> CHAPTER 9
> TOR AND CITIZEN LAB
AT DEF CON back in 2001, as the Cult of the Dead Cow panel focused on hacktivism and touted the spin-off Hacktivismo, the group also announced what it said would be its first tool for evading government censorship. Dubbed “Peekabooty,” the idea was complex. Users in free countries could install the software and then serve as intermediaries for people behind national firewalls in China or elsewhere, who might not be able to reach forbidden religious, news, or other websites directly. They could contact the volunteers running Peekabooty, who would not be blocked, and the volunteers could automatically route the desired content to them over the commonplace Secure Sockets Layer encryption, used at sites whose web address begins with “https.” The authorities would not be able to read any traffic, and they would not be alarmed, because it would look like an ordinary encrypted business transaction.
Though the BBC had reported that the open-source project would be unleashed at Def Con, it was not ready for release. Laird Brown was hoping the advance publicity would attract more volunteers whom he could assign to different aspects of the job. The lead programmer to emerge and labor full-time on the task was software developer Paul Baranowski, who worked with Laird at Toronto start-up OpenCola. But Baranowski grew annoyed that Laird couldn’t find other programmers, and he and friend Joey deVilla left Hacktivismo with the code. They released it on their own at a San Francisco conference in February 2002. “Hacktivismo is good with thinking up new projects” but not with follow-through, Baranowski said. But they didn’t get critical mass, either. “Peekabooty’s most valuable contribution was to say, ‘Hey, this kind of thing is possible, here’s an idea, go run with it,” deVilla said. “Its truest value was as a proof of concept.”
In 2004, Laird announced what he called the Six/Four System, a reference to the June 4, 1989, Tiananmen Square massacre. Written by incoming cDc member Kemal Akman, a talented German hacker with the handle Mixter, Six/Four was another serious try at a safe network of proxies. “I thought subverting totalitarian governments was cool,” Kemal said. “cDc was making the most of its publicity for something positive.” Kemal spent more than a year getting Six/Four to a point where it could be published for others to build on. But Hacktivismo’s mailing list still only had about twenty active members and perhaps two hundred lurkers. Like Baranowski’s earlier attempt, Six/Four failed to thrive in the wild. All the same, Hacktivismo’s very public attempts to provide free secure web tools for the hundreds of millions of people under severe government scrutiny and restrictions inspired other programmers who got the job done. It turned out they didn’t need to invent a new tool, just revise an old one.
Back in the mid-nineties, three men at the US Naval Research Laboratory had come up with the idea of bouncing internet traffic from one server to another to a third to keep both ends anonymous from snoops in the middle. The first node would know only where the initial contact had come from and, after opening the first layer of the message, where to send the rest of the content. The second would know only that it had heard from the first node and that the content needed to go to a third node. And the third node would know the final content and who outside the network should receive it. No one would know both the content and the sender. Because this multistep unpeeling resembled an onion, the project became known as the Onion Router, later abbreviated as Tor. The Defense Advanced Research Projects Agency (DARPA) provided new funding in 1997, seizing on the effort as a way to protect US military and other undercover officials from being identified as they investigated online.
To the government, though, this system had a fatal flaw: anyone who was contacted via Tor would know a fed was knocking on the door. But one of the original navy trio, mathematician Paul Syverson, along with new collaborators Roger Dingledine and Nick Mathewson, discovered a way to make it appealing enough that people outside the government would use it too, effectively hiding the agents in the crowd. They completed a prototype in September 2002, seven months after Peekabooty code came out, and released a version of Tor to the public the following year.
Peekabooty and Six/Four were major influences on Tor. “One of the strongest ways that Peekabooty influenced Tor was in pushing us to make good, clear specifications of how Tor works and what it tries to achieve,” Dingledine said. In addition, he said, Peekabooty was years ahead of Tor in resisting censorship instead of just preserving anonymity. In 2004, craving funding from an outside and nongovernmental source, the Tor Project sought and won a grant from the Electronic Frontier Foundation, whose lawyers had already been involved in efforts by cDc and Hacktivismo. The EFF’s support, in turn, helped Tor get money from Human Rights Watch, Google, and other parts of the federal government. Among other things, the early competition from Hacktivismo showed potential funders that there was a real demand for anonymity services and that activists independent of the government wanted to provide it. “We saw them as a key part of our constituency and fellow travelers,” then EFF legal director and future executive director Cindy Cohn said of cDc. “These folks were trying to support the use of technology, sometimes really advanced stuff, to empower users and make social and political change. That’s what we believed in too.”
