The Tor Project


A lot of people do not care about privacy until something happens.”

Karen Reilly and Kim Pham are talking on the principals of the Tor network and the reasons for privacy-enhancing technologies on the web. Karen Reilly is Marketing, Fundraising, and Grant Development Director of the Tor Project. Kim Pham is the Outreach Director at Access Now. The interview is led by Armin B. Wagner and Volker Eckl.

  • Date of recording: Mon, 2010-09-27
  • Language(s) spoken:

hyperaudio Player

Download this file

0:00 KR: Well, Tor is a non-profit organization, it’s part of a research lab that provides anonymity and privacy on-line by bouncing your traffic through a series of relays that a run by volunteer all over the world. So there are .. between your computer and your destination there are three hubs. And so the first hub knows where you are coming from, but then the second hub only knows that it is coming from the first one and then the third one knows that it is coming from this middle node. And then it knows where you’re going.
But the whole system is designed, - the buzzword is `privacy by design´- , because we have a network designed so we don’t have information in the first place. If I held a gun to somebody’s head from Tor and said “What is this person doing on-line?” we wouldn’t be able to tell you.

Now, an issue that has come up is 00:54 there is a difference between that sort of anonymity on-line - to remove your physical location, your IP address, from your activities on-line and whether you use encryption or not.
So if you download the Tor software there’s a big angry red sign that says: “You might wanna read this first if you don’t exactly know what Tor does and doesn’t do.”
And so, if you use Tor with attending encryption like if you are log in into email account with HTTPS then you are pretty safe. But otherwise it’s like driving a car through a tunnel to hide where you’re going, but then putting a big sign on it that says: “Hi! I’m Bob Smith. I’m live on 101 Main street and I’m going here.” It’s a really sloppy analogy.

01:42 AW: A few years ago there was this guy who owned several exit nodes on Tor and logged some sensitive data from embassies and…

KR: The code is Open Source. We are transparent developed how we act as an organization and we’re very open about what Tor does and what it doesn’t do. I mean it does exactly what it says on the wrapper. You just have to read the wrapper.
02:09 And so yes, sniffing traffic on exit nodes is incredibly bad form and but it’s a reminder that people should be using encryption all along and one of the best ways to counter that is to have more people running relays, so that you are more assured that your traffic is not running through a relay that is- you know - run by someone who might do such a thing.

02:36 VE: How often do you use Tor, the Tor network, personally?

KR: I use it every day, actually. You don’t have to be engaging in sensitive work to use Tor. I mean a lot of the people, I would say the majority of the people who use Tor a probably people who are just wanna be left alone, who just don’t want their every activity to be watched. We have a diversity of user. We are not saying this is a tool just for human rights activists or just for consumers or just for law enforcement or whatever. You are actually hidden among such a diverse group that no one can tell what you are doing on-line just by the fact that you use Tor. So I fire it up and look at pictures of kitten or something like that - just because you are adding one more - one person - to this group who is doing something completely in-activist. So if somebody is looking at the traffic on you know on the exit node
they’re gonna you know see cuteoverload and icanhascheezburger. And they’re gonna think: “This isn’t interesting at all.”
But I also use it for my email, I use it to… We have a browser bundle were… you can just download it, you unzip it to your USB driver or to your computer. You double click it. It starts Tor. It opens up a special configured Firefox Browser. And it says “Congratulations. You are using Tor.” So you are good to go. Very easy to use.
There is also the Tor IM Browser Bundle which has the Pidgin chat client and along the off-the-record plug-in.
So whenever talking about colleagues about sensitive topics I’m gonna use the IM Browser Bundle.

AW: But you shouldn’t use any cookies, I guess. And you shouldn’t use flash. So if you are just surfing the net using the browser bundle it’s not automatically save.

KR: It actually disables a lot of plug-ins that reveal information because you know it could be used… and flash. Sometimes there are various plug-ins that bypass your proxy settings and so reveal your IP address.
Other things you shouldn’t do over the Tor network, because… BitTorrent for instance: there is a vulnerability in peer to peer networks I mean because you need to have a IP address to point to for the very thing to work. Not only does it use up a great deal of bandwidth and it’s bad form, but it’s also not secure ether.

AW: And there are other networks for that.

KP: Yeah.

05:11 VE: Do you think that many users know about it already? What are your steps getting broader popularity?

