Why we need Tor now more than ever

Uploaded on 2014-10-08 in FREE TO VIEW, NEWS-Cybersecurity News

Since Edward Snowden leaked documents demonstrating the breadth of the National Security Agency’s digital surveillance last year, the global conversation around Internet freedom has shifted from censorship to surveillance. Where once the focus was on China’s Great Firewall or Iran’s vision of a “halal Internet,” now eyes are trained on the use of FinFisher for targeted surveillance or the NSA’s global dragnet.

But censorship and surveillance go hand in hand. Just as censorship restricts individuals from accessing information and communicating freely, surveillance also chills speech, causing fear amongst a populace and hindering innovation, communications, and progress.

Initially developed by the U.S. Naval Research Laboratory and DARPA, Tor (which originally stood for “the onion router”) is free software that enables anonymity and censorship circumvention. Since 2006, the Tor Project has operated as a nonprofit organization based out of Massachusetts; it receives funding from a range of sources, including individual donors. Karen Reilly, the Tor Project’s development director, told me that since the organization enabled donations with Bitcoin—the peer-to-peer payment system that allows users to send money anonymously the organization has seen an uptick in donations, an unsurprising development given their user base.

Tor often gets a bad rap for its ability to enable criminals to operate anonymously online, but for many of its users around the world, it’s a necessity.

From Syria where tech-savvy Internet users have long taken advantage of Tor’s ability to circumvent state censorship—to countries like the United States, where people utilize the tool for a variety of reasons, Tor (when used correctly) ensures that governments, individuals, and corporations alike are unable to spy on Internet users’ activities. It serves as a digital shield, protecting the identity and communication of those who need it most, like domestic abuse victims and transgendered service members, to give but two examples of oft-overlooked Tor users.

It isn’t just individuals in repressive environments that value Tor, however. Zack Whittaker, an editor with CBS Interactive, says that for journalists, the tool is vital.

“Covering national security, law, politics, and technology, particularly in the post-Snowden era, means source secrecy is more important than ever,” Whittaker argues. “Without Tor, I couldn’t do my job.”

Tor (when used correctly) ensures that governments, individuals, and corporations alike are unable to spy on Internet users’ activities. Post-Snowden, it seems Tor’s biggest challenge might be in meeting user demand. Tor’s software relies on a volunteer network of “relays,” operated by individuals and organizations around the world. In other words, as the Electronic Frontier Foundation explained in a recent challenge to improve the network, “the more Tor relays we have running, the faster, more robust and more secure the Tor network will be.”

Apart from the aforementioned concerns about malevolent usages of Tor, an oft-expressed concern from new users is that using the software will make them more suspicious. However, the more users on the Tor network in a given locale, the more hidden each individual user is. That’s why widespread adoption is crucial in the areas where it’s needed most, and that’s why Tor needs to push forward despite its more nefarious capabilities.

The anonymity that Tor provides either works for everyone or it works for no one. It can only assist massive liberation movements like the Arab Spring or help to defend journalists and free speech from oppressive regimes even if it can also enable criminals. If anonymity is to be truly safe and secure, that means it has to be safe and secure for everyone.   

kernel

« Is Big Data the Best Preparation Against Natural Disasters?
Desmond investment bets on spooks to win cyber war »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Logically Secure

Logically Secure

Logically Secure provide penetration testing and security assessment services.

CIRT.GY

CIRT.GY

CIRT-GY is the national Computer Incident Response Team for Guyana.

MIT Internet Policy Research Initiative (IPRI)

MIT Internet Policy Research Initiative (IPRI)

IPRI's mission is to work with policy makers and technologists to increase the trustworthiness and effectiveness of interconnected digital systems

ThreatQuotient

ThreatQuotient

ThreatQuotient delivers an open and extensible threat intelligence platform to provide defenders the context, customization and collaboration needed for increased security effectiveness.

CSIRT-CY

CSIRT-CY

CSIRT-CY is the National Computer Security Incident Response Team for Cyprus.

Excelsecu Data Technology

Excelsecu Data Technology

Excelsecu is a global solution provider of online identity authentication, widely applied in banks, government bodies and enterprises.

Joint Accreditation System of Australia and New Zealand (JASANZ)

Joint Accreditation System of Australia and New Zealand (JASANZ)

JASANZ is the joint national accreditation body for Australia and New Zealand. The directory of members provides details of organisations offering certification services for ISO 27001.

Riddle&Code

Riddle&Code

Riddle&Code is a product-led services company specializing in onboarding industries to Web3. The team's mission is to provide a trusted connection between the digital and physical worlds.

Center for Infrastructure Assurance and Security (CIAS)

Center for Infrastructure Assurance and Security (CIAS)

CIAS is developing the world's foremost center for multidisciplinary education and development of operational capabilities in the areas of infrastructure assurance and security.

CRI Group

CRI Group

CRI Group excels at deterring, detecting and investigating crimes against businesses using a global network of professionals specially trained in Anti-Corruption, Risk Management and Compliance.

CyberAcuView

CyberAcuView

CyberAcuView is a company dedicated to enhancing cyber risk mitigation efforts across the insurance industry.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

Adaptiva

Adaptiva

Adaptiva, the autonomous endpoint management company, delivers the fastest way to patch and manage endpoints at scale.

Yokai

Yokai

Yokai is a secure, distributed platform for data communication with enhanced security features tailored for classified environments such as finance, defence, healthcare, cybersecurity, and more.

GrayHats

GrayHats

GrayHats is a platform-based cybersecurity company devoted to delivering comprehensive, scalable, and proactive protection for businesses in an ever-evolving threat landscape.