The friendly competition continued, to the good of the users. In 2006, Hacktivismo and a Texas cDc Ninja Strike Force member named Steve Topletz released the most popular of the group’s anonymity tools, another try at a protected browser, called Xerobank, or xB. This one was designed to work with Tor, which at that point allowed for computer-to-computer connections, email, and other services but not easy web surfing. This browser was a modified version of Firefox that could work from a USB stick. That meant it could go with a user to a public computer and leave no trace. Once again, by publicly working on a safe browser, Hacktivismo prodded Tor along. Tor released its own browser as part of a bundle, making it far more usable. By 2006, more users were relying on Tor to evade censorship, not to stay anonymous, and China had become the third-largest market, with about ten thousand daily users.
In 2006, Laird organized a conference on wireless technology in Dharamsala, India, the seat of the exiled Tibetan government. That helped establish the area as a place for idealistic developers to work. Laird moved to the city in 2009 and spent three years there helping the community without pay. He worked on security in the Dalai Lama’s office and helped build up local expertise. Then he spent two more years in Bangalore at an internet policy nonprofit.
Hacktivismo inspired hundreds or thousands of individuals and groups. Many had stories like Nathan Freitas’s. A New York tech worker at the turn of the millennium, Freitas first heard about Tibetan repression from concerts headlined by the Beastie Boys. Through a work acquaintance, in the late 1990s he stumbled across a tiny Tibetan group in the Hell’s Kitchen neighborhood that had only one modem and needed assistance setting up an office network. He did that, then noticed that there were viruses on virtually every machine. He realized that the Tibetans were under constant attack by the Chinese government.
In 2004, Freitas had to make a choice. The small start-up he helped found had been acquired by Palm, the smartphone pioneer, years before. Now Palm wanted to promote him and move him to Silicon Valley. But if he took that promotion, he’d be too busy for part-time activism. Freitas looked at what the hackers in cDc had been able to do. “They were hilarious, interesting, and effective,” he said. They showed that small groups could “impact nation-state or global corporate policies. It was cDc that made me say, ‘Maybe I can bring these things together.’”
Freitas quit Palm and used money from the acquisition to turn to hacktivism full-time. He went to China for a month with equipment to figure out how shortwave radio was being blocked and how to protect it. Then he helped start Tibet Action Institute with Students for a Free Tibet leader Lhadon Tethong, providing technical help and security advice to emigrants around the world. In the run-up to the Beijing Olympics in 2008, Freitas set up the satellite video feed to a publicly viewable website for a protest from the base camp on Mount Everest. The higher-profile activism brought more sophisticated cyberattacks from China, which just hardened his resolve. In just 2008, he equipped seventy people, many inside the mainland, with $3,000 crypto phones, burner phones, and netbooks. Freitas went to Dharamsala in 2008 to train Tibetans and met up with Laird. “He had this monk-like status, but he was this big, tall Canadian white guy,” Freitas said. Laird coached Freitas and helped brainstorm about how to accomplish more with less, and he introduced Freitas to his world of contacts. When Google launched Android, Freitas jumped to use it for making a secure phone more cheaply. Eventually, he masterminded a version of Tor for the phones. Since then, his program has been downloaded 17 million times, and he now heads all of Tor’s mobile offerings.
Laird also inspired what many independent security experts consider the best model for researching and exposing government use of the internet for repression: the Citizen Lab, at the University of Toronto’s Munk School of Global Affairs. It started with a University of Toronto student, Nart Villeneuve, all the way back in 2001. He had read cDc text files and was following along when the group launched Hacktivismo, soon joining that mailing list. Inspired, he launched a modest website tracking various hacktivism efforts, and he interviewed Laird for a text file of his own. “When I was starting out, I sort of became attracted to the mythical hacker archetype who could do everything,” Villeneuve said. Without a technical background, he was interested in traditional politics and protests. Initially, disruptive tactics like web defacements and denial-of-service attacks made sense to him. But Laird’s writing took him toward “a more constructive side of things,” he said, including getting around censorship. At the time, people in China were complaining that they couldn’t see some of the web, but there was no data about what was off-limits. Villeneuve came up with a way to test for website blocking and wrote a class paper on it for professor Ron Deibert. Deibert encouraged him to build out such software and hired him for what became the nonprofit OpenNet Initiative, which monitored censorship around the world. Then Villeneuve introduced Deibert to Laird.
The two men had long talks about the technological, social, political, and business challenges of keeping the internet as free as John Perry Barlow had declared it to be. They spoke about the need to get and publish objective, detailed information about what was happening inside routers and switches in hostile places. They agreed that the funding model for such a project had to be above reproach, so that it could not be accused of being in the pocket of an intelligence agency or a government. It would need to be able to get the word out to other researchers, the press, and the public, so that political pressure could be brought to bear on the implicated governments as well as companies, many of them based in the West, that provided the tools for censorship and spying.
“Some of our early interactions around hacktivism definitely were important to me in terms of setting up Citizen Lab,” Deibert said. “I was, like Laird, inspired by this hacking in the original sense of the word, combined with some political orientation or morality underneath it. I thought that was very appealing. I think we have the same outlook and philosophy about what’s acceptable and not.”
