On 28 December 2014, the German newsmagazine Der Spiegel released a huge tranche of documents from the Snowden archives to the public. Some of these had been released by the Guardian, the New York Times and the website ProPublica earlier but in redacted or incomplete forms.
The Der Spiegel article accompanying the release – “Prying Eyes: Inside the NSA’s War on Internet Security by SPIEGEL staff” is – for us problematically – actually co-authored by Jacob Appelbaum and Aaron Gibson, both of whom work on the Tor Project. The ubiquitous appearance on stage, video and in the press of Appelbaum and other Tor principals, all of whom openly acknowledge and are untroubled by the fact that a large portion of their Tor paychecks come from the US Department of Defense is cause for concern. These people are anything but dispassionate and neutral reviewers of Internet anonymity software. They have a product they’re flogging and they get paid very well – by the US Military no less! – to do so. Tor’s reassuring claims that “anyone” can assess the robustness of the security protocols engineered into Tor because it’s an “open source” program should be taken with a grain of salt. The fact that a software program is “open source” provides absolutely no assurance at all that its security is proof against government surveillance. That’s like saying that carbon monoxide can’t be dangerous because it’s invisible. It’s an empty promise that can only be verified by the relative handful of human beings who have spent years and even decades studying advanced computer science and programming disciplines – and that’s precisely why the only people who seem – at least to the bourgeois press – to be capable of assessing the validity of Tor’s increasingly contradictory claims of being “the best that the world’s got” in terms of secure Internet communications – are the employees of the Tor Project itself. And this is not a good thing.
So we have Appelbaum and Gibson – and, less and less surprisingly Laura Poitras (another one whose name keeps popping up all too often in the company of these Tor cretins) – pontificating in Der Spiegel as the high priests of Internet Security, “authoritatively” telling us all how to interpret the now no longer “poppin’ fresh” NSA documents describing that agency’s rankings of the best and worst Internet anonymity programs available to the general public. We are increasingly finding ourselves being put in a position where we have to rely on paid agents of the US Government to advise us on which are the best anonymity tools to use to keep our Internet communications free from surveillance by – the US Government! This bullshit is absolutely unacceptable; and anyone who is an opponent of the US Government who drinks Tor’s Kool-Aid is going to have a hell of a hangover one of these days, as the folks formerly running Silk Road I and II can attest.
In a section of the Der Spiegel article by Appelbaum, Gibson et al, under the heading “Still Safe from the NSA” we read that: “[a]s one document from the Snowden archive shows, the NSA had been unsuccessful in attempts to decrypt several communications protocols, at least as of 2012. An NSA presentation for a conference that took place that year lists the encryption programs the Americans failed to crack. In the process, the NSA cryptologists divided their targets into five levels corresponding to the degree of the difficulty of the attack and the outcome, ranging from ‘trivial’ to ‘catastrophic.’
“Monitoring a document’s path through the Internet is classified as ‘trivial.’ Recording Facebook chats is considered a “minor” task, while the level of difficulty involved in decrypting emails sent through Moscow-based Internet service provider ‘mail.ru’ is considered ‘moderate.’ Still, all three of those classifications don’t appear to pose any significant problems for the NSA.
“Things first become troublesome at the fourth level. The presentation states that the NSA encounters ‘major’ problems in its attempts to decrypt messages sent through heavily encrypted email service providers like Zoho or in monitoring users of the Tor network*, which was developed for surfing the web anonymously. Tor, otherwise known as The Onion Router, is free and open source software that allows users to surf the web through a network of more than 6,000 linked volunteer computers. The software automatically encrypts data in a way that ensures that no single computer in the network has all of a user’s information. For surveillance experts, it becomes very difficult to trace the whereabouts of a person who visits a particular website or to attack a specific person while they are using Tor to surf the Web.”
[Source: Der Spiegel: “Prying Eyes: Inside the NSA’s War on Internet Security” 28 December 2014]
There are several problems with this description of the NSA documents released here, starting with the fact that Appelbaum and Gibson’s claims that the NSA encounters “major problems” in deciphering traffic routed through Tor is disingenuous if not an outright lie. The NSA might have been having difficulty dealing with Tor traffic two years ago, but how does that square with the recent takedowns of the Silk Road networks? Two years ago is ancient history, and much of recent history would lead any intelligent person to conclude that Tor’s anonymity has already been fatally compromised by the US and UK government spies – at least.
On top of Appelbaum’s blatantly fraudulent claims for Tor’s opacity to the NSA’s spooks, we have the documents themselves, which appear to show that it was in fact the UK’s Government Communications Headquarters, a.k.a. GCHQ, not the NSA that made the first significant breakthroughs in cracking Tor’s anonymity. Appelbaum et al are engaging in the use of half-truths in order to press their case that Tor is “Still safe” against the NSA’s massive spy apparatus. This is a classic disinformation technique akin to the CIA’s “non-denial denials”.
