion services by also offering their websites as .onion addresses so people can access their sites safely and securely while protecting themselves from the negative consequences that exposure brings.
Because of the Tor Project, we have methods for protecting ourselves with end-to-end encryption and against metadata surveillance.
Dozens of other privacy, security, and anti-censorship web browsers, chat apps, and related tools
Tor is at the heart of many interconnected efforts to make the lives of people better around the world.
In addition to Tor Browser and Tor Browser for Android (alpha), there are a number of web browsers (and more on the way) that integrate Tor and provide associated privacy protections:
From peer-to-peer messaging apps to email plugins, there are a number of private communication apps that you can use to anonymize your communications. The following applications utilize the Tor network to route your messages and offer privacy and security:
Currently, there are a number of Linux-based operating systems that aim to provide anonymity and privacy to their users and utilize the Tor network in part to do so:
The security ecosystem even offers tools to allow you to remain secure when you’re using apps that don’t send your traffic over the Tor network. The following applications allow you to tunnel third-party app internet traffic over the Tor network, whether by working as a proxy--like Orbot, developed by our friends and partners at the Guardian Project--or as a "system-wide VPN."
Your gift to the Tor Project has a positive ripple effect on the many vital anonymity and privacy applications that rely on the Tor network and technologies. When you support Tor, you support all of these projects as well. Plus: Every donation from now until December 31, 2018, will be matched 1:1 by Mozilla. Your impact—doubled.
Would Haven or Orbot be unreliable if the Android phone is not a brand new phone just purchased?
Nope not really. Whether an Android phone is usable for Orbot or Haven depends on the internet connectivity of the device (4G/Wi-Fi, whether Tor is blocked in said country of use...). Of course, if the device is compromised then all bets are off. Bare minimum you should do is to wipe the purchased device (factory reset) and reflash the entire OS before configuring it for use.
Does one need to sign up with Google to use Haven on an Android phone?
Nope. You can directly download and install Haven on the desired Android device via Fdroid. Refer to the main Haven install page/guide at https://guardianproject.github.io/haven/#install for more info.
Thanks for the link.
My use case scenario for Haven is similar to Movilizatorio (described by Andy Greenberg).
Do I understand correctly that I could purchase a *new* low-end Android for $100, install Haven without needing to involve Google or a phone company, leave home for a few hours, and when I return, use my laptop to access on onion (hosted on the phone and accessible only by me) in order to review what Haven says happened in my home while I was out? Or does the phone need a phone number or internet access or what else? Could I buy the phone for cash? In a store not owned by Google or another company likely to surveil or ID customers?
I use android - not familiar with ios - using various phone models and have never signed up with google. I remove as many google apps, including system apps as I can. On some models I have rooted them giving me admin control. On models to problematic to root I just uninstall apps. I also use f-droid as repository rather than play store. Have never used google play store. Haven is on f-droid. Hope this reply helps.