Short Bytes: The TOR Project has expressed its commitment to researching and developing new ways to mitigate the threats of security failure. Meanwhile, if TOR developers are asked to deploy some backdoor in the software, they would rather resign than honor the request.
The Apple vs FBI case has polarised the tech community and government authorities in two corners. While tech giants like Google, Facebook, Microsoft etc. stood beside Apple, the FBI and other government agencies demanded strict means to force Apple to unlock the San Bernardino iPhone. Even though FBI has unlocked the device without Apple’s help, this case will have its long time repercussions.
In the favour of Apple and the need for encryption, the TOR Project issued a strong statement last week. In a post regarding software integrity, Mike Perry, lead developer of the TOR browser, said that their team felt a need to make a public statement as TOR is a very sensitive software.
He said that TOR users — ranging from a blogger reporting on drug violence in Latin America to LGBTI individuals facing persecution everywhere — face a serious threat and their safety is TOR’s responsibility.
Perry mentioned that their project is fully open source and they deploy many security measures in their software build process. By using multiple cryptographic mechanisms and independent keys, the risks of single points of failure are reduced.
Talking about the backdoor problem, Perry said that their project has been public about “no backdoors, ever” and never received a demand to place a backdoor in its source code or program.
Perry mentions that the threats faced by Apple are no different from the threats any of the TOR developers could face. In a such a situation, several developers have already stated that “they would rather resign than honor any request to introduce a backdoor or vulnerability into our software that could be used to harm our users.”
Thus, once again, the TOR Project has reiterated its commitment towards a safer internet and commitment to working to further mitigate risks posed by government agencies.