Okay, so I've been concerned about the safety of at-risk Tor users
since all this shit broke. New employees at the organizational
structure serving as the main accuser, an all new board with
interrelationships and motivation unknown, grenades rolled under
office doors and all of the rest leaves a bad taste in my mouth. I
cannot, at this time, recommend to a third world citizen, that (s)he
trust the Tor network. I hope that changes.
The issue is whether or not someone new in the Tor organization
will, accidentally or intentionally, put third world users at risk.
I cannot trust an all-new board. Tor needs to be on their best
behavior in order for me to re-establish trust in the organization.
As a retired corporate manager I've seen these problems before. I
have several suggestions that I feel are must-do tasks for the Tor
Project:
1) Secure an independent investigator to look into the allegations
against Jacob. Either demonstrate that he is not an honorable
employee or reinstate him. No one should trust anonymous claims
that can ruin his career. If Jacob is guilty, he should be
prosecuted;
2) Board member should be open, accessible and available to
employees and node operators. Their background and motivation for
being a director of the Tor Project should be disseminated. There
interrelationship with other board members should be known;
3) As one of the founders of Tor, Roger should openly discuss these
and all issues in a public manner (on the web page, webinar,
magazine article, etc.);
4) An organizational plan should be placed in the employment manual
that puts significant distance between coding employees and
directors;
5) Employees and directors should not operate nor have access to
authority servers.
I've operated a number of exits and guards for several years now
(including, as far as I know, the only Tor node in Albania). [1] I
will leave these operational for now but I expect changes in this
unprofessionally operated 501c3.