Thursday, October 28, 2021

Fall 2020 Cognitive Warfare : An Attack on Truth and Thought

 This is NATO folks, they are not our friends

Executive Summary 
Warfare has shifted dramatically over the past several decades, moving away from the physical threats of conventional warfare. War now moves towards the social and ideological threats brought about by mass media and advances in technology. The advent of this new type of warfare is different from anything we have seen before. Although it takes elements from previous types of hybrid warfare, the reach and level of impact it possesses make it far more dangerous than its predecessors. We have dubbed this new way of war cognitive warfare. 

Cognitive warfare, although sharing various similarities to other non-conventional and non-kinetic types of warfare/operations, is ultimately unique in its execution and purpose. In this paper, we examine the origins of non-kinetic warfare by first looking at the Cold War and the use of psychological operations (PsyOps). We follow the evolution of warfare, noting that advancements in technology gave rise to electronic warfare and subsequently cyber warfare. As cyber capabilities continued to develop, intelligence became a growing field and information warfare started to develop. Cognitive warfare, however, goes a step further than just fighting to control the flow of information. Rather, it is the fight to control or alter the way people react to information. Cognitive warfare seeks to make enemies destroy themselves from the inside out. We define cognitive warfare as the weaponization of public opinion, by an external entity, for the purpose of (1) influencing public and governmental policy and (2) destabilizing public institutions. 

Destabilization and influence are the fundamental goals of cognitive warfare. These goals work towards the purpose of sowing discontent within a society or encouraging particular beliefs and actions. The 2016 Democratic National Convention (DNC) leaks are a good example of a foreign power exploiting divisions to destabilize a society. Terrorist groups like Al-Qaeda demonstrate how civilians can be influenced and recruited by radical ideologies. Never before has such insidious manipulation been as easy to accomplish as today. Advances in connectivity, digitization, neurology, and psychology have provided society with a great many boons. Yet, with every new opportunity, a new threat emerges. Today we are faced with the problems that come with social media’s ability to broadcast information to billions of willing people in a matter of minutes. We must defend against algorithms that can identify who would be the most susceptible to posted material, and who is most willing to spread it. The present-day ability to fake and manipulate information is unprecedented, and recent advancements in artificial intelligence have now made video and audio suspect as well. People are unsure of what to believe, not even sparing governmental institutions from this lack of faith. Simultaneously, we are revolutionizing what we know about how our brains and emotions function as individuals experiment with different forms of control. [As inept and corrupt as the government has been since WW2, is it really a surprise that so many are disgusted with it, NATO/UN all globalist pigs and commie pigs at that d.c]

Therefore, it is our belief that NATO must adapt quickly and forcefully to defend against current threats in the sphere of cognitive warfare and work to curtail future threats. While democratic society is both complicated and amazing, it is also vulnerable. To get ahead of these threats, NATO must respond defensively in three ways. First, NATO must work to develop a working definition or framework for cognitive acts of war. This includes a set of criteria for discovering cognitive attacks as they are taking place. Second, the alliance must assess vulnerabilities to cognitive attacks at a national and personal level in hopes of creating and inspiring a more resilient population. Third, NATO must establish organizations to liaise with tech companies and handle the challenges of the future of warfare. An additional final consideration would be an analysis of potential hostile states onto whom we may use cognitive warfare against in an offensive strategy or as deterrent. 

The foundation for democracy lies not only in laws and civil order, but also in trust and mutual respect: the trust that we will follow those laws, respect civil institutions, and respect each other and our differing opinions. Trust is now at risk, truth is being attacked, and democracy is being threatened. The time to prepare is now, and the whole world is watching.[NATO, you have nothing to do with the truth, and we sure do not trust you or that death of vipers in that s*#thole New York., state government there just as corrupt as the Feds dc] 

Introduction 
People have attempted to influence public opinion since the rise of civilization. It is an essential component of the political structures into which we have evolved. However, the weaponization of public opinion is a novel, threatening development in how we interact. The advent of the internet and mass media have made possible the large scale manipulation of populations via targeted, accessible, multimodal messaging, which can now exist under the guise of anonymity. In a sea of a billion voices, pinpointing individual sources has become incredibly difficult [1]. An effort that, in some ways, is comparable to the difficulty of identifying who screamed “Fire!” in a crowd. Some will argue that this is intended, contending that anonymity is required for the resources the internet provides. Others, however, fret about the unintended consequences that this lack of accountability might bring about in the long-term [2]. 

No matter which perspective is correct, it is our opinion that NATO must be aware of the threat that our interconnectedness has wrought. Tactics targeting the public will not fade with time; they will become more efficient. They will aim at broader audiences. Moreover, they will become increasingly convincing. Already, technological advancements have showcased their ability to do exactly this. One does not have to look further than the 2016 DNC information leaks to confirm the rapidity with which information is acquired and spread to the advantage of an opposing party. 

Social media, news networks, automation algorithms, artificial intelligence, mental health guidance, and, perhaps, even our own physiology are expected to evolve rapidly in the near future. All of these are working to make us more connected, more data-driven, and more curious. It will be an exciting new era of human interaction. However, the roads in our minds are not one-way streets. Whilst people receive information, they are simultaneously giving away information and data. As it stands, simple lines of codes will one day be able to identify and describe everything about us. Our habits, our friends, our faiths, our cultures, our preferences, and even our vices. For the first time, war will not deal with exposed bodies. It will deal with exposed minds instead. It is this new avenue of war we have dubbed cognitive warfare. [They have no intention of stopping their madness dc]

Evolution of Non-Kinetic Warfare 
Origins 
It starts, as with most things in the nature of modern war, in the Cold War. Mutually assured destruction (MAD) became the accepted global doctrine, rendering total war on the scale of WWII improbable. Proxy warfare became a dinnertime discussion. Subversion and espionage are prevalent in daily international interactions and “plausible deniability” is the term of the time. Thus, the CIA and FBI have expanded far beyond their initial capabilities, and actions in the shadows have become the norm [3]. These new methods have become the “civilized” approach to conflict, clearly better than the “barbarities” of a nuclear holocaust. It is also here where the power of words and ideas, and non-kinetic war, is finally seen in full force. Millions, or even billions, witnessed this when the Soviet Union watched the collapse of the Iron Curtain, unable to fulfill its goal of withstanding the power of “blue jeans and rock and roll.” [4]. Democratic nations have always had a “home advantage” in utilizing the voice of the public. Able to tout their messages of individual freedoms and abundant resources, Western democracies have consistently used their words and ideas as ammunition against more authoritative regimes. [ and now on their own people with this covid plandemic dc]

Perhaps the proof of the efficacy of such tactics lies in the reactions they have elicited from non-democratic powers. Restrictions, bans, and general censorship have long been the policy of countries such as China, Russia, and, much more drastically, North Korea. The age of the internet has only reinvigorated their concerns. Unsurprisingly, Facebook and other social media platforms face restrictions, if not outright bans, in these and similar countries worldwide [5][6][7]. However, it is these very ideals of free press and free speech that have left Democratic nations vulnerable to powers attempting to control public thought. These nations have been forced to go on the defensive as the protection of resources and individual freedoms no longer hold the same persuasiveness they once did. The global economy has seen both the US and China prosper [8]. The most important change since the Cold War, however, has been the shift in how we communicate and share ideas. We seek to illustrate this change by recounting past shifts in the way that people have fought over minds and information, concluding with a new era and avenue of war. 

Psychological Warfare (PsyOps) 
In the United States, PsyOps specifically relates to the use of white, gray, and black products produced by various branches of the military and the CIA or its predecessors. White products are officially identifiable as being sourced from the US, gray products have an ambiguous source element, and black products are meant to seem as if they originate from a hostile source. Operations include the likes of propaganda radio, providing insubordination manuals to the militia, and even encouraging child soldiers to defect to avoid conflict [9][10]. 

In comparison to cognitive warfare, there are quite a few key differences. First, cognitive warfare deals mostly with gray products. White and black products are either too transparent or too risky to be reliable methods of affecting public opinion. Additionally, there is a certain element of deniability inherent to cognitive warfare that is lost in white products and endangered by black products. Moreover, PsyOps has rarely dealt with large sections of the public in the past. There is an emphasis on military or subversive activity in PsyOps that is not usually the goal of cognitive warfare tactics, which tend to target civilian social infrastructure and governments [9]. 

Electronic Warfare (EW) 
EW is defined by the use of the electromagnetic spectrum to attack the enemy, impede enemy attacks, or identify and scout for specific assets. In some ways, electronic warfare was the precursor to cyberwarfare. Its origins date back to the 1900s with the invention of early wireless communication. Infrared homing, radio communications, and the increasing use of wireless technologies make this an important logistic division inside the armed forces. However, this field deals heavily with instrumentation and tactical advantages. This does not deal with public opinion or even interact heavily with the civilian space outside of impeding household electricity and radio [11][12].
Cyberwarfare 
Cyberwarfare is defined as the use of cyberattacks with the intention of causing harm to a nation’s assets. Cyberwarfare, and its military classification, is still highly debated [13]. Nevertheless, numerous NATO member states and other countries have invested in developing cyber capabilities, both offensive and defensive [14][15]. Some worry about defining such actions as war because they “only” target computers. However, the global trend towards digitization and the Internet of Things (IoT) has meant that more functions are controlled now by computers than many would imagine. Everything from construction equipment, to financial institutions, to civilian infrastructure, and even to military installations now depend on a complex computer network [16]. The loss of such computer assets can, and already has, cost massive damages not just in terms of time and data loss but in physical damage that can be measured in dollars and lives [17]. 

Cyberwarfare’s relation to cognitive warfare is mostly that they share an avenue of operations. There have been instances of computer viruses spreading themselves through social media by targeting the friends and/or contacts of the afflicted individual. However, these instances are better described as cybercrimes rather than targeted attempts of cyberwarfare. Cognitive warfare utilizes social media networks in a completely different way. Instead of spreading malicious software, agents of cognitive warfare spread malevolent information. Utilizing similar tactics to those used in DDoS attacks, namely botnets, cognitive warfare agents can spread an overwhelming amount of false or misleading information through accounts that look and interact in a human fashion [18]. However, this is only one tactic employed in cognitive warfare and is largely where the similarities with cyberwarfare end. 

Information Warfare 
Information warfare is the most related, and, thus, the most conflated, type of warfare to cognitive warfare. However, there are key distinctions that make cognitive warfare unique enough to address under its own jurisdiction. As former US Navy Commander Stuart Green described it, “Information operations, the closest existing American doctrinal concept for cognitive warfare, consists of five ‘corps capabilities’, or elements. These include electronic warfare, computer network operations, PsyOps, military deception, and operational security.” [19]. Succinctly, information warfare works to control the flow of information. 

The main distinction between information warfare and cognitive warfare is that the former does not draw a distinction between battlefield tactical information and information aimed toward the public. For example, information warfare deals with DDoS attacks and ghost armies while neither of these falls into the purview of cognitive warfare. Perhaps a sharper delineation is that information warfare seeks to control pure information in all forms and cognitive warfare seeks to control how individuals and populations react to presented information [20]. 

Cognitive Warfare 
A recent definition, from December 2019, provided by Oliver Backes and Andrew Swab, of Harvard’s Belfer Center defined cognitive warfare thusly: “Cognitive Warfare is a strategy that focuses on altering how a target population thinks – and through that how it acts.” [21]. Despite the intentional vagueness of this definition, it serves as a more-than-suitable framework for a further examination of cognitive warfare. Our own research and analysis of past, present, and potential future use cases of the term have allowed us to further segment cognitive warfare into two operational fields. We have also come up with a quick reference list to validate whether or not something falls in the realm of cognitive warfare. [if you are not aware that the American people ARE the target population, please seek help dc][see page 10 of PDF link for list chart dc]

To summarize, cognitive warfare is the weaponization of public opinion by an external entity, for the purpose of influencing public and/or governmental policy or for the purpose of destabilizing governmental actions and/or institutions.

Goals of Cognitive Warfare 
Cognitive warfare, at its core, can be seen as having the same goal as any type of warfare. As Carl von Clausewitz states, “War [is an] act of force to compel our enemy to do our will.” Cognitive warfare, unlike traditional domains of war, does not primarily operate on a physical plane. Therefore, it does not utilize a physical force in order to compel its enemies. However, it could also be argued that the goal of cognitive warfare is unlike any other type of warfare. Rather than “compel our enemy to do our will,” the goal is get the enemy to destroy himself from within rendering him unable to resist, deter, or deflect our goals. 

In either case, the goals of cognitive warfare are achieved through different methods than the goals of conventional warfare. Cognitive warfare has two separate, but complementary, goals: destabilization and influence. While both of these goals can be accomplished separately, to successfully weaponize public opinion, they can also be jointly attained by using one as a means to the other. The targets of cognitive warfare attacks may range from whole populations to individual leaders in politics, the economy, religion, and academics. Further, the role of lesser-known social leaders must not be overlooked. So-called connectors, mavens, and salespeople can be instrumental in the application of cognitive warfare [22].

To better classify cognitive warfare attacks, Figure 1 presents a pair of axes by which events can be characterized. In the following section, we will analyze each goal individually and describe how they are intertwined, generating a new, more dangerous, more pervasive type of warfare. Then, we will detail examples of cognitive warfare battles and skirmishes that have occurred or have the potential to occur in the future. These campaigns will propel cognitive warfare to the global stage. Action must be taken, opposition campaigns created, and defensive measures implemented, to prevent the perpetrators’ success. 

Destabilization 
The first fundamental goal of cognitive warfare is to destabilize target populations. Destabilization is done by disrupting the organization and unity of a population’s systems and people. This results in a drastic drop in productivity and a loss of cooperation as that population is now overwhelmed by internal issues and less focused on reaching common goals. Perpetrators disrupt the organization and unity of their target populations by accelerating pre-existing divisions within groups of the population or introducing new ideas designed to pit different groups against each other and increase polarization. 

Leaders can be seen as the targets of destabilization when they become the source of polarizing ideas. Perpetrators can also target the general population of people to randomly introduce divisive ideas that play on previously held beliefs or push false narratives against groups of  people. Some strategies of cognitive warfare that align with the goals of destabilization include, but are not limited to, the following: 
● Increase polarization 
● Reinvigorate movements/issues 
● Delegitimize government/leadership 
● Isolate individuals/groups 
● Disrupt key economic activities 
● Disrupt infrastructure 
● Confuse communication[sound familiar dc]

Below are several cases showcasing examples of destabilization as a goal of cognitive warfare and the circumstances surrounding them. 

