About Tor: What, Why, How and Who is Tor?
What, Why, How and Who is Tor?
Publication date: 2022-04-09
Update 2022-04-21: minor update to the Introduction to provide correct article titles and complete links. Feedback from a member of the Tor community lead to improvements in the description of copyleft and the application of GPL to the Linux kernel.
Acknowledgment: The author wishes to thank Roger Dingledine for assistance in obtaining a solid understanding of the use of cryptography by the Tor network. Of particular help was his provision of a link to the design document Tor: The Second-Generation Onion Router. This technical understanding informs part 4, the technical annex.
The current age of increasing censorship and surveillance seems to call out for an exploration of one of the leading products to combat this menace. The story involves a review of a fascinating period of history, and countering a collection of commonly used arguments against Tor and the TorProject community. Hopefully exploring these and other related topics is timely and of interest to the reader.
The articles’ structure is:
Part 1 (this article)
What is Tor?
Why is Tor? What history leads to Tor; an exploration of origins.
How is Tor? How does the community behind Tor, the TorProject, achieve its aims? What are its core products?
Who is Tor? Who uses Tor, and why?
Refutations: Deconstructing arguments against Tor
Testimonial: Why do I use Tor?
Part 4 (the annex)
The Closet Under the Staircase; Lifting Tor's Hood
Part 4, the technical annex, is not essential. It is provided for completeness and to satisfy the technically curious.
What is Tor?
Tor stands for "The Onion Routing" and is typified by the "onion" layering in its signature network protocol.
Tor is a low-latency, anonymity preserving, censorship avoidance, volunteer run network. It runs on volunteer contributed computers connected to the Internet providing network services to other computers or mobile phones connected to the Internet.
Low-latency means that while it is a complex piece of networking technology one of its core goals is to minimize delays in communications. Because of its complexity there are some delays, but they should be small enough to be non-intrusive. A bigger problem exists in the pervasive resistance to Tor exhibited in many commercial products (firewalls and "attack resistant" network services). This aspect of the rest of the Internet's changing response to Tor is addressed in part 3.
Anonymity preserving means that the products which the Tor community produces are designed to give you a best chance of the site/end-point your computer is communicating with being unable to identify who you are. Tor, like mathematics, is not magic. There are things it can and cannot do. If you log into a site with a username and password, then you have told the site "who you are", and all anonymity efforts are greatly reduced by your action. This is akin to a mathematical "divide by zero" operation. If you do that, mathematics can give you no certainty either.
Censorship avoidance is a property of the distributed nature of the Tor network. The network's computing resources are distributed widely across the globe. There are additional efforts by TorProject to produce variations of Tor, known as pluggable transports, which enable a more advanced Tor user to change the ways that Tor traffic looks on the network. This aspect of Tor is not covered in the article.
Note that one cannot censor things which one does not know about. Censorship is a product of surveillance.
Volunteer run means exactly what it says. The TorProject funds some core infrastructure which is essential to the Tor network. An example includes the Directory Servers which we shall meet in the annex (part 4). The vast majority of participating computers in the network are run by people for their own reasons. Sometimes these are companies and their own reasons may include a "public relations" component, or maybe they just like to support the idea of free speech and people’s ability to avoid censorship or access content without being surveilled. The TorProject offers no payment for contributing towards the network; it is a personal choice by an individual or organisation. They contribute their own resources to the network for whatever reason motivates them.
There is also a large volunteer community behind TorProject. People train others in how to use Tor effectively. Reference and training materials are translated into different languages. There are a wide range of opportunities to contribute to Tor and TorProject. If you wish to contribute, please visit their community page.
Why is Tor?
In the mid 1980's and very early 1990's as ARPAnet matured and good network support was added to the UNIX operative systems (hi, BSD), a group of "geeks" considered what a world spanning communications network would mean for society.
Those who had studied cryptography also considered how the addition of cryptography to this network could help it evolve. These people labeled themselves as the CypherPunks and even published a manifesto.
This author posits that amongst the greatest scientific papers of the 20th Century belongs an obscure paper by Whitfield Diffie and Martin Hellman titled "New Directions in Cryptography". Every purchase you make on line, and almost every site you visit on-line hinges upon ideas these scholars developed close to 50 years ago.