Major research belonged at a university, Laird argued, because it prioritized scholarship over profit or politics. Like Tor in the practical sphere, a university could take in some government money yet remain clean, as long as it declared its policies. It could also draw on those in multiple disciplines—computer and security experts but also political scientists. It would take a tremendous leap in ambition, since many colleges still didn’t even offer courses in security.
In the spring of 2001, after receiving approval from the University of Toronto and an initial grant from the Ford Foundation, Deibert opened the Citizen Lab, with Villeneuve as his first hire. The modest official mission: to study cyberspace “in the context of international security.” But the tools to be used ranged from technical exploration to field research to political theory. Almost immediately, the September 11 attacks multiplied the stakes. With US intelligence agencies lambasted for not knowing enough, surveillance was bound to soar in the West as well as the East. And that was just the beginning. The geopolitics of the internet were metastasizing, on their way to becoming one of the most significant and complex issues facing the world. It would be hard to find the answers. But no one would be in a better position to try.
Early on, the lab looked hard at web filters in the Arab world, including their suppliers and what pages or words were restricted. As part of that long-running effort, it found that Syria was using software from Silicon Valley firm Blue Coat to spy on its people, potentially violating US sanctions. The lab also took on the legal sale of exploits and other tools for what the industry calls “lawful interception,” tracking many cases where the vendors said they sold only to governments that respected human rights. Despite such claims, researchers often found repressive regimes deploying wares from companies like UK- and Germany-based Gamma Group and Italian firm Hacking Team against human rights advocates, journalists, and minority-party politicians. Much later, a devastating series of four front-page reports in the New York Times, driven by Citizen Lab findings, documented Israeli company NSO Group’s Pegasus spyware being used against Mexican journalists, politicians, and others in Mexico, including officials investigating mass disappearances and even anti-obesity campaigners. Mexico’s president ordered an investigation that the FBI concluded was a sham.
Time and time again, the lab’s independent academic structure gave it a way to write about what others could not. The university’s review board had to approve research methods on ethical as well as legal grounds. All the same, the retired head of Canada’s main intelligence agency once noted pointedly that some people thought Deibert should be arrested. As more countries turned to spying on each other over the net, using companies as stepping-stones or knowing accomplices, untangling it all could have had political and business repercussions for any private researchers. The same big companies that excelled at examining and explaining malicious software that served organized crime shied away from being as clear when they realized that the culprits were the governments controlling major markets for their security software. Governments themselves stayed mum because the intelligence agencies maintained dominance over cyber offense and defense within the bureaucracy, and such agencies preferred not to reveal what they knew.
Some specialized firms, such as Mandiant and CrowdStrike, disclosed more in private reports to clients, and they sometimes went public with accounts attributing infections in certain industries to coordinated campaigns by government-affiliated hacking groups. But they faced accusations of bias because their detection systems were only deployed in some countries, they had US government contracts, or they had marketing reasons for publishing what they did. Moscow-based Kaspersky Lab, likewise, became the best in the world at ferreting out US-sponsored cyberespionage campaigns, beginning with Stuxnet, the pathbreaking weapon that defanged Iranian nuclear centrifuges before its exposure in 2010 opened everyone’s eyes to the new era of cyberwarfare. But Kaspersky found very little new to say about Russian malware.
Citizen Lab could call things as it saw them. And it extended its reach by working with researchers inside other companies, including Google, who would have found it hard to publish under the name of their principal employer. The lab also worked with researchers at Amnesty International and the Electronic Frontier Foundation.
The lab’s work only got better and more important as the years went on. One of Villeneuve’s biggest projects was learning what spying was happening in Tibet. There was likely to be at least some, since activists were routinely stopped from entering China, at times arrested, and occasionally shown transcripts of their electronic chats with people inside China. They were risking their lives. Laird introduced the team to Greg Walton, who was still spending time in Dharamsala and working on Canadian-funded rights initiatives. Walton had good relations with the Tibetans, and Deibert hired him as a field researcher in 2008. For the first time, Deibert learned about targeted malware. Later, Walton got the Dalai Lama to agree to turn over the leadership’s computers for study. Attackers had riddled those machines with compromises. But a hunch led to a big payoff. The network traffic from many of the machines included the same string of twenty-two characters. So Villeneuve googled that string. In short order, he was on a machine in mainland China, looking at a portal listing hundreds of computers that same group had broken into. The victims included an email server for the Associated Press in Hong Kong, an unclassified computer at NATO headquarters, and embassies belonging to India, Pakistan, Germany, and Thailand.
