Transparency, Openness, and our 2014 Financials

After completing the standard audit, our 2014 state and federal tax filings are available. We publish all of our related tax documents because we believe in transparency.

Tor's annual revenue in 2014 held steady at about $2.5 million. Tor's budget is modest considering the number of people involved and the impact we have. And it is dwarfed by the budgets that our adversaries are spending to make the world a more dangerous and less free place.

To achieve our goals, which include scaling our user base, we fund about 20 contractors and staff members (some part time, some full time) and rely on thousands of volunteers to do everything from systems administration to outreach. Our relay operators are also volunteers, and in 2014 we grew their number to almost 7,000 — helped along by the Electronic Frontier Foundation's wonderful Tor Challenge, which netted 1,635 relays. Our user base is up to several million people each day.

Transparency doesn't just mean that we show you our source code (though of course we do). The second layer to transparency is publishing specifications to explain what we thought we implemented in the source code. And the layer above that is publishing design documents and research papers to explain why we chose to build it that way, including analyzing the security implications and the tradeoffs of alternate designs. The reason for all these layers is to help people evaluate every level of our system: whether we chose the right design, whether we turned that design into a concrete plan that will keep people safe, and whether we correctly implemented this plan. Tor gets a huge amount of analysis and attention from professors and university research groups down to individual programmers around the world, and this consistent peer review is one of our core strengths over the past decade.

As we look toward the future, we are grateful for our institutional funding, but we want to expand and diversify our funding too. The recent donations campaign is a great example of our vision for future fundraising. We are excited about the future, and we invite you to join us: donate, volunteer, and run a Tor relay.

Anonymous

January 14, 2016

Permalink

If you really want to be transparent, then stop blocking every negative comment in your public blogs.

Yeah, we're still working on the right balance here.

The underlying issue is that we don't want to farm out comments to third-parties (whose business model is to spy on everything), and the captchas aren't really workable, so we end up assessing everything by hand and throwing out a huge amount of spam. And by 'we', we don't have anybody whose job includes doing this, so we get sporadic help from various developers / volunteers. But at the same time, I don't want to shut down the blog comments entirely, since they're one of the ways that people can reach us, over Tor, most safely.

We do indeed throw out, along with all the spam, the comments that call various Tor developers stinkypants. Those comments aren't productive to the conversation -- that is, they don't actually help in doing the "people can reach us, over Tor, mostly safely" part.

arma wrote:

> But at the same time, I don't want to shut down the blog comments entirely, since they're one of the ways that people can reach us, over Tor, most safely.

Exactly, this is terribly important. Very few blogs on the (open) Internet allow anonymous posting, which means that they exclude the views of anyone concerned about government/corporate surveillance dragnets, and how various entities abuse the acquired data exhaust to harm individuals, particularly those with a point of view which diverges widely from government and corporate definitions of the political views of "compliant" citizens/employees/customers.

(The mailing lists are non-anonymous by default, and this is too difficult and dangerous to circumvent, and the Tails pre-configured OFTC chat accounts have all been blocked by OFTC chat servers, so until Tor Messenger development is further along, other modes of electronic communication are too difficult for almost every at risk person to attempt to use.)

> We do indeed throw out, along with all the spam, the comments that call various Tor developers stinkypants. Those comments aren't productive to the conversation -- that is, they don't actually help in doing the "people can reach us, over Tor, mostly safely" part.

I don't know what kind of critical comments the OP wanted to express, so the following comment on negative commentary does not necessarily apply to him/her:

One of the points about the "mainstream" mass media which progressives have made repeatedly is that the mainstream media pretends to "balance" debates by presenting very extreme views, rather than seeking to use limited air time to discover what large fractions of actual people believe. The same applies in blogs like this one: one can permit critical comments, but it is entirely appropriate to exclude posts which do not present coherent, reasoned arguments backed by links to evidence.

There are plenty of other places where people who want to say/read ill-informed criticism of Tor can go to vent their incoherent anger. And because this kind of post is "compliant" with USG-approved views of Tor (with some exceptions in entities such as certain units associated with the State Department), people who want to post criticisms of Tor--- presumably not while using Tor Browser!--- are unlikely to face reprisals. That is not likely to be true for people who post supportive views, as time marches on as the USG becomes ever more authoritarian, perhaps even fascist.

"One of the points about the 'mainstream' mass media which progressives have made repeatedly is that the mainstream media pretends to 'balance' debates by presenting very extreme views, rather than seeking to use limited air time to discover what large fractions of actual people believe."

It's more like they present two views within a fairly narrow range of acceptable opinion as "the two sides". Extreme views are used to polarize the masses against themselves, or to make acceptable opinion appear moderate by comparison.

Completely dishonest. IOW, the other poster was right. You're deleting everything that is critical or that doesn't kiss up.

No one is fooled by your cutsy PC terms. When you call users stupid nerd terms like "stinkypants" you are demonstrating the true problem, which is (unwarranted) arrogance that pervades all of Tor, especially it's volunteers, and, alienates tons of people. People can barely even log into the OFTC channels anymore, because of all of this laughable smarm.

