The Tor Project is standing with Apple in its ongoing battle with the US government over encryption backdoors, and several developers for the anonymity service have said they would rather quit than add a backdoor to Tor’s software.
In a blog post published earlier this week, head developer of the Tor browser Mike Perry said the Tor Project has a longstanding policy of “no backdoors, ever.”
Perry said the Tor Project has never been asked to put a backdoor in its programs or source code, or to “hand over cryptographic signing material.”
Nevertheless, Perry reassured Tor users, which he said includes “human rights defenders across the globe,” that the Tor network has adequate systems in place to defend users’ security and privacy from hackers and governments.
The Tor network uses layers of encryption to shield your location and the location of any hidden services you use.
That hasn’t stopped intelligence and law enforcement agencies like the NSA and FBI from trying to crack open Tor to identify users in criminal investigations.
And last November, the Tor Project accused researchers at Carnegie Mellon University of selling information to the FBI about a vulnerability they discovered, which the university denied.
Perry said “several of our developers” would rather resign than “honor any request” to introduce a backdoor – an intentional security vulnerability – into its software, similar to how some Apple engineers have discussed the idea of resisting any order to undermine the security of Apple’s products by quitting.
Unlike Apple, however, the Tor Project uses open source code and has a bug bounty program to reward hackers who responsibly disclose security bugs.
Perry said the Tor Project’s code review and open source development processes “make it likely” that any backdoor “would be quickly discovered.”
The Tor Project joins a growing list of technology companies, organizations, lawmakers and private individuals supporting Apple in its legal fight with the US Department of Justice and the FBI over demands that it develop encryption backdoors in the iPhone.
Image of open door courtesy of Shutterstock.com.