[tor-project] Help brainstorm Tor myths

Paul Syverson paul.syverson at nrl.navy.mil
Fri Jul 7 04:18:07 UTC 2017

On Thu, Jul 06, 2017 at 08:42:59PM -0400, Roger Dingledine wrote:
> As part of my upcoming Defcon talk on onion services:
> https://www.defcon.org/html/defcon-25/dc-25-speakers.html#Dingledine
> I'm thinking of including a section on Tor mythbusting. That is, there
> are all sorts of Tor misunderstandings and misconceptions floating around,
> and it seems smart to try to get them organized into one place as a start
> to resolving them. (Later steps for resolving them should include better
> and more consistent communication, and actually changing things so Tor
> is safer/stronger/better. One step at a time.)
> Below is an initial list to get us started, along with overly brief
> summaries of the reality underlying the myth. Please contribute more
> entries!
> To contribute best, please frame your entry from the perspective of a
> helpful and concerned Tor user or advocate, rather than as a crackpot
> conspiracy theorist. (Fun as it might be, I have little interest
> in socket-puppet trolling myself on stage, so phrasing myths in a
> constructive manner is the best way to move forward.)
> And also, don't get too hung up on the quick rebuttal text I've written:
> the goal here is to brainstorm the myths, not to write the perfect answer
> to each of them. That can come later.
> - "I heard the Navy wrote Tor originally (so how can we trust it)."
>   (They didn't. I wrote it.)

Hmmm. This doesn't really answer the question. People could then
immediately ask in response how they can trust you (and maybe even
observe that you wrote it in collaboration with Navy employees while
you were working under a contract to the Navy). (Plus the first stuff
came from Matej, and his stuff was gone fairly quickly but not before
Nick was making substantial contributions.) This is all red herrings.
It was designed so that they don't have to trust you (or that
legendary guy who writes such great code, aka "The Navy", or
anybody). To quote "A Peel of Onion"

  Anything coming out of, for example, a Navy-only onion routing
  network would be known to be coming from the Navy and anything
  entering it would be known to be headed to the Navy: this would not
  adequately separate identification from routing. But the diverse
  users needed to provide this protection also have diverse trust
  values. Thus the entire network infrastructure cannot be provided by
  or under the control of a single entity. And since those running the
  network will similarly have diverse trust, they must be able to
  examine for themselves the code that they run, or at least be sure
  that independents whom they trust can do so. These points were part
  of our vision for onion routing from the very beginning, and we
  obtained our first publication release for onion routing code in
  1996, before ’open source’ was a generally adopted concept.

Then of course there's providing documentation and specs, encouraging
researchers to pound on it and publicize their results about what Tor
does and doesn't provide (as you note a few bullets below), plus
deterministic builds, plus probably something else I'm not thinking

Again, the number one point is that they _shouldn't_ be trusting it
based on whether or not they trust you, and they don't have to.


> - "I heard the NSA runs half the exit relays."
>   (Hard to disprove, but it doesn't make any sense for them to run
>    exits. But that shouldn't make you relax, since they already surveil
>    a lot of the internet, including some of the existing exit relays,
>    so they don't *need* to run their own. Also, the Snowden documents
>    give us some good hints that say no. Btw, use SSL.)
> - "I heard Tor is slow."
>   (You're right, it's not blazing fast. But it's a lot faster than it
>    was in earlier years. Tor's speed has most to do with how much load
>    there is on the network, not on latency between the relays as many
>    people believe. We need more relays.)
> - "I heard Tor gets most of its money from the US government."
>   (Alas, this one is true. We have three categories of funding: basic
>    research like from NSF, R&D like from the Open Technology Fund, and
>    deployment and training like from the State Dept. See the financial
>    documents that we publish for details. Alternatives would sure
>    be swell.)
> - "I heard 80% of Tor is bad people."
>   (There have been a bunch of confusing studies about Tor users and
>    usage, and the numbers vary wildly based on what you're measuring and
>    how you classify bad. But for the above stat, you probably heard it
>    from a US DoJ attorney who misunderstood a journalist's article about
>    one of these studies. Or who knows, maybe she maliciously twisted
>    the results. See also the ongoing research work on measuring the
>    "dark web".)
> - "I heard Tor is broken."
>   (Man, this phrase represents a fundamental misunderstanding of
>    computer security. All the academics go after Tor -- and it's great
>    that they do -- because we're the best thing out there, plus we provide
>    good documentation and help them in analyzing the attacks. You don't
>    hear about breaks in centralized proxy companies because there's
>    nothing interesting about showing flaws in them. Also, security
>    designs adapt and improve, and that's how the field works. I'll try
>    to keep my rant on this one short so it doesn't take over.)
> Thanks!
> --Roger
> _______________________________________________
> tor-project mailing list
> tor-project at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project

More information about the tor-project mailing list