Comment by sigmoid10
Comment by sigmoid10 a day ago
That assumes you could run thousands of malicious tor nodes for several years without being detected. Unless you have vast resources and time, this is unlikely.
Comment by sigmoid10 a day ago
That assumes you could run thousands of malicious tor nodes for several years without being detected. Unless you have vast resources and time, this is unlikely.
> A VPS is $5 a month.
With insignificant data caps. To get the data needed I believe you're looking at a couple hundred a month, to start.
And if you BYOIP, and run a large node, Tor volunteers will try to contact you and verify...
But it doesn't seem unfeasible for a state actor that wants to track their population then?
What detection? A malicious node is only different from a non-malicious node because all the traffic is being logged. If that's our definition of a malicious node in this case then there is no way to detect one.
>What detection?
Not speaking to the effectiveness of the detection (it's hard!), but there's information available, for example:
https://blog.torproject.org/malicious-relays-health-tor-netw...
https://gitlab.torproject.org/tpo/network-health/team/-/wiki...
https://gitlab.torproject.org/tpo/network-health/team/-/wiki...
I can't think of anyone with vast resources and time that would want to deanonymize cybercriminals
Outside of 3 letter agencies which is obvious, I have known people who would do this for fun or whatever other personal motivation.
A lot of "hacker" mentality projects involve putting a tremendous amount of effort into something with questionable utility.
People climb mountains because they're there.
My point is that it doesn't require "vast resources". A VPS is $5 a month. A thousand of them would be in the disposable income budget of a single FAANG engineer never mind a nation state.
Pay people on Fiverr to set them up for you at different ISPs so that all the setup information is different. You can use crypto to pay if you want anonimity (this is actually the main reason I used to use bitcoin - I'd pay ISPs in Iceland to run TOR exit nodes for me without linking them to my identity).
This isn't a difficult problem. A single individual with a good job could do it.
And sure, each connection only has a very small chance of being found, but aggregate it over a year or two and you could catch half of the users of a site if they connected with a new circuit one time per day.
I honestly can't see why a nation state or two hasn't already done this.