Tor, Anonymity, and the Arab Spring: An Interview with Jacob Appelbaum

Author: Ingmar Zahorsky

Originally Published at Peace and Conflict Monitor on: 08/01/2011

 

What does Tor do and who uses it?

In brief, Tor is an anonymity network that allows people to use the internet in a way that avoids traffic analysis. So that means that people who live in an area where there is extensive Internet censorship can circumvent that Internet censorship using Tor. If people simply wish to not be profiled online or watched on the Internet, then they can use Tor as well. It serves as many things because anonymity at the core means that you have resistance to very serious deep packet inspection in most cases. Unless Tor itself is blocked, it isn’t really possible for someone to easily distinguish what you are doing with Tor – that is sort of the purpose of Tor. People use it for all sorts of different reasons. People in Egypt used it to get around the censorship that was occurring there, and people use it all over the place for non-censorship reasons. Police officers use Tor to do investigations, people in countries where there is no Internet censorship but extensive corporate surveillance use it – those corporations often look at your IP address, Tor hides your IP address, and so people often use it to avoid this kind of corporate profiling.

You might be looking at Tor from a particular perspective – maybe you are interested in any of those properties or maybe you simply want to be able to browse the web and see what it looks like to use Google from Germany, that is also a possibility. In some cases, such as in Egypt, people get very excited about it, because they think it is a technology that has this possibility for revolution. I think it is nice that Tor was probably used by some number of people, although it might have only been one, it could have been several thousand, who knows. What I think is nice is that Tor is one of the sort of disruptive technologies that the Internet makes possible. Such a thing wouldn’t be possible without the Internet and I think that it [the Internet] deserves the credit not Tor necessarily, not Facebook necessarily although each different platform that is built on top of the Internet obviously does have a reason for existing and does deserve some credit to some extent.

Tor is just a network and its a dual use technology – people use it for good things and they use it for bad things. Ultimately, free speech is the core of anonymity. There are no payments, there are no logins or passwords or anything like that. It is just free software that you download – and we don’t just mean free as in beer, we mean free as in the free network that is available for people to use without cost. The source code that connects to the network is available for people to read, to study, to modify, to change, and to distribute their changes. We are a non-profit that is dedicated to promoting and helping with anonymity online and the Tor network is one of the things that we produce. We also produce other software that interfaces with it, so Tor in a nutshell is quite a lot of things, used by quite a lot of people and it is in fact made up of those people that use it.

Can you give a concrete example how Tor was used during the revolution in Egypt?

Because Twitter and other websites were blocked, people in Egypt actually used Tor as a proxy for their web browser. They knew that they could install Tor and they would be able to get past the Internet censorship in their country, which was their primary concern. You know, Tor is only as secure as the protocols you send across it, except in certain cases such as this one where you know that the problem is directly between you and the Internet. In that case, Tor is extremely secure and no matter what you are doing over Tor you are almost certainly better off than the government that might arrest you for behavior you do on the Internet or for other things that they would be able to detect and log and then later analyze. Using Tor is probably not a very big deal in these types of investigations, but if they are looking, for example, for a person posting a photograph to a particular website at a certain time, if they had that in a log,that could be very dangerous. If everybody using Tor, you know, is in trouble, that’s a lot more people than just one person at one particular time-frame doing a particular thing.

It’s interesting to note that, from what I understand, people in Egypt, some of them were in this situation where they were doing things on the Internet, where they were either being censored or they were worried that later they would get in trouble for the things that they were posting, like truthful things that they had seen or witnessed, and so they used Tor. Obviously I was not in Egypt during this January 25, January 27th or any of this time this year in fact, so I can only speak to this as a second hand or first hand relay experience and so having not seen with my own two eyes what people are doing. Tor as a project as a network has no idea, there is no way to know except with some statistical analysis. We published those statistics on our website (metrix.torproject.org) but other than that we have to rely on what people tell us. What we have heard is that it is useful and that it has been quite a help for some people. Many people use other things, virtual private networks and so forth, but in general it works very well against the kind of very specific censorship that the Egyptian regime deployed.

Do you believe that with a tool like Tor it is truly possible to be anonymous on the Internet?

It is possible to do some things anonymously on the Internet. I think about anonymity like the roots of a tree; if you have someone that is digging around in the dirt and they run into a broken-off part of the tree root, they don’t realize it is attached with this big structure, but if you were looking at the tree from above you would be able to look at the root structures attached to the tree quite easily and you might even be able to find pieces of the root that have been broken off and you could see all of these things. So if we all carry cell phones, we all carry tracking devices, and if we are all carrying tracking devices one must ask the question how can we have privacy or anonymity? The answer is when some of the actions you take are not directly attached to the large data trail you create, some of your actions can be anonymous – largely, though, they are not. The things that you do on a daily basis they are all tracked. Your financial transactions, whether or not you spend cash or credit cards, it doesn’t make a difference. There are different tracking methods for each of those things and so in this regard privacy is in a lot of ways a very difficult thing to achieve.

When using Tor and the Internet, if you wanted to read the Wikipedia about the conflict in Egypt but you didn’t want anyone to know you were doing that, Wikipedia would see someone from the Tor network. Your ISP would not see anything about the Wikipedia, they would only see Tor and Tor as a network would not know who you were and where you are coming from; so if you are in Costa Rica, or you are in some other place, they don’t know where you are. The network is segmented in such a way; we call it “privacy by design”.

