[tor-talk] [liberationtech] Not another Haystack right?
eugen at leitl.org
Fri Dec 2 09:10:04 UTC 2011
----- Forwarded message from Yosem Companys <companys at stanford.edu> -----
From: Yosem Companys <companys at stanford.edu>
Date: Thu, 1 Dec 2011 10:17:19 -0800
To: "Jillian C. York" <jilliancyork at gmail.com>
Cc: Liberation Technologies <liberationtech at lists.stanford.edu>
Subject: Re: [liberationtech] Not another Haystack right?
I think this would make for a good PhD dissertation (or similar thesis) in
Like Evgeny and Jillian, I'm also interested in the academic question,
which extracting away from Tor is along the lines of the following: Why do
people draw conspiracies from USG funding of some tools but not others?
Empirically, I'm imagining a comparative case study with a successful case
or two (e.g., Tor) and an an unsuccessful case or two (many to choose
As for theory, there are many options ranging from sociology to psychology
to political science. I agree with Evgeny that the trust literature is a
good one, but there are also the certification/legitimacy and resource
dependency literatures I cited earlier. You could even bring in the
cognitive dissonance and sensemaking literatures.
One related theoretical paradox is that, since resources create
dependencies between donor and recipient, how do successful organizations
manage these dependencies to ensure the funding doesn't affect their
independence and public image?
As Andrew suggests, transparency and openness may be one answer, as well as
accepting funding based on results/outcomes, rather than processes. In
other words, keep the funder's involvement at a minimum in the process, and
let the outcomes/results of the funding serve as the metric of evaluation
at the end of the day.
Another may just be an efficiency-based explanation: Tor works in practice
in a way that is clear for the user, and thus the user is more likely to
trust it as a tool. If the result is more uncertain/ambiguous, the user is
less likely to trust it.
In any case, without any empirical evidence, we could play armchair
theorists all day but never get a true answer to these questions.
On Thu, Dec 1, 2011 at 9:47 AM, Jillian C. York <jilliancyork at gmail.com>wrote:
> I don't have an answer for that, but again, I would suggest that Tor has
> been far more open and transparent about their position than most of the
> other tools under State or BBG funding at the moment. The fact that I
> (someone who worked on this stuff for nearly three years) can only name
> three such tools from the 2011 round speaks volumes.
> On Thu, Dec 1, 2011 at 9:44 AM, Evgeny Morozov <evgeny.morozov at gmail.com>wrote:
>> Andrew: I had a good laugh reading this but I think you have
>> misunderstood the point of the question. Few of us on this list have any
>> doubts about the independence of Tor from the US government. The really
>> interesting question - which I think still remains unanswered - is why this
>> has also been the case for people who are not on this list, who don't know
>> Tor team personally and who would normally draw a very straight
>> conspiratorial line from "Project X gets funding from USG" to "Project X is
>> used by USG for Agenda Y".
>> That's an interesting sociological question that you can't just explain
>> away by saying "but that's because they trust us!", because it's this very
>> trust that needs to be explained. Besides, if we do find a good answer to
>> this question, it will surely help other projects (which, of course, you
>> may or may not be interested in).
>> On Thu, Dec 1, 2011 at 9:32 AM, <liberationtech at lewman.us> wrote:
>>> On Tue, Nov 29, 2011 at 07:42:14PM -0800, evgeny.morozov at gmail.comwrote 33K bytes in 765 lines about:
>>> : 1) Brian Conley's question about why BBG's support to Tor does not
>>> seem to
>>> : undermine Tor.
>>> If you do not trust Tor, do not use it. If you do not trust Jake,
>>> Roger, me, and others at Tor, then do not use our software. If you
>>> are able to review the code, designs, and empirical evidence of people
>>> successfully using Tor in dangerous situations, then please make your own
>>> decision as to whether you should use Tor. I can talk endlessly about
>>> transparency, free software, open code, designs, published research,
>>> published data, etc. But none of this matters if your mindset is that
>>> Tor is a mouthpiece of the US Government. Being under surveillance by
>>> the DoJ is just a ruse, clearly. But everyone likes Sweden, right? What
>>> if Saudi Arabia funded us?
>>> For me, I use Tor daily, for just about everything. It works. I used
>>> Tor before I met Roger and Nick. If Tor goes off the rails and gets
>>> involved in actual conspiracies, then I'll quit and move on. I think
>>> everyone at Tor would do the same. We produce technology. How people
>>> use it is up to them.
>>> Tor does not focus on any one country. We focus on attacks and defenses
>>> in the computer security sense of the words. If one country successfully
>>> attacks Tor via DH parameter blocking, chances are others will try that
>>> too. We resolve the attack and move on. There's always a new attack
>>> or novel way someone will try to break Tor; some real, some imagined,
>>> some merely created for the global press. Some countries, like Iran,
>>> Syria, China, and others are better at electronic repression than
>>> others. We find the technology interesting and are involved in an arms
>>> race. We want to make sure Tor works in these more-advanced situations.