If you are serious about becoming hip, mainstream and popular, then you're going to do more than offer teeshirts with mostly your own people wearing them. You're going to have to get rid of those snotty little attitude problems. That highhanded mediocrity that runs throughout the ranks is a joke.

Most of your people can't answer even the most basic questions of how to use TBB, or other software - or even refer the right URL. So, they pick fights with the users, on a hair trigger basis, by getting testy with everyone and challenging the users' intelligence. Otherwise, their own ridiculously inflated egos might go down to their true merited levels - which, is that of your average customer service rep reading off of scripts. That kind of look-out-for-each-other culture is one that has killed many organizations, and, the very fact that you're peddling teeshirts and soliciting private donations should be the writing on the wall for you.

Now. Was this a "stinkypants" comment, in your eyes? Another, that you're going to hide from public view..?

The *truth* is that The Tor Project doesn't have *any* problem with stinky pants users. What it has, is a *huge* problems with snotty punks who are addicted to government grant money. And, they bring a "let 'em eat cake" attitude to their jobs.

Enjoy making people hop for your entertainment, while it lasts. After you guys and your new director are done running Tor into the ground you will finally lose your public funding. (Probably, when some private company buys you and cleans house - that's where they get rid of all of the slooow, sendentary niche dwellers and other sociopaths). Then, you can have fun settling for $9.50/hour coding jobs. Or, you can be smart and make changes.

> Completely dishonest. IOW, the other poster was right. You're deleting everything that is critical or that doesn't kiss up.

I assume you are addressing arma (Roger), but I'd just like to say that I frequently post comments which urge TP to stop doing A and start doing B, and these have almost always been accepted, perhaps because I

o am polite (I hope)

o am (clearly?) not hostile to the very existence of Tor

o express well-reasoned arguments (I hope) and links to back them up.

> When you call users stupid nerd terms like "stinkypants" you are demonstrating the true problem,

Now I am confused: arma didn't call anyone "stinkypants", he said that some deleted comments have called names.

> which is (unwarranted) arrogance that pervades all of Tor, especially it's volunteers, and, alienates tons of people.

As a long-time Tor user, I have no idea what you are talking about.

> People can barely even log into the OFTC channels anymore, because of all of this laughable smarm.

Clearly TP cannot be held responsible for the fact that OFTC admins have largely chosen to blog connections from Tor exit nodes.

> You're going to have to get rid of those snotty little attitude problems. That highhanded mediocrity that runs throughout the ranks is a joke.

Oh wait... are you referring to some bad experience with a Tor volunteer (or someone else) answering a technical question over at Stackoverflow?

> Most of your people can't answer even the most basic questions of how to use TBB, or other software - or even refer the right URL. So, they pick fights with the users, on a hair trigger basis, by getting testy with everyone and challenging the users' intelligence.

My word, who have you been talking to? Random people at Stackoverflow? Tor volunteers? TP employees?

I get the strong impression that you had some terrible times interacting with some people on line, but it's not clear to me why you appear to blame TP, or whether you even use Tor yourself.

To prevent possible misunderstanding, I am not a TP employee or even a volunteer as Roger and Shari probably use that word, I am an ordinary Tor user.

> So, they pick fights with the users, on a hair trigger basis, by getting testy with everyone and challenging the users' intelligence. Otherwise, their own ridiculously inflated egos might go down to their true merited levels - which, is that of your average customer service rep reading off of scripts.
> ...
> After you guys and your new director are done running Tor into the ground you will finally lose your public funding. (Probably, when some private company buys you and cleans house - that's where they get rid of all of the slooow, sendentary niche dwellers and other sociopaths). Then, you can have fun settling for $9.50/hour coding jobs.

I don't know who you were talking to, or even what you were talking about, but it might not matter. Is it possible that the problem is not that these people were "getting testy" with you, but that *you* were getting testy with them?

You appear to try to raise the spectre of a "hostile takeover", Tor is a nonprofit, not a corporation, so despite what the US Chamber of Commerce might desire, I don't think it is susceptible to this alleged existential threat.

(A Tor user)

> (unwarranted) arrogance ...snotty little attitude problems.... highhanded mediocrity that runs throughout the ranks...
> ...
> faceless rejects at the bottom levels ... ridiculously inflated egos ... their true merited levels ... is that of your average customer service rep reading off of scripts... stinky pants... slooow, sendentary niche dwellers and other sociopaths ... can have fun settling for $9.50/hour coding jobs.

You know, I was chatting with a resident of Moscow who sometimes encounters an unhappy passel of underpaid drones leaving 55 Savushkina Street. Apparently they adopt the same tone when complaining about their working conditions.

Maybe this poster has found an ingenious method of criticizing his own employer while appearing to be performing his job?

I think you're doing a good job with comments, but I personally wouldn't mind less moderation, to get a better sense of what people think, even if they have a particularly rude way of expressing themselves.

There's a difference between being blunt/rude when criticizing ideas, and trashing on the appearance of people that were featured in the donation drive. Things that get moderated tend to fall into the latter.

@ yawning:

Many thanks to you and the other TP staff who help moderate the blog!

I urge you all to keep up the good work here, and my sympathies, since I can easily imagine how degrading many submitted comments must be.