Look at this GCHQ document that was released by Der Spiegel as part of the Appelbaum article:
There’s no date on the document, but it obviously must be more recent than the NSA’s documents claiming that Tor’s anonymity was still a “major” problem for them. On the last page of the GCHQ doc, they’ve given themselves a “1st place” ribbon, as if to make the claim that they have been the first to crack Tor’s anonymity. This would have happened sometime after say 2012 and before Edward Snowden “took a walk” from the NSA with this document. The GCHQ document states that, in conclusion:
“Hope to get this running live at GCHQ soon” – 2 years ago! “Full paper and software available” – 2 years ago! And then…
Try to square what you’ve just read in this GCHQ document with Appelbaum and Gibson’s blatant disinformation as to the tone of the document:
“Tor deanonymization is obviously high on the list of NSA priorities, but the success achieved here seems limited. One GCHQ document from 2011 even mentions trying to decrypt the agencies’ own use of Tor — as a test case.”
Yes it was a test case – and a successful one! Why do Appelbaum and Gibson misrepresent the actual message that comes through so clear upon reading the actual document? We believe that the answer is all too obvious.
We conclude from this that Tor’s anonymity was first seriously compromised in 2012 and was destroyed entirely sometime in 2013. The “proof-of-concept” was put into real-world use against the Silk Road network this past year (2014) with stunning “success”, leading to criminal trials and imprisonment of a number of people who mistakenly believed that by using Tor they were secure from government attacks. Where, oh where did they get that idea? After the Silk Road takedown, what degree of security should any political dissident here in the USA who actively opposes the US Government – and who has been using Tor to protect the identities of his or her contacts and Internet communications – expect from this now-demonstrably worthless program?
The fact that Appelbaum is still flogging Tor’s capability for anonymizing Internet communications in the face of this massive evidence to the contrary can only mean two things: either Jake Appelbaum is dumber than a bag of hammers or he is out there on stage shucking and jiving quite consciously as a paid shill for the NSA. The NSA finds itself “stuck” with a now-publicly compromised piece of anonymity software that is still being widely used by its “clients” in the US Government – the CIA, the Department of Defense and the US State Department – to cloak the activities of their spies as they launch attacks against the principal enemies of the US capitalist class: China, Iran, Russia and Syria. These agents are still using Tor to hide their activities until something better is developed; but Tor is only effective for their purposes if the US spies’ Internet traffic is buried in a mass of relatively innocuous “civilian” traffic. Incredibly – thanks to the stupid flatfoot FBI’s manic determination to take down Silk Road by apparently blowing away Tor’s ability to cloak Internet communications – selling this Tor-turkey to the public as robust anonymity software has become far more difficult. So therefore, the Tor Project has been tasked by the DoD to send their most effective con man (pardon us – we mean of course “salesman”) – Jacob Appelbaum – all over the world to “get people excited about” using the now-absolutely-useless* Tor software in order for those people to unwittingly provide “cover’ for the US’ murderous spy and “special forces” operations worldwide.
But don’t worry, kids: Jake the Snake and his pals are working on some new, even more “secure” anonymity software to foist upon you all. After all, NSA/Tor employs all of the world’s experts on these things. One of Jake’s other projects is OTR, Der Spiegel tells us. The “Off-the-Record Messaging” project is overseen by Dr. Ian Goldberg of the University of Waterloo in Waterloo, Ontario, Canada. Dr. Goldberg also “happens” to be “Chair of the Board of Directors of The Tor Project, Inc.” according to his UW bio.
Everywhere you look these people – whose salaries are largely paid by the US Government – have their fingers in the pie… or are running the entire bakery. What better way to remain the “world’s #1 superpower” than to effectively control not only the world’s most repulsive police state apparatus but also those “grass roots” organizations ostensibly dedicated to fighting that very same police state?
Everything that anyone associated with the Tor Project has laid hands on can be considered to be effectively compromised by the long tentacles of the US National Security State. If you’re trying to create a “super-Tor” to supplant Tor, the first step towards that goal is: ring-fence everyone associated with the Tor Project and keep them as far away from your project as possible.
Friends of WikiLeaks – Chicago
*When we say that Tor is “useless” we mean “useless” to those who are actively opposing the US Government. Unless Russia, China, Iran and Syria have also cracked Tor’s anonymity, the program is still quite useful for the US Government and its own agents, spies and hired killers. If you’re using Tor, you’re essentially helping the US Government spy upon and murder people whom it determines to be its “enemies” – maybe even US citizens. Period.