>>> We also respond to where users ask us for help. I've been involved with
>>> Tunisia a bit for years. I'm involved in others that 90% of the world
>>> doesn't care about enough to keep them in the press. I can understand
>>> how it looks like we're focusing on one country over another.
>>> I do work with victims of stalking and domestic violence in America. I've
>>> met former sex slaves from Eastern Europe and educated them on
>>> Internet privacy and anonymity.Others work with LGBT youth, some with
>>> law enforcement officers globally, some just focus on the technology
>>> because they find it interesting. Clearly we need to be better at
>>> communitcating what we do and where we do it.
>>> We publish our monthly progress for everyone,
>>> https://archive.torproject.org/monthly-report-archive/ and on the blog,
>>> https://blog.torproject.org/category/tags/progress-report. Comically,
>>> I have to email it to our US Government funders because they cannot get
>>> to torproject.org without using Tor or violating their own IT policies.
>>> The core of the angst here is that Tor receives US Government and
>>> Swedish Government funding. We publish this every year. Our 990, audit
>>> statements, and State of Massachusetts Form PC are all published and on
>>> our website. The 990 is a public document by law. If you want to see
>>> how much funding we get, who we pay, and who pays us, feel free. It's
>>> all right here, https://www.torproject.org/about/financials.html.en. We
>>> get paid to work on research and development on a defined project and
>>> deliverable basis. We publish our deliverables and current work state
>>> at https://trac.torproject.org/projects/tor/wiki/org/sponsors.
>>> Now, let's talk about what being a US Government sub-contractor is
>>> like. Here's a typical day in my life (imagine Ke$ha's Tik Tok as the
>>> soundtrack to this exposé):
>>> I wake up in the morning and talk to Hills about the world (Hillary
>>> and I are on nickname basis). We talk about code. We talk about how we
>>> can use the C coding language to produce more freedom and democracy
>>> in the world. She tells me about this new library she read about on
>>> reddit/r/programming called libfreedom. She has her staff remind me to
>>> avoid buffer overflows in the libfreedom integration. I decide noon is a
>>> fine time to get out of bed, take a walk on the beach, and hop into my
>>> helicopter to fly to the palatial tor offices in a secret location. I
>>> could have taken the Bugatti today, but I figure it is more green to fly
>>> directly there.
>>> And then General Alexander calls me and gives me the run down on the
>>> plans for the day and asks for feedback. Keith and I have a lulzy chat
>>> about the Internet memes trending and then renew our bets about who can
>>> get on cryptome or pgpboard first today.
>>> And then Wen J from China skypes me and trolls me that they are going
>>> to roll out a new GFW today that is super duper good at blocking all
>>> encryption. Wen is doing it for the lulz.
>>> And if you believe the last four paragraphs, well, then I'm sorry
>>> for you.
>>> Are we done with the conspiracy theories? Or shall I talk about the
>>> moon base we're building so the grey's can have interplanetary anonymity?
>>> pgp key: 0x74ED336B
>>> liberationtech mailing list
>>> liberationtech at lists.stanford.edu
>>> Should you need to change your subscription options, please go to:
>>> If you would like to receive a daily digest, click "yes" (once you click
>>> above) next to "would you like to receive list mail batched in a daily
>>> You will need the user name and password you receive from the list
>>> moderator in monthly reminders.
>>> Should you need immediate assistance, please contact the list moderator.
>>> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
>> liberationtech mailing list
>> liberationtech at lists.stanford.edu
>> Should you need to change your subscription options, please go to:
>> If you would like to receive a daily digest, click "yes" (once you click
>> above) next to "would you like to receive list mail batched in a daily
>> You will need the user name and password you receive from the list
>> moderator in monthly reminders.
>> Should you need immediate assistance, please contact the list moderator.
>> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
> jilliancyork.com | @jilliancyork | tel: +1-857-891-4244 | google voice:
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> Should you need to change your subscription options, please go to:
> If you would like to receive a daily digest, click "yes" (once you click
> above) next to "would you like to receive list mail batched in a daily
> You will need the user name and password you receive from the list
> moderator in monthly reminders.
> Should you need immediate assistance, please contact the list moderator.
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
liberationtech mailing list
liberationtech at lists.stanford.edu
Should you need to change your subscription options, please go to:
If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
You will need the user name and password you receive from the list moderator in monthly reminders.
Should you need immediate assistance, please contact the list moderator.
Please don't forget to follow us on http://twitter.com/#!/Liberationtech
----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the tor-talk