Comment by londons_explore
Comment by londons_explore a day ago
You only need to control the entry and exit node - since you know the next and previous hop for all traffic you touch, and default chains are 3 long. With circuits changing every 10 mins, within a few days you would have deanonymized at least some percentage of traffic for nearly every user.
I'd call tor broken against any adversary with a little technical skill and willingness to spend $5000.
I'm 80% sure Tor is designed as a US supported project to focus those needing anonymity into a service only governments with global security apparatus (who can grab a good chunk of internet traffic) can access.
I imagine most exit nodes are likely controlled by the US government and/or its close allies. Who else wants to have their IP address banned from most of the internet and potentially get visits from their country's equivalent of the FBI?
If most Tor users ran exit nodes and most people used Tor, it would effectively make internet traffic anonymous. But without those network effects, it is vulnerable by design to deanonymization attacks by state actors.