Case 1: Destabilization through Confusion 
Cognitive warfare campaigns may strive to destabilize populations of people by causing mass confusion. Chaos is bred when a population no longer knows what is right and who to trust. As a result, civilians may begin to lose faith in the leadership of the nation that is meant to oversee their safety and freedoms. Undermining leadership and generating chaos poses a threat to Western democracies, one of the most recent and glaring examples coming from the outbreak of and early events surrounding COVID-19.[the following paragraph is 100% bullshit, I do not take my lead from any of those countries, I am just an American who has had enough of the corporate and government corruption that has plagued this country now since the civil war dc] 

Russia, China, and Iran took the whirlwind of confusion brought about by the virus as an opportunity to initiate a cognitive warfare campaign against the West. It is a multidirectional and multifaceted campaign meant to undermine public confidence in Western states [23]. This campaign started with the outbreak of the virus and confusion surrounding its origin, which is where we began to see cognitive warfare tools, such as disinformation and false narratives, being employed. Chinese foreign minister Lijian Zhao opened up with a barrage of questions in a tweet from early March targeted at the US asking, “When did patient zero begin in the US? How many  people are infected? What are the names of the hospitals? It might be the US Army that brought the epidemic to Wuhan” [24]. He then urged followers to read and spread a conspiracy theory from Global Research, a Canadian website, that stated the virus originated in the US Army Research Medical Research Institute of Infectious Diseases at Fort Derrick, Maryland [24]. The dissemination of these narratives with little to no concrete evidence at such early stages of the virus only functioned to sow doubt in the minds of American citizens and its allies. These tools of cognitive warfare are designed to affect the way people interpret and react to information in a way that makes them doubt their own leadership. [ trust me you assholes, our government has earned every bit of flack it is getting, these outrageous vaxx mandates by the demented Biden are the last straw dc]

Russia reacted in a similarly malicious way through its government-owned news agency, Sputnik. It released propaganda in over thirty languages in line with many of the narratives coming out of China, that argued the virus originated in the U.S. or that the U.S. developed and released the virus as a bioweapon intended to weaken China’s economy [24]. The constant stream of false narratives varied from somewhat plausible stories to outlandish accusations targeted at Western states and government organizations. Herein lies the danger of cognitive campaigns: it becomes increasingly difficult to differentiate between credible and non-credible stories, especially when they originate from government-backed news sites like Sputnik. The Kremlin can send out thousands of different stories with various levels of credibility and plausibility and see what sticks. This strategy quickly results in the undermining of Western governments in what the population might see as a lack of honesty towards its people regarding the virus or the inability to protect them from it. 

Iran is the third major player conducting its own cognitive warfare campaign against the citizens of Western states. News stories emerging from Tehran contained themes similar to the stories coming out of Beijing and Moscow. Press TV is an English and French news network associated with the Islamic Republic of Iran Broadcasting, which released numerous pieces tying the Coronavirus outbreak to the U.S. military [24]. The commander of the Islamic Revolutionary  Guard Corps, Hossein Salami, has gone so far as to proclaim that COVID-19 is the spearhead of a U.S. biological invasion [24]. 

The cognitive campaigns of China, Russia, and Iran surrounding the outbreak of the Coronavirus are all targeted against Western states and contain nearly identical messaging. The danger in these campaigns is their tremendous reach and support from government leaders and institutions. Similar stories are released in dozens of languages all over the world and either come directly out of state-controlled news sites or government-supported media outlets [24]. But that is just the origin, with tens of thousands of independent sites and users spreading the same narratives to undermine the credibility of Western societies, whether intentionally or not. Americans are finding these stories over and over and encouraged to believe their government is hiding information from them. Or they are overwhelmed with stories that make them doubt the nation’s ability to protect them from serious threats to their safety and personal liberties. The threat is not only in the information that is being spread but in the destabilizing reactions and beliefs of those receiving them. [you assholes think we are all dumbed down, we don't believe, we KNOW the government is lying to us, as well as holding crap under the national security umbrella to save themselves from the people. Washington DC has to go dc]

Case 2: Destabilization by Sowing Division 
Cognitive warfare often seeks to divide a population and increase polarization. Pre-existing divisions along political party lines may seem to be the most obvious to exploit. However, this is not always the case as cognitive campaigns can be aimed at sowing internal divisions within a group. We see a strong example of this in the case of the 2016 DNC email leaks. [still trying to sell the lie, smfh dc]

Russia had been training its cyber capabilities for several decades, experimenting on countries in Europe, such as Ukraine, to test its impact in elections. As the director of the National Security Organization and commander of US Cyber Command, Adm. Michael Rogers stated, “this was not something that was done by chance, this was not a target that was selected purely arbitrarily. This was a conscious effort by a nation-state to achieve a specific effect” [25]. And it did have a profound effect on the DNC and the Democratic party at large. 

In April of 2016, Russian cyber units gained access to the DNC’s internal servers, allowing them to steal confidential emails and documents. Several months later, these communications were leaked on WikiLeaks. It was at this point that the operation turned from typical espionage to political sabotage. Campaigns were being uprooted and division began to grow within the party. It was revealed that the DNC was favoring Hillary Clinton in the time leading up to the selection of an official presidential candidate. This turned progressive Democrats and moderate Democrats against each other. The rift within the democratic party resulted in a shift in the candidates’ support. Instead of focusing on the Russian attack itself, political figures were much more concerned with the content and what it might mean for their careers [26]. Voters began shifting due to the issues brought out by these new documents and released statements of discontent. Hillary Clinton’s campaign admitted that this attack had a significant effect on the outcome of the overall election [23]. And this is not to say there wasn’t a further polarizing impact along party lines as well. President Trump’s campaign turned towards the content of the hacks as well, rather than the Russian attack itself. In a time when the country could not afford to react in a partisan way, the two major parties turned on each other and themselves, resulting in one of the most polarized stages in American politics. [lies, lies, lies, seth rich paid the price for releasing those emails, the Russia lie comes from the DNC dc]

The Russian attack goes far beyond an act of cyberwarfare. The cyber capabilities and lack of appropriate security were merely the tools and opportunities that made the attack possible. The attack itself, however, was aimed at a much larger end, one accomplished with flying colors. American politics were thrown into disarray and Russia now has influence in two of the most important institutions in American democracy: elections and independent media [25]. The divisions created and escalated by this event destabilized politics and the election process. Unfortunately, the media was nothing but excited to cover the content that was being released, with WikiLeaks being the most searched political term for the month of October in 2016 [25]. This was precisely the reaction that Russia had hoped for. Their cognitive campaign was perfectly targeted at exploiting the divisions of American politics and resulted in a state of blame and uncertainty.

Case 3: Destabilization as a Means to Influence 
go to page 17 here to read the rest of the propaganda

Monday, October 25, 2021

Part 5 of 5 : Surveillance Valley The Secret Military History of the Internet... Internet Privacy, Funded by Spies... Epilogue

Surveillance Valley

The Secret Military History of the Internet

By Yasha Levine

Chapter 7
Internet Privacy, Funded by Spies


This so-called Internet Freedom, is in nature, freedom under US control. 
—China’s Global Times newspaper, 2010 

December 2015. A few days after Christmas in Hamburg. The mercury hovers just above freezing. A gray fog hangs over the city. 

In the town’s historic core, several thousand people have gathered inside a modernist cube of steel and glass known as Congress Center. The attendees, mostly geeky men, are here for the thirty-second annual meeting of the Chaos Computer Club, better known as 32c3. The conference atmosphere is loud and cheery, a counterpoint to the head-down foot traffic and dreary weather outside the center’s high glass walls. 

32c3 is the Hacktivist Davos, an extravaganza put on by the oldest and most prestigious hacker collective in the world. Everyone who is anyone is here: cryptographers, Internet security experts, script kiddies, techno-libertarians, cypherpunks and cyberpunks, Bitcoin entrepreneurs, military contractors, open source enthusiasts, and privacy activists of all nationalities, genders, age groups, and intel classification levels. They descend on the event to network, code, dance to techno, smoke e-cigarettes, catch the latest crypto trends, and consume oceans of Club-Mate, Germany’s official hacker beverage. 

Look this way and see Ryan Lackey, cofounder of HavenCo, the world’s first extralegal offshore hosting company, run out of an abandoned World War II cannon platform in the North Sea off England’s coast. Look that way and find Sarah Harrison, WikiLeaks member and Julian Assange confidante who helped Edward Snowden escape arrest in Hong Kong and find safety in Moscow. She’s laughing and having a good time. I wave as I pass her on an escalator. But not everyone here is so friendly. Indeed, my reputation as a Tor critic has preceded me. In the days leading up to the conference, social media had again lit up with threats. 1 There was talk of assault and of spiking my drink with Rohypnol if I had the nerve to show my face at the event. 2 Given my previous run-in with the privacy community, I can’t say I expected a particularly warm reception. 

The Tor Project occupies a hallowed place in the mythology and social galaxy of the Chaos Computer Club. Every year, Tor’s annual presentation—“The State of the Onion”—is the most well-attended event in the program. An audience of several thousand packs a massive auditorium to watch Tor developers and celebrity supporters talk about their fights against Internet surveillance. Last year, the stage featured Laura Poitras, the Academy Award–winning director of the Edward Snowden documentary, Citizen Four. In her speech, she held up Tor as a powerful antidote to America’s surveillance state. “When I was communicating with Snowden for several months before I met him in Hong Kong, we talked often about the Tor network, and it is something that actually he feels is vital for online privacy and to defeat surveillance. It is our only tool to be able to do that,” she said to wild applause, Snowden’s face projected onto a giant screen behind her. 3 

This year, the presentation is a bit more formal. Tor has just hired a new executive director, Shari Steele, the former head of the Electronic Frontier Foundation. She takes the stage to introduce herself to the privacy activists assembled in the hall and pledges her allegiance to Tor’s core mission: to make the Internet safe from surveillance. Up there, emceeing the event, stands Jacob Appelbaum, “Jake,” as everyone calls him. He is the true star of the show, and he lavishes praise on the new director. “We found someone who will keep the Tor Project going long after all of us are dead and buried, hopefully not in shallow graves,” he says to cheers and applause. 4 

I catch a glimpse of him walking the halls after the event. He’s dressed in jeans and a black T-shirt, a tattoo peeking out from under one of the sleeves. His jet-black hair and thick-rimmed glasses frame a rectangular, fleshy face. He is a familiar sight to people at 32c3. Indeed, he carries himself like a celebrity, glad-handing attendees while his fans cluster nearby to listen to him boast of daring exploits against oppressive governments all around the world. 

He ducks into an auditorium where a speaker is talking about human rights in Ecuador and immediately hijacks the discussion. “I am of the eliminate-the-state crypto world. I want to get rid of the state. The state is dangerous, you know,” he says into a microphone. Then he cracks a devious grin, leading a few people in the audience to hoot and cheer. He transitions into a wild story that puts him at the center of a failed coup attempt hatched by Ecuador’s secret police against their president, Rafael Correa. Naturally, Appelbaum is the hero of the tale. President Correa is widely respected in the international hacker community for granting Julian Assange political asylum and for giving him refuge at the Ecuadorian embassy in London. Like a modern Smedley Butler, Appelbaum explains how he refused to go along. He did not want to use his righteous hacker skills to take down a good, honest man, so he helped foil the plot and saved the president instead. “They asked me to build a mass surveillance system to tap the entire country of Ecuador,” he said. “I told them to go fuck themselves, and I reported them to the presidency. I think you are proposing a coup. I have your names—you’re fucked.” 

A few people on stage look embarrassed, not believing a word. But the audience laps it up. They love Jacob Appelbaum. Everyone at 32c3 loves Jacob Appelbaum. 

Appelbaum is the most storied member of the Tor Project. After Edward Snowden and Julian Assange, he is arguably the most famous personality in the Internet privacy movement. He is also the most outrageous. For five years he’s played the role of a self-facilitating media node and counterculture Ethan Hunt, a celebrity hacker who constantly changes his appearance, travels the world to speak at conferences and conduct teach-ins, and fights injustice and censorship wherever they rear their ugly government heads. Appelbaum wields cultural power and influence. While Assange was stuck in a London embassy and Snowden was stranded in Moscow, Appelbaum was the face of the anti-surveillance movement. He spoke for its heroes. He was their friend and collaborator. Like them, he lived on the edge, an inspiration to countless people—hundreds, if not thousands became privacy activists because of him. You’d hear it over and over: “Jake’s the reason I’m here.” 

But that year’s Chaos Computer Club party represented the peak of his career. For years, rumors had spread inside the cliquish Internet privacy community about his history of sexual harassment, abuse, and bullying. Six months after the conference, the New York Times ran a story that brought these allegations to light, revealing a scandal that saw Appelbaum ejected from the Tor Project and that threatened to tear the organization apart from the inside. 5 

But all that was in the future. That evening in Hamburg, Appelbaum was still enjoying his fame and celebrity, feeling comfortable and secure. Yet he was carrying another dark secret. He was more than just a world-renowned Internet freedom fighter and confidant of Assange and Snowden. He was also an employee of a military contractor, earning $100,000 a year plus benefits working on one of the most disorienting government projects of the Internet Era: the weaponization of privacy. 6 

The Box 
A few weeks after I glimpsed Jacob Appelbaum at 32c3, I arrived home in the United States to find a heavy brown box waiting for me on my doorstep. It was postmarked from the Broadcasting Board of Governors, a large federal agency that oversees America’s foreign broadcasting operations and one of the Tor Project’s main government funders. 7 The box contained several thousand pages of internal documents on the agency’s dealings with Tor that I had obtained through the Freedom of Information Act. I had been impatiently waiting for months for it to arrive. 

By then I had spent almost two years investigating the Tor Project. I knew that the organization had come out of Pentagon research. I also knew that even after it became a private nonprofit in 2004, it relied almost entirely on federal and Pentagon contracts. In the course of my reporting, representatives of Tor grudgingly conceded that they accepted government funding, but they remained adamant that they ran an independent organization that took orders from no one, especially not the dreaded federal government, which their anonymity tool was supposed to oppose. 8 They repeatedly stressed that they would never put backdoors in the Tor network and told stories of how the US government had tried but failed to get Tor to tap its own network. 9 They pointed to Tor’s open source code; if I was really worried about a backdoor, I was free to inspect the code for myself. 

