Transparency, Openness, and Our 2016 and 2017 Financials

In terms of percentages, while 2015 saw 85% of our funding coming from US government sources, 2016 saw the fraction drop to 76%, and in 2017 we're down to 51%.

Wait until Yasha "I-can-haz-FOIA" Levine discovers this paragraph to produce another one of his repugnant "news" articles. Thankfully at this rate Yasha will be out of business in 2024.

@ arma (Roger):

First, this information is long overdue, and I am not quite convinced that you have resolved the question of why exactly it took so long. But I'm glad it has finally been made public and I may have more comments once I've had a chance to study the documents.

I am one of the long time Tor users (from even before Vidalia) who has long urged Tor Project to move toward grassroots user funded support rather than relying on politically vulnerable and ethically highly questionable USIC/USG tied grant monies, and I have expressed strong support for the efforts of Shari and now Isa in achieving that transition. In fact, in the post above you cited your reply to one of my previous "rockets".

IMO you should not have neglected to mention some troubling facts about certain major TP sponsors past and present.

> B) R&D funding from groups like Radio Free Asia and DARPA to actually build safer tools. Different funders might have different audiences in mind when they help us make Tor Browser safer and easier to use, but they want the same things out of Tor Browser: in all cases we make all of our work public, and also remember that anonymity loves company.

Translation: from the POV of USIC tor-lovers, the ordinary citizen users exist to hide US spooks from counterintelligence. As one of the ordinary citizens, I beg to demur. I do not feel that the needs of human rights workers, in particular, is subordinate to the needs of the spooks, and as a human rights NGO, TP should agree with that. Which means TP needs to avoid taking funding from CIA/Pentagon tied sources.

For those who don't know: DARPA is Defense Advanced Research Projects Agency, the Pentagon applied research agency, and some of their other research grants are troubling, to say the least. In particular, as you are aware, they have supported academic research on deanonymizing authors via stylometry. Please try to consider objectively how this looks to the ordinary Tor user who is aware of the conflict of interest.

For anyone unfamiliar with DARPA I highly recommend two books (which have some overlapping content):

The Pentagon's Brain
Annie Jacobsen
Little Brown, 2015

Surveillance Valley
Yasha Levine
Public Affairs, 2018

The first book tends toward gushing; the second is more critical, and yes, the author is *that* Yasha Levine. Don't let what you've heard prevent you from reading what he has to say; every Tor user should be aware of the facts, which are disturbing.

Radio Free Asia derives directly from Radio Free Europe, which did much good during the Cold War. That sound great. The problem, and it's a whale of a problem, is that "the radios" were the very first disinformation project of the CIA, even before it formally existed as a USG agency, and CIA ran them for many years. Later they came under the purview of the US State Dpt, and generally were well regarded inside the Iron Curtain for telling the something approximating the truth more often than they peddled USG lies. That's nice but it doesn't change the fact that "the radios" have always been "an agent of empire", and thus incompatible with Tor Project rebranding as a human rights organization, because empires are never good for human rights.

For anyone who is unfamiliar with "the radios", I highly recommend two more books:

Legacy of Ashes
Tim Weiner
Anchor, 2008

The Ghosts of Langley
John Prados
New Press, 2017

The first won the National Book Award and has been made into a widely viewed US TV documentary; the second is also highly critical of the agency's horrid legacy. Prados has in fact written five previous books on CIA, so he knows what he is talking about, and he's so mad at Jose Rodriguez that he sounds just like me (but is not me).

> C) Deployment and teaching funding from organizations like the US State Dept and Sweden's foreign ministry to do in-country security trainings, user-oriented documentation, and otherwise help activists around the world learn how to be safer on the internet.

It is probably necessary to accept assistance from governments in order to travel to dangerous places and meet with endangered people, but it's terribly important not to let CIA or US State Department have you meet in Country X only with whatever group of dissidents US foreign policy is currently promoting in Country Y (adjacent to Country X). Recall that during the Soviet occupation of Afghanistan, USG regarded the mujahedeen as "useful allies", and gave them weapons and training. During the American occupation, they took a different view. The mujahedeen may have employed distasteful methods but there is no denying that it was their own d-m country which the USSR and then the USA invaded and then failed to subdue.

Further, many US State Department employees may not have warm and fuzzy feelings about a certain erratic personage, but I have often had occasion to notice that when push comes to shove, "the King's men" do the bidding of the King, regardless of their personal feelings. So if the King wants genocide... what then? Would TP still be happy to accept funding from any USG source of USG commits another genocide? (The first being the genocide against indigenous peoples in the territory the USG calls "the USA", which let us not forget is just a name, not a person enjoying human rights of its own.)

> In terms of percentages, while 2015 saw 85% of our funding coming from US government sources, 2016 saw the fraction drop to 76%, and in 2017 we're down to 51%.

That is moving in the right direction but TP needs to get the proportion any one geopolitical block of governments (e.g. most EU and Western countries will find it hard to refuse "suggestions" from NSA and the other four "Eyes") contributes to under 10%. Small grass roots contributions should really make up at least 50% of Tor funding.

I have always acknowledged that this will not be easy.

