The Tor Project’s Andrew Lewman responded to my questions about reports of the NSA’s tracking of Tor Project users with the following statement, posted on Tor’s website:
We’ve been thinking of state surveillance for years because of our work in places where journalists are threatened. Tor’s anonymity is based on distributed trust, so observing traffic at one place in the Tor network, even a directory authority, isn’t enough to break it. Tor has gone mainstream in the past few years, and its wide diversity of users — from civic-minded individuals and ordinary consumers to activists, law enforcement, and companies — is part of its security. Just learning that somebody visited the Tor or Tails website doesn’t tell you whether that person is a journalist source, someone concerned that her Internet Service Provider will learn about her health conditions, or just someone irked that cat videos are blocked in her location.
Trying to make a list of Tor’s millions of daily users certainly counts as widescale collection. Their attack on the bridge address distribution service shows their “collect all the things” mentality — it’s worth emphasizing that we designed bridges for users in countries like China and Iran, and here we are finding out about attacks by our own country. Does reading the contents of those mails violate the wiretap act? Now I understand how the Google engineers felt when they learned about the attacks on their infrastructure.