Tor, the open-source initiative that provides a more secure way to access the internet, is continuing to diversify its funding away from its long-standing reliance on U.S. government grants.
The Tor Project — the organization behind the service which stands for “The Onion Router” — announced this week that it brought in a record $460,000 from individual donors in 2018. In addition, recently released financial information shows it raised a record $4.13 million from all sources in 2017 thanks to a growth in non-U.S. government donors.
The individual donation push represents an increase on the $400,000 it raised in 2017. A large part of that is down to Tor ally Mozilla, which once again pledged to match donations in the closing months of the year, while an anonymous individual matched all new backers who pledged up to $20,000.
Overall, the organization said that it attracted donations from 115 countries worldwide in 2018, which reflects its importance outside of the U.S.
The record donation haul comes weeks after the Tor Project quietly revealed its latest financials — for 2017 — which show it has lessened its dependence on U.S. government sources. That’s been a key goal for some time, particularly after allegations that the FBI paid Carnegie Mellon researchers to help crack Tor, which served as a major motivation for the introduction of fundraising drives in 2015.
Back in 2015, U.S. government sources accounted for 80-90 percent of its financial backing, but that fell to just over 50 percent in 2017. The addition of a Swedish government agency, which provided $600,000, helped on that front, as well as corporate donations from Mozilla ($520,000) and DuckDuckGo ($25,000), more than $400,000 from a range of private foundations, and, of course, those donations from individuals.
Tor is best known for being used by NSA whistleblower Edward Snowden but, with governments across the world cracking down on the internet, it is a resource that’s increasingly necessary if we are to guard the world’s right to a free internet.
Tor has certainly been busy making its technology more accessible over the last year.
It launched its first official mobile browser for Android in September, and the same month it released TorBrowser 8.0, its most usable browser yet, which is based on Firefox’s 2017 Quantum structure. It has also worked closely with Mozilla to bring Tor into Firefox itself as it has already done with Brave, a browser firm led by former Mozilla CEO Brendan Eich.
Beyond the browser and the Tor network itself, which is designed to minimize the potential for network surveillance, the organization also develops a range of other projects. More than two million people are estimated to use Tor, according to data from the organization.
Note 01/11/19 20:38 PST: Article updated to correct that the organization is the Tor Project not Tor Foundation
We’ve spent the past few weeks burning copious amounts of AWS compute time trying to invent an algorithm to parse Ars’ front-page story headlines to predict which ones will win an A/B test—and we learned a lot. One of the lessons is that we—and by “we,” I mainly mean “me,” since this odyssey was more or less my idea—should probably have picked a less, shall we say, ambitious project for our initial outing into the machine-learning wilderness. Now, a little older and a little wiser, it’s time to reflect on the project and discuss what went right, what went somewhat less than right, and how we’d do this differently next time.
Our readers had tons of incredibly useful comments, too, especially as we got into the meaty part of the project—comments that we’d love to get into as we discuss the way things shook out. The vagaries of the edit cycle meant that the stories were being posted quite a bit after they were written, so we didn’t have a chance to incorporate a lot of reader feedback as we went, but it’s pretty clear that Ars has some top-shelf AI/ML experts reading our stories (and probably groaning out loud every time we went down a bit of a blind alley). This is a great opportunity for you to jump into the conversation and help us understand how we can improve for next time—or, even better, to help us pick smarter projects if we do an experiment like this again!
Our chat kicks off on Wednesday, July 28, at 1:00 pm Eastern Time (that’s 10:00 am Pacific Time and 17:00 UTC). Our three-person panel will consist of Ars Infosec Editor Emeritus Sean Gallagher and me, along with Amazon Senior Principal Technical Evangelist (and AWS expert) Julien Simon. If you’d like to register so that you can ask questions, use this link here; if you just want to watch, the discussion will be streamed on the Ars Twitter account and archived as an embedded video on this story’s page. Register and join in or check back here after the event to watch!
Kaseya—the remote management software seller at the center of a ransomware operation that struck as many as 1,500 downstream networks—said it has obtained a decryptor that should successfully restore data encrypted during the Fourth of July weekend attack.
Affiliates of REvil, one of the Internet’s most cutthroat ransomware groups, exploited a critical zero-day vulnerability in Miami, Florida-based Kaseya’s VSA remote management product. The vulnerability—which Kaseya was days away from patching—allowed the ransomware operators to compromise the networks of about 60 customers. From there, the extortionists infected as many as 1,500 networks that relied on the 60 customers for services.
Finally, a universal decryptor
“We obtained the decryptor yesterday from a trusted third party and have been using it successfully on affected customers,” Dana Liedholm, senior VP of corporate marketing, wrote in an email on Thursday morning. “We are providing tech support to use the decryptor. We have a team reaching out to our customers and I don’t have more detail right now.”
In a private message, threat analyst Brett Callow of security firm Emsisoft said: “We are working with Kaseya to support their customer engagement efforts. We have confirmed the key is effective at unlocking victims and will continue to provide support to Kaseya and its customers.”
REvil had demanded as much as $70 million for a universal decryptor that would restore the data of all organizations compromised in the mass attack. Liedholm declined to say if Kaseya paid any sum in exchange for the decryption tool. Kaseya has since patched the zero-day used in the attack.
That means that, for the time being, it’s not publicly known if Kaseya paid the ransom or received it for free from either REvil, a law enforcement agency, or a private security company.
In the days following the attack, REvil’s site on the dark web, along with other infrastructure the group uses to provide technical support and process payments, suddenly went offline. The unexplained exit left victims and researchers worried that the data would remain locked up forever, since the only people with the ability to decrypt it had vanished.