The open source argument appeared to nullify concerns in the privacy community. But backdoors or not, my reporting kept butting up against the same question: If Tor was truly the heart of the modern privacy movement and a real threat to the surveillance power of agencies like the NSA, why would the federal government—including the Pentagon, the parent of the NSA—continue to fund the organization? Why would the Pentagon support a technology that subverted its own power? It did not make any sense. 

The documents in the box waiting on my doorstep contained the answer. Combined with other information unearthed during my investigation, they showed that Tor, as well as the larger app-obsessed privacy movement that rallied around it after Snowden’s NSA leaks, does not thwart the power of the US government. It enhances it. 

The disclosures about Tor’s inner workings I obtained from the Broadcasting Board of Governors have never been made public before now. The story they tell is vital to our understanding of the Internet; they reveal that American military and intelligence interests are so deeply embedded in the fabric of the network that they dominate the very encryption tools and privacy organizations that are supposed to stand in opposition to them. There is no escape. 

Spies Need Anonymity 
The story of how a military contractor wound up at the heart of the privacy movement starts in 1995 at the Naval Research Laboratory inside the Anacostia-Bolling military base on the Potomac in southeast Washington, DC. 10 There, Paul Syverson, an affable military mathematician with big hair and an interest in secure communication systems, set out to solve an unexpected problem brought on by the explosive success of the Internet. 

Everything was being hooked up to the Internet: banks, phones, power plants, universities, military bases, corporations, and foreign governments, both hostile and friendly. In the 1990s, hackers, who some believed to be tied to Russia and China, were already using the Internet to probe America’s defense network and steal secrets. 11 The United States was beginning to do the same to its adversaries: collecting intelligence, bugging and hacking targets, and intercepting communications. It was also using commercial Internet infrastructure for covert communication. 

The problem was anonymity. The open nature of the Internet, where the origin of a traffic request and its destination were open to anyone monitoring the connection, made cloak-and-dagger work tricky business. Imagine a CIA agent in Lebanon under deep cover as a businessman trying to check his operative email. He couldn’t just type “mail.cia.gov” into his web browser from his suite in the Beirut Hilton. Simple traffic analysis would immediately blow his cover. Nor could a US Army officer infiltrate an Al-Qaeda recruiting forum without revealing the army base’s IP address. And what if the NSA needed to hack a Russian diplomat’s computer without leaving a trail that led right back to Fort Meade, Maryland? Forget about it. “As military grade communication devices increasingly depend on the public communications infrastructure, it is important to use that infrastructure in ways that are resistant to traffic analysis. It may also be useful to communicate anonymously, for example when gathering intelligence from public databases,” Syverson and colleagues explained in the pages of an in-house magazine put out by his research lab. 12 

American spies and soldiers needed a way to use the Internet while hiding their tracks and cloaking their identity. It was a problem that researchers at the US Navy, which has historically been at the forefront of communications technology research and signals intelligence, were determined to solve. 

Syverson assembled a small team of military mathematicians and computer systems researchers. They came up with a solution: called “the onion router” or Tor. It was a clever system: the navy set up a bunch of servers and linked them together in a parallel network that sat atop the normal Internet. All covert traffic was redirected through this parallel network; once inside it was bounced around and scrambled in such a way as to obfuscate where it was going and from where it came. It used the same principle as money laundering: shifting information packets from one shell Tor node to another until it is impossible to figure out where the data came from. With onion routing, the only thing an Internet provider—or anyone else watching a connection—saw was that the user connected to a computer running Tor. No indication of where the communications were actually going was apparent. And when the data popped out of the parallel network and back onto the public Internet on the other side, no one there could see where the information had come from either. 

Syverson’s team of Naval scientists worked on several iterations of this system. A few years later, they hired two fresh-faced programmers, Roger Dingledine and Nick Mathewson, from the Massachusetts Institute of Technology to help build a version of the router that could be used in the real world. 13 

Dingledine, who received his master’s in electrical engineering and computer science and who was interested in cryptography and secure communications, had interned at the National Security Agency. Mathewson had similar interests and had developed a truly anonymous email system that hid a sender’s identity and source. Mathewson and Dingledine had met as freshman at MIT and became fast friends, spending most of their days in their rooms reading Lord of the Rings and hacking away at stacks of computers. They, too, believed in the cypherpunk vision. “Network protocols are the unacknowledged legislators of cyberspace,” Mathewson bragged to journalist Andy Greenberg. “We believed that if we were going to change the world, it would be through code.” In college, the two saw themselves in romantic terms, hacker rebels taking on the system, using computer code to fight government authoritarianism. They were out there to fight The Man. But that did not stop them from going to work for the Pentagon after graduation. Like too many hacker rebels, they had a very limited conception of who “The Man” was and what it would mean in real political terms to fight “him.” 

In 2002, the pair went to work for the Naval Research Laboratory under a DARPA contract. 14 For two years, Dingledine and Mathewson worked with Syverson to upgrade the onion router network’s underlying routing protocols, improve security, and run a small test network that allowed the military to experiment with onion routing in the field. One military team tested it for gathering open source intelligence, which required them to visit websites and interact with people online without giving away their identity. Another team used it to communicate while deployed on a mission in the Middle East. 15 By 2004, Tor, the resultant network, was finally ready for deployment. 16 Well, except for one little detail. 

Everyone working on the project understood that a system that merely anonymized traffic was not enough—not if it was used exclusively by military and intelligence agencies. “The United States government can’t simply run an anonymity system for everybody and then use it themselves only,” Dingledine explained at a 2004 computer conference in Berlin. “Because then every time a connection came from it people would say, ‘Oh, it’s another CIA agent.’ If those are the only people using the network.” 17 

To truly hide spies and soldiers, Tor needed to distance itself from its Pentagon roots and include as many different users as possible. Activists, students, corporate researchers, soccer moms, journalists, drug dealers, hackers, child pornographers, agents of foreign intelligence services, terrorists. Tor was like a public square—the bigger and more diverse the group assembled there, the better spies could hide in the crowd. 

In 2004, Dingledine struck out on his own, spinning the military onion routing project into a nonprofit corporation called the Tor Project and, while still funded by DARPA and the navy, began scratching around for private funding. 18 He got help from an unexpected ally: the Electronic Frontier Foundation (EFF), which gave Tor almost a quarter million dollars to keep it going while Dingledine looked for other private sponsors. 19 The EFF even hosted Tor’s website. To download the app, users had to browse to tor.eff.org, where they’d see a reassuring message from the EFF: “Your traffic is safer when you use Tor.” 20 

Announcing its support, the EFF sang Tor’s praises. “The Tor project is a perfect fit for EFF, because one of our primary goals is to protect the privacy and anonymity of Internet users. Tor can help people exercise their First Amendment right to free, anonymous speech online,” EFF’s technology manager Chris Palmer explained in a 2004 press release, which curiously failed to mention that Tor was developed primarily for military and intelligence use and was still actively funded by the Pentagon. 21 

Why would the EFF, a Silicon Valley advocacy group that positioned itself as a staunch critic of government surveillance programs, help sell a military intelligence communications tool to unsuspecting Internet users? Well, it wasn’t as strange as it seems. 

EFF was only a decade old at the time, but it already had developed a history of working with law enforcement agencies and aiding the military. In 1994, EFF worked with the FBI to pass the Communications Assistance for Law Enforcement Act, which required all telecommunications companies to build their equipment so that it could be wiretapped by the FBI. 22 In 1999, EFF worked to support NATO’s bombing campaign in Kosovo with something called the “Kosovo Privacy Project,” which aimed to keep the region’s Internet access open during military action. 23 Selling a Pentagon intelligence project as a grassroots privacy tool—it didn’t seem all that wild. Indeed, in 2002, a few years before it funded Tor, EFF cofounder Perry Barlow casually admitted that he had been consulting for intelligence agencies for a decade. 24 It seemed that the worlds of soldiers, spies, and privacy weren’t as far apart as they appeared. 

EFF’s support for Tor was a big deal. The organization commanded respect in Silicon Valley and was widely seen as the ACLU of the Internet Age. The fact that it backed Tor meant that no hard questions would be asked about the anonymity tool’s military origins as it transitioned to the civilian world. And that’s exactly what happened. 25 

Freedom Isn’t Free 
It was Wednesday morning, February 8, 2006, when Roger Dingledine got the email he had been badly waiting for. The Broadcasting Board of Governors had finally agreed to back the Tor Project. 

“OK—we want to move forward on this, Roger. We would like to offer some funding,” wrote Ken Berman, director of the Broadcasting Board of Governors’ Internet Technology unit. “For this first effort, we were going to offer $80,000 to you, with more possibly depending on how things evolve. Give us the particulars for how to establish a contractual relationship with you, name business contact information.” 26 

It had been two years since Dingledine had made Tor independent, and his time in the wild world of private donors and civilian nonprofits hadn’t been very successful. 27 Other than the initial funding from the Electronic Frontier Foundation, Dingledine didn’t raise money from the private sector, at least not enough to fund the operation. 

The Broadcasting Board of Governors, or BBG, seemed to offer a compromise. A large federal agency with close ties to the State Department, the BBG ran America’s foreign broadcasting operations: Voice of America, Radio Free Europe/Radio Liberty, and Radio Free Asia. It was a government agency, so that wasn’t ideal. But at least it had an altruistic-sounding mission: “to inform, engage and connect people around the world in support of freedom and democracy.” Anyway, government or not, Dingledine didn’t have much choice. Money was tight and this seemed to be the best he could line up. So he said yes. 

It was a smart move. The initial $80,000 was just the beginning. Within a year, the agency increased Tor’s contract to a quarter million dollars and then bumped it up again to almost a million just a few years later. The relationship also led to major contracts with other federal agencies, boosting Tor’s meager operating budget to several million dollars a year. 28 

Dingledine should have been celebrating, but something nagged at his conscience. 

Immediately after signing the contract, he emailed Ken Berman, his contact at the BBG, to tell him he was worried about the optics of the deal. 29 Dingledine wanted to do everything he could to maintain Tor’s independent image, but as head of a tax-exempt nonprofit that received funding from the federal government, he was required by law to publicly disclose his funding sources and publish financial audits. He knew that whether he liked it or not, Tor’s relationship with the federal government would come out sooner or later. “We also need to think about a strategy for how to spin this move in terms of Tor’s overall direction. I would guess that we don’t want to loudly declare war on China, since this only harms our goals?” he wrote. “But we also don’t want to hide the existence of funding from [the BBG], since ‘they’re getting paid off by the feds and they didn’t tell anyone’ sounds like a bad Slashdot title for a security project. Is it sufficient just to always talk about Iran, or is that not subtle enough?” 30 

In college Dingledine had dreamed of using technology to create a better world. Now he was suddenly talking about whether or not they should declare war on China and Iran and worrying about being labeled a federal agent? What was going on? 

Berman emailed back, reassuring Dingledine that he and his agency were ready to do anything it took to protect Tor’s independent image. “Roger—we will do any spin you want to do to help preserve the independence of TOR,” he wrote. “We can’t (nor should we) hide it for the reasons you have outlined below, but we also don’t want to shout if from the rafters, either.” 

Berman was an old hand at this. He had spent years funding anti-censorship technology at the agency, and he offered a simple solution. He recommended that Dingledine be transparent about Tor’s government funding but also downplay the significance of this relationship and instead focus on the fact that it was all for a good cause: Tor helped guarantee free speech on the Internet. It was sage advice. Saying this would head off any potential criticism, and admitting that Tor got a bit of money from the US government would only serve as proof that Tor had nothing to hide. After all, what could be nefarious about the government funding freedom of speech on the Internet? 

Others chimed in with advice, as well. One BBG contractor replied to the email thread to tell Dingledine not to worry. No one will care. There will be no backlash. He explained that, in his experience, if people knew about the BBG at all, they considered it totally harmless. “I think most people, especially the smart people who count, understand that government can be good or bad, and government offices, like puppies, should be encouraged when they do the right thing,” he wrote. 31 

Despite their reassurances, Dingledine was right to be concerned. 

To be truly effective, Tor couldn’t be perceived as a government system. That meant he needed to put as much distance as possible between Tor and the military intelligence structures that created it. But with funding from the BBG, Dingledine brought Tor right back into the heart of the beast. The BBG might have had a bland name and professed a noble mission to inform the world and spread democracy. In truth, the organization was an outgrowth of the Central Intelligence Agency. 

Covert Operations 
The story of the Broadcasting Board of Governors begins in Eastern Europe in 1948. 

World War II was over, but the United States was already busy gearing up for battle with its main ideological enemy, the Soviet Union. Many generals believed that nuclear war was imminent and that the final confrontation between capitalism and communism was at hand. They drew up elaborate plans for nuclear conquest. America would take out major Soviet cities with nukes and send anticommunist commandos who had been recruited from local populations to take charge and set up provisional governments. The Central Intelligence Agency, along with clandestine military services, trained Eastern Europeans, many of whom had been Nazi collaborators, for the fateful day when they would be parachuted into their homelands to take charge. 32 

Though the more hawkish US generals seemed eager for nuclear conflict, many believed that open war with the Soviet Union was too dangerous and cooler heads prevailed. They counseled instead for a more measured approach. George Kennan—the architect of the post–World War II policy of “containment”— pushed for expanding the role of covert programs to fight the Soviet Union. The plan was to use sabotage, assassinations, propaganda, and covert financing of political parties and movements to halt the spread of communism in postwar Europe, and then to use these same covert tools to defeat the Soviet Union itself. Kennan believed that closed authoritarian societies were inherently unstable in comparison with open democratic ones like the United States. To him, traditional war with the Soviet Union was not necessary. Given enough external pressure, he believed, the country would eventually collapse from the weight of its own “internal contradictions.” 33 

In 1948, George Kennan helped craft National Security Council Directive 10/2, which officially authorized the CIA—with consultation and oversight from the State Department—to engage in “covert operations” against the communist influence, including everything from economic warfare to sabotage, subversion, and support for armed guerrillas. The directive gave the CIA carte blanche to do whatever was required to fight communism wherever it reared its head. 34 Naturally, propaganda emerged as a key part of the agency’s covert operations arsenal. The CIA established and funded radio stations, newspapers, magazines, historical societies, émigré research institutes, and cultural programs all over Europe. 35 “These were very broad programs designed to influence world public opinion at virtually every level, from illiterate peasants in the fields to the most sophisticated scholars in prestigious universities,” wrote historian Christopher Simpson in Blowback, a book about the CIA’s use of Nazis and collaborators after World War II. “They drew on a wide range of resources: labor unions, advertising agencies, college professors, journalists, and student leaders.” 36 

In Munich, the CIA set up Radio Free Europe and Radio Liberation From Bolshevism (later renamed Radio Liberty), which beamed propaganda in several languages via powerful antennas in Spain into the Soviet Union and Soviet satellite states of Eastern Europe. These stations had a combined annual CIA budget of $35 million—an enormous sum in the 1950s—but the agency’s involvement was hidden by running everything through private front groups. 37 They broadcast a range of materials, from straight news and cultural programming to purposeful disinformation and smears aimed at spreading panic and delegitimizing the Soviet government. In some cases, the stations, especially those targeting Ukraine, Germany, and the Baltic States, were staffed by known Nazi collaborators and broadcast anti-Semitic propaganda. 38 Although slanted and politicized, these stations provided the only source of unsanctioned outside information to the people of the Soviet bloc. They became highly effective at communicating American ideals and influencing cultural and intellectual trends. 