There are a lot of cases when using Tor in which you can do things online that are anonymous. When you use it correctly, you won’t have a thing we call “linkability”. One web browsing session to the next, no one will know it was you that looked at that page about Egypt’s conflict and then you also looked at a comic book by Guy Delisle by the name of Shenzhen, which is a well drawn comic about a travel log in China. They wouldn’t know that it was the same person. In that way it is very anonymous but if you were to log onto the Wikipedia with your real name and make a lot of edits you would start to leave behind a trail of where you used Tor often. That would build a profile of you and no amount of anonymity or security technology really changes the fact that if you say “my name is Ingmar” – Tor will do its job and route that anonymously somewhere, but if the other person really believes you are Ingmar, than its going to be hard to convince them otherwise. No security or anonymity will change that.

 

Privacy is really only as good as you make it. In some cases, you can definitely take action that is hard to trace to you. You can consume or read things, but if, for example, you were to write a blog post about a conflict situation that you had seen in a war zone and you were to take photographs and post it on a blog, your camera has a thing called meta data, that it embeds into an image. Maybe that includes your camera’s serial number. So now you anonymously posted that photograph and you’ve done a writeup. Well your words that you write down are susceptible to a type of anonymity attack called “Stylometry”, which is the idea that you can characterize a person’s writing style and positively identify them from large bodies of text, so if you were also an experienced journalist and there were many people that suspected it was you, they could use these stylometry techniques to look and see if the person that wrote the anonymous blog post was the same as the person that writes a weekly column in the local newspaper. That can be a real threat to privacy, so, you know, you have to be very careful about how you cross your “T”s and dot your “I”s and of course, your serial number for your camera is also in that post at the same time and you’ve even taken another photograph and put it online somewhere else, so someone will be able to look at that photograph and see that the serial number is the same so they don’t even have to go to the camera company, they already got you as a suspect.

So, depending on what people are doing, yeah, Tor will help you to be anonymous in some cases, but that doesn’t mean that you will be perfectly private if the things that you are doing leak information about you. You have to be very careful about the details and you really have to take some time to realize that there is a process where everything that you do might betray you. It is very easy to do this in the real world, because in the real world we think about it. When you walk you leave a footprint behind. When you use your credit card you literally leave your name and number behind, and so, if you have these situations, its easy you see it with your own eyes – you remember putting your footprints down, you remember that your shoes have a particular print on the bottom. You mostly understand this in general in your own experience in your own life. People notice how you are dressed, they see this identity that you put forward to the world. With technology, it is often the case that the identity you put forward to the world is hidden even from yourself in this way. I mean, the things that you say are there but there are traits about you that are not obvious that you are leaving behind. So, yes, Tor can help you to some degree – it is a very powerful tool in service of your privacy and of your anonymity – but it isn’t a panacea, because you may still do things that are threatening to your own privacy.

Can an anonymous person have credibility?

Well there are different types of anonymity. For example, location anonymity means that if you connect to Twitter, Twitter doesn’t know if you are in Costa Rica or in Iran. Can someone who is posting online on a regular basis on Twitter have credibility? I think so. Because location anonymity and anonymity from Twitter means almost nothing in the context of what they are saying. Unless they are saying they are at a particular place, in which case the burden of proof lies with what they have said. If what they have said is something that can be cited or is backed up in some way, then absolutely, anonymous people can have credibility.

Additionally, it is possible that someone can post something a single time and not sign it and that in itself is a record that brings credibility by the mere existence of it. For example, a leaked document is a great example of where an anonymous person speaks out and says this is something that needs attention, let’s look at this, and sure enough other people will confirm the authenticity of the document. So, an anonymous person for that moment, that action, sure seems like a credible thing to me.

There are lots of other examples that are just like this where people take time to write things down or write them up as it where, and when they do that, they are able to do this a couple times in a row and in a sense this is a kind of anonymity, but in another sense its a thing we call “pseudonymity”; so if I were to write online and I was to say my name is ioerror, that is the kind of anonymity. I am actually that anonymous person but I claim to be a person called “ioerror” and that is my nickname, my pseudonym, and you know, when I post on Twitter, people see these things that I am posting online and there is some ability for someone to read what I said or see what I said and to determine if it is something that interests them and if it is verifiable, whether or not they actually have seen my drivers license to know my real name or my passport or my birth certificate; all that is kind of irrelevant.

We live in a world where for the most part we use our real names to interface with people, but really what we do is we leave behind a bunch of digital trails, like our preferred login name or a style of writing or whatever. These are like facets of our identity that we leave behind, little tiny pieces here and there and they make up the whole that we experience and then we think of our own experience and say “oh we have no privacy”, or “oh no, we have no anonymity”. When you look at just a piece of someone else you might think, “how can you have credibility there because they are just an anonymous person?”, but if you can sew a thread together or if the thing that’s said is factual, you can back it up if there is something to it, and it seems likely and so forth, than it is absolutely possible to have credibility.

At the same time, just because someone has said something that does not make it credible and it doesn’t mean that because they are anonymous they have some noble goal or they have something they want to say that really needs to be heard. It is important to note that there isn’t some amazing magical thing in itself that gives anonymity some value. The things that need to be said probably still need to be vetted in some way.