Where did it come from?
REvil is one of several ransomware groups believed to operate out of Russia or another Eastern European country that was formerly part of Soviet Union. The group’s disappearance came a few days after President Joe Biden warned his Russian counterpart Vladimir Putin that, if Russia didn’t rein in those ransomware groups, the US might take unilateral action against them.
Observers have speculated since then that either Putin pressured the group to go quiet or the group, rattled by all the attention it received from the attack, decided to do so on its own.
Some of the companies victimized by the attack include Swedish grocery store chain COOP, Virginia Tech, two Maryland towns, New Zealand schools, and international textile company Miroglio Group.
REvil is also behind a crippling attack on JBS, the world’s biggest producer of meat. The breach caused JBS to temporarily close some plants.
AT&T reportedly forced a San Antonio woman to wait nearly four months to get Internet service at her new home, and she didn’t get close to solving the problem until she asked a local news station for help.
“Lovie Newman planned for a smooth transition into her new home, including scheduling a transfer for her AT&T high-speed Internet service in advance,” according to a report Tuesday by News 4 San Antonio.
The house Newman moved into was apparently newly built and not yet connected to AT&T’s network, but it sounds like the months-long wait was due primarily to mistakes by AT&T technicians and customer-service problems. In what Newman called “a complete nightmare,” AT&T continually rebuffed her attempts to get Internet service.
Newman scheduled an installation appointment for April 1, but when the day came, AT&T called to say, “we need to reschedule,” she told the news station. Initially, Newman “was told there was a service outage in her new far East Side neighborhood,” News 4 journalist Darian Trotter reported. “Technicians were working on it, but she says they had no idea when service in the area would be restored.”
“I wasn’t hearing back, and I kept getting rescheduled and pushed around to different departments,” Newman said.
“You never came to my house”
Newman was able to schedule another installation appointment in May after the outage was fixed, but installers never came to her house. “For three and a half months, she says she made countless efforts to get connected, including the one time she got an appointment and eagerly waited for technicians to arrive,” News 4 said.
Newman was at home waiting for installers to arrive when she got a message from AT&T saying, “we missed you,” she told News 4. “I’m like, ‘you never came to my house. How did you miss me?'” AT&T installers had mistakenly gone to a different address in Alamo Heights, the report said.
“Out of desperation, she considered switching service providers,” but “an online search of at least three companies revealed service in her neighborhood wasn’t available.” The TV station’s video report shows that those three providers were Charter Spectrum, Grande Communications, and Google Fiber.
“I put in my address and it said, ‘not available,'” Newman said. Newman was afraid of losing her job because of the lack of AT&T Internet service, but News 4 said that “Newman’s employer was able to make special accommodations to keep her working.”
Even though AT&T has dragged its feet for months, its website says that service should be readily available to Newman. We entered Newman’s address into AT&T’s online availability checker, and it reports that fiber-to-the-home service is available where she lives:
AT&T gets moving after hearing from reporter
After months of waiting for AT&T to provide a broadband connection, Newman contacted Trotter at News 4 over two weeks ago. The station reached out to AT&T, and while the company initially did not reply to the media organization, the prospect of news coverage got AT&T’s attention.
The news video showed an email sent to Newman on July 8 from an employee in an AT&T executive office. “The AT&T Office of the President (OOP) received a communication from a local news media reporter,” the email said. “However, since you are our customer, I wanted to reach out to you directly.”
The week after that July 8 email, News 4 “received a statement from a spokeswoman saying, ‘our team has already begun looking into this and is in contact with Ms. Newman,'” Trotter said in the news report. Newman was still waiting for service to be installed this week when the News 4 report aired. “I want my Internet to be installed, up and running by this weekend,” she told the station.
Due to News 4 prodding AT&T into action, it seems that Newman is finally close to getting connected—nearly four months after AT&T abruptly canceled her first installation appointment. “After we got involved, Newman says techs have recently installed wiring, and an Internet box has been set up outside her home,” Trotter said at the end of his report. “Everything is ready, she just needs to schedule the installation.”
We contacted Newman and AT&T today about whether service has been or will soon be installed and will update this article if we get new information.
Newman’s AT&T nightmare unfortunately not unique
Newman’s ordeal is similar to one we wrote about in April. In that case, Comcast had an error in its coverage map and falsely told the customers that Internet service would be available at their new home. The couple, Edward Koll and Jo Narkon, then paid Comcast $5,000 for a network extension, but the project kept getting delayed. Comcast finally provided Internet service after Koll contacted Ars and we reached out to Comcast’s public relations department.
Koll and Narkon ended up waiting six months for cable Internet and had to use unreliable and data-capped cell service that entire time. We’ve written other stories over the years about Comcast falsely telling customers that they could get service. After our article about Koll and Narkon published a few months ago, we heard from a few more people in Comcast territory who were incorrectly told that Internet service would be available at their homes.
We also wrote about a frustrated AT&T-using family in Mississippi in November 2020. AT&T had falsely promised Kathie McNamee and her family U-verse Internet service of about 5Mbps, which is slow by today’s standards but still much faster than what they ended up getting. Ultimately, AT&T only provided the family speeds of up to 768kbps over its legacy DSL network and has not upgraded its network there or in many other areas where glacially slow AT&T speeds are the norm.
This kind of AT&T home-Internet problem is nothing new. Back in 2015, we wrote about a family in Georgia that couldn’t get AT&T Internet at a home they bought even though their neighbors and the home’s previous owners had service. AT&T said it didn’t have enough capacity to hook up additional customers.