> > From: Paul Syverson <syver...@itd.nrl.navy.mil> Date: Tue, Aug 17, 2010 at 2:29 PM
... Also, it is much easier for IBM and Oracle to understand the RoI in linux > than for such players, qua corporate position, to see the RoI in Tor, but > even that still occurred over years of footdragging, hedging bets, etc. ... I have been evangelizing versions of onion routing including Tor to VCs etc. > since before we started calling this version Tor. My experience is that if > they want to put serious money in (or sometimes not even), they want to be > able to generate revenue from that in a short period of time, perhaps a > few years. Similarly for other sources of funding even if they aren't > expecting direct immediate financial return but are not paying for > prototypes, research, and improvements to what's there now; although the > story changes somewhat in each case. They may not be looking for financial > return, but they have unrealistic expectations about what would happen if > they abruptly threw lots of money at someone or added fifty percent to > the infrastructure at once. When you describe ways that things could improve > with an investment in the 50K USD to a million range, they become less > interested. They actually seem to prefer to hear promises to roll out > whatever random stuff from someone who would be happy to get an instant > ginormous influx of cash or adopt their plans to put a thousand new nodes > up from their corporate network. Good to hear this perspective, Dr. Syverson. Thank you. But it doesn't smash my vision of this being possible. The VC's are probably the wrong target. I really think there must be some parts of the UN - as just one example - who should be financing the Tor Project. Do lobbyists work on commission? Have you tried recruiting one or more lobbyists to find a way for the UN to fund you for $20M a year? And what about Microsoft? I think someone should be targeting/lobbying them to include a Tor client and default bridge relay in every version of Windows 8 or 9. Find out what it would take to get them to do this, and keep a list. Assign someone to this task full time. Tell Microsoft it will take funding from them of at least $20M a year. Why would they even consider doing this? To be a good corporate citizen, to better protect the anonymity of their users, to do their part to fight the good fight for freedom of speech, and to possibly give them a chance to one-up Google for once. Because really, if Google is not being prodded to include a Tor client and default bridge relay in their Chrome OS then someone is sleeping on the job. They are standing up to China, at least publicly, and are likely the new face of American entrepreneur-ism. Do no evil? Then fund the Tor Project for more than a lame $25,000 a year and GSoC stipends. This should be at least worth $20M a year in funding from them. Then there should be some organization in the EU who can see the importance of having a European voice in all this. That means another $20M a year in funding please. At least. Then there is law enforcement and the military and intelligence agencies - for f*ck sakes if someone at the Tor Project can't see them as low hanging fruit then I will start to cry. You absolutely have to have someone properly do your branding and marketing too - because the path you are taking in educating everyone about the benefits vs. evils of using Tor is not working, nor do I expect it to work any better. It does work for small groups and individuals, but the fact is that the general public is not smart enough, nor scared enough, to really understand what they give up in the name of "better" security. This is a job for professionals, to get this message out in a really effective way. And it will take 2-3 years in my estimation, maybe longer. I am sure I have only scratched the surface with these bigger picture ideas. On the other hand, I admit this is just a vision - I have not been doing the hard work of bringing the Tor Project into fruition. But I beg all of you not to let this hold you back from achieving what is possible. And what is needed. -- Julie C. ju...@h-ck.ca GPG key 06D32144 available at http://keys.gnupg.net