These projects were not restricted to Europe. As America’s fight against communism shifted and spread around the world, new destabilization and propaganda initiatives were added. The People’s Republic of China was targeted in 1951, when the agency launched Radio Free Asia, which broadcast into mainland China from an office in San Francisco via a radio transmitter in Manila. 39 In the 1960s, the CIA launched projects targeting leftist movements in Central and South America. Broadcasts targeting Vietnam and North Korea came online as well. 40 

In the words of the CIA, these stations were leading a fight for the “minds and loyalties” of people living in communist countries. The agency later boasted that these early “psychological warfare” radio projects were “one of the longest running and successful covert action campaigns ever mounted by the United States.” 41 It was all part of a larger push that Princeton professor Stephen Kotkin refers to as a proactive sphere of cultural and economic influence. “It was a strategy, and that is how the Cold War was won.” 42 

This anti-communist global radio network was exposed in a spectacular 1967 CBS program hosted by Mike Wallace, “In the Pay of the CIA.” 43 Subsequent congressional investigations brought the agency’s role under further scrutiny, but exposure did not stop the projects; it simply led to a management shakeup: Congress agreed to take over funding of this propaganda project and to run it out in the open. 

Over the next several decades, these radio stations were shuffled, reorganized, and steadily expanded. By the early 2000s, they had grown into the Broadcasting Board of Governors, a federal agency apparatus that functioned like a holding company for rehabilitated CIA propaganda properties. Today it is a big operation that broadcasts in sixty-one languages and blankets the globe: Cuba, China, Iraq, Lebanon, Libya, Morocco, Sudan, Iran, Afghanistan, Russia, Ukraine, Serbia, Azerbaijan, Belarus, Georgia, North Korea, Laos, and Vietnam. 44

The bulk of the BBG is no longer funded from the CIA’s black budget, but the agency’s original Cold War goal and purpose—subversion and psychological operations directed against countries deemed hostile to US interests—remain the same. 45 The only thing that did change about the BBG is that today more and more of its broadcasts are taking place online. 

The agency’s relationship with the Tor Project started with China. 

Internet Freedom 
The CIA had been targeting the People’s Republic of China with covert broadcasting since at least 1951, when the agency launched Radio Free Asia. Over the decades, the agency shut down and relaunched Radio Free Asia under different guises and, ultimately, handed it off to the Broadcasting Board of Governors. 46 

When the commercial Internet began to penetrate China in the early 2000s, BBG and Radio Free Asia channeled their efforts into web-based programming. But this expansion didn’t go very smoothly. For years, China had been jamming Voice of America and Radio Free Asia programs by playing loud noises or looping Chinese opera music over the same frequencies with a more powerful radio signal, which bumped American broadcasts off the air. 47 When these broadcasts switched to the Internet, Chinese censors hit back, blocking access to BBG websites as well as sporadically cutting access to private Internet services like Google. 48 There was nothing surprising about this. Chinese officials saw the Internet as just another communication medium being used by America to undermine their government. Jamming this kind of activity was standard practice in China long before the Internet arrived. 49 

Expected or not, the US government did not let the matter drop. Attempts by China to control its own domestic Internet space and block access to material and information were seen as belligerent acts— something like a modern trade embargo that limited US businesses’ and government agencies’ ability to operate freely. Under President George W. Bush, American foreign policy planners formulated policies that would become known over the next decade as “Internet Freedom.” 50 While couched in lofty language about fighting censorship, promoting democracy, and safeguarding “freedom of expression,” these policies were rooted in big power politics: the fight to open markets to American companies and expand America’s dominance in the age of the Internet. 51 Internet Freedom was enthusiastically backed by American businesses, especially budding Internet giants like Yahoo!, Amazon, eBay, Google, and later Facebook and Twitter. They saw foreign control of the Internet, first in China but also in Iran and later Vietnam, Russia, and Myanmar, as an illegitimate check on their ability to expand into new global markets, and ultimately as a threat to their businesses. 

Internet Freedom required a new set of “soft-power” weapons: digital crowbars that could be used to wrench holes in a country’s telecommunications infrastructure. In the early 2000s, the US government began funding projects that would allow people inside China to tunnel through their country’s government firewall. 52 The BBG’s Internet Anti-Censorship Division led the pack, sinking millions into all sorts of early “censorship circumvention” technologies. It backed SafeWeb, an Internet proxy funded by the CIA’s venture capital firm In-Q-Tel. It also funded several small outfits run by practitioners of Falun Gong, a controversial Chinese anticommunist cult banned in China whose leader believes that humans are being corrupted by aliens from other dimensions and that people of mixed blood are subhumans and unfit for salvation. 53 

The Chinese government saw these anti-censorship tools as weapons in an upgraded version of an old war. “The Internet has become a new battlefield between China and the U.S.” declared a 2010 editorial of the Xinhua News Agency, China’s official press agency. “The U.S. State Department is collaborating with Google, Twitter and other IT giants to jointly launch software that ‘will enable everyone to use the Internet freely,’ using a kind of U.S. government provided anti-blocking software, in an attempt to spread ideology and values in line with the United States’ demands.” 54 

China saw Internet Freedom as a threat, an illegitimate attempt to undermine the country’s sovereignty through “network warfare,” and began building a sophisticated system of Internet censorship and control, which grew into the infamous Great Firewall of China. Iran soon followed in China’s footsteps. 

It was the start of a censorship arms race. But there was a problem: the early anti-censorship tools backed by the BBG didn’t work very well. They had few users and were easily blocked. If Internet Freedom was going to triumph, America needed bigger and stronger weapons. Luckily, the US Navy had just developed a powerful anonymity technology to hide its spies, a technology that could easily be adapted to America’s Internet Freedom war. 

Russia Deployment Plan 
When Tor joined the Broadcasting Board of Governors in early 2006, Roger Dingledine was aware of America’s escalating Internet Freedom conflict and accepted Tor’s role as a weapon in this fight. China and Iran were throwing up ever more sophisticated censorship techniques to block US programming, and Dingledine talked up Tor’s ability to meet this challenge. “We already have tens of thousands of users in Iran and China and similar countries, but once we get more popular, we’re going to need to be prepared to start the arms race,” he wrote to the BBG in 2006, laying out a plan to progressively add features to the Tor network that would make it harder and harder to block. 55 

The Tor Project was the BBG’s most sophisticated Internet Freedom weapon, and the agency pushed Dingledine to reach out to foreign political activists and get them to use the tool. But as Dingledine quickly discovered, his organization’s ties to the US government aroused suspicion and hampered his ability to attract users. 

One of those lessons came in 2008. Early that year, the BBG instructed Dingledine to carry out what he dubbed the “Russian Deployment Plan,” which involved adding a Russian language option to Tor’s interface and working to train Russian activists in how to properly use the service. 56 

In February 2008, weeks before Russia’s presidential elections, Dingledine sent an email request to a Russian privacy activist named Vlad. “One of our funders… [the Broadcasting Board of Governors] wants us to start reaching out to real users who might need these tools at some point,” Dingledine explained. “So we settled on Russia, which is increasingly on their radar as a country that may have a serious censorship problem in the next few years.… So: please don’t advertise this anywhere yet. But if you’d like to be involved in some way, or you have advice, please do let me know.” 57 

Vlad was glad to hear from Dingledine. He knew about Tor and was a fan of the technology, but he had doubts about the plan. He explained that censorship was not currently an issue in Russia. “The main problem in Russia at this time is not a government censorship (in the sense of the Great Firewall of China or some Arab states), but a self-censorship of many websites, especially of regional organizations. Unfortunately, this is not what Tor can entirely solve by itself,” he replied. In other words: Why fix a problem that did not exist? 

But a bigger question hung over Dingledine’s request, one concerning Tor’s ties to the US government. Vlad explained that he and others in Russia’s privacy community were concerned about what he described as Tor’s “dependence on ‘Uncle Sam’s’ money” and that “some sponsors of the Tor Project are associated with the US State Department.” He continued: “I understand this is an ambiguous and quite vague question, but do such sponsorship brings up any unusual issues to the Tor Project and Tor development process?” 

Given the deteriorating political relations between Russia and the United States, the subtext of the question was obvious: How close was Tor to the US government? And, in this strained geopolitical climate, will these ties cause problems for Russian activists like him back home? These were honest questions, and relevant ones. The emails I obtained through the Freedom of Information Act do not show whether Dingledine ever replied. How could he? What would he say? 

The Tor Project had positioned itself as an “independent nonprofit,” but when Dingledine reached out to Vlad in early 2008, it was operating as a de facto arm of the US government. 

The correspondence left little room for doubt. The Tor Project was not a radical indie organization fighting The Man. For all intents and purposes, it was The Man. Or, at least, The Man’s right hand. Intermixed with updates on new hires, status reports, chatty suggestions for hikes and vacation spots, and the usual office banter, internal correspondence reveals Tor’s close collaboration with the BBG and multiple other wings of the US government, in particular those that dealt with foreign policy and soft power projection. Messages describe meetings, trainings, and conferences with the NSA, CIA, FBI, and State Department. 58 There are strategy sessions and discussions about the need to influence news coverage and control bad press. 59 The correspondence also shows Tor employees taking orders from their handlers in the federal government, including plans to deploy their anonymity tool in countries deemed hostile to US interests: China, Iran, Vietnam, and, of course, Russia. Despite Tor’s public insistence it would never put in any backdoors that gave the US government secret privileged access to Tor’s network, the correspondence shows that in at least one instance in 2007, Tor revealed a security vulnerability to its federal backer before alerting the public, potentially giving the government an opportunity to exploit the weakness to unmask Tor users before it was fixed. 60 

The funding record tells the story even more precisely. Aside from Google paying a handful of college students to work at Tor via the company’s Summer of Code program, Tor was subsisting almost exclusively on government contracts. By 2008, that included contracts with DARPA, the navy, the BBG, and the State Department as well as Stanford Research Institute’s Cyber-Threat Analytics program. 61 Run by the US Army, this initiative had come out of the NSA’s Advanced Research and Development Activity division—a “sort of national laboratory for eavesdropping and other spycraft” is how James Bamford describes it in The Shadow Factory. 62 And a few months after reaching out to Vlad, Dingledine was in the middle of closing another $600,000 contract with the State Department, 63 this time from its Democracy, Human Rights, and Labor division, which had been created during President Bill Clinton’s first term and which was tasked with doling out grants for “democracy assistance.” 64 

What would someone like Vlad think of all this? Obviously, nothing good. And that was an issue.

The Tor Project needed users to trust its technology and show enthusiasm. Credibility was key. But Dingledine’s outreach to Russian privacy activists was a rude reminder that Tor couldn’t shake its government affiliation and all the negative connotations that came with it. It was a problem that Dingledine had guessed would haunt Tor when he accepted BBG’s first contract back in 2006. 

Clearly, Tor needed to do something to change public perception, something that could help distance Tor from its government sponsors once and for all. As luck would have it, Dingledine found the perfect man for the job: a young, ambitious Tor developer who could help rebrand the Tor Project as a group of rebels that made Uncle Sam tremble in his jackboots. 

A Hero Is Born 
Jacob Appelbaum was born in 1983 on April Fools’ Day. He grew up in Santa Rosa, a city just north of San Francisco, in a bohemian family. He liked to talk up his rough upbringing: a schizophrenic mother, a musician-turned-junkie dad, and a domestic situation that got so bad he had to fish used needles out of the couch as a kid. But he was also a smart middle-class Jewish kid with a knack for programming and hacking. He attended Santa Rosa Junior College and took classes in computer science. 65 He dressed in goth black and dabbled in steampunk photography, taking retro-futuristic pictures of young women decked out in Victorian-era dresses in front of steam engines and locomotives. Politically, he identified as a libertarian. 

Like most young libertarians, he was enchanted by Ayn Rand’s The Fountainhead, which he described as one of his favorite books. “I took up this book while I was traveling around Europe last year. Most of my super left wing friends really dislike Ayn Rand for some reason or another. I cannot even begin to fathom why, but hey, to each their own,” he wrote in his blog diary. “While reading The Fountainhead I felt like I was reading a story about people that I knew in my everyday life. The characters were simple. The story was simple. What I found compelling was the moral behind the story. I suppose it may be summed up in one line… Those that seek to gather you together for selfless actions, wish to enslave you for their own gain.” 66 

He moved to San Francisco and worked low-level computer jobs with an emphasis in network management, but he chafed at regular tech jobs and pined for something meaningful. 67 He took time off to volunteer in New Orleans after Hurricane Katrina and somehow wound up in Iraq hanging out with a military contractor buddy who was installing satellite service in the war-torn country. He returned to the Bay Area more determined than ever to live an exciting life. “Life is too short to waste it on jobs that I do not enjoy,” he said in a 2005 interview. 68 One day he’d join a porn start-up company, dress in black, dye his hair red, and pose with a power tool dildo for Wired magazine. 69 The next day he’d travel halfway around the world to use his skills for the greater good. “I’m a freelance hacker. I work helping groups that I feel really need my help. They come to me and ask me for my services,” he said. “More often than not, I’m simply setting up their networks and systems around the world. It depends on how I feel about the work they’re doing. It has to be both an interesting job and for an interesting result.” 

