So when I first learned about TOR almost 10 years ago in uni, it was said to be compromised to a significant extent by secret services holding entry and exit nodes.
I also heared that bit about the secret service owning nodes a few years ago. It was trough a teacher that’s also really in the stuff outside of teaching, and has a network of non-teaching proffesionals in the field.
It’s something to keep in mind, at the very least. Tor already has some weaknesses anyways. You shouldn’t trust it blindly just because it’s Tor. If anything, I think it more has a false rep for how strong it is over struggling with a stigma.
Iirc holding both the entry and exit of a routed connection, you can in theory match traffic going through, which would let you connect a user to the server/site they are connecting to. It might still be encrypted at that point, idk the details anymore.
I don’t think a single credible source has shown this to be a vulnerability. You’re talking about an attack that would cost, what, millions of dollars to run per day?
So when I first learned about TOR almost 10 years ago in uni, it was said to be compromised to a significant extent by secret services holding entry and exit nodes.
Is that not true anymore?
Try i2p
Interesting, ty
I also heared that bit about the secret service owning nodes a few years ago. It was trough a teacher that’s also really in the stuff outside of teaching, and has a network of non-teaching proffesionals in the field.
It’s something to keep in mind, at the very least. Tor already has some weaknesses anyways. You shouldn’t trust it blindly just because it’s Tor. If anything, I think it more has a false rep for how strong it is over struggling with a stigma.
It was pretty much the same context for me, yeah.
Opsec always applies
deleted by creator
Aren’t bridges meant to prevent that?
Iirc holding both the entry and exit of a routed connection, you can in theory match traffic going through, which would let you connect a user to the server/site they are connecting to. It might still be encrypted at that point, idk the details anymore.
I don’t think a single credible source has shown this to be a vulnerability. You’re talking about an attack that would cost, what, millions of dollars to run per day?
Dunno if it’s all that expensive when there are hundreds of nodes on several individual malicious networks confirmed https://nusenu.medium.com/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac
Most of the nodes are hosted by Tor Foundation itself
[citation needed]
Is there any way to check that?
Yup. You can check a lot of stat about a node on tor website. https://metrics.torproject.org/