[Image: a screenshot of the poor quality PDF available on-line which does include, at the top, the date and journal of publication of the article.]
Diffie and Hellman built upon the concept of "public/private key cryptography" developed by Ralph Merkle. The "New Directions" publication added the all important key exchange mechanism which allowed this new cryptography to actually be used. This paper on this new keying and exchange mechanism is the supernova of cryptography being taken out of the shadows of secret government intelligence agencies and placed in the hands of public academics.
Interestingly enough, members of UK's "code crackers" at GCHQ had independently made most of these discoveries a few years earlier, but they could not publish their results. Thus, the prize is given to Diffie, Hellman and a few others for this stellar improvement in cryptography -- a New Direction indeed.
Most of today's standardized secure communications technology are based on this early work, which has been improved upon for years by further public study of networks, protocols and cryptography.
The cryptographically trained geeks, or CypherPunks, envisaged two natural outcomes for this emerging globe spanning network: the most authoritarian and repressive surveillance platform the world had ever seen, a Panoptican, or the emancipation of people to freely exchange ideas and learn in ways previously unimaginable.
There were other wild predictions like digital cash, withdrawal of taxes and the fall of governments, some of which have come to pass and others not. The debate between the two core future outcomes continued quietly for a couple of decades until Edward Snowden provided journalists with classified documents describing exactly what the world's English language intelligence services had been up to post the 9/11 crimes. The discussion of futures was resolved on the nightmare side of the equation, though progress in the free flow of ideas had been made.
The CypherPunks also had a mantra: CypherPunks Write Code. From the early-1990's to 2000 the first Crypto-War was fought. The CypherPunks "won" that struggle when in 2000 the USA removed cryptographic work from its "arms exports" controls. Software like "Pretty Good Privacy (PGP)" or Kerberos became possible to publish or sell without using some of the clever techniques which the CypherPunks had developed to work around the embargo on the export of cryptography. To learn more about what these techniques were and more details about the CypherPunks, please watch the Moxie Marlinspike presentation included in the Video Sources at the end of this article. The video presentation is a companion to this article section.
[Image: the MIT Kerberos logo].
Early in the period of Crypto-War I, the USA's Naval Research Laboratory (NRL) began researching an Internet hosted encrypted "low-latency privacy preserving" network.
The core creators at the Naval Research Labs are detailed by TorProject's own History page. The work by NRL was an extension of earlier work on Mix Networks by David Chaum, one of the godfathers of the CypherPunks.
The work by the Naval Research Labs began in 1995. By 2002 when the network was initially deployed, the code was licensed under a Free and Open Source Software license. By 2004 the EFF begn funding core development work on Tor, and in 2006 TorProject, a 501(c) non-profit was founded to maintain the effort. TorProject was and is a research project which studies the challenges inherent in their product (the low-latency, anonymity preserving, censorship avoidance, volunteer run Internet overlay network called Tor).
A Loosely Interacting Collection of Technical Activists
A fascinating period of history occurred between the mid 1970's and the early 21st century in which a few small collections of visionaries and activists began to loosely interact. Diffie, Hellman, Merkle, Rivest and Shamir birthed a new powerful form of cryptography at the same time as the UNIX operating system begins being adopted in Universities world wide, though especially in the USA. USA’s Digital Equipment Corporation’s (DEC) production of the PDP series of mid-level computers played an important part in this. Computer network researchers like Vince Cert began designing core protocols which would enable new types of communications to be used on the evolving ARPAnet.
By 1984 Richard Stallman advocates Free Software. This later morphs into Open Source software (though there are some ideological differences), which is later collectively referred to as Free and Open Source Software (FOSS).
Stallman's key insight was using copyright law to place freedoms around works; a “hack” in the playful sense of the original meaning of the word. Copyright is a legal regime of limited monopoly whose expiry terms have since been expanded to “life of the author plus 75 years” making a mockery of the intended purpose. Stallman uses the same legal mechanism to provide freedom of use to works employing his licensing scheme. Works using the mechanism don’t enter the “public domain” but have copyright protections used to enable their free use. Copyleft is created.
