The debacle over Haystack, the internet filtering circumvention tool developed for dissident Iranians, is amongst other places on the web, covered in detail in the Economist and on Slate. The author of the piece on Slate, Evgeny Morozov (like myself, a TED Fellow and who almost single-handedly held Haystack’s claims to public scrutiny from the get-go) raises significant concerns over how the US administration cleared so embryonic and flawed a tool to be used in Iran by cyber-dissidents in the first place.
In a way responding to the fiasco is Roger Dingledine from the TOR project through an article titled Ten things to look for in a circumvention tool. As Morozov notes on Slate,
It’s a good thing Haystack collapsed in such an embryonic stage, before it could grab even more of the spotlight—and, just as important, grab even more funding—from other, worthier tools.
TOR is one such tool, and one I’ve used for quite a while now. The TOR Installation Bundle for Apple OS X makes it about as easy as it gets to access the web securely. There also a version for Windows that runs completely off a USB drive. There are some downsides. Java, Flash, ActiveX, RealPlayer, Quicktime, Adobe’s PDF plugin and other plugins don’t work by default with TOR because of security considerations. So while you can actually load up Hulu and BBC’s iPlayer in Sri Lanka, the default configuration will not allow you to watch anything. This can be confusing for the novice user, since TOR itself gives no error message, and the websites, when visited with TOR active, suggest that you don’t have Flash installed. TOR is configured to run with Firefox. To set up Chrome or Safari, you need to dabble into network and proxy settings. With TOR active and using Firefox however, without going through any dodgy web proxy, I can easily access a site like Tamilnet, which is blocked across all ISPs in Sri Lanka.
Though Roger Dingledine’s attempts to not push a specific tool or platform, TOR clearly emerges primus inter pares. For example, he notes,
A privacy tool like Tor has many different classes of users around the world (ranging from ordinary people and human rights activists to corporations, law enforcement, and militaries) so the fact that you have Tor installed doesn’t give people much additional information about who you are or what sorts of sites you might visit. On the other hand, imagine a group of Iranian bloggers using a circumvention tool created just for them. If anybody discovers that one of them is using it, they can easily guess why.
This is an inaccurate, partial observation. Roger talks about TOR users globally. Within a region, country or context, it’s obviously a few who will use TOR. A repressive government will know who amongst its members, and the rank and file of its Army, is authorised to use TOR. Anybody else will raise a red flag – whether they are using it to exchange software code, or whether they are exchanging information on war crimes. In other words, in most in-country use cases, by merely having TOR active, you are raising your profile on the government’s radar, irrespective of the purposes for which you use TOR for. Much as Roger understandably wants to differentiate Haystack from TOR, the fact remains that merely by choosing to use them, the security of data brings with it a profile that can augment risk and harm, which can ironically increase the more time and data is respectively spent and transmitted through encrypted channels on the web.
TOR’s own architecture is open to surveillance. WikiLeaks Was Launched With Documents Intercepted From Tor is a Wired magazine article that was subsequently refuted by Wikileaks. User ignorance over what TOR is and can do may also lead to expectations and assumptions that risk informationintegrity. For example, as The Register flags,
For example, in September 2007, Swedish security consultant Dan Egerstad ran a packet sniffer on five Tor exit nodes under his control, recovering the login credentials of about 1,000 email addresses, including at least 100 accounts belonging to foreign embassies in the process.
This is not an aspect Roger Dingledine covers. He does however clearly flag the distinction between encryption and privacy, and brings up a number of other challenges associated with both online that make for very interesting reading. Point 10 – dealing with how one can promote circumvention and privacy tools – is well particularly well put,
Censors generally block two categories of tools: 1) the ones that are working really well, meaning they have hundreds of thousands of users, and 2) the ones that make a lot of noise. In many cases censorship is less about blocking all sensitive content and more about creating an atmosphere of repression so people end up self-censoring. Articles in the press threaten the censors’ appearance of control, so they are forced to respond.
Emphasis mine, italics in original. As the Economist notes,
While geeks unpick Haystack’s technical failings, the political storm is growing. The unthinking praise for the project may have temporarily boosted Mr Heap’s Censorship Research Center. But the wider effect was to violate a central principle of democracy-promotion: “first, do no harm”.
TOR’s reputation and open nature lends it an authority Haystack never had, and now never will. It is particularly tragic therefore that an untested and relatively untried tool, undergirded by slick marketing and riding on grandiose US foreign policy was able to pass muster with the likes of the US State Department and one of the world’s best media organisations, the Guardian.
Concerning:
“In a way responding to the fiasco is Roger Dingledine from the TOR project through an article titled Ten things to look for in a circumvention tool. ”
It is in fact a timely reposting of an Article prepared some time ago.010
“Originally prepared for the March 2010 “Index on Censorship”,
then adapted for the July 2010 “China Rights Forum”
https://www.torproject.org/press/presskit/2010-09-16-circumvention-features.pdf
You are right in mentioning that use of Tor can raise a red flag like Haystack, the difference at this stage is that Tor is more widespread and is touted as tool with numerous purposes, Whereas Haystack is restricted just to Iran and is Touted as a way of challenging the current regime, it is still in beta and apparently it was distributed to a small set of people. This mean this narrow group of Iranian users are effectively carrying around a gigantic Red flag with a virtual Bullseye.
Of course Tor exit nodes can be used to monitor and collect data from users, but the Tor Project explicitly highlights this again and again. Haystack is not open source has never been reviewed by any independent entity and due to it’s self restricted nature it has been impossible to get hold of a copy of Haystack to analyse it’s underlying code or that of the software running on it’s integrated servers.
Haystack looks like dangerous snakeoil and I am sure it will end up in the Dog House soon:
https://encrypted.google.com/search?domains=www.schneier.com&sitesearch=www.schneier.com&q=dog+house&hq=inurl%3Awww.schneier.com%2Fblog