Tor Promises Not To Build Backdoors Into Its Services

An anonymous reader quotes a report from Engadget: Tor has published what it calls a "Social Contract" comprised of promises to users and the principles the team believes in. Whatever the reason is, its social contract contains one interesting pledge: "We will never implement front doors or back doors into our projects," the team wrote. Tor's ability to keep users anonymous made it the go-to browser of people looking for drugs, illegal firearms, hitmen, child porn and other things you won't find on eBay or YouTube. If there's a browser law enforcement agencies would want a backdoor to, it's Tor, especially since its main source of funding is the U.S. government. That's right -- the famous anonymizing network gets most of its money from a government known for conducting mass surveillance on a global scale. Loudly proclaiming that it will never build a backdoor into its services might not even matter, though. The government already proved once that it's capable of infiltrating the dark web. If you'll recall, the FBI identified 1,500 users of a child porn website called "Playpen" by deploying a Tor hacking tool. It led to numerous court battles that opened up the discussion on the validity of evidence obtained without warrant through malware. "We believe that privacy, the free exchange of ideas, and access to information are essential to free societies. Through our community standards and the code we write, we provide tools that help all people protect and advance these rights," Tor writes in the contract.

Could it be more thick on the propaganda?

[gweihir]

Seriously, is TOR so unbreakable that you shills need to bad-mouth it at any opportunity?

First, the promise to not backdoor is ages-old. Second, who finances it has been known since shortly after the beginning of the project. I asked Roger Dingledine more than a decade ago about it and his answer makes a lot more sense than the often repeated "The gobbermet founds it, it has backdoor!" that never comes with any additional details. And as to backdoors, it is very hard to keep backdoors in FOSS projects with active communities hidden for a long time. Add to that that anybody that finds a working backdoor in TOR has instant fame, backdoors in TOR are rather unlikely. And as to "TOR was broken in the past by the FBI", that is just a shameless lie. What was broken was the JavaScript engine of Firefox that served as basis of an outdated TOR browser bundle that the users did not upgrade despite very clear warnings each time they started it. That is right, the FBI simply implemented that attack against Firefox after the vulnerability was fixed (and likely they did it form the documentation of that vulnerability) and caught these 1500 idiots that way, no vulnerability in TOR and only a FF vulnerability that had already been patched in the current TOR browser bundle.

Now, despite these facts, the same idiotic anti-TOR propaganda keeps going. I can only speculate that this is intended to drive people away from TOR and to less-secure alternatives that are a lot easier to break.