Stallman’s mechanism for this is one of his key contributions to society, the GNU Public License (or GPL) which is now at version 3. His ideology was that software should serve people, and thus they needed control over it. The same “four freedoms” that Stallman envisages for software are equally applicable to non-software creative works. This “playful creativity” emerges again and again as we later see Aaron Schwartz’ Creative Commons and LetEncrypts’ entry into the certificate market.
In itself, Stallman’s efforts echo works in 1950's science fiction, typified by Isaac Asimov’s "I, Robot”. Technology should support society.
[Image: a screenshot by the author of GPLv1 taken from its publisher.]
Linus and colleagues' work was combined with a wide range of tooling which had been developed by Stallman's GNU project, again with a wide range of collaborators, to produce a useful operating system. The kernel and essential tooling were combined to produce GNU/Linux. It is important to note that having an operational kernel but no tools it not terribly useful. Having a compiler and text editor, but no kernel is also not very useful. The combination of the two however, is very useful, for one can write and compile software, and run it.
This brings us to the mid-1990's when the CypherPunks and associated principled academics fought the first Crypto-War. A pervasive and likely persistent form of encryption was designed such that law enforcement would be able to decrypt this weak cryptography. The key victory in this political battle was won by cryptographer Matt Blaze, who demonstrated a devastating flaw in the "Clipper Chip" which was the artifact designed to achieve this ubiquitous weak encryption able to be decrypted by law enforcement.
[Image: the clipper chip]
At the turn of the century/millennium a new round of cypherpunks and radical software programmers like Moxie Marlinspike (see Sources for the greatest IT security presentation of all time) took up various challenges described by the preceding generation. They were armed with better computing hardware and software development methodologies, and ongoing improvements in networking and cryptography.
The TorProject is a natural outgrowth of all of this; a child of its time. Note that both Matt Blaze and Ian Goldberg (another leading "CypherPunk" cryptographer) are members of the TorProject.
How is Tor?
The core product of TorProject is the Tor network itself. However, utilizing the network directly is difficult for non-technical individuals. The key auxiliary product is a Web Browser which is built to connect to the network and use it.
The Web Browser is a variant of the Firefox browser produced by Mozilla Corporation. The TorProject customized version of the Browser (and because its Free and Open Source Software, they can do this) not only uses the network, but also restricts the browser in various manners to reduce "leaking" information about the user. It is equipped with a few stable and well developed third party "extensions" to the Browser which provide further reductions in leaking identifying information.
The network is Tor. The browser is the Tor Browser Bundle (TBB). It is a bundle of a customized Firefox browser and (also customized) third party add-ons all focused towards anonymity preservation.
The combination of the two is what gives one the total product of "low-latency (Tor), anonymity preserving (Tor + TBB), and censorship resistant (Tor)" access to the volunteer run network.
Who is Tor?
The question of who uses Tor invites an important question.
Imagine that you are the USA's Naval Research Lab attempting to develop a covert communications channel between soldiers/operatives "in the field" and services provided on-line by the USA's military/government. If this "covert channel" is only used by USA military/spy personnel then as soon as it is discovered, everybody using it is immediately fingered as USA government operatives.
This problem is solved by opening the tool to the wider public. Now the "covert channel" is a "public channel" and is composed of military, civilians, and all walks of persons making the job of "fingering" much, much harder. The observers need to actually do work to sort the unimportant from their intended targets.
One could jump to conclusions and say "that is why the Naval Research Lab's open sourced the project", which may be true. It does not, however, refute the observation. An effective covert channel is far better protected if it is suffused with "innocent" traffic, placing the burden on the observer to distinguish.
Tor, the network, is an open channel. Download the Tor Browser Bundle and you too can use it for whatever purpose you wish. Because anyone can do whatever they want, the open channel is also joined by criminals. Enter the Four Horsemen of the Infopocalypse: drug-dealers, money-launderers, terrorists, and pedophiles.
Because the horsemen are using the channel, so too are law enforcement to observe and catch them. Equally, the Tor network's censorship avoidance and anonymity provisions make it attractive for human rights lawyers and activists when working "on the ground" in difficult places. Equally, as governments censor content, spikes in Tor usage emerge as people seek its censorship avoidance capabilities.