You appear to have not answered the most important "ratio" question: what is the proportion of A) B) C) D) funding? 51:47:1:1? 3:3:2:2? (Read those as homogeneous coordinates.)

> The numbers and percentages over the years deserve their own blog post to make it clear how we classified everything, which I'm going to save for later so I don't delay this post further.

Fair enough. I await your next post with a mixture of eagerness and trepidation.

Second, Tor Project simply cannot continue to ignore the vexed issue of "backdoors". The ED of TP must join other NGOs in speaking out out against calls from people such as Rod Rosenstein (the US Deputy AG, i.e. number two in the US DOJ) to legally mandate "backdoors" in anything which uses strong encryption.

The public discussion TP needs to begin having (ecause the issue is not going away) must include discussion of what TP means by the term "backdoor", and what NSA might have in mind, because if TP has not anticipated what NSA has in mind, we are in terrible trouble.

As it happens, the leadership of GCHQ has just come out with one idea for how legally mandated backdoors might work for the "Second Crypto Wars". They are talking about end-to-end encryption in messaging apps, but the point is that they insist upon a distinction between messing with the crypto algorithms and a "tiny change" [sic] which completely vitiates any security/privacy/authenticity benefits from encryption. And their arguments may help readers to understand how "Western" governments plan to subvert Tor. Please see

lawfareblog.com
Principles for a More Informed Exceptional Access Debate
Ian Levy, Crispin Robinson
29 Nov 2018

As you probably know, these two people work for GCHQ, an organization not kindly regarded by those it has cyberattacked in recent years (e.g. 2012):

> Ian Levy is the technical director of the National Cyber Security Centre, a part of GCHQ.
> Crispin Robinson is the technical director for cryptanalysis at GCHQ.

As you probably know, the entire tech world wasted no time calling out GCHQ for endangering among other things the world's financial system:

https://twitter.com/Snowden
Edward Snowden
29 Nov 2018

theregister.co.uk
GCHQ pushes for 'virtual crocodile clips' on chat apps
29 Nov 2018

> Absolute madness: the British government wants companies to poison their customers' private conversations by secretly adding the government as a third party, meaning anyone on your friend list would become "your friend plus a spy." No company-mediated identity could be trusted.

zdnet.com
GCHQ details how law enforcement could be silently injected into communications
A crocodile clip for the 21st century would see cops and spies silently added to chats and calls.
Chris Duckett
30 Nov 2018

techcrunch.com
GCHQ’s not-so-smart idea to spy on encrypted messaging apps is branded ‘absolute madness’
Zack Whittaker
30 Nov 2018

techdirt.com
GCHQ Propose A 'Going Dark' Workaround That Creates The Same User Trust Problem Encryption Backdoors Do
Tim Cushing
3 Dec 2018

(Please note: this issue is not "five years old" or even "five weeks old". I am talking about current events.)

But where is Tor in all this? Shouldn't the ED of TP also speak out against "backdoors"?

I'll answer the second question: Yes, she should speak out. She should ask two distinguished Members of the Board to post an explainer with her of what TP guesses a backdoor purpose-built to subvert Tor might look like, and how TP plans to thwart USA/UK/AU/RU/etc from having their way with the Tor network.

The reasons Isa should ask Cindy and Bruce to help write the post decrying "backdoors" is that the issue involves internet law (Cindy's specialty) as well as technical points (Bruce's specialty). A crucial point about secret orders from USG such as NSL's is that only the current ED (presently Isa) and perhaps the GC (if Tor has one) would know about the order. You (Roger) would not be told. No one else inside TP would be told, unless possibly if the order demanded a technical modification (the kind of "backdoor" NSA wants us to be talking about, because almost certainly they have in mind something entirely different and much harder for source code readers to spot.) That is why Isa also needs to be involved in the post.

Third, on previous occasions (mostly before Shari's term as ED) you sometimes said you spend much time in political discussions with LEAs and intelligence agents, seeking to dissuade them from simply declaring Tor itself illegal. Last year I believe you visited Crystal City, site of the one of Amazon's "Second HQ" but more importantly the main worksite for many of NSA's biggest contractors, including BAH. No doubt they asked you not to talk about what you discussed with them, but you should tell us anyway. That would be transparency in the good sense, am I right?

("Transparency" is used in two utterly contradictory ways in tech: in the sense of not hiding anything [which would be nice if it were only true] and in the sense of being invisible to clueless ordinary citizens [the predatory meaning].)

I have stated in the past that I am not horrified by the fact that you once worked as an NSA summer intern, because I know others of whom the same is true, but I have expressed concern about how you apparently brought someone into Tor whose previous job had been working under diplomatic cover for CIA. ("WTF?!!" spits anyone who has never heard about this regrettable episode.) I think you have some explaining to do there. Yeah, binding agreements owing to failure at the time to have a sensible job application process... blah blah blah... that's all US legal bullshit designed to cover up CIA actions. TP cannot cooperate in that kind of coverup. In my opinion.

Lastly, sometimes you know your friends by the fact that they are the only ones with the courage to tell you to your face that you fouled up. This is such an instance. The reason I keep raising these points is that you have never addressed any of them (in public).

Why the protection's node can't change? Is that secure?