Tor Wars: The Signal Awakens
The long arm of the law wants ever more eyes, if you’ll pardon the gruesome metaphor. The UK government recently unveiled an attempt to legalize “draconian state surveillance powers.” US voices keep calling for a mythical “secure golden key”
for government access to encrypted messages. Canadian police describe
encryption plus legal decisions favoring online privacy as “a deadly combination.”
Meanwhile, in meatspace, cameras are everywhere. An EFF report on the
thousands of automated license place cameras out in the wild, “mounted
on street poles to capture the plates of passing cars as part of ongoing
law enforcement dragnet surveillance programs,” revealed
that “more than a hundred ALPR cameras were exposed online, often with
totally open Web pages accessible by anyone with a browser.” Another informs us that “mobile biometric technologies are now being deployed more widely and cheaply than ever before—and with less oversight”?
Who here thinks that there will be fewer cameras and less
biometric analysis in the future? Who here thinks they won’t be fully
internetworked? Who here thinks there will never be sky-eye cameras
looking down from law-enforcement drones, watching us all? Anyone?
Anyone at all? …Didn’t think so.
As a result, in the not-too-distant future, it seems likely that the
only real privacy you will have will be online. Maybe, if you’re lucky,
inside the walls of your own home. (And perhaps places where you pay for
privacy “by the second,” to quote William Gibson’s Neuromancer.)
It won’t be long at all before everything you do out in the world can
and probably will be mapped, tracked, data-mined, and analyzed. That’s
why online privacy is so important, and why threats to it matter.
And that’s why Tor,
aka “The Onion Router,” is so important. Tor routes your web traffic
through layers of computers that don’t track your data, so that nobody
can tell which sites you’re using, and the sites you’re using can’t tell
where you are.
It’s been around for many years now, but I’m pleased to report that it’s still taking major strides forward. Last year Facebook made itself more available via Tor. Then Facebook allied with Tor
to, as of last week, reserve the .onion top-level-domain for Tor, which
will make secure Tor connections vastly easier to set up. And just last
month Tor launched a beta messenger app.
Interestingly, Tor was initially developed
by the US Naval Research Laboratory, who open-sourced its code in 2004.
For Tor to be effective, it needs a broadly diverse spectrum of users —
if only dissidents use it, then using Tor marks you as a dissident; if
only spies use it, then using Tor marks you as a spy — so it has become
an entertainingly big tent encompassing all kinds of people who want to
use the Internet without being tracked, on all sides of the political
spectrum(s).
(This, and Tor’s history of US government sponsorship, has led to series of really embarrassing conspiracy theories
from the likes of PandoDaily. This is why non-technical journalists
should not write about technical subjects. If you’re going to suggest
that open-source software has dark ulterior vulnerabilities, you need to point at exactly where they are in the code (or deployment process),
or you will quite rightly be laughed out of the room. Funding and
relationships are not unimportant — and I’m sure Pando will now write me
off as part of the shadowy conspiracy, as Tor developer Jacob Appelbaum
is an old friend — but it’s the running code that actually matters.
Sadly, non-engineers don’t seem to understand this, or how laughably
ridiculous they look as a result.)
And while we’re on the subject, I’m even more pleased to report that
Tor is by no means the only small collective of skilled developers /
hackers / activists working to improve your online security. I give you,
at long last, Open Whisper Systems‘ brand new Signal release for Android, rolling secure messaging and secure phone calls into a single app named Signal:
Post a Comment