One of the things I like about this blog is that the tone is generally higher than at most blogs. Sad comment on human nature, I suppose--- or the nature of Our Time--- that there seem to be so many chronically enraged people on the Internet...

> I think you're doing a good job with comments,

Agree, especially since TP is short-handed, and doesn't even have anyone whose job description involves moderating this blog (as I understand it).

> but I personally wouldn't mind less moderation, to get a better sense of what people think, even if they have a particularly rude way of expressing themselves.

Disagree. We don't want to make it even easier for the trolls to mess with us. Gosh knows there are plenty of places you can go if you want to read posts ranting against Tor. Or for that matter, editorials from USG officials ranting against Tor.

@ arma:

I urge you not to even consider the absurd premise of the US mainstream media that a "balanced" discussion means you need to give equal time to those who present well-reasoned points of view backed up with links to verifiable evidence and those who want to make rude comments which lower the tone for the entire blog.

So for what it's worth, as one of the people that does delete comments (only obvious spam, I leave judging if non-spam comments should be published or not to other people).

The blog comments are about 95% spam by bots. The things that get deleted from what I can tell are random personal attacks/insults, and not criticism of the project itself. That said, I would probably opt to keep more of the tiny fraction of comments that do get thrown out, but it's a blurry line, and it's not something I personally want to get involved in.

Setup a filter that filters out messages with the word "stinkypants."

Setup a message system that allows people to flag messages.

Setup a message system that only allows Tor users to access this message system to view it without registration or logging in. Only using Tor. That way you have to use Tor, which means you support Tor use!

Many ideas here. It is mostly common sense.

> Setup a message system that only allows Tor users to access this message system to view it without registration or logging in. Only using Tor. That way you have to use Tor, which means you support Tor use!

The problem there is that USIC operatives (and other bad guys) sometimes *use* Tor but certainly do not *support* Tor Project.

Moderation is a tough slog, but it has to be done in order to keep this blog useful. Currently it is the only usable way for the user base to express how they hope the Project will evolve and what dangers to its continued existence are most urgent (on any given day, since this can change rapidly).

creative regular expressions to match s.t_33ng kee p4nzzz, then replace that word with asterisks, but have replacement function also replace the 3 preceding and 3 following words (or 20 characters, which ever is smaller) with asterisks.
Partial "censorship" that allows more comments while discouraging z.teee.nqui33 talk.

So let me get this straight: authors of the world's greatest tool for bypassing censorship, suppress comments when they call them "stinkypants"?
Seriously, aren't you supposed to be an example?
You of all people?

The "don't like it, don't use it".
Where would you draw the line?
Is a country preventing its population from accessing questionable internet services over the country's infrastructure justified?
Is an ISP exercising the same right justified?
Would censorship by Facebook or Twitter on users/views of their choosing present no problem for you?
Your view on "ordinary sites" is rather clear (although personally I did see torproject.org as more than just "an ordinary site")

The main purpose of Tor, as I see it, runs contrary to the "don't like it, don't use it" argument.
(it's designed to curtail legitimate(?) tracking done by private websites)
Instead what it seems to propose is a sort of "don't like it, trick it" mindset.

That is the source of dissonance for me.

"On January 14th, 2016 Anonymous said:

If you really want to be transparent, then stop blocking every negative comment in your public blogs. "

Agreed, and the whole reason we've been seeing all of these feel good changes is that Tor was exposed as a government run and funded program - the very machine that they had been saying was trying to hack and crack them on a monthly basis. It is simply an extension of the Patriot Act - or, it became one.

Turning the whole issue into one of there not being enough women hired at Tor, and what kind of public face these sapiosexual virgins present, is just a diversion - done in a style pretty reminiscent of Google and it's own public deceptions.

This is a point that the legitimate privacy community needs to keep driving home. So, don't trust this filthy little Mosad program to so much as air one comment to the contrary. The faceless rejects at the bottom levels will intercept every communication to the higher ups, anyway. Each of Tor's good faith gestures are insults to every thinking person. True privacy advocates need to use alternatives for getting the message out that Tor is not to be trusted.

Oh, and the next time one of these ugly freaks refers to one of you as "stinkypants", take a good hard look at a picture of their new Director...

> the whole reason we've been seeing all of these feel good changes is that Tor was exposed as a government run and funded program -

Speaking as a long-time TB/Tails user--- who is not a TP employee or volunteer staffer--- that is completely counter-factual.

I have been one of those who in the past tried to "out" the letter donors, and who posted comments urging TP to try to dramatically change its funding to greatly reduce the reliance on USG grants. But the fact that Tor was (and still is, unfortunately) mostly funded by USG grants has never been a secret, just not something TP could talk about freely. That is because--- at least until fairly recently (arma can correct me if I am wrong)--- some of the USG support comes/came from semi-clandestine USG-tied vestiges of the Cold War, and is/was contingent upon TP not openly disclosing the source of the funding. I hate that, but at least I recognize that TP cannot be blamed for it, and now TP is trying hard to change its funding structure, and I think it will succeed, because it must.

> the very machine that they had been saying was trying to hack and crack them on a monthly basis.

