Security Experts:

Tor Project Releases Financial Documents

The Tor Project, the organization behind the Tor anonymity network, has published financial documents for the past two years, and while they show that its revenue has increased significantly, it’s still small compared to the budgets of potential adversaries.

According to the Tor Project, its revenue in 2015 and 2016 was roughly $3.2 million, but increased to over $4.1 million in 2017.

Tor started off as a US government project and most of its funding has come from there for many years. In 2015, for instance, 85% of the Tor Project’s funding came from US government sources. However, in 2016 that percentage dropped to 76% and last year it went further down to 51%.Tor Project releases financial documents

Financial documents for 2017 show that nearly $600,000 came from the Swedish International Development Cooperation Agency, which is the only non-US government organization that contributed to the project. The non-government sources of revenue include Mozilla ($522,000), DuckDuckGo ($25,000), New Venture Fund ($347,000), and individual donations ($425,000).

“Tor's budget, even at the 2017 level, remains modest considering the number of people involved and the impact we have. And it is dwarfed by the budgets that our adversaries are spending to make the world a more dangerous and less free place,” explained Roger Dingledine, one of the founders of the Tor Project and an early developer of Tor.

It’s worth noting that, back in 2015, the US government was said to have paid Carnegie Mellon University at least $1 million to find a way to deanonymize Tor users suspected of conducting criminal activities.

The Tor Project reported having 21 employees and 3,000 volunteers in 2017. The number of volunteers was roughly the same as in the previous year, but the number of employees increased from 16.

Dingledine also sought to alleviate concerns that governments may be paying for “something bad.”

“The way it works is that we try to find groups with funding for the general area that we want to work on, and then we go to them with a specific plan for what we'd like to do and how much it will cost, and if we're lucky they say ok. There is never any point where somebody comes to us and says ‘I'll pay you $X to do Y’,” he explained.

Related: Tor Offers $4,000 Per Flaw in Public Bug Bounty Program

Related: Cloudflare Launches Security Service for Tor Users

Related: Zerodium Discloses Flaw That Allows Code Execution in Tor Browser

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.