Deibert’s team dubbed the spy network GhostNet. Citizen Lab disclosed it in 2009, making front pages around the world. Deibert had brought the New York Times in early, in part for maximum impact and in part as a hedge in case the Canadian government tried to suppress what the Citizen Lab had found. The first such account by a nongovernment agency and one of the first of any kind linking specific computer espionage to a world power, the GhostNet paper did not explicitly blame China. But that country was obviously behind this instance of what would become known as an advanced persistent threat, or a committed cyberspace adversary. Four servers controlled the penetrations, including one on the island of Hainan, home to the Third Technical Department of the Chinese People’s Liberation Army.
The team had worked feverishly to unwind all of the connections and document how they functioned. At the same time, the crew had wrestled with new issues about disclosure. If China had been found spying on a single identifiable person, they would have felt a responsibility to warn the victim, though there was no clear ethical rule on the matter. What if their own government was among the victims? What about other governments? Who should be told what, and when? Rather than go directly to Canadian intelligence and risk being co-opted, Deibert went to the Canadian computer emergency response team as a courtesy. The Citizen Lab also asked the Canadian foreign affairs ministry if it could pass along notifications to other countries. It took months for the ministry to even respond, and then it declined to help.
Nathan Freitas, the hacktivist and Tor specialist helping Tibetans, had run into a similar problem. As reports shed light on Chinese spying, more people came looking for copies of what infected the Tibetans. “Malware we got hit with, no one had ever seen before,” Freitas said. “Researchers came out of the woodwork saying, ‘Can we have a sample?’” Some were academics looking for material for doctoral theses, some were employees of private companies, some were government officials. It was obvious that some were intelligence agents or contractors. “You can’t fool yourself,” Freitas realized. “This is global cybersecurity warfare.” Rather than try to sort out who was working for whom and whether it would be appropriate to favor one country’s emissaries over another’s, Freitas threw up his hands. He decided to share samples only with the Citizen Lab, which had done the hard ethical reasoning. But in a community as heavily targeted as the Tibetans, with various Westerners helping out, some information inevitably went to the powerful Western agencies who were fighting the Chinese in many places. Hacktivism gave those operatives an excuse to be in and among the activists.
For all of Deibert’s careful ethical balancing, intelligence figures still involved themselves in the Citizen Lab’s work. The lab got analytical help from Rafal Rohozinski, a lab research advisor who was wearing other hats at the same time. Rohozinski was CEO of Psiphon Inc., a proxy network for evading censorship that the Citizen Lab had spun out. He also had worked in the military and as a technical advisor to the UN on telecommunications projects in former Soviet countries around the world. Though he described himself as an independent contractor, he acknowledged an intelligence background, and his affinities were clear. Laird and Villeneuve both called him a “spook,” which Rohozinski said was inaccurate.
Laird also denies being a spy, and he never revealed himself as one to cDc. But his odd initial approach to the group, changing Hong Kong Blondes backstory, and later international work have caused several in cDc to wonder, even without being aware of the intelligence relationships that have since come to light. Laird was close enough to the community that it may have regarded him, fairly or not, as an “asset,” two of his intelligence contacts told me. That’s enough to change the history of hacktivism.
Intelligence agencies ardently consumed information from the GhostNet effort. Rohozinski and Villeneuve briefed the NSA together, and Rohozinski learned more from Greg Walton directly. In some ways, Western intelligence agencies delighted at the Citizen Lab’s work. It exposed a geopolitical rival, and it looked better because the lab had no ulterior motive. It also engaged in legal but invasive use of internet tools, such as port scanners, that would have required multiple levels of approval if some governments had used them directly. Yet Deibert detected hostility as well from the Canadian authorities he ran into, more than he could explain as professional jealousy or disdain for upstarts. Poring over the documents released by Edward Snowden a few years later, Deibert thought he realized why, and Rohozinski agreed: the Canadians had known about the Chinese spy network and had been piggybacking on it, collecting their own intelligence, until the Citizen Lab blew the whistle.
The year after the GhostNet report, Google said that the Chinese had hacked it as well, and that it was pulling out of the mainland as a result. Now everyone realized that they had been living in an undeclared cyberwar. Google had among the best technical defenders anywhere. After Google realized the Chinese had gotten in and gone after the accounts of human rights advocates and Google’s own code, it brought in the best outside minds it could find. That included Dave Aitel and other NSA veterans, and even the NSA itself. The public was alarmed, but it never realized how effective the Chinese campaign really was, because no one had an incentive to admit it. According to Mudge, the Chinese had broken into repositories for the source code of many big companies and written in what looked like programming mistakes. In reality, they were back doors that would allow Chinese spies to break into the customers of those big tech companies whenever they wanted. In a fight like that, Google and many others understandably considered the NSA to be the good guys. But it was not that simple. In a few years, with the public debut of NSA leaker Edward Snowden, Google and many other American tech companies, to say nothing of the rest of the world, would see the agency as an archenemy.