Two points:

First, assuming you are referring to NSA/TAO and their FVEY counterparts in UK, Canada, Australia, and New Zealand, these agencies have been exposed by reporting at The Guardian and The Intercept (based mostly but not entirely on Snowden's leaks) as having for decades extensively intruded into private, corporate, and government networks in dozens of countries (including their own). Some of the leaked documents show quite explicitly that as recently as a few months before the leaks, NSA was trying to break into the Tor network in very specific ways. Jacob Appelbaum even published some of the source code of "intrusion tools" used by NSA/GCHQ to attack Tor. So the fact that FVEY intelligence agencies attack Tor is not fantasy, but documented fact.

If you were referring to FBI or SCO, your comment seems even stranger, since these organizations have "leaked" countless stories to friendly reporters bragging of their exploits in intruding into Hidden Services.

Second, NSA/FBI are far too influential components of the USG, and far too much beyond even the President's control, but USG is a big big entity, and by no means entirely evil. There are problems with just about every department in the US federal government, but many of these harbor people who are conscientious and trying hard to prevent USG from being "all evil all the time".

> [Tor Project?] is simply an extension of the Patriot Act - or, it became one.

Nothing could be further from the truth, and I think almost all regular Tor users appreciate this. (If not, one would have to wonder why they are using Tor.)

> what kind of public face these sapiosexual virgins present

I have no idea what you mean by "sapiosexual virgins", but in case you did not catch your tone, this mystery term does sound as if it might be intended as somehow derogatory.

> So, don't trust this filthy little Mosad program to so much as air one comment to the contrary.

I'm confused: are you talking about Tor Project?

I like to think I follow Israeli politics sufficiently closely to be able to say with some confidence that TP does not appear at all likely to be some kind of Mossad project. Until now I've never even heard that suggested, so points for originality.

> The faceless rejects at the bottom levels will intercept every communication to the higher ups, anyway.

Well, I happen to know that is simply not true.

> Each of Tor's good faith gestures are insults to every thinking person.

Please don't take this the wrong way, but if I were asked to characterize your post in one word, I'd say "angry", not "thinking". The strangest thing is, you haven';t explained *why* you are so angry, or even whether you are a Tor user, and if not, what relation you have to TP, and if not, why you are here.

> True privacy advocates need to use alternatives

I don't think anyone is going to accept your apparent attempt to define "true privacy advocate" as someone who doesn't use Tor.

> for getting the message out that Tor is not to be trusted.

I haven't seen you present any reasoned arguments, much less arguments supported by any actual evidence, for why you think "Tor cannot be trusted". I *have* seen you (in the quoted post) engage in gratuitous and childish ad hominem insults of TP employees.

If this is an example of the kind of post you want to see appear in this blog more often, I must disagree.

Big thanks to the posters for their input.

I see the same kind of sophomoric smarm employed by moderators all of the time on atheist forums. Those debates, likewise, constantly demonstrate the true ugliness of human beings who acquire too much power. Especially when they do not possess even one quarter of the education - or the sophistication that they place so much stock in, amidst their endless posturing. It not only gets in the way, but their egos influence policy in ways that they should not.

If Tor were more open - or "transparent" - then these comment sections could be convenient places for collecting and trading feedback. Like the poster might have said, in the OFTC areas, the mods and volunteers are all trolls who never impart even the tiny nuggets of useful information in their exceedingly limited repertoire, without first being paid toll in the form of some truly demeaning groveling from everyone. They are only there to look for fights with those who refuse to suck up and kiss their asses. They are endlessly sarcastic and insufferable to everyone who tries to keep some self respect, before calling in their admin buddies to back them. They are cowards.

What then appears to follow is that a war takes place. A barrage of retaliatory flooding attacks hit the channels, followed by bans of Tor IP addresses. The ban gets lifted after about a week. The cycle repeats. For the last few months, it has been very difficult to connect, using Tor. But this has happened frequently over the last couple of years. What I don't get is why Tor doesn't just run its own IRC servers, instead of being in the silly position of blocking itself.

Oh, wait. I do get that: It's because, Why bother when all of the fighting is being caused by Tor's own out-of-control staff, power-tripping and pissing off everyone that they can.

...Yeah, that would be a little counterproductive.

> Tor's own out-of-control staff, power-tripping and pissing off everyone that they can.

It seems you are complaining about bad experiences in OFTC chat rooms, but you don't seem to know (or care) that OFTC is not part of TP, or that the OFTC moderators you so dislike have nothing to do with the TP staffers who take some of their invaluable time to moderate this blog!

> What I don't get is why Tor doesn't just run its own IRC servers, instead of being in the silly position of blocking itself.

The answer should be obvious: lack of funding and insufficient staffing. If you want Tor to fund/maintain/room-moderate its own chat servers, you should contribute generously to the funding drive and mention your desire for a practical solution to the lack of anonymity-friendly chat servers.

Some potential alternatives to OFTC chat rooms have been mentioned in thie blog, and I view the advent of Tor Messenger as a very important, long overdue, and promising innovation.

I am a Tor user, not a staffer or volunteer, who has donated to TP and hopes to continue doing so.

