THE TOR PROJECT is entering a crucial phase in its nearly 10-year existence. In the wake of the Edward Snowden leaks, it has assumed a higher profile in the world of privacy and security than ever before. But it’s also come under increased attack by governments out to demonize it, and by law enforcement and intelligence agencies out to crack it and unmask its anonymous users.
To lead it into this new phase, the organization announced today that it had hired Shari Steele as its new executive director, following a five-month search.
The Tor Project had been looking for someone to be the face and voice of the organization, to educate the public about privacy and encourage wider adoption of its tools, and could court donors to help sustain the organization and fund development of its tools.
Steele would seem to be the ideal fit, since she comes to Tor from the Electronic Frontier Foundation where, as executive director for 15 years, she helped grow the organization from a small team of lawyers to a world-class team of attorneys who have led or played a role in nearly every high-profile legal battle of the digital world, including lawsuits challenging the NSA’s dragnet surveillance programs and the government’s use of National Security Letters.
Over the last decade under Steele’s guidance, EFF also widened its role as a protector of civil liberties by adding a team of technologists to its staff, who created privacy software tools like HTTPS Everywhere as well as guides to help people maintain their privacy and security. In announcing Steele’s new job with Tor today, Roger Dingledine, director and co-founder of the Tor Project, suggested that the non-profit organization could move in the opposite direction of EFF, to not only create privacy tools but also become more of a vocal advocate of privacy.
“Tor is part of a larger family of civil liberties organizations, and this move makes it clear that Tor is a main figure in that family,” Dingledine wrote in a blog post.
“At our core we’re a technology organization, and the best thing we do for the world is we write tools like the Tor Browser and make sure they can keep people safe,” Dingledine told WIRED. “But we’re also really interested in the impact of our tools…. One of the things that I’m really looking forward to over the next couple of months is working together among all the Tor people to get a consensus on what we want to be and what our priorities should be. But I’m expecting the core of that to [still] be technology.”
Steele told WIRED that she doesn’t see Tor moving too far in the direction of advocacy.
“My inclination is that Tor is going to remain strictly tools, but that we are going to be the experts on encryption and that may very well mean we’ll get called into talk about encryption, in whatever [role] that might mean,” she said. “I don’t see Tor as becoming like EFF, but it’s a recognition that Tor is an essential part of that infrastructure. Internet freedom can’t happen without it or without EFF.”
The Tor Project develops and maintains the Tor Browser and other software applications and tools. The Tor Browser system, also known as The Onion Router, is a free, open source and sophisticated privacy tool that provides anonymity for web surfing and communication. It works by using servers set up by volunteers around the world to bounce traffic from node to node en route to its destination. Traffic is encrypted through most of that route and is routed over a random path each time a person uses Tor. Although the first server can see the user’s IP address, it doesn’t know its final destination and can’t read the content of the communication. Each node in the network only knows the node from which it received the traffic and then peels off a layer of encryption to reveal only the next node to which it must send the traffic. The last node in the path before it reaches its destination knows where the traffic is headed, but not where it originated.
Originally launched in 2006 and funded by the US Navy, Tor is endorsed by numerous civil liberties groups, most prominently the Electronic Frontier Foundation, which funded it during its pre-launch days—a decision spirited by Steele while at the EFF.
The Tor browser is promoted as a method for whistleblowers and human-rights workers to communicate with journalists and for victims of domestic violence and others who need to conceal their location and communication. But it’s also used by criminals to hide their activity and by law enforcement and other government agencies to visit websites anonymously to investigate and gather intelligence.
Despite the many beneficial uses for Tor, however, the US government and law enforcement agencies have run an effective campaign to characterize it as a tool primarily used by pedophiles, terrorists, drug traffickers and other criminals. NSA documents leaked to the media have shown that the spy agency considers Tor a primary target for surveillance—one that it, and the FBI, has expended considerable energy to crack.
This puts considerable pressure on Tor developers like Dingledine and the project’s other core group of contributors to stay on top of new attack methods targeting their software and to fix any vulnerabilities quickly, something they have not always been able to do while working other jobs and handling other administrative and maintenance duties around the Tor Project.
Dingledine says that with Steele now joining them, he and his fellow developers are happy to be able to focus solely on the technology.
“[W]e need to keep working on the technical side to make tools like Tor as safe as we can make them,” he says. “The technical folks who have been distracted… we’re all looking forward to getting back to making Tor stronger. To be able to handle whatever attacks people are throwing at it.”