Tor Project's Executive Director Andrew Lewman suspects that insiders from the National Security Agency (NSA) and its UK counterpart, Government Communications Headquarters (GCHQ), have secretly been sending vulnerability alerts to his staff. Some of the alerts don't merely identify the bugs in the source code. They even pointed out the flaws that needed some bigger design decisions and had suggested bug fixes in complex details.
Lewman also claims that the anonymous web network Tor receives these tips almost on a monthly basis. As the tips would usually point out "subtle" bugs in the network, he has deduced that the people behind all these are those who are involved in intelligence work. Their purpose is to contravene their co-intelligence workers and help Tor fix those issues which could otherwise be exploited by agents coming from other companies.
"You have to think, 'who are the type of people who'd be able to do this and have the expertise and the time to basically read Tor source code from scratch for hours, for weeks, for months and elucidate these super subtle bugs or other things that you probably don't see in commercial software," said Lewman. "We always have a grain of salt there where we think - 'are they trying to figure out a bug to exploit or are they actually trying to leak to us,'" adds Lewman.
These revelations were made in an interview to Andrew Lewman by the BBC. Lewman is part of a software engineers team that is responsible for Tor. The latter, otherwise known as the dark web, is designed to prevent a user's internet activity from being traced. It also provides access to websites which are known as 'hard-to-reach' sites though some would use this feature for illegal purposes.
Reports are saying that Tor has also been used by pedophiles as a sharing platform for images of child abuse. Likewise, online drug marketplaces use the network for conducting their business.
According to whistleblower William Binney who used to be an official in NSA, one reason that could explain why workers in NSA have been leaking information is simply because a lot of them feel upset that they are conducting spy activities on Americans.
Meanwhile, GCHQ has also reacted to Lewman's allegations. "It is long-standing policy that we do not comment on intelligence matters. Furthermore, all of GCHQ's work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorized, necessary and proportionate," said by a GCHQ spokesman.