Anonymous

January 14, 2016

Permalink

Thank you again for your commitment to transparency and openness. From the auditor's report, it looks like the organization will benefit tremendously from Shari's financial management skills.

Yes, that's certainly one of the many reasons I am excited to have Shari on-board!

That said, I think we haven't been doing *too* badly in terms of financial management lately. :) Certainly for the second half of 2015, the focus was on keeping everything up and working ("keeping the lights on"), while we also searched for a new execdir. (Speaking of which, I'm sorry that these financials came out so late. But better late than never.)

Roger, as someone who follows the organization pretty closely, I'm also glad that you were at the helm during that period. Your personal commitment to transparency & openness - inclusive of the organization's finances - is one of the things that makes the organization great.

Plus one. I'm glad you are staying on--- continuity at a time when TP is dealing with exponentially increased threats (including political threats) and unavoidable growth is really essential.

At times I've expressed frustration with various presumed TP policies, but despite what the angry poster above appears to believe, my comments were not only accepted by the moderators (with a few exceptions which I don't understand), but the most important changes I've urged for years have been adopted by the new Executive Director. Which is very gratifying of course, but now that I know (from the Guardian interview) that my views are consistent with those of TP employees, I'm even happier!

Also, I think Shari Steele is just about the perfect choice for the new ED, so very happy about the outcome of your ED search too.

Threats abound, but I also see many very encouraging signs.

Anonymous

January 14, 2016

Permalink

I already feel in debt just by using Tor(contributing). I'd wish I'd just contact my ISP one day and ask what they'd think about me running a Tor relay, I'll probably ask first about a middle relay. Maybe you already have templates on how to contact ISPs, also its in Sweden so if it was in Swedish that would be great. Despite my searches I don't seem to find any reference at all about this, which is sad :(

> I'd wish I'd just contact my ISP one day and ask what they'd think about me running a Tor relay, I'll probably ask first about a middle relay.

For bridges and non-exit nodes, I expect most people just run them without asking. Certainly I never asked, and nobody's ever bothered me about my middle relay.

Anonymous

January 14, 2016

Permalink

> I'm sorry that these financials came out so late

TP should try to ensure that future financials are not late, and come with some more explanation, since few prospective "private citizen small donors" are experts in US tax law or 501(c) accounting.

I think TP still needs to be more forthright about the nature of the USG entities which provided most of your funding in the 2014 fiscal year. I hope more transparency will *encourage* more small donations by highlighting why the Project badly needs funding diversification.

Can you briefly explain the acronyms in the section naming funding received from grants? Please correct the following guesses as necessary (amount in thousands of USD):

RFA 733 (Radio Free Asia, a USG agency?)
SRI 638 (Stanford Research Institute, a USIC contractor)
DRL 635 (US State Department?)
SRI 159 (Stanford Research Institute)
NSF 100 (National Science Foundation, a USG agency)

Can you provide a pie chart showing how these revenues compared to private donations in 2014 fiscal year?

Regarding the 0.89 million USD in contracts: is that more than one contract? The one I know about (yes?) is to develop security toolkits for journalists.

Yes, your acronyms look right:
https://www.torproject.org/about/sponsors

The numbers are a bit tricky for me, since I know it in terms of how much the funding is for, and these documents show it as how much actual money came in during the fiscal year, which is a function of when we did billing, when our invoices got paid, etc etc. Some of our funding is "fixed-cost", meaning when we do the deliverable we get paid the agreed amount for it; others of our funding is "cost-reimbursement", meaning the only way to get paid for it is to show that we already spent the money. So all of that complexity causes the cash flow to get complicated. Aren't you glad you know these details now. :)

For the 0.89 million in contracts, I think you're reading that wrong. Or rather, that is not a separate pile of money from the numbers that you quoted above. Some of our funders are phrased as contracts, and some of them are phrased as grants. So your numbers above total $2265k, and add to that $288k in donations-or-equivalent, and there we are at $2.5M. There, now you can make our pie chart for us too.

Speaking of the pie chart, I answered a similar question for the folks writing up the donor faq:
https://www.torproject.org/donate/donor-faq
(see question 11, "Where does the Tor Project's money come from?")

I think the 'security toolkits for journalists' project is long over. That looks like Sponsor I:
https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorI
which I think was the Knight Foundation grant, if I remember correctly.
http://knightfoundation.org/grants/20121802/

The reason why SRI shows up twice in the list is because SponsorF ended in 2014, and SponsorR started in 2014:
https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorF
https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorR

And the OTF (RFA) funding is a combination of their earlier funding of Tor Browser:
https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorP
and their newer funding of both Tor Browser and core Tor:
https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorU

And lastly, for those who are wondering about the mysterious $427k in income that sometimes shows up in the numbers and sometimes doesn't, it is "donated services". That is, the accountants asked us to put a value on the time and energy and so on that volunteers gave to Tor in 2014. It looks from page 67 that we tried to quantify "donated" software development, donated website hosting, and donated translations in this number. There were plenty of other activities (like advocacy, relay operation, etc etc) that we might have included but didn't. I don't know the details on why we chose the set of services that we chose, but I assume it's aiming to strike a balance between counting everything and only counting the ones that we can for-sure justify to the IRS if they ask.

