Andrew Lewman, the executive director of the Tor Project, has said that he believes GCHQ and NSA agents frequently – and intentionally – leak flaws in Tor’s code. By revealing this information to the Tor Project, NSA and GCHQ agents help to protect Tor users’ anonymity.
Tor allows users to anonymously report bug data, therefore these sources remain protected.
“There are plenty of people in both organisations who can anonymously leak data to us to say – maybe you should look here, maybe you should look at this to fix this,” Lewman said.
He believes that the agents send tips and suggestions “probably monthly,” but admitted that due to the way Tor receives data, he has no idea who sends the reports.
However Lewman says that he deduced the identities of the sources. “You have to think about the type of people who would be able to do this and have the expertise and time to read Tor source code from scratch for hours, for weeks, for months, and find and elucidate these super subtle bugs or other things that they probably don’t get to see in most commercial software.”
Lewman was also told by William Binney, an NSA whistleblower, that many people working for the agency are “upset that they are spying on Americans,” and provide data to Tor in order to right these perceived wrongs.
Neither the NSA or GCHQ had much to say on the issue, but Lewman was keen to point out GCHQ’s hypocrisy.
“It’s sort of funny because it also came out that GCHQ heavily relies on Tor working to be able to do a lot of their operations. So you can imagine one part of GCHQ is trying to break Tor, the other part is trying to make sure it’s not broken because they’re relying on it to do their work.”Leave a comment on this article