Appelbaum also began to develop a bad reputation in the Bay Area hacker scene for his aggressive, unwanted sexual advances. San Francisco journalist Violet Blue recounted how he spent months trying to coerce and bully women into having sex with him, attempted to forcefully isolate his victims in rooms or stairwells at parties, and resorted to public shaming if his advances were rebuffed. 70 This pattern of behavior would trigger his downfall almost a decade later. But for now, his star was ascendant. And in 2008, Appelbaum finally got his dream job—a position that could expand with his giant ego and ambition. 

In April of that year, Dingledine hired him as a full-time Tor contractor. 71 He had a starting salary of $96,000 plus benefits and was put to work making Tor more user-friendly. He was a good coder, but he didn’t stay focused on the technical side for long. As Dingledine discovered, Appelbaum proved better and much more useful at something else: branding and public relations. 

Tor employees were computer engineers, mathematicians, and encryption junkies. Most of them were introverts, and socially awkward. Even worse: some, like Roger Dingledine, had spent time at US intelligence agencies and proudly displayed this fact on their online CVs—a not-so-subtle sign of a lack of radicalness. 72 Appelbaum added a different element to the organization. He had flair, a taste for drama and hyperbole. He was full of tall tales and vanity, and he had a burning desire for the spotlight. 

Within months of getting the job, he assumed the role of official Tor Project spokesman and began promoting Tor as a powerful weapon against government oppression. 

While Dingledine focused on running the business, Jacob Appelbaum jet-setted to exotic locations around the world to evangelize and spread the word. He’d hit ten countries in a month and not bat an eye: Argentina, India, Poland, South Korea, Belgium, Switzerland, Canada, Tunisia, Brazil, and even Google’s campus in Mountain View, California. 73 He gave talks at technology conferences and hacker events, powwowed with Silicon Valley executives, visited Hong Kong, trained foreign political activists in the Middle East, and showed former sex workers in Southeast Asia how to protect themselves online. He also met with Swedish law enforcement agencies, but that was done out of the public eye. 74 

Over the next several years, Dingledine’s reports back to the BBG were filled with descriptions of Appelbaum’s successful outreach. “Lots of Tor advocacy,” wrote Dingledine. “Another box of Tor stickers applied to many many laptops. Lots of people were interested in Tor and many many people installed Tor on both laptops and servers. This advocacy resulted in at least two new high bandwidth nodes that he helped the administrators configure.” 75 Internal documents show that the proposed budget for Dingledine and Appelbaum’s global publicity program was $20,000 a year, which included a public relations strategy. 76 “Crafting a message that the media can understand is a critical piece of this,” Dingledine explained in a 2008 proposal. “This isn’t so much about getting good press about Tor as it is about preparing journalists so if they see bad press and consider spreading it further, they’ll stop and think.…” 77 

Appelbaum was energetic and did his best to promote Tor among privacy activists, cryptographers, and, most important of all, the radical cypherpunk movement that dreamed of using encryption to take on the power of governments and liberate the world from centralized control. In 2010, he snagged the support of Julian Assange, a silver-haired hacker who wanted to free the world of secrets. 

Tor Gets Radical 


Appelbaum and Julian Assange had met in Berlin sometime in 2005, just as the mysterious Australian hacker was getting ready to set WikiLeaks in motion. Assange’s idea for WikiLeaks was simple: government tyranny can only survive in an ecosystem of secrecy. Take away the ability of the powerful to keep secrets, and the whole facade will come crashing down around them. “We are going to fuck them all,” wrote Assange giddily on a secret listserv, after announcing his goal of raising $5 million for the WikiLeaks effort. “We’re going to crack the world open and let it flower into something new. If fleecing the CIA will assist us, then fleece we will.”
78 

Appelbaum watched as Assange slowly erected WikiLeaks from nothing, building up a dedicated following by trawling hacker conferences for would-be leakers. The two became good friends, and Appelbaum would later brag to journalist Andy Greenberg that they were so close, they’d fuck chicks together. One New Year’s morning the two woke up in an apartment in Berlin in one bed with two women. “That was how we rolled in 2010,” he said. 

Soon after that supposedly wild night, Appelbaum decided to attach himself to the WikiLeaks cause. He spent a few weeks with Assange and the original WikiLeaks crew in Iceland as they prepared their first major release and helped secure the site’s anonymous submissions system using Tor’s hidden service feature, which hid the physical location of WikiLeaks servers and in theory made them much less susceptible to surveillance and attack. From then on, the WikiLeaks site proudly advertised Tor: “secure, anonymous, distributed network for maximum security.” 

Appelbaum’s timing couldn’t have been better. Late that summer WikiLeaks caused an international sensation by publishing a huge cache of classified government documents stolen and leaked by Chelsea (née Bradley) Manning, a young US Army private who was stationed in Iraq. First came the war logs from Afghanistan, showing how the United States had systematically underreported civilian casualties and operated an elite assassination unit. Next came the Iraq War logs, providing irrefutable evidence that America had armed and trained death squads in a brutal counterinsurgency campaign against Iraq’s Sunni minority, which helped fuel the Shia-Sunni sectarian war that led to hundreds of thousands of deaths and ethnic cleansing in parts of Baghdad. 79 Then came the US diplomatic cables, offering an unprecedented window into the inner workings of American diplomacy: regime change, backroom deals with dictators, corruption of foreign leaders brushed under the table in the name of stability. 80 

Assange was suddenly one of the most famous people in the world—a fearless radical taking on the awesome power of the United States. Appelbaum did his best to be Assange’s right-hand man. He served as the organization’s official American representative and bailed the founder of WikiLeaks out of tough spots when the heat from US authorities got too hot. 81 Appelbaum became so intertwined with WikiLeaks that apparently some staffers talked about him leading the organization if something were to happen to Assange. 82 But Assange kept firm control of WikiLeaks, even after he was forced to go into hiding at the Ecuadorian embassy in London to escape extradition back to Sweden to face an investigation of rape allegations. 

It’s not clear whether Assange knew that Appelbaum’s salary was being paid by the same government he was trying to destroy. What is clear is that Assange gave Appelbaum and Tor wide credit for helping WikiLeaks. “Jake has been a tireless promoter behind the scenes of our cause,” he told a reporter. “Tor’s importance to WikiLeaks cannot be understated.” 83 

With those words, Appelbaum and the Tor Project became central heroes in the WikiLeaks saga, right behind Assange. Appelbaum leveraged his new rebel status for all it was worth. He regaled reporters with wild stories of how his association with WikiLeaks made him a wanted man. He talked about being pursued, interrogated, and threatened by shadowy government forces. He described in chilling detail how he and everyone he knew were thrown into a nightmare world of Big Brother harassment and surveillance. He claimed his mother was targeted. His girlfriend received nightly visits by men clad in black. “I was in Iceland working with a friend about their constitution’s reform. And she saw two men outside of her house on the ground floor in her backyard, meaning that they were on her property inside of a fence. And they—one of them was wearing night vision goggles and watching her sleep,” he recounted in a radio interview. “So she just laid in bed in pure terror for the period of time in which they stood there and watched her. And presumably, this is because there was a third person in the house placing a bug or doing something else, and they were keeping watch on her to make sure that if she were to hear something or to get up, they would be able to alert this other person.” 84 

He was a great performer and had a knack for giving journalists what they wanted. He spun fantastic stories, and Tor was at the center of them all. Reporters lapped it up. The more exaggerated and heroic his performance, the more attention flowed his way. News articles, radio shows, television appearances, and magazine spreads. The media couldn’t get enough. 

In December 2010, Rolling Stone published a profile of Appelbaum as “the Most Dangerous Man in Cyberspace.” The article portrayed him as a fearless techno-anarchist warrior who had dedicated his life to taking down America’s evil military-surveillance apparatus, no matter the cost to his own life. It was full of high drama, chronicling Appelbaum’s life on the post-WikiLeaks run. Descriptions of barren hideout apartments, Ziploc bags filled with cash from exotic locations, and photos of scantily clad punk girls—presumably Appelbaum’s many love interests. “Appelbaum has been off the grid ever since— avoiding airports, friends, strangers and unsecure locations, traveling through the country by car. He’s spent the past five years of his life working to protect activists around the world from repressive governments. Now he is on the run from his own,” wrote Rolling Stone reporter Nathaniel Rich. 85 

His association with WikiLeaks and Assange boosted the Tor Project’s public profile and radical credentials. Support and accolades poured in from journalists, privacy organizations, and government watchdogs. The American Civil Liberties Union partnered with Appelbaum on an Internet privacy project, and New York’s Whitney Museum—one of the leading modern art museums in the world— invited him for a “Surveillance Teach-In.” 86 The Electronic Frontier Foundation gave Tor its Pioneer Award, and Roger Dingledine made it on Foreign Policy magazine’s list of Top 100 Global Thinkers for protecting “anyone and everyone from the dangers of Big Brother.” 87 

As for Tor’s deep, ongoing ties to the US government? Well, what of them? To any doubters, Jacob Appelbaum was held up as living, breathing proof of the radical independence of the Tor Project. “If the users or developers he meets worry that Tor’s government funding compromises its ideals, there’s no one better than Appelbaum to show the group doesn’t take orders from the feds,” wrote journalist Andy Greenberg in This Machine Kills Secrets, a book about WikiLeaks. “Appelbaum’s best evidence of Tor’s purity from Big Brother’s interference, perhaps, is his very public association with WikiLeaks, the American government’s least favorite website.” 

With Julian Assange endorsing Tor, reporters assumed that the US government saw the anonymity nonprofit as a threat. But internal documents obtained through FOIA from the Broadcasting Board of Governors, as well as an analysis of Tor’s government contracts, paint a different picture. They reveal that Appelbaum and Dingledine worked with Assange on securing WikiLeaks with Tor since late 2008 and that they kept their handlers at the BBG informed about their relationship and even provided information about the inner workings of WikiLeaks secure submissions system. 

“Talked to the WikiLeaks people (Daniel and Julian) about their use of Tor hidden services, and how we can make things better for them,” Dingledine wrote in a progress report he sent to the BBG in January 2008. “It turns out they use the hidden service entirely as a way to keep users from screwing up—either it works and they know they’re safe or it fails, but either way they don’t reveal what they’re trying to leak locally. So I’d like to add a new ‘secure service’ feature that’s just like a hidden service but it only makes one hop from the server side rather than three. A more radical design would be for the ‘intro point’ to be the service itself, so it really would be like an exit enclave.” 88 In another progress report sent to the BBG two years later, in February 2010, Dingledine wrote, “Jacob and WikiLeaks people met with policymakers in Iceland to discuss freedom of speech, freedom of press, and that online privacy should be a fundamental right.” 

No one at the BBG raised any objections. To the contrary, they appeared to be supportive. We do not know if anyone at the BBG forwarded this information to some other government body, but it would not be hard to imagine that information about WikiLeaks’ security infrastructure and submission system was of great interest to US intelligence agencies. 

Perhaps most telling was that support from the BBG continued even after WikiLeaks began publishing classified government information and Appelbaum became the target of a larger Department of Justice investigation into WikiLeaks. For example, on July 31, 2010, CNET reported that Appelbaum had been detained at the Las Vegas airport and questioned about his relationship with WikiLeaks. 89 News of the detention made headlines around the world, once again highlighting Appelbaum’s close ties to Julian Assange. And a week later, Tor’s executive director Andrew Lewman, clearly worried that this might affect Tor’s funding, emailed Ken Berman at the BBG in the hopes of smoothing things over and answering “any questions you may have about the recent press regarding Jake and WikiLeaks.” But Lewman was in for a pleasant surprise: Roger Dingledine had been keeping the folks at the BBG in the loop, and everything seemed to be okay. “Great stuff, thx. Roger answered a number of questions when he met us this week in DC,” Berman replied. 90 

Unfortunately, Berman didn’t explain in the email what he and Dingledine discussed about Appelbaum and WikiLeaks during their meeting. What we do know is that Tor’s association with WikiLeaks produced no real negative impact on Tor’s government contracts. 91 

Its 2011 contracts came in without a hitch—$150,000 from the Broadcasting Board of Governors and $227,118 from the State Department. 92 Tor was even able to snag a big chunk of money from the Pentagon: a new $503,706 annual contract from the Space and Naval Warfare Systems Command, an elite information and intelligence unit that houses a top-secret cyber-warfare division. 93 The navy contract was passed through SRI, the old Stanford military contractor that had done counterinsurgency, networking, and chemical weapons work for ARPA back in the 1960s and 1970s. The funds were part of a larger navy “Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance” program to improve military operations. A year later, Tor would see its government contracts more than double to $2.2 million: $353,000 from the State Department, $876,099 from the US Navy, and $937,800 from the Broadcasting Board of Governors. 94 

When I crunched the numbers, I couldn’t help but do a double take. It was incredible. WikiLeaks had scored a direct hit on Tor’s government backers, including the Pentagon and State Department. Yet Appelbaum’s close partnership with Assange produced no discernable downside. 

I guess it makes sense, in a way. WikiLeaks might have embarrassed some parts of the US government, but it also gave America’s premier Internet Freedom weapon a major injection of credibility, enhancing its effectiveness and usefulness. It was an opportunity. 

Social Media as a Weapon 
In 2011, less than a year after WikiLeaks broke onto the world stage, the Middle East and North Africa exploded like a powder keg. Seemingly out of nowhere, huge demonstrations and protests swept through the region. It started in Tunisia, where a poor fruit seller lit himself on fire to protest humiliating harassment and extortion at the hands of the local police. He died from his burns on January 4, triggering a national protest movement against Tunisia’s dictatorial president, Zine El Abidine Ben Ali, who had ruled the country for twenty-three years. Within weeks, massive anti-government protests spread to Egypt, Algeria, Oman, Jordan, Libya, and Syria. 

The Arab Spring had arrived. 

In Tunisia and Egypt, these protest movements toppled longstanding dictatorships from within. In Libya, opposition forces deposed and savagely killed Muammar Gaddafi, knifing him in the anus, after an extensive bombing campaign from NATO forces. In Syria, protests were met with a brutal crackdown from Bashar Assad’s government, and led to a protracted war that would claim hundreds of thousands of lives and trigger the worst refugee crisis in recent history, pulling in Saudi Arabia, Turkey, Israel, the CIA, the Russian Air Force and special operations teams, Al-Qaeda, and ISIL. Arab Spring turned into a long, bloody winter. 