Hope this helps!

@arma just wanted to say thanks for this very insightful comment. I had been unclear on some of the same issues when reading through the document, and found this quite helpful. Thank you for taking the time.

@ Roger:

> Some of our funding is "fixed-cost", meaning when we do the deliverable we get paid the agreed amount for it; others of our funding is "cost-reimbursement", meaning the only way to get paid for it is to show that we already spent the money. So all of that complexity causes the cash flow to get complicated. Aren't you glad you know these details now. :)

Actually yes, this explanation is very helpful, and in future, instead of simply posting the document, I urge you to post an explanation including such comments (updated as needed).

> now you can make our pie chart for us too.

Actually, I was suggesting that TP make a modest attempt to make the situations quickly comprehensible. Pie charts are notorious (among statisticians) but they have their uses.

Point taken about the raw figures in the document being potentially misleading, but in the proposed explanatory blog you could suggest alternative ways of breaking it down which might be more relevant to the questions the user base is most interested in. One of which, I think, is: how much of Tor's funding comes from USG sources? USIC-tied sources such as SRI? I hope the discussion here will uncover other potential sources of confusion for ordinary Tor users who take the time to read the latest tax filing documents.

Better understanding of how the funding has been done in the past will also, presumably, help us users to help TP decide how to try to do it in future.

One suggestion I have seen several times was also mentioned by Shari in her interview with The Guardian: corporate funding. I think that's worth exploring, with caution, but suggest asking TP staff (employees and volunteers) and also tracking blog comments (other than trolls, obviously) for concerns about possible dangers of corporate funding coming with hidden strings or undue influence.

Another suggestion: TP could explore seeking funding from wealthy billionaire-founded-NGOs such as the Gates Foundation. Here I think caution is even more necessary--- see the report:

Philanthropic Power and Development: Who shapes the agenda?
Jens Martens and Karolin Seitz
Global Policy Forum
www.misereor.de

In all cases. the guiding principle is that funding from "tainted" sources (governments, corporates, billionaires) must not be allowed to dominate total revenue the way USG funding has so far dominated TP funding.

In the end, I think there is no way around the conclusion that ASAP TP *must* get more than 50% of its funding from ordinary users.

I contribute to several NGOs whose humanitarian mission I strongly support intellectually and emotionally, and in their fundraising letters they constantly urge people to make smaller regular contributions rather than occasional larger contributions. The problem here is of course that--- particularly in the US--- few ordinary people have any savings or reliable sources of income any more, which makes it impossible (or at least irresponsible) to commit to making regular monthly contributions.

The only real solution here, I fear, is the kind of bloodless revolution in which US voters elect a socialist who is truly committed to combating income inequality and reversing the decimation of savings. As you know, this appears not entirely impossible in various countries including the US, but in all cases, the established power structure is clearly determined to deploy against ordinary citizens intelligence/suasion techniques which I think it is fair to characterize as atrocious.

To mention just one example:

http://www.theguardian.com/uk-news/2016/jan/18/police-spy-carlo-neri-wo…
Woman who was engaged to police spy sues Met over 'psychological torture'
Carlo Neri
18 Jan 2016

> The woman, known only as Andrea, had a two-year relationship with the officer, during which time the spy told her that he wanted a baby with her but did not tell her that he already had a wife and child and was an undercover cop [using a false name, and married to another woman]. The policeman, who operated under the fake name of Carlo Neri between 2001 and 2005, has been unmasked after investigations by campaigners, the Guardian and the BBC’s Newsnight programme.
> ...
> [Andrea] has only recently discovered that Neri was an undercover officer. Anti-racist campaigners and members of the Socialist party say Neri took part in their political activities in the early part of the last decade.
> ...
> Neri was deployed to infiltrate anti-racism groups and the Socialist party [in the UK].
> ...
> [The civil lawsuit] is the latest legal action against the Met police over the conduct of undercover spies who infiltrated hundreds of political groups from 1968 onwards. A number of them entered into relationships with the women they spied on. In November the force unreservedly apologised and paid compensation to seven women who had been deceived into forming “abusive and manipulative” long-term relationships with undercover officers. On another occasion, the Met paid more than £400,000 to a woman who had discovered by chance that the father of her son was an undercover officer.

The abuses described in the story just cited (and dozens of previous exposes published by The Guardian, which has done a superb job in exposing UK police on political surveillance) also raise the question of whether TP should do more to suggest better OpSec for activists and other political/religious dissidents who use Tor. I feel that--- especially in "Western democracies" [sic]--- a large fraction of the "targets" of large scale intelligence operations such as those described in The Guardian series do not fully appreciate what kinds of groups are targeted for nasty intelligence/suasion operations. In the UK, these groups have included groups opposed to airport runway expansions and windfarms. In both the UK and US, other targeted groups have included political parties, human rights groups (including Amnesty International and Human Rights Watch), ecological groups (including Greenpeace), animal rights groups, social justice groups (including Black Lives Matter and many much smaller and less well known groups), among others. In the US, another targeted NGO is a TP partner, the popular collective Riseup Networks, which has been targeted by Hacking Team (and probably other malware-as-a-service companies) on behalf of its ugly clientele.

