A U.S. district court judge has confirmed what has probably been the worst-kept secret in security, that Carnegie Mellon University’s Software Engineering Institute was indeed contracted by the Department of Defense to study how to break Tor anonymity.

A motion to compel discovery filed by Brian Farrell, a defendant charged with conspiracy to distribute drugs and administrating the Silk Road 2.0 website, included a passage that said Farrell’s IP address was sniffed out by SEI researchers and given to the FBI after it subpoenaed Carnegie Mellon University.

U.S. District Judge Richard A. Jones wrote:

“Based upon the submissions of the parties, it is clear to the court the government has provided to the defendant basic information about the technique used by SEI to obtain IP addresses of Tor users, including the defendant. Among other items, the government’s disclosures included information regarding the funding and structure relationship between SEI and DOD, as well as directing the defendant to publicly available materials regarding the Tor network.”

Carnegie Mellon spokesperson Kenneth Walters said the university had no comment beyond a statement it provided Nov. 18, in which it implied it had been served a subpoena for the information in question.

The judge’s ruling also cites a previous case where a ruling determined that Internet users should have no expectation of privacy, largely because the IP addresses of sites they visit are provided to ISPs for routing purposes. The judge wrote that Tor users must disclose their IP address to unknowns running Tor nodes so that their packets may be routed properly. Under that context, the judge said that vulnerabilities on the network could be exploited and that could imperil the anonymity Tor promises its users.

“Under these circumstances Tor users clearly lack a reasonable expectation of privacy in their IP addresses while using the Tor network,” the judge wrote. “In other words, they are taking a significant gamble on any real expectation of privacy under these circumstances.”

The Tor Project does not see it that way, and contends that the judge did not fully understand how the network operates, specifically, the fact that while users do disclose their IP addresses to the network nodes, that data is stripped from messages as it moves through the network.

“This separation of identity from routing is key to why the court needs to consider how exactly the attackers got this person’s IP address. The problem is not simply that the attackers learned the user’s IP address,” the Tor Project said in a statement provided to Threatpost. “The problem is that they appear to have also intercepted and tampered with the user’s traffic elsewhere in the network, at a point where the traffic does not identify the user. They needed to attack both places in order to link the user to his destination. This separation is how Tor provides anonymity, and it is why the previous cases about IP addresses do not apply here.”

In November, Tor Project director Roger Dingledine accused CMU of accepting a $1 million payout from the FBI for its research into breaking Tor anonymity. In July 2015, the Tor Project said attackers had been on its network for six months trying to uncloak users of Tor hidden services; Tor said it patched the vulnerabilities being exploited.

This was about a month before a talk on deanonymizing Tor users on a budget scheduled to be given at Black Hat by CMU researchers Alexander Volykin and Michael McCord was suddenly pulled from the conference by the university’s legal team. Tor Project officials surmised that the SEI researchers were the ones poking about the Tor network.

“The Tor network is secure and has only rarely been compromised. The Software Engineering Institute (“SEI”) of Carnegie Mellon University (CMU) compromised the network in early 2014 by operating relays and tampering with user traffic,” a Tor representative said. “That vulnerability, like all other vulnerabilities, was patched as soon as we learned about it. The Tor network remains the best way for users to protect their privacy and security when communicating online.”

At the time, many experts were critical of SEI for its lack of transparency, which made it impossible to determine how many Tor users were uncloaked, or how. This was especially disturbing to the Tor Project because many of its users are in oppressed regions and rely on Tor and other anonymity mechanisms for secure communication and access to the Internet.