The underlying causes of these opposition movements were deep, complex, and varied from country to country. Youth unemployment, corruption, drought and related high food prices, political repression, economic stagnation, and longstanding geopolitical aspirations were just a few of the factors. To a young and digitally savvy crop of State Department officials and foreign policy planners, these political movements had one thing in common: they arose because of the democratizing power of the Internet. They saw social media sites like Facebook, Twitter, and YouTube as democratic multipliers that allowed people to get around official state-controlled information sources and organize political movements quickly and efficiently. 

“The Che Guevara of the 21st Century is the network,” Alec Ross, a State Department official in charge of digital policy under Secretary of State Hillary Clinton, gushed in the NATO Review, the official magazine of the North Atlantic Treaty Organization. 95 His Che reference smacks of hypocrisy or perhaps ignorance; Che, after all, was executed by Bolivian forces backed by the United States, in particular, by the CIA.[effin clown dc] 

The idea that social media could be weaponized against countries and governments deemed hostile to US interests wasn’t a surprise. For years the State Department, in partnership with the Broadcasting Board of Governors and companies like Facebook and Google, had worked to train activists from around the world on how to use Internet tools and social media to organize opposition political movements. Countries in Asia, the Middle East, and Latin America as well as former Soviet states like the Ukraine and Belarus were all on the list. Indeed, the New York Times reported that many of the activists who played leading roles in the Arab Spring—from Egypt to Syria to Yemen—had taken part in these training sessions. 96 

“The money spent on these programs was minute compared with efforts led by the Pentagon,” reported the New York Times in April 2011. “But as American officials and others look back at the uprisings of the Arab Spring, they are seeing that the United States’ democracy-building campaigns played a bigger role in fomenting protests than was previously known, with key leaders of the movements having been trained by the Americans in campaigning, organizing through new media tools and monitoring elections.” The trainings were politically charged and were seen as a threat by Egypt, Yemen, and Bahrain—all of which lodged complaints with the State Department to stop meddling in their domestic affairs, and even barred US officials from entering their countries. 97 

An Egyptian youth political leader who attended State Department training sessions and then went on to lead protests in Cairo told the New York Times, “We learned how to organize and build coalitions. This certainly helped during the revolution.” A different youth activist, who had participated in Yemen’s uprising, was equally enthusiastic about the State Department social media training: “It helped me very much because I used to think that change only takes place by force and by weapons.” 

Staff from the Tor Project played a role in some of these trainings, taking part in a series of Arab Blogger sessions in Yemen, Tunisia, Jordan, Lebanon, and Bahrain, where Jacob Appelbaum taught opposition activists how to use Tor to get around government censorship. 98 “Today was fantastic… really a fantastic meeting of minds in the Arab world! It’s enlightening and humbling to have been invited. I really have to recommend visiting Beirut. Lebanon is an amazing place. Friendly people, good food, intense music, insane taxis,” Appelbaum tweeted after an Arab Bloggers training event in 2009, adding: “If you’d like to help Tor please sign up and help translate Tor software into Arabic.” 99 

Activists later put the skills taught at these training sessions to use during the Arab Spring, routing around Internet blocks that their governments threw up to prevent them from using social media to organize protests. “There would be no access to Twitter or Facebook in some of these places if you didn’t have Tor. All of the sudden, you had all these dissidents exploding under their noses, and then down the road you had a revolution,” Nasser Weddady, a prominent Arab Spring activist from Mauritania, later told Rolling Stone. Weddady, who had taken part in the Tor Project’s training sessions and who had translated a widely circulated guide on how to use the tool into Arabic, credited it with helping keep the Arab Spring uprisings alive. “Tor rendered the government’s efforts completely futile. They simply didn’t have the know-how to counter that move.” 100 

From a higher vantage point, the Tor Project was a wild success. It had matured into a powerful foreign policy tool—a soft-power cyber weapon with multiple uses and benefits. It hid spies and military agents on the Internet, enabling them to carry out their missions without leaving a trace. It was used by the US government as a persuasive regime-change weapon, a digital crowbar that prevented countries from exercising sovereign control over their own Internet infrastructure. Counterintuitively, Tor also emerged as a focal point for anti-government privacy activists and organizations, a huge cultural success that made Tor that much more effective for its government backers by drawing fans and helping shield the project from scrutiny. And Tor was just the beginning. 

The Arab Spring provided the US government with the confirmation it was looking for. Social media, combined with technologies like Tor, could be tapped to bring huge masses of people onto the streets and could even trigger revolutions. Diplomats in Washington called it “democracy promotion.” Critics called it regime change. 101 But it didn’t matter what you called it. The US government saw that it could leverage the Internet to sow discord and inflame political instability in countries it considered hostile to US interests. Good or bad, it could weaponize social media and use it for insurgency. And it wanted more. 102 

In the wake of the Arab Spring, the US government directed even more resources to Internet Freedom technologies. The plan was to go beyond the Tor Project and launch all sorts of crypto tools to leverage the power of social media to help foreign activists build political movements and organize protests: encrypted chat apps and ultra secure operating systems designed to prevent governments from spying on activists, anonymous whistle-blowing platforms that could help expose government corruption, and wireless networks that could be deployed instantaneously anywhere in the world to keep activists connected even if their government turned off the Internet. 103 

Strangely enough, these efforts were about to get a major credibility boost from an unlikely source: an NSA contractor by the name of Edward Snowden. 

Strange Alliances 
The post-WikiLeaks years were good for the Tor Project. With the government contracts flowing, Roger Dingledine expanded the payroll, adding a dedicated crew of developers and managers who saw their job in messianic terms: to free the Internet of government surveillance. 104 

Jacob Appelbaum, too, was doing well. Claiming that harassment from the US government was too much to bear, he spent most of his time in Berlin in a sort of self-imposed exile. There, he continued to do the job Dingledine had hired him to do. He traveled the world training political activists and persuading techies and hackers to join up as Tor volunteers. He also did various side projects, some of which blurred the line between activism and intelligence gathering. In 2012, he made a trip to Burma, a longtime target of US government regime-change efforts. 105 The purpose of the trip was to probe the country’s Internet system from within and collect information on its telecommunications infrastructure, information that was then used to compile a government report for policymakers and “international investors” interested in penetrating Burma’s recently deregulated telecom market. 106

Appelbaum continued to draw a high five-figure salary from Tor, a government contractor funded almost exclusively by military and intelligence grants. But, to the public, he was a real-life superhero on the run from the US surveillance state—now hiding out in Berlin, the nerve center of the global hacker scene known for its nerdy mix of machismo, all-night hackathons, drug use, and partner swapping. He was a member of the Internet Freedom elite, championed by the American Civil Liberties Union and the Electronic Frontier Foundation, given a board seat on eBay founder Pierre Omidyar’s Freedom of the Press Foundation, and occupied an advisory role for London’s Centre for Investigative Journalism. His fame and rebel status only made his job as Tor’s pitchman more effective. 

In Berlin, Appelbaum caught another lucky break for the Tor Project. In 2013, his good friend and sometimes-lover Laura Poitras, an American documentary filmmaker who also lived in the German capital in self-imposed exile, was contacted by a mysterious source who told her he had access to the crown jewels of the National Security Agency: documents that would blow America’s surveillance apparatus wide open. 107 Poitras tapped Appelbaum’s knowledge of Internet systems to come up with a list of questions to vet the possible leaker and to make sure he really was the NSA technician he claimed to be. This source turned out to be Edward Snowden. 108 

From the start, the Tor Project stood at the center of Snowden’s story. The leaker’s endorsement and promotion introduced the project to a global audience, boosting Tor’s worldwide user base from one million to six million almost overnight and injecting it into the heart of a burgeoning privacy movement. In Russia, where the BBG and Dingledine had tried but failed to recruit activists for their Tor deployment plan, use of the software increased from twenty thousand daily connections to somewhere around two hundred thousand. 109 

During a promotional campaign for the Tor Project, Snowden said: 

Without Tor, the streets of the Internet become like the streets of a very heavily surveilled city. There are surveillance cameras everywhere, and if the adversary simply takes enough time, they can follow the tapes back and see everything you’ve done. With Tor, we have private spaces and private lives, where we can choose who we want to associate with and how, without the fear of what that is going to look like if it is abused. The design of the Tor system is structured in such a way that even if the US Government wanted to subvert it, it couldn’t. 110 

Snowden didn’t talk about Tor’s continued government funding, nor did he address an apparent contradiction: why the US government would fund a program that supposedly limited its own power. 111 

Whatever Snowden’s private thoughts on the matter, his endorsement gave Tor the highest possible seal of approval. It was like a Hacker’s Medal of Valor. With Snowden’s backing, no one even thought to question Tor’s radical anti-government bona fides. [so what this all means is that Tor, Wikileaks, Assange, Snowden all part of a con by Washington DC dc]

To some, Edward Snowden was a hero. To others, he was a traitor who deserved to be executed. Officials at the NSA claimed that he had caused irreparable harm to the security of the country, and every intelligence agency and contractor went on to invest in costly “insider threat” programs designed to spy on employees and make sure that another Edward Snowden would never pop up again. Some called for bringing him back in a black-ops kidnapping; others, like Donald Trump, called for him to be assassinated. 112 Anatoly Kucherena, Snowden’s Russian lawyer, claimed that the leaker’s life was in danger. “There are real threats to his life out there that actually do exist,” he told one reporter. 

Indeed, a lot of hate and malice was pointed in Snowden’s direction, but to those running the Internet Freedom wing of the US military intelligence apparatus, his embrace of Tor and crypto culture could not have come at a better moment. 

In early January 2014, six months after Snowden’s leaks, Congress passed the Consolidated Appropriations Act, an omnibus federal spending bill. Tucked into the bill’s roughly fifteen hundred pages was a short provision that dedicated $50.5 million to the expansion of the US government’s Internet Freedom arsenal. The funds were to be split evenly between the State Department and the Broadcasting Board of Governors. 113 

Although Congress had been providing funds for various anti censorship programs for years, this was the first time that it budgeted money specifically for Internet Freedom. The motivation for this expansion came out of the Arab Spring. The idea was to make sure the US government would maintain its technological advantage in the censorship arms race that began in the early 2000s, but the funds were also going into developing a new generation of tools aimed at leveraging the power of the Internet to help foreign opposition activists organize into cohesive political movements. 114 

The BBG’s $25.25 million cut of the cash more than doubled the agency’s anti-censorship technology budget from the previous year, and the BBG funneled the money into the Open Technology Fund, 115 a new organization it had created within Radio Free Asia to fund Internet Freedom technologies in the wake of the Arab Spring. 116 

Initially launched by the Central Intelligence Agency in 1951 to target China with anticommunist radio broadcasts, Radio Free Asia had been shuttered and relaunched several times over the course of its history. 117 In 1994, after the fall of the Soviet Union, it reappeared Terminator-like as a private nonprofit corporation wholly controlled and funded by the Broadcasting Board of Governors. 118 Focused on whipping up anticommunist sentiment in North Korea, Vietnam, Laos, Cambodia, Burma, and China, Radio Free Asia played a central role in the US government’s anti-censorship arms race that had been brewing ever since the BBG began pushing its China broadcasts through the Internet. Radio Free Asia had trouble shedding its covert Cold War tactics. 119 In North Korea, it smuggled in tiny radios and buried cellphones just inside the country’s border with China so that its network of informants could report back on conditions inside the country. Following the death of Kim Jong Il in 2011, the radio “kicked into 24/7 emergency mode” to beam nonstop coverage of the death into North Korea in the hopes of triggering a mass uprising. Radio Free Asia executives hoped that, bit by bit, the stream of anticommunist propaganda directed at the country would bring about the collapse of the government. 120 

Now, with the Open Technology Fund (OTF), Radio Free Asia oversaw the funding of America’s Internet Freedom programs. To run OTF’s day-to-day operations, Radio Free Asia hired Dan Meredith, a young techie who worked at Al-Jazeera in Qatar and who had been involved in the State Department’s anti-censorship initiatives going back to 2011. 121 With a scruffy beard and messy blond surfer hair, Meredith wasn’t a typical stuffy State Department suit. He was fluent in cypherpunk-hacktivist lingo and was very much a part of the grassroots privacy community he sought to woo. In short, he wasn’t the kind of person you’d expect to run a government project with major foreign policy implications. 

With him at the helm, OTF put a lot of effort on branding. Outwardly, it looked like a grassroots privacy activist organization, not a government agency. It produced hip 8-bit YouTube videos about its mission to use “public funds to support Internet freedom projects” and promote “human rights and open societies.” Its web layout constantly changed to reflect the trendiest design standards. 

But if OTF appeared scrappy, it was also extremely well connected. The organization was supported by a star-studded team—from best-selling science fiction authors to Silicon Valley executives and celebrated cryptography experts. Its advisory board included big names from the Columbia Journalism School, the Electronic Frontier Foundation, the Ford Foundation, Open Society Foundations, Google, Slack, and Mozilla. Andrew McLaughlin, the former head of Google’s public relations team who had brought in Al Gore to talk a California state senator into canceling legislation that would regulate Gmail’s email scanning program, was part of the OTF team. So was Cory Doctorow, a best-selling young adult science fiction author whose books about a totalitarian government’s surveillance were read and admired by Laura Poitras, Jacob Appelbaum, Roger Dingledine, and Edward Snowden. 122 Doctorow was a huge personality in the crypto movement who could fill giant conference halls at privacy conferences. He publicly endorsed OTF’s Internet Freedom mission. “I’m proud to be a volunteer OTF advisor,” he tweeted. 

From behind this hip and connected exterior, BBG and Radio Free Asia built a vertically integrated incubator for Internet Freedom technologies, pouring millions into projects big and small, including everything from evading censorship to helping political organizing, protests, and movement building. With its deep pockets and its recruitment of big-name privacy activists, the Open Technology Fund didn’t just thrust itself into the privacy movement. In many ways, it was the privacy movement. 