05:22 KR: Well, up until recently - until the cat was out of the bag so to speak, when it came to censorship circumvention - we weren’t really promoting it because we don’t wanna attract attention. We don’t have any particular political agenda. We are very content agnostics.
So there’s a balance there. So, our primary goal is freedom of expression both in the United States and abroad.

We have some million downloads of the software. Based on what little information we can gather we think we have several hundred thousand users a day. And Tor is actually connected to the academic community when it comes to anonymity and privacy research. So of all the tools that are used for privacy Tor might just have more documentation more research papers written on it than a lot of other tools.
We are tied to the Privacy Enhancing Technologies Symposium …and sometimes there’s a complaint that well “There are lot of papers on Tor. Do somebody please do something on something else…”

AW: The origin or the history of the Tor Project; I mean there is this military background of course like this Naval Security thing… but the academic discourse I think… well I don’t know if it started, but I think it became more public in 90s, somewhere in the 90s and then 2002 the Tor project started, I think.

KR: In 1999 Onion Routing was project of the Naval Research Laboratory. And in 2006 Tor became a US501[c][3] non profit. So the idea has been around since 1999, the organization since the early 2000s.

07:31 AW: Looking back to the 90s there was also like this discussion about PGP, encryption for email… or data. If I go on-line and look at some sights I have the feeling that the interest in encryption and in keeping privacy is in a great decline if you compare it to the 90s. Maybe this is just my impression. But if I look at - for example - Twitter, nobody is actually interested in “is it save to send a direct message on Twitter (or something like this)”.

08:07 KR: Well that’s a cultural shift. I mean back in the late 90s we were all using screen names and very few people revealed their real names. It was a very small subset of the population that was even using it.

And around PGP there was this panic that “Oh, if people will have publicly available encryption. And if we can’t snoop on it, the terrorists will win, the sky will fall, horrible things will happen. And now every time log in into your bank account or you check your email you are using encryption. And as far as I can tell we are not in the apocalypse yet.

I was asked at one point by a journalist you know “How do you learn to use encryption?” and I said: “Who taught you how to log into your bank account? Who teaches you how to log into Gmail or Yahoo or anything like that? Nobody does! It’s become really wide spread. In some ways it’s… people take it as a given, that they put something on-line and there’s this little lock symbol, that they are totally save I mean, that there’s nothing to worry about. Or there’s a SSL certificate and it says “All is save!” you know, or “There shouldn’t be any issues there.”… and then people are more willing to reveal things about themselves. So there is a need for greater awareness of some of the pitfalls of revealing so much on-line.

09:35 KP: Just to add: I also think it’s a demographic shift too. Because you can compare like early user of the Internet tend to be people within like business, academia, research, government. And those people had a big incentive to protect their security, their communications. Nowadays you have, you know, teenagers, kids, grandmas. And for those people, like, for them it’s about “connection”. And so you have separate, different kind of user bases going on-line. The dynamics have shifted. But I think it’s a big challenge bringing privacy again up to the forefront. Well, I don’t know. What do you think?

KR: Well, a lot of people do not care about privacy until something happens, to them or somebody known – maybe they get stalked. Somebody finds their physical location by looking through email headers. Or in least in the States where there is no national health service, insurance companies actually call for your browsing records to see if you’ve been looking for information on specific conditions, so they can drop you from health insurance

VE: They are doin’ it?! It is–

KR: 10:46 Yes, yeah, there are several cases where; there have been law suites and the lawyers from the insurance companies [] asked the Internet service provider for browsing records. Or, since employers provide health insurance, say a relative has some sort of health condition and maybe don’t have a connection at home and so you research the medications… and you give your employer the impression that you have cancer or something else that is quite expensive than they find some sort of reason to fire you. Or maybe, you’re living in a smaller town where everyone knows everyone and your political opinions differ greatly from that of your neighbor so you could suffer socially or professionally from having your opinions known, but you’d nevertheless like to express yourself somewhere, and so doing that anonymously is the only real way that a lot of people are comfortable.

