Winnipeg Free Press - ONLINE EDITION

The mirage of Internet privacy

  • Print

It has been a rough couple of months for the folks at the Tor Project.

Tor — it stands for "The Onion Router" — camouflages its users’ Web communications with encryption and by bouncing signals around server nodes in different parts of the world so that it’s all but impossible for either governments or advertisers to track them to their origins. Its fans hail Tor as a vital tool for those who live under repressive governments.

But Tor has suffered a series of public embarrassments — embarrassments that teach important lessons about the increasingly desperate search for online privacy.

Last month, we learned that the anonymity protocols that are Tor’s reason for existence had been hacked, apparently by the FBI, which was investigating an alleged purveyor of child pornography. Then, last week, we were reminded that some 60 per cent of the budget of the Tor Project comes from the federal government, including a whopping 40 per cent from the Department of Defense. (Tor responded in an email published in the Washington Post that these are research grants, and the U.S. government does not control its research or software.)

Now, most unkindly of all, Technology Review is piling on. This week, the popular technology site reported a study by the same researchers at the University of Luxembourg who earlier in the year found a major security flaw at Tor. (They informed Tor of the problem, and it has been repaired.) In their new study, the researchers have unpeeled a few layers of Tor’s celebrated onion of anonymity, releasing a tabulation of the most popular among Tor’s "hidden services" — that is, sites that can be accessed only via Tor itself.

The news wasn’t good.

For a site whose glory has long been the image of the courageous freedom fighter in, say, Syria bravely sending messages to the world, the results were depressing: "Of the top twenty most popular Tor addresses, eleven are command and control centres for botnets, including all of the top five. Of the rest, five carry adult content, one is for Bitcoin mining and one is the Silk Road marketplace. Two could not be classified." It gets even worse: "The FreedomHosting address is only the 27th most popular address," according to Technology Review.

In other words, the anonymity of Tor appeals principally to botnets, commonly used by spammers; those who peddle or seek pornography; and those who use a marketplace that has been called "Amazon.com for illegal drugs."

As for Freedom Hosting: It was, for a while, one of the glories of the Tor universe. Although not sponsored by Tor, Freedom Hosting promised free accounts to anyone. But in August, the founder of Freedom Hosting was arrested, charged by the U.S. government with being the world’s biggest purveyor of child pornography. He was also said to have turned a blind eye to other people’s use of Freedom Hosting for that purpose.

So what are the lessons of Tor’s long summer? Principally this: We are unlikely ever to be able to ensure our privacy through technical means alone. Ever since the days of the Polybius square, the race between encryption and decryption has been won by the decrypters.

Just this week, we learned that the National Security Agency may have developed either decryption capabilities or secret backdoors that enabled it to break most Internet encryption. (The problem may be even worse if, as some experts speculate, NSA is developing dedicated chips that will aid in cracking even the elliptical keys that not long ago were said to carry the promise of a more secure online future.)

Nor can we protect privacy online through laws and court orders. The NSA, we are now told by a federal judge, for three years "frequently and systematically" breached the limits placed on database searches by the Foreign Intelligence Surveillance Court. Think this isn’t about you? The database in question includes "the phone records of nearly all Americans."

Privacy is best understood not so much as a collection of discrete constitutional rights but as a shared sense that it is possible for us to go about the business of daily life protected by a government that neither knows nor cares how we spend the bulk of our time. The minutes of our lives are entirely our own.

But in a world ruled by the Web, privacy in this traditional sense seems so 1990s. "There’s nothing you or I can do to put the genie back in the bottle," writes security analyst Neil J. Rubenking. (The title of his post: "Privacy is Dead. The NSA Killed it. Now What?") "The best we can hope for," he writes, "is to keep the government in check by electing sane, sensible candidates."

That won’t be enough. The government’s appetite for information isn’t going to wane under either party. A voracious security bureaucracy isn’t going to go on a sudden diet. The bad guys will always be drawn to the shadows. Those who chase them will always find this an adequate reason to ban darkness.

So yes, as Tor users have lately learned, privacy in the traditional sense is most certainly dead. But the killer isn’t the NSA. It’s the Internet itself — or, more to the point, our entire reliance on it, our naive belief that we can spend hours each day sending signals into the ether and nobody will pluck them out.

If we don’t want anyone to know what we’re buying, we’ll have to visit brick-and-mortar stores and pay cash. If we don’t want those who are sworn to protect us reading our e-mail and listening to our calls, we’ll have to meet our friends in person. It’s our growing unwillingness to take those time-consuming steps that’s killing our privacy.

 

Stephen L. Carter is a Bloomberg View columnist and a professor of law at Yale University. He is the author of "The Violence of Peace: America’s Wars in the Age of Obama" and the novel "The Impeachment of Abraham Lincoln."

 

— Bloomberg

Fact Check

Fact Check

Have you found an error, or know of something we’ve missed in one of our stories?
Please use the form below and let us know.

* Required
  • Please post the headline of the story or the title of the video with the error.

  • Please post exactly what was wrong with the story.

  • Please indicate your source for the correct information.

  • Yes

    No

  • This will only be used to contact you if we have a question about your submission, it will not be used to identify you or be published.

  • Cancel

Having problems with the form?

Contact Us Directly
  • Print

You can comment on most stories on winnipegfreepress.com. You can also agree or disagree with other comments. All you need to do is be a Winnipeg Free Press print or e-edition subscriber to join the conversation and give your feedback.

You can comment on most stories on winnipegfreepress.com. You can also agree or disagree with other comments. All you need to do is be a Winnipeg Free Press print or e-edition subscriber to join the conversation and give your feedback.

Have Your Say

New to commenting? Check out our Frequently Asked Questions.

Have Your Say

Comments are open to Winnipeg Free Press print or e-edition subscribers only. why?

Have Your Say

Comments are open to Winnipeg Free Press Subscribers only. why?

The Winnipeg Free Press does not necessarily endorse any of the views posted. By submitting your comment, you agree to our Terms and Conditions. These terms were revised effective April 16, 2010.

letters

Make text: Larger | Smaller

LATEST VIDEO

Winnipeg Cheapskate: Preparing for Boxing Day

View more like this

Photo Store Gallery

  • JOE.BRYKSA@FREEPRESS.MB.CA Local-(  Standup photo)-    A butterfly looks for nector on a lily Tuesday afternoon in Wolseley-JOE BRYKSA/WINNIPEG FREE PRESS- June 22, 2010
  • MIKE APORIUS/WINNIPEG FREE PRESS BUSINESS - cow on farm owned by cattle farmer Lloyd Buchanan near Argyle Wednesday afternoon -see Larry Kusch's story  January 04/2006

View More Gallery Photos

Poll

With the Canadian junior team off to such a great start, will you be watching the World junior hockey championship?

View Results

Ads by Google