According to consolidated financial statements and reports of the Tor Project for the year ending December 2012, US Federal agencies are responsible for nearly sixty percent of funds received by the project.
According to recent reports NSA is not only snooping on electronic communications by tapping into communication lines of major technology companies around the world, but has also managed to circumvent most of the encryption being used widely by financial institutions, banks and the likes. And how exactly has NSA managed to do that? By forcing commercial encryption software vendors to build backdoors into their programs.
Internet users resort to multiple free and commercial tools that allow them to evade surveillance, increase privacy and to stay anonymous on the Internet. One of the widely recognized and used anonymity tools is Tor, which according to recent report saw as many as 2,500,000 client connections. Following the Snowden revelations the traffic has nearly quadrupled in a month’s time and it has been speculated that either the NSA or a botnet was responsible for the surge in client connections.
There has been no concrete evidence that the US government has managed to sneak a backdoor into the Tor software, but there have been rumblings on quite a few mailing lists that this possibility cannot be ruled out as feds have been responsible for nearly 60 percent of funding of Tor Project’s 2012 operating budget. Out of the 60 percent, US DoD was responsible for more than 40 percent of Tor’s funds during the same year.
Tor has taken a defensive stand against this and in an emailed statement to Tor users, the project’s Executive Director Andrew Lewman wrote that just because Tor receives and accepts funding from federal agencies doesn’t mean that the project is collaborating with NSA and helping them to unmask people’s online identities.
Lewman iterated that the agencies which are funding the project are those arms of the government which “want to see strong privacy and anonymity” on the web.
“Don’t assume that ‘the government’ is one coherent entity with one mindset”, Lewman added.
One of the project’s founder, Roger Dingledine, said that the funding receiving is like a research grant and that the feds aren’t paying the project to build a software for them. “They’re funding general research and development on better anonymity, better performance and scalability and better blocking-resistance. Everything we do we publish in the open”, wrote Dingledine.
Earlier there were reports of nearly half of .onion sites disappearing from the Tor network and it was linked to a FBI-related takedown of a hosting service provider in Ireland ‘Freedom Hosting’ and arrest of its owner Eric Eoin Marques. According to Tor’s Phobos’ there were reports of server breach that hosted these websites and agencies may have attacked “software running at the server behind the dot onion address.”
A vulnerability in Firefox 17, which goes as a bundled browser with the Tor package, was believed to be the prime reason behind the takedown. It was also speculated at the time that NSA may have had a backdoor into the bundled software using which it managed to nail Eric Eoin Marques. But considering that Tor is an open-source project and it gets scrutinized by many programmers across the globe, chances of an undetected backdoor are minuscule. There is only one little problem – chances are NSA has managed to sneak in malicious code into Tor’s code that hasn’t been recognized yet.