11:42 And part of the vision for privacy enhancing technologies is that we keep governments honest. Because it used to be… we are fond of saying that Orwell was an optimist because in 1984 there were people who actually had to physically clip out articles and it used to be if… you want to get rid of a whole bunch of records all at once you might have to raid some place or maybe burn down a building. And that tends to attract attention. Or if you wanna get information on somebody, you had use to have to knock on their door and maybe break down the door. That also gets attention.
We’re increasingly seeing a state of things where governments can just click on a button and the people who are being surveilled have no way other than trusting due process, in trusting in rule of law, that their governments are going to be – to have some sort of justification instead of just gathering a bunch of information.

12:41 So the role of privacy-enhancing technologies is to force that knock on the door. It is to force your government to come and say “what we’d really like to have information on what you’re doing on-line but you’re using this tool and we can’t tell where you’re going, so we have to go through the [] system, we have to actually [] records and maybe physically take your computer somewhere…”.

13:07 VE: I assume you are talking to many politicians. How many of them do you think […] or do they say to you [that] they will use Tor?

KR: [Laughter] You know, we definitely know people within the government use it, law enforcement–

VE: –the US government?

KR: Well, I won’t just put up the US government. It is a tool that has – I mean privacy is an issue that matters to all different types of people. It’s just their reasons for are different. It matters for human rights defenders, it matters for law enforcement when they are trying to track down criminals. It also matters to criminals who are trying to hide their activities. I mean, that’s the full range.

AW: To everybody, open to everybody.

KR: It’s everybody. Well, the thing between current users and everyone else, including law enforcement people who are hunting them is that Tor and other privacy enhancing technologies that are Open Source and freely available are – you are using the network and all of the computers on it, their owners have consented to using the network. That’s why we have about 2 000 nodes.

Now, if you are unscrupulous, if you are a criminal, you can just use a botnet which has maybe a million nodes. And it’s very fast, it’s very fast-moving. They spring up […] in short order.

14:42 If you are a criminal, you should be using a botnet. [laughters] It’s just a much better alternative to Tor. But if you are a law enforcement agent who is hunting down child pornographers or organised crime than Tor is one of the few options that you can use –

KP: It’s a good option. Again, there are people… in industry… like in the cyber security community, there is a lot of talk about cyber warfare. […] There’s a larger issue like there’s a lot of corporate espionage going on over the Internet and Tor is one of the tools that you know people working with very sensitive data use to protect their communications. It is a really wonderful tool. […]

We believe that people should really use the tool that’s best to their needs. But again, for people that are doing highly sensitive work Tor offers the advantage of hiding your location. It’s really big. It’s very important.

KR: The more people are in this space, with effective tools that tell the users exactly what the tool does and does not do, it’s better for the community as a whole.


16:10 KR: We set up the network assuming that it’s going to be attacked. So it’s a distributed network with 2 000 relays. When you are setting up a path through these relays it’s random so that you are not using the same circuit more than once. The way that’s directed is done in such a way that if one of the directories is giving you a map of the network that differs from the rest of the directories than that will send up warning signals.
So if the directory is compromised, if some part of the network is compromised, than there is save guards built into it. And –of course– all of this gets better when we have more relays. If your government or maybe your employer, or maybe your ISP finds out about Tor and doesn’t like it… because… the main set of relays are publicly available. There’s some advantages to that. But that’s one way that you can block Tor; to put this list, this IP range into your firewall. 17:19
So we have this set of bridges, which… It’s very easy to set one up. All you have to do is click a little button that says “I wanna help censored users reach the Tor network”.
It’s just the first hop into the network, but it’s one that’s not as widely publicised. So it takes governments a little bit longer to get that list. And then if you have friends that are behind a firewall - for whatever reason - that you want help, you can actually click “I wanna help censored users, but I don’t wanna publish this to the bridge directory”. So you could actually give that address directly to a friend – and just have them use it or have them give it to their friends. There is a risk in what you doing is, mapping out your social network, your in-person network, by sharing some network resources.

18:10 That goes back to the education. […] A lot of things like Facebook or circumvention tools – if your oppenent notices that you’re all on this one network,  then that’s a potential security flaw.


18:32 I’m not a cyber utopian and I’m not, I don’t walk through life with my tin-foil hat firmly on my head [laughter] thinking of doom and gloom. But I do think that the openess of the Internet for all types of expression, as a collaborative space is something that does have to be maintained.



Recorded at TF office, by Armin B. Wagner & Volker E.

Tor” and the “Onion Logo” are registered trademarks of The Tor Project, Inc.