Clearly "popular election" [sic] outcomes in FVEY/EU are beyond the brief of TP, but this does raise the question of whether TP should consider:

o occasionally asking supporters in various nations to ask their political representatives to support or oppose specific bills,

o endorsing specific candidates.

I think this is worth considering but again urge TP to seek the opinions of your staff and to be very cautious. My own sense is that the first is probably worth trying, in some very clear cases where TP faces a potential existential threat, for example proposed bill in the US federal and state legislatures which would mandate backdoors in software products and hardware devices (including phones, tablets, and laptops), but that the second might be going a bit too far right now, since

o none of the US Presidential candidates who stand any chance of victory seem terribly concerned with Crypto War II

o as seen above, humanitarians drawn to Tor as an essential tool to support human rights/civil rights activism/research are likely to find the social views of Tea Party candidates very attractive

o in general, US/EU/Latin-American elections tend to become rather embittered and divisive.

You wrote:

> the accountants asked us to put a value on the time and energy and so on that volunteers gave to Tor in 2014. It looks from page 67 that we tried to quantify "donated" software development, donated website hosting, and donated translations in this number.

That is what I guessed, but it is good to have confirmation. This is the kind of explanation which should be included in the proposed explanatory blog.

I have one other suggestion: I hope that it might help the fund drive to post a pie chart showing the breakdown from the 2014 sources compared to the most recent tally from the fund drive. My impression is that we (the user community) have quite some way to go before the user contributions are of the same order of magnitude as the USG funding.

Last, thanks for replying--- I confess I wasn't sure that you would, so I really appreciate the fact that you did, and I hope this helps persuade others to contribute and to keep contributing in future to TP!

> humanitarians drawn to Tor as an essential tool to support human rights/civil rights activism/research are likely to find the social views of Tea Party candidates very attractive

For "likely" please read "unlikely"!

Anonymous

January 14, 2016

Permalink

In the near term, the USG funding for Tor Project, and the Project's shallow pockets, should help to prevent Tor from being targeted from something like this:

http://thehill.com/policy/cybersecurity/265867-lawsuit-accuses-twitter-…
Lawsuit accuses Twitter of providing material support to ISIS
Katie Bo Williams
14 Jan 2016

Not that anyone should use that as an excuse to continue the status quo. I hope other Tor users will join me in donating to the Project!

That may carry risks, which unfortunately can probably only increase over time. As another poster recently mentioned in this blog, privacy advocates need to worry about "future-proofing" communications and other actions, since things US persons do today, which are not currently illegal under US law, might easily be held against us in coming years. In particular, NCTC is likely to decrease the citizenship scores of citizens who donate to Tor, despite the absurdity of discouraging individuals from doing exactly the same thing the US State Department has been doing, on a much larger scale.

Anonymous

January 15, 2016

Permalink

I'm not a great fan of expansion. I've seen lots of NGOs expanding and sometimes resisting the temptation and sticking to the basics is better.

Agree that growth can be risky, but I think growth is unavoidable because:

o TP needs to step in to fill gaps in consumer tools, such as a truly anonymized chat client that is as easy to use as TB; I am talking about TM, which I think is very promising)--- this is one of many longstanding gaps that independent developers just have not been able to fill despite years of effort, so TM is really needed,

o TP is facing an ever growing variety of threats to the core software, and needs to continually improve the "hardening" of iceweasel code in TB, which means hiring more developers, commissioning high-quality audits, etc,

o TP needs to ensure that mass media coverage of Tor is factually accurate and balanced--- there's been a lot of progress here just in the past month, but more needs to be done

o TP needs to continue to build closer ties with other essential elements of the privacy infrastructure such as Citizen Labs--- it really helps here that Shari has close ties to EFF,

o TP needs to try to ensure that USG/EU call TP when they call other privacy advocacy groups for comments on upcoming legislation affecting internet privacy/anonymity; in other words, TP needs to be seen as a legitimate and core element of the Internet environment.

Shari has a lot of executive experience, and I think that she is well qualified to mitigate some of the dangers associated with rapid growth.

Anonymous

January 15, 2016

Permalink

The Guardian just published an interview with Shari in which she made some interesting comments on Tor funding:

http://www.theguardian.com/technology/2016/jan/11/shari-steele-tor-encr…
Shari Steele on online anonymity: Tor staff are 'freedom fighters'
Bethany Horne
11 Jan 2016

> [A] survey [of Tor Project employees and volunteers] also found that Tor’s funding model was a big point of concern for staff, with many concerned that a single funding source from the US government makes Tor’s future vulnerable and damages its credibility. “A third [of those surveyed are] saying the Tor Project should probably aim to entirely stop taking US government money. People internal to Tor are likelier than external people to say they don’t like the US government funding model.”

I am really glad to hear that the views of this long-time Tor user are reflective of the staff!

