Comment by dumbo-octopus a day ago
You don’t need all the middle nodes. Just the entry and exit, and enough data to do packet timing analysis to correlate them. It’s in fact shockingly easy for a well provisioned actor to trace tor traffic, and this is something the TOR project openly admits.
They’re financed by the US Government after all…
There is a node that delivers your packet to the target server, is there not?
If the server is on the Tor network, an onion server, then it is encrypted end to end and no traffic or identity is exposed to either the onion server or any intermediary.
That is to say, if I started an onion server on one side of the world, then connected to it from somewhere else, my connection to it would be anonymous and encrypted to any external entity.
Tor does have padding defenses to protect against that.
Also, according to their latest blog post on their finances, while it is true they have money from the US Government, that was only ~50% of their income (I think that was 2023). For the FUD part of that comment, see the "U.S. Government Support" section of https://blog.torproject.org/transparency-openness-and-our-20...
“Only half” is hilarious. Thanks for that.
And if you trust the NSA can’t overcome correlation in the presence of “padding defenses”, then sure: TOR is secure.
Sounds like https://arxiv.org/abs/1808.07285