In the end you have a potpourri of largely regular people just not wanting to be surveilled by the dystopian centralized digital distribution platforms like Google and Amazon, and this other smaller collection of law enforcement, government operatives, censorship and privacy researchers, human rights activists and the four horsemen types.
Just to throw a spanner in the works, the code that runs all of TorProject's products is Free and Open Source Software.
[Image: a snapshot of the GitHub mirror of the Tor code, which is publicly accessible]
Anyone can obtain the code and re-purpose it. Wouldn't the criminals just make their own "better" version? Yeah, sure. But they are still going to hit the problem of "everyone using their version is a criminal". Joseph Heller would be chuckling.
The long term editor of the “Request For Comment” (RFC) series by the Internet Engineering Task Force and other associated advisory boards, Jon Postel, used his position to reserve the number 1984 in the RFC series. RFC 1984 is thus issued “out of order” for the series in August 1996 on a topic which Postel foresaw. It follows the publication of Matt Blaze’s devastating attack on the Clipper Chip by around a year:
This article continues in Part 2 where common arguments to not use, or distrust Tor, are examined.
Tor: The Second-Generation Onion Router, Roger Dingledine, Nick Mathewson, and Paul Syverson, TorProject, 2004-05-18
Tor at the Heart: Bridges and Pluggable Transports, Tor Blog, TorProject, 2016-21-11,
Join the Tor Community, TorProject
From ARPANET to the Internet, (UK) Science Museum, 2018-09-02
Berkeley Software Distribution, Wikipedia
The Cypherpunks, Haseeb Qureshi, NAKAMOTO, 2019-12-19
A Cypherpunk's Manifesto, Eric Hughes, activism.net, 1993-03-09
New Directions in Cryptography, Whitfield Diffie and Martin Hellman, late 1976
So who invented public-key encryption?, Prof Bill Buchanan OBE, ASecuritySite: When Bob Met Alice, 2019-05-03
Doomed to Repeat History? Lessons from the Crypto Wars of the 1990s, Andi Wilson Thompson, Danielle Kehl, and Kevin Bankston, New America, 2015-06-17
Kerberos 5 Release 1.0 announcement, Kerberos team at MIT, 2000-02-24
David Chaum, Wikipedia
A Brief History of Hackerdom, Eric S. Raymond, Thyrsus Enterprises, 2000-08-25
A Serious Bio, Richard Stallman, his website
Goodbye, "free software"; hello, "open source", Eric S. Raymond, his website, 2012-09-04
I, Robot, Wikipedia
RELEASE NOTES FOR LINUX v0.12, Linus Torvalds, Kernel.org
linux-0.12 is available, Linux Torvalds, Tech Insider, 1992-01-15 (contents)
Clipping Clipper: Matt Blaze, Wired Staff, Wired Magazine, 1994-09-01
ABOUT TOR BROWSER, TorProject
Download Tor Browser, TorProject
Scaring People into Supporting Backdoors, Bruce Schneier, his website, 2019-12-09
DEF CON 18 - Moxie Marlinspike - Changing Threats To Privacy, Moxie Marlinspike (creator of Signal), DEF CON 18, 2010
While technical in later parts (after 26 minutes into the almost 43 minute presentation), this presentation is an essential companion to much of the historical section (the Why is Tor?) part of this article. Please watch it, at least for 26 minutes.
(This is my article and I get to declare what is the "greatest IT Security presentation of all time". The above is it.)
DEF CON 27 - Roger Dingledine - The Tor Censorship Arms Race The Next Chapter, Roger Dingledine, DEF CON 27, uploaded to youtube 2019-12-05
Roger Dingledine moved from working with the Naval Research Labs to TorProject to continue his work on Tor. He is best considered as the lead architect.
People Are Strange (New Stereo Mix), The Doors (from the “Strange Days” album, 1967), their (publisher’s) youtube channel, uploaded 2014-11-08
If you like what you read here, you can please the author by sharing it.
Do Not Subscribe: This blog does not issue "notifications" via Substack. Use RSS. The URL is the obvious: https://yesxorno.substack.com/feed .
Following @YesXorNo1 on Twitter is the next best alert mechanism.
Copyright and Licensing
This work is copyright to the blog's author with CC BY-SA 4.0 licensing. Have fun, reuse, remix etc. but give credit and place no further restrictions. Lets build culture.