The Tor Project‘s executive director has alleged members of the NSA and GCHQ regularly leak it details of flaws the agencies have discovered in its code.
The allegations were made in an interview given to the BBC by Andrew Lewman, who is responsible for all the Tor Project’s operations.
“There are plenty of people in both organisations who can anonymously leak data to us to say – maybe you should look here, maybe you should look at this to fix this,” he said.
“And they have.”
Mr Lewman said that his organisation received tips from security agency sources on “probably [a]monthly” basis about bugs and design issues that potentially could compromise the service.
However, he acknowledged that because of the way the Tor Project received such information, he could not prove who had sent it.
“It’s a hunch,” he said.
“You have to think about the type of people who would be able to do this and have the expertise and time to read Tor source code from scratch for hours, for weeks, for months, and find and elucidate these super subtle bugs or other things that they probably don’t get to see in most commercial software.”
He added that he had been told by William Binney, a former NSA official turned whistleblower, that one reason NSA workers might have leaked such information was because many were “upset that they are spying on Americans”.
The agencies declined to comment.