> Steele agrees that Tor’s funding model so far has been unusual. For a tool that advertises itself as capable of government circumvention, the appearance of funding itself mostly with US government grants is bad. Tor advertises on its homepage that Edward Snowden used Tor to protect himself from the most technically proficient adversary on the planet – the US National Security Agency. Steele says there are many other funding models to explore for Tor.
> ...
> Despite being a registered non-profit organization, Tor hasn’t been getting as much money from individuals, foundations, from corporate donors, from running events, or other schemes. “There is a whole world of funding opportunities that they haven’t even explored. And I agree – it actually makes Tor very vulnerable.”

Especially if a cryptofascist is elected President of the USA. (The only candidate who is clearly not in that category is Bernie Sanders. But not even Sanders has come out strongly against the NSA dragnet, and I don't think he's said anything at all about the encryption backdoor demands from FBI. I hope EFF, ACLU, TP will try to ask his campaign for clarification.)

> “They have built the organization around a university research model where they fund specific projects and have to have separate budgets for each of the projects they’re working on … It’s not by any remote stretch of the imagination the way a traditional non-profit is funded,” she said.

This is an important point.

> Steele spoke modestly and only briefly during Tor’s keynote speech to the 3,500 people at the event, acknowledging that her priority would be to diversify its funding sources. “Government funding has been really difficult for us, specifically because it’s all restricted and so it limits the kinds of things we want to do. When you get the developers in a room blue-skying about the things that they want to do, it’s incredible – these are really brilliant people who want to do great things. But they’re really limited when the funding says they have to do particular things.”

No strings funding, from reputable sources, that's what is needed! Also a bigger budget. We all need to make it happen.

From previous comments it is clear that Roger and Shari understand this, but to prevent possible misunderstanding: the goal is not necessarily to eliminate *all* government tied funding, but to ensure that such funding is a small portion of total funding, and that TP can reject objectionable "puppet grants" (the kind which come with strings). I do think it should be a goal to try to eventually eliminate funding tied to USIC (e.g. SRI is a public-private partnership with longstanding ties to CIA) and to USG-foreign-policy-pushing entities (State Department, Radio Free Asia), in favor of funding from human rights groups which criticize the USG when warranted, not just the Chinese and Russian governments.

> Steele introduced a funding drive that has raised $170,000 so far, including the obligatory slogan T-shirt: “This is what a Tor supporter looks like,” it says.

I have been impressed by how badly people want that T-shirt! Another idea would be a Tor sticker resembling the one picture on Edward Snowden's famous laptops. Or maybe stickers reproducing some of the "This is what" portraits, so enthusiasts can collect them like sports cards. Bonus points for anyone who manages to surreptitiously attach a Snowden sticker to James Comey's personal computer.

Shari made several other interesting comments in this interview, but I won't try to address them in this thread.

Anonymous

January 15, 2016

Permalink

What I wish is to see more development news here on the blog. I know you like to parade your supporters, etc. but I am more interested in the latest upgrades to the Tor Browser Bundle, especially when the hardened version will be ready for Win32.

Alas, I recommend following the tor-dev list, the #tor-dev irc channel, etc for those. The developers in that area are all full up on actually developing, so they haven't been making time for explaining and summarizing. To me this is a reasonable tradeoff for the short-term and medium-term, but it would be nice to be able to Do All The Things in the long-term.

We used to have weekly summaries in Tor Weekly News, but we lost the person who was leading that, and haven't found a suitable replacement yet.

Many people concerned about making it too easy for "security police" to deanonymize them will not wish to sign up for email lists. However, it is possible to read (not post to) the mailing lists by using Tor Browser to read the web archives--- follow the link at the bottom of the Tor Project home page.

> We used to have weekly summaries in Tor Weekly News, but we lost the person who was leading that, and haven't found a suitable replacement yet.

I wanted to get involved in TWN, but there was no suitably anonymous/secure avenue which I could figure out how to use in a reasonable amount of time.

(I recognize that this was probably due to the fact that creating suitably anonymous ways to volunteer for TP has so far not been possible in a reasonable amount of time.)

The video is a person from the Internet pointing out that Tor doesn't provide 100% foolproof anonymity, especially against large adversaries like intelligence agencies. He cites browser vulnerabilities and traffic correlation attacks as concrete examples.

On the one hand, he is totally right: the number of ways that things can go wrong against a big adversary is very high. Using a web browser is crazy-talk against a determined and well-funded adversary. And indeed, an adversary who watches a lot of the Internet is in a good position to start doing traffic analysis. So "if your adversary is the NSA, maybe you should consider not using the Internet" would be very valid advice.

On the other hand, this person seems to think that these problems are specific to Tor. I wonder what he suggests one should do instead of using a web browser and instead of using a network of decentralized proxies? In particular, (centralized) VPNs and other proxies are much more vulnerable to exactly these traffic correlation attacks.

So to flip it around, Tor is the best we've got in a crummy situation. It's not useless -- it's better than the other options. If you instead wanted to ask "Why do people still use the Internet? It's useless anyway." then I would still want to argue with you, but I would also endorse your point. :)

All of this said, it's true that Firefox (and thus Tor Browser) could do with some more hardening. See these two links for some progress:
https://blog.torproject.org/blog/isec-partners-conducts-tor-browser-har…
https://blog.torproject.org/category/tags/tbb-hardened
And systems like Qubes, Whonix, and Tails all have some steps that improve the situation (but more steps remain!).