from the willful-distortion-of-facts dept
Apple and Google both announced encryption-by-default going forward on their mobile phone operating systems. Law enforcement officials swiftly gathered to talk loudly about all of the dead and molested children that would result from this decision.
The same goes for Tor. The use of Tor can obscure criminal activity -- by hiding the perpetrator and the activity itself. There are plenty of legitimate reasons to use Tor (like many internet services and platforms hoovering up tons of data themselves), but because it makes chasing "bad guys" a little harder, it too must go.
The best way for government agencies to get rid of something they don't like is legislation. When a law enforcement official says something like the following, they're not hoping to sway the intelligent and informed members of the public. They're saying it to sway those who can actually do something about it: tech-clueless legislators and those who vote for them.
At the State of the Net conference in Washington on Tuesday, US assistant attorney general Leslie Caldwell discussed what she described as the dangers of encryption and cryptographic anonymity tools like Tor, and how those tools can hamper law enforcement…That's a scary number. And it's not even close to accurate.
“Tor obviously was created with good intentions, but it’s a huge problem for law enforcement,” Caldwell said in comments reported by Motherboard and confirmed to me by others who attended the conference. “We understand 80 percent of traffic on the Tor network involves child pornography.”
Wired's Andy Greenberg explains how Caldwell took a statistic from Tor research and twisted it to further the government's agenda.
[A] Department of Justice flack said Caldwell was citing a University of Portsmouth study WIRED covered in December. He included a link to our story. But I made clear at the time that the study claimed 80 percent of traffic to Tor hidden services related to child pornography, not 80 percent of all Tor traffic.Which is a big difference. "Hidden services" is not just another term for "Tor traffic." Caldwell conflated the two to further the DOJ's push for the end of anything that presents an obstacle to easy access.
The real number is much lower. Greenberg says that most Tor traffic doesn't route to darknet sites. Only about 1.5% of Tor traffic accesses hidden services, and 80% of 1.5% is a number that wouldn't even trouble the most tech-addled Congressperson or the retirement community that repeatedly votes him or her back into office.
At most, a little over 1% of Tor traffic is related to child pornography. That very low number would seem resistant to improvement. How much money and effort should be thrown at 1% of a service in limited use? The answer would appear to be "not very much," but that doesn't tear down Tor's walls or approve budget requests. So, "80% of all Tor traffic" it is, according to the DOJ.
And that 1.2% may even be overstating it. NickM at the Tor Project Blog points out how some hidden service traffic may over-represent the number of people actually searching for certain illicit goods.
A Tor client makes a hidden service directory request the first time it visits a hidden service that it has not been to in a while. (If you spend hours at one hidden service, you make about 1 hidden service directory request. But if you spend 1 second each at 100 hidden services, you make about 100 requests.) Therefore, obsessive users who visit many sites in a session account for many more of the requests that this study measures than users who visit a smaller number of sites with equal frequency...
The greater the number of distinct hidden services a person visits, and the less reliable those sites are, the more hidden service directory requests they will trigger.He breaks this down later with a hypothetical situation. 1000 people use Tor to access chat rooms while 10 conspiracy theorists use it to dig for information. Chat users may only log in once or twice a day and hang out at the same handful of venues. The ten conspiracy theorists may visit dozens of sites looking for more crazy, while entering and exiting multiple times. To an outside observer, this activity would appear to indicate that 10 conspiracy theorists make up a larger portion of Tor traffic than 1000 chat room users.
Child porn, like regular porn, is generally not one-stop shopping, unlike a favorite chatroom. Multiple site visits and multiple entrances/exits would inflate the percentage of child porn-related traffic relative to the (observable) whole.
Users who use it for obsessive behavior that spans multiple unreliable hidden services will be far overrepresented in the count of hidden service directory requests than users who use it for activities done less frequently and across fewer services. So any comparison of hidden service directory request counts will say more about the behavioral differences of different types of users than about their relative numbers, or the amount of traffic they generated.In addition, law enforcement and anti-child porn agencies' own investigative efforts could very well be adding to this 1.2% figure.
Also, a very large number of hidden service directory requests are probably not made by humans! See bug 13287: We don't know what's up with that. Could this be caused by some kind of anti-abuse organization running an automated scanning tool?So, there's a good chance that the non-scary 1.2% number is too high. Sure, the ideal would be 0.0% but law enforcement agencies should actually be pleasantly surprised the number is so low, rather than misquoting stats to make it appear as though anonymization services are child porn enthusiasts' playgrounds.
It isn't just child porn the government is after. There's a whole host of darkweb activities it wants to indict people for. But child porn "sells" better than drugs or prostitution or even the US's latest public enemy no. 1: terrorism. The number the DOJ is using to sell its attack on Tor is blatantly false, as anyone with a minimal amount of Google skills would quickly discover. But the DOJ doesn't care whether you or I believe it. It only needs enough people in Washington DC to believe it. The DOJ doesn't speak to the citizens. It only speaks to those who can assist it in stripping away what minimal personal data-shielding options we have left.