It set up lucrative academic programs and fellowships, paying out $55,000 a year to graduate students, privacy activists, technologists, cryptographers, security researchers, and political scientists to study “the Internet censorship climate in former Soviet states,” probe the “technical capacity” of the Great Firewall of China, and track the “use of oppressive spyware command and control servers by repressive governments.” 123 

It expanded the reach and speed of the Tor Project network and directed several million dollars to setting up high-bandwidth Tor exit nodes in the Middle East and Southeast Asia, both high-priority regions for US foreign policy. 124 It bankrolled encrypted chat apps, ultrasecure operating systems supposedly impervious to hacking, and next-generation secure email initiatives designed to make it hard for governments to spy on activists’ communications. It backed anonymous WikiLeaks-like tools for leakers and whistle-blowers who wanted to expose their government’s corruption. It co-invested with the State Department in several “mesh networking” and “Internet-in-a-box” projects designed to keep activists connected even if their government tried turning off local Internet connections. 125 It provided a “secure cloud” infrastructure with server nodes all around the world to host Internet Freedom projects, operated a “legal lab” that offered grantees legal protection in case something came up, and even ran a “Rapid Response Fund” to provide emergency support to Internet Freedom projects that were deemed vital and that required immediate deployment. 126 

The Tor Project remained the best-known privacy app funded by the Open Technology Fund, but it was quickly joined by another: Signal, an encrypted mobile phone messaging app for the iPhone and Android. 

Signal was developed by Open Whisper Systems, a for-profit corporation run by Moxie Marlinspike, a tall, lanky cryptographer with a head full of dreadlocks. Marlinspike was an old friend of Jacob Appelbaum, and he played a similar radical game. He remained cryptic about his real name and identity, told stories of being targeted by the FBI, and spent his free time sailing and surfing in Hawaii. He had made a good chunk of money selling his encryption start-up to Twitter and had worked with the State Department on Internet Freedom projects since 2011, but he posed as a feisty anarchist fighting the system. His personal website was called thoughtcrime.org—a reference to George Orwell’s 1984, which seemed a bit tongue-in-cheek given that he was taking big money—nearly $3 million—from Big Brother to develop his privacy app. 127 

Signal was a huge success. Journalists, privacy activists, and cryptographers hailed Signal as an indispensable Internet privacy tool. It was a complement to Tor in the age of mobile phones. While Tor anonymized browsing, Signal encrypted voice calls and text, making it impossible for governments to monitor communication. Laura Poitras gave it two secure thumbs up as a powerful people’s encryption tool and told everyone to use it every day. People at the ACLU claimed that Signal made federal agents weep. 128 The Electronic Frontier Foundation added Signal alongside Tor to its Surveillance Self-Defense guide. Fight for the Future, a Silicon Valley–funded privacy activist organization, described Signal and Tor as “NSA-proof” and urged people to use them. 

Edward Snowden was the combo’s biggest and most famous booster and repeatedly took to Twitter to tell his three million followers that he used Signal and Tor every day, and that they should do the same to protect themselves from government surveillance. “Use Tor. Use Signal,” he tweeted out. 129 

With endorsements like these, Signal quickly became the go-to app for political activists around the world. Egypt, Russia, Syria, and even the United States—millions downloaded Signal, and it became the communication app of choice for those who hoped to avoid police surveillance. Feminist collectives, anti–President Donald Trump protesters, communists, anarchists, radical animal rights organizations, Black Lives Matter activists—all flocked to Signal. Many were heeding Snowden’s advice: “Organize. Compartmentalize to limit compromise. Encrypt everything, from calls to texts (use Signal as a first step).” 130 

Silicon Valley cashed in on OTF’s Internet Freedom spending as well. Facebook incorporated Signal’s underlying encryption protocol into WhatsApp, the most popular messaging app in the world. Google followed suit, building Signal encryption into its Allo and Duo text and video messaging apps. 131 It was a smart move because the praise flowed in. “Allo and Duo’s new security features, in other words, are Google’s baby steps towards a fully-encrypted future, not the sort of bold moves to elevate privacy above profit or politics that some of its competitors have already taken,” wrote Wired’s Andy Greenberg. “But for a company built on a data collection model that’s often fundamentally opposed to privacy, baby steps are better than none at all.” 

If you stepped back to survey the scene, the entire landscape of this new Internet Freedom privacy movement looked absurd. Cold War–era organizations spun off from the CIA now funding the global movement against government surveillance? Google and Facebook, companies that ran private surveillance networks and worked hand in hand with the NSA, deploying government-funded privacy tech to protect their users from government surveillance? Privacy activists working with Silicon Valley and the US government to fight government surveillance—and with the support of Edward Snowden himself? 

It is very hard to imagine that back in the 1960s student radicals at Harvard and MIT would have ever thought to partner with IBM and the State Department to protest against Pentagon surveillance. If they did, they probably would have been mocked and chased off campus, branded fools or—worse—as some kind of feds. Back then, the lines were clear, but today all these connections are obscured. Most people involved in privacy activism do not know about the US government’s ongoing efforts to weaponize the privacy movement, nor do they appreciate Silicon Valley’s motives in this fight. Without that knowledge, it is impossible to makes sense of it all. So, talk of government involvement in the privacy space sounds like something cooked up by a paranoiac. 

In any event, with support from someone as celebrated as Edward Snowden, few had any reason to question why apps like Signal and Tor existed, or what larger purpose they served. It was easier and simpler to put your trust in app, and to believe in the idea that America still had a healthy civil society, where people could come together to fund tools that countervailed the surveillance power of the state. That suited the sponsors of Internet Freedom just fine. 

After Edward Snowden, OTF was triumphant. It didn’t mention the leaker by name in its promotional materials, but it profited from the crypto culture he promoted and benefited from his direct endorsement of the crypto tools it financed. It boasted that its partnership with both Silicon Valley and respected privacy activists meant that hundreds of millions of people could use the privacy tools the US government had brought to market. And OTF promised that this was just a start: “By leveraging social network effects, we expect to expand to a billion regular users taking advantage of OTF-supported tools and Internet Freedom technologies by 2015.” 132 

False Sense of Security 
While accolades for the Tor Project, Signal, and other crypto apps funded by the US government rolled in, a deeper look showed that they were not as secure or as impervious to government penetration as their proponents claimed. Perhaps no story better exemplifies the flaws in impenetrable crypto security than that of Ross Ulbricht, otherwise known as Dread Pirate Roberts, the architect of Silk Road. 

After its founding in 2012, Silk Road grew rapidly and appeared to be a place where organized criminals could hide in plain sight—until it wasn’t. In October 2013, four months after Edward Snowden came out of hiding and endorsed Tor, a twenty-nine-year-old native Texan by the name of Ross Ulbricht was arrested in a public library in San Francisco. He was accused of being Dread Pirate Roberts and was charged with multiple counts of money laundering, narcotics trafficking, hacking, and, on top of it all, murder. 

When his case went to trial a year later, the story of the Tor Project took on a different shade, demonstrating the power of marketing and ideology over reality. 

The internal communications and diaries recovered by investigators from Ulbricht’s encrypted laptop showed that he believed he was fully protected by Tor. He believed in Tor’s claims that were backed up by Edward Snowden and promoted by Jacob Appelbaum. He believed that everything he did in the murkiness of the dark web would have no bearing on him in the real world—he believed it so much that he not only built a massively illegal drug business on top of it but also ordered hits on anyone who threatened his business. His belief in the power of the Tor Project to create a cybernetic island completely impervious to the law persisted even in the face of strong countervailing evidence. 

Starting in March 2013, Silk Road was hit with multiple attacks that crashed the Tor hidden server software that enabled it to be on the dark web. Over and over the site’s real IP address leaked to the public, a mission-critical failure that could have made it trivial for law enforcement to track down the real identity of Dread Pirate Roberts. 133 Indeed, the attackers not only seemed to know the IP address of the Silk Road servers but also claimed to have hacked the site’s user data and demanded that he pay them to keep quiet. 

It seemed the party was over. Tor had failed. If it couldn’t protect his identity from a group of extortionists, how would it fare against the nearly unlimited resources of federal law enforcement? But Ulbricht still believed. Instead of shutting down Silk Road, he put out a contract with the Hells Angels to whack the extortionists, ultimately paying the motorcycle gang $730,000 to kill six people. “Commissioned hit on blackmailer with angels,” he wrote in his diary on March 29, 2013. Three days later, he followed it up with another note: “got word that blackmailer was executed [sic] / created file upload script.” 134 His nonchalance was born out of routine. Earlier that year, he had already paid $80,000 to have a former Silk Road administrator, who he suspected of stealing over $300,000, killed. 135 

Amazingly, just a month before his arrest, Ulbricht was contacted by the creators of Atlantis, one of the many copycat dark web drug stores inspired by Silk Road’s success. It was a friendly sort of outreach. They told him that Atlantis was permanently closing up shop because they got word of a major hole in Tor’s security, and they implied that he do the same. “I was messaged by one of their team who said they shut down because of an FBI doc leaked to them detailing vulnerabilities in Tor,” Ulbricht wrote in his diary. Yet, amazingly, he continued to run his site, confident that it would turn out fine in the end. “Had revelation about the need to eat well, get good sleep, and meditate so I can stay positive and productive,” he wrote on September 30. A day later, he was in federal custody. 

During his trial, it came out that the FBI and DHS had infiltrated Silk Road almost from the very beginning. A DHS agent had even taken over a senior Silk Road administrator account, which gave federal agents access to the back end of Silk Road’s system, a job for which Ulbricht paid the DHS agent $1,000 a week in Bitcoins. 136 Meaning, one of Ulbricht’s top lieutenants was a fed, and he had no idea. But it was Silk Road’s leaked IP address that ultimately led DHS agents to track Ulbricht’s connection to a cafe in San Francisco, and ultimately to him. 137 

Ulbricht confessed to being Dread Pirate Roberts and to setting up Silk Road. After being found guilty of seven felonies, including money laundering, drug trafficking, running a criminal enterprise, and identity fraud, he went from calling for revolution to begging the judge for leniency. “Even now I understand what a terrible mistake I made. I’ve had my youth, and I know you must take away my middle years, but please leave me my old age. Please leave a small light at the end of the tunnel, an excuse to stay healthy, an excuse to dream of better days ahead, and a chance to redeem myself in the free world before I meet my maker,” he said to the court. The judge had no pity. She hit him with a double life sentence without the possibility of parole. And more years may be added to the clock if he is convicted for any of his murders for hire. 

The fall of Silk Road pricked Tor’s invincibility. Even as Edward Snowden and organizations like the Electronic Frontier Foundation promoted Tor as a powerful tool against the US surveillance state, that very surveillance state was poking Tor full of holes. 138 

In 2014, the FBI along with the DHS and European law enforcement agencies went on the hunt for Silk Road copycat stores, taking down fifty marketplaces hawking everything from drugs to weapons to credit cards to child abuse pornography in an international sweep codenamed Operation Omynous. In 2015, international law enforcement in conjunction with the FBI arrested more than five hundred people linked with Playpen, a notorious child pornography network that ran on the Tor cloud. Seventy-six people were prosecuted in the United States, and nearly three hundred child victims from around the world were rescued from their abusers. 139 These raids were targeted and extremely effective. It seemed that cops knew exactly where to hit and how to do it. 

What was going on? How did law enforcement penetrate what was supposed to be ironclad anonymity strong enough to withstand an onslaught by the NSA? 

Confirmation was hard to come by, but Tor’s Roger Dingledine was convinced that at least some of these stings were using an exploit developed by a group at Carnegie Mellon University in Pennsylvania. Working under a Pentagon contract, researchers had figured out a cheap and easy way to crack Tor’s super-secure network with just $3,000 worth of computer equipment. 140 Dingledine accused the researchers of selling this method to the FBI. 

“The Tor Project has learned more about last year’s attack by Carnegie Mellon researchers on the hidden service subsystem. Apparently these researchers were paid by the FBI to attack hidden services users in a broad sweep, and then sift through their data to find people whom they could accuse of crimes,” he lashed out in a blog post in November 2015, saying that he had been told the FBI paid at least $1 million for these services. 141 

It was strange to see Dingledine getting angry about researchers taking money from law enforcement when his own salary was paid almost entirely by military and intelligence-linked contracts. But Dingledine did something that was even stranger. He accused Carnegie Mellon researchers of violating academic standards for ethical research by working with law enforcement. He then announced that the Tor Project would publish guidelines for people who might want to hack or crack Tor for “academic” and “independent research” purposes in the future but do so in an ethical manner by first obtaining consent of the people who were being hacked. 

“Research on humans’ data is human research. Over the last century, we have made enormous strides in what research we consider ethical to perform on people in other domains,” read a draft of this “Ethical Tor Research” guide. “We should make sure that privacy research is at least as ethical as research in other fields.” The requirements set forth in this document include sections like: “Only collect data that is acceptable to publish” and “Only collect as much data as is needed: practice data minimization.” 142 

Although demands like this make sense in a research context, they were baffling when applied to Tor. After all, Tor and its backers, including Edward Snowden, presented the project as a real-world anonymity tool that could resist the most powerful attackers. If it was so frail that it needed academic researchers to abide by an ethical honor code to avoid deanonymizing users without their consent, how could it hold up to the FBI or NSA or the scores of foreign intelligence agencies from Russia to China to Australia that might want to punch through its anonymity systems? 

In 2015, when I first read these statements from the Tor Project, I was shocked. This was nothing less than a veiled admission that Tor was useless at guaranteeing anonymity and that it required attackers to behave “ethically” in order for it to remain secure. It must have come as an even greater shock to the cypherpunk believers like Ross Ulbricht, who trusted Tor to run his highly illegal Internet business and who is now in jail for the rest of his life. 

Tor’s spat with the researchers at Carnegie Mellon University revealed another confusing dynamic. Whereas one part of the federal government—which included the Pentagon, State Department, and the Broadcasting Board of Governors—funded the ongoing development of the Tor Project, another wing of this same federal government—which included the Pentagon, the FBI, and possibly other agencies—was working just as hard to crack it. 

What was going on? Why was the government working at cross-purposes? Did one part simply not know what the other was doing? 

Strangely enough, Edward Snowden’s NSA documents provided the beginnings of an answer. They showed that multiple NSA programs could punch through Tor’s defenses and possibly even uncloak the network’s traffic on a “wide scale.” They also showed that the spy agency saw Tor as a useful tool that concentrated potential “targets” in one convenient location. 143 In a word, the NSA saw Tor as a honeypot. 

In October 2013, the Washington Post reported on several of these programs, revealing that the NSA had been working to crack Tor since at least 2006, the same year that Dingledine signed his first contract with the BBG. 144 One of these programs, codenamed EGOTISTICALGIRAFFE, was actively used to trace the identity of Al-Qaeda operatives. “One document provided by Snowden included an internal exchange among NSA hackers in which one of them said the agency’s Remote Operations Center was capable of targeting anyone who visited an al-Qaeda Web site using Tor.” 145 Another set of documents, made public by the Guardian that same month, showed that the agency viewed Tor in a positive light. “Critical mass of targets use Tor. Scaring them away might be counterproductive. We will never get 100% but we don’t need to provide true IPs for every target every time they use Tor,” explained a 2012 NSA presentation. 146 Its point was clear: people with something to hide—whether terrorists, foreign spies, or drug dealers—believed in Tor’s promise of anonymity and used the network en masse. By doing so, they proceeded with a false sense of safety, doing things on the network they would never do out in the open, all while helping to mark themselves for further surveillance. 147 

This wasn’t surprising. The bigger lesson of Snowden’s NSA cache was that almost nothing happened on the Internet without passing through some kind of US government bug. Naturally, popular tools used by the public that promised to obfuscate and hide people’s communications were targets regardless of who funded them. 

As for the other crypto tools financed by the US government? They suffered similar security and honeypot pitfalls. Take Signal, the encrypted app Edward Snowden said he used every day. Marketed as a secure communication tool for political activists, the app had strange features built in from the very beginning. It required that users link their active mobile phone number and upload their entire address book into Signal’s servers—both questionable features of a tool designed to protect political activists from law enforcement in authoritarian countries. In most cases, a person’s phone number was effectively that person’s identity, tied to a bank account and home address. Meanwhile, a person’s address book contained that user’s friends, colleagues, fellow political activists, and organizers, virtually the person’s entire social network. 

Then there was the fact that Signal ran on Amazon’s servers, which meant that all its data were available to a partner in the NSA’s PRISM surveillance program. Equally problematic, Signal needed Apple and Google to install and run the app on people’s mobile phones. Both companies were, and as far as we know still are, partners in PRISM as well. “Google usually has root access to the phone, there’s the issue of integrity,” writes Sander Venema, a respected developer and secure-technology trainer, in a blog post explaining why he no longer recommends people use Signal for encrypted chat. “Google is still cooperating with the NSA and other intelligence agencies. PRISM is also still a thing. I’m pretty sure that Google could serve a specially modified update or version of Signal to specific targets for surveillance, and they would be none the wiser that they installed malware on their phones.” 148 

Equally weird was the way the app was designed to make it easy for anyone monitoring Internet traffic to flag people using Signal to communicate. All that the FBI or, say, Egyptian or Russian security services had to do was watch for the mobile phones that pinged a particular Amazon server used by Signal, and it was trivial to isolate activists from the general smartphone population. So, although the app encrypted the content of people’s messages, it also marked them with a flashing red sign: “Follow Me. I Have Something To Hide.” (Indeed, activists protesting at the Democratic National Convention in Philadelphia in 2016 told me that they were bewildered by the fact that police seemed to know and anticipate their every move despite their having used Signal to organize.) 149 

Debate about Signal’s technical design was moot anyway. Snowden’s leaks showed that the NSA had developed tools that could grab everything people did on their smartphones, which presumably included texts sent and received by Signal. In early March 2017, WikiLeaks published a cache of CIA hacking tools that confirmed the inevitable. The agency worked with the NSA as well as other “cyber arms contractors” to develop hacking tools that targeted smartphones, allowing it to bypass the encryption of Signal and any other encrypted chat apps, including Facebook’s WhatsApp. 150 “The CIA’s Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone,” explained a WikiLeaks press release. “These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied.” 

Disclosure of these hacking tools showed that, in the end, Signal’s encryption didn’t really matter, not when the CIA and NSA owned the underlying operating system and could grab whatever they wanted before encryption or obfuscation algorithms were applied. This flaw went beyond Signal and applied to every type of encryption technology on every type of consumer computer system. Sure, encryption apps might work against low-level opponents when used by a trained army intelligence analyst like Pvt. Chelsea Manning, who had used Tor while stationed in Iraq to monitor forums used by Sunni insurgents without giving away his identity. 151 They also might work for someone with a high degree of technical savvy—say, a wily hacker like Julian Assange or a spy like Edward Snowden—who can use Signal and Tor combined with other techniques to effectively cover their tracks from the NSA. But, for the average user, these tools provided a false sense of security and offered the opposite of privacy. 

The old cypherpunk dream, the idea that regular people could use grassroots encryption tools to carve out cyber islands free of government control, was proving to be just that, a dream. 

Crypto War, Who Is It Good For? 
Convoluted as the story may be, US government support for Internet Freedom and its underwriting of crypto culture makes perfect sense. The Internet came out of a 1960s military project to develop an information weapon. It was born out of a need to quickly communicate, process data, and control a chaotic world. Today, the network is more than a weapon; it is also a field of battle, a place where vital military and intelligence operations take place. Geopolitical struggle has moved online, and Internet Freedom is a weapon in that fight. 

If you take a big-picture view, Silicon Valley’s support for Internet Freedom makes sense as well. Companies like Google and Facebook first supported it as a part of a geopolitical business strategy, a way of subtly pressuring countries that closed their networks and markets to Western technology companies. But after Edward Snowden’s revelations exposed the industry’s rampant private surveillance practices to the public, Internet Freedom offered another powerful benefit. 

For years, public opinion has been stacked firmly against Silicon Valley’s underlying business model. In poll after poll, a majority of Americans have voiced their opposition to corporate surveillance and have signaled support for increased regulation of the industry. 152 This has always been a deal breaker for Silicon Valley. For many Internet companies, including Google and Facebook, surveillance is the business model. It is the base on which their corporate and economic power rests. Disentangle surveillance and profit, and these companies would collapse. Limit data collection, and the companies would see investors flee and their stock prices plummet. 

Silicon Valley fears a political solution to privacy. Internet Freedom and crypto offer an acceptable alternative. Tools like Signal and Tor provide a false solution to the privacy problem, focusing people’s attention on government surveillance and distracting them from the private spying carried out by the Internet companies they use every day. All the while, crypto tools give people a sense that they’re doing something to protect themselves, a feeling of personal empowerment and control. And all those crypto radicals? Well, they just enhance the illusion, heightening the impression of risk and danger. With Signal or Tor installed, using an iPhone or Android suddenly becomes edgy and radical. So instead of pushing for political and democratic solutions to surveillance, we outsource our privacy politics to crypto apps— software made by the very same powerful entities that these apps are supposed to protect us from. 

In that sense, Edward Snowden is like the branded face of an Internet consumerism-as-rebellion lifestyle campaign, like the old Apple ad about shattering Big Brother or the Nike spot set to the Beatles’ “Revolution.” While Internet billionaires like Larry Page, Sergey Brin, and Mark Zuckerberg slam government surveillance, talk up freedom, and embrace Snowden and crypto privacy culture, their companies still cut deals with the Pentagon, work with the NSA and CIA, and continue to track and profile people for profit. It is the same old split-screen marketing trick: the public branding and the behind-the-scenes reality. 

Internet Freedom is a win-win for everyone involved—everyone except regular users, who trust their privacy to double-dealing military contractors, while powerful Surveillance Valley corporations continue to build out the old military cybernetic dream of a world where everyone is watched, predicted, and controlled.

Epilogue
It is a crisp and sunny morning in late December 2015 when I take a right turn off a small country highway and drive into Mauthausen, a tiny medieval town in northern Austria about thirty-five miles from the border with the Czech Republic. I pass through a cluster of low-slung apartment buildings and continue on, driving through spotless green pastures and pretty little farmsteads. 

I park on a hill overlooking the town. Below is the wide Danube River. Clusters of rural homes poke out from the cusp of two soft green hills, smoke lazily wafting out of their chimneys. A small group of cows is out to pasture, and I can hear the periodic braying of a flock of sheep. Out in the distance, the hills recede in layers of hazy green upon green, like the scales of a giant sleeping dragon. The whole scene is framed by the jagged white peaks of the Austrian Alps. 

Mauthausen is an idyllic place. Calm, almost magical. Yet I drove here not to enjoy the view but to get close to something I came to fully understand only while writing this book. Today, computer technology frequently operates unseen, hidden in gadgets, wires, chips, wireless signals, operating systems, and software. We are surrounded by computers and networks, yet we barely notice them. If we think about them at all, we tend to associate them with progress. We rarely stop to think about the dark side of information technology—all the ways it can be used and abused to control societies, to inflict pain and suffering. Here, in this quiet country setting, stands a forgotten monument to that power: the Mauthausen Concentration Camp. 

Built on a mound above the town, it is amazingly well preserved: thick stone walls, squat guard towers, a pair of ominous smoke stacks connected to the camp’s gas chamber and crematorium. A few jagged metal bars stick out of the wall above the camp’s enormous gates, remnants of a giant iron Nazi eagle that was torn down immediately after liberation. It is quiet now, just a few solemn visitors. But in the 1930s, Mauthausen had been a vital economic engine of Hitler’s genocidal plan to remake Europe and the Soviet Union into his own backyard utopia. It started out as a granite quarry but quickly grew into the largest slave labor complex in Nazi Germany, with fifty subcamps that spanned most of modern-day Austria. Here, hundreds of thousands of prisoners—mostly European Jews but also Roma, Spaniards, Russians, Serbs, Slovenes, Germans, Bulgarians, even Cubans—were worked to death. They refined oil, built fighter aircraft, assembled cannons, developed rocket technology, and were leased out to private German businesses. Volkswagen, Siemens, Daimler-Benz, BMW, Bosch—all benefited from the camp’s slave labor pool. Mauthausen, the administrative nerve center, was centrally directed from Berlin using the latest in early computer technology: IBM punch card tabulators. 

No IBM machines are displayed at Mauthausen today. And, sadly, the memorial makes no mention of them. But the camp had several IBM machines working overtime to handle the big churn of inmates and to make sure there were always enough bodies to perform the necessary work. 1 These machines didn’t operate in isolation but were part of a larger slave labor control-and-accounting system that stretched across Nazi-occupied Europe, connecting Berlin to every major concentration and labor camp by punch card, telegraph, telephone, and human courier. This wasn’t the automated type of computer network system that the Pentagon would begin to build in the United States just a decade later, but it was an information network nonetheless: an electromechanical web that fueled and sustained Nazi Germany’s war machine with blazing efficiency. 2 It extended beyond the labor camps and reached into cities and towns, crunching mountains of genealogical data to track down people with even the barest whiff of Jewish blood or perceived racial impurity in a mad rush to fulfill Adolf Hitler’s drive to purify the German people. 3 The IBM machines themselves did not kill people, but they made the Nazi death machine run faster and more efficiently, scouring the population and tracking down victims in ways that would never have been possible without them. 

Of course, IBM tabulators didn’t start out in this capacity. They were invented in 1890 by a young engineer named Herman Hollerith to help the US Census Bureau count America’s growing immigrant population. Fifty years later, Nazi Germany employed the same technology to systematically carry out the Holocaust. 

This is, perhaps, a grim note on which to end a book about the Internet. But for me, the story of Mauthausen and IBM carries an important lesson about computer technology. Today, a lot of people still see the Internet as something uniquely special, something uncorrupted by earthly human flaws and sins. To many, progress and goodness are built in to the Internet’s genetic code: if left alone to evolve, the network will automatically lead to a better, more progressive world. This belief is embedded deep in our culture, resistant to facts and evidence. To me, Mauthausen is a powerful reminder of how computer technology can’t be separated from the culture in which it is developed and used. 

As I stood there surveying the idyllic pastoral scene in that horrible place, I thought about my conversation with Stephen Wolff, the National Science Foundation manager who helped privatize the Internet. “There are certainly values built in,” he told me. “Whether they’re exclusively Western values or not, I couldn’t say. There is no culture that I know of that has refused to use the Internet. So, there must be something universal about it. But is it a supra-national entity? No. The Internet is a piece of the world. It’s a mirror of the world, but it’s a piece of the world at the same time. It’s subject to all the ills that the rest of the world is subject to, and participates in the good things as well as the bad, and the bad things as well as the good.” 4 

Wolff captures it beautifully. The Internet, and the networked microprocessor technology on which it runs, does not transcend the human world. For good or ill, it is an expression of this world and was invented and is used in ways that reflect the political, economic, and cultural forces and values that dominate society. Today, we live in a troubled world, a world of political disenfranchisement, rampant poverty and inequality, unchecked corporate power, wars that seem to have no end and no purpose, and a runaway privatized military and intelligence complex—and hanging over it all are the prospects of global warming and environmental collapse. We live in bleak times, and the Internet is a reflection of them: run by spies and powerful corporations just as our society is run by them. But it isn’t all hopeless. 

It’s true that the development of computer technology has always been driven by a need to analyze huge amounts of complex data, monitor people, build predictive models of the future, and fight wars. In that sense, surveillance and control are embedded in the DNA of this technology. But not all control is equal. Not all surveillance is bad. Without them, there can be no democratic oversight of society. Ensuring oil refineries comply with pollution regulations, preventing Wall Street fraud, forcing wealthy citizens to pay their fair share of taxes, and monitoring the quality of food, air, and water—none of these would be possible. In that sense, surveillance and control are not problems in and of themselves. How they are used depends on our politics and political culture. 

Whatever shape the Internet and computer networks take in the future, it is safe to say that we will be living with this technology for a long time to come. By pretending that the Internet transcends politics and culture, we leave the most malevolent and powerful forces in charge of its built-in potential for surveillance and control. The more we understand and democratize the Internet, the more we can deploy its power in the service of democratic and humanistic values, making it work for the many, not the few.

notes and source



FAIR USE NOTICE
This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. As a journalist, I am making such material available in my efforts to advance understanding of artistic, cultural, historic, religious and political issues. I believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law.

In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. Copyrighted material can be removed on the request of the owner.

Part 1 Windswept House A VATICAN NOVEL....History as Prologue: End Signs

Windswept House A VATICAN NOVEL  by Malachi Martin History as Prologue: End Signs  1957   DIPLOMATS schooled in harsh times and in the tough...