Comment by throwaway37821
Comment by throwaway37821 a day ago
75% [0] of all Tor nodes are hosted within 14 Eyes [1] countries, so it would actually be quite trivial for the NSA to de-anonymize a Tor user.
It baffles me that Tor Browser doesn't provide an easy way to blacklist relays in those countries.
[0] Here, you can do the math yourself: https://metrics.torproject.org/rs.html#aggregate/all
[1] https://en.wikipedia.org/wiki/Five_Eyes#Fourteen_Eyes
> Edit: For all the cynics and doomsayers here, consider this: Tor has been around for a long time, but there has never been an uptick in arrests that could be correlated to cracking the core anonymity service. If you look closely at the actual high profile cases where people got busted despite using tor, these people always made other mistakes that led authorities to them.
Maybe someone, somewhere, has decided that allowing petty criminals to get away with their crimes is worth maintaining the illusion that Tor is truly private.
It's also worth noting that it's significantly easier to find the mistakes someone has made that could lead to their identity if you already know their identity.
> Maybe someone, somewhere, has decided that allowing petty criminals to get away with their crimes is worth maintaining the illusion that Tor is truly private.
This is what I believe. If they do have a way to track people, it wouldn't be worth blowing their cover for small stuff that wasn't a ridiculously huge national security threat that they could afford to throw away 20+ years of work for.
In fact there have been court cases that were thrown out because the government refused to reveal how their information was obtained... I think that usually means they're hiding it on purpose for a bigger cause. I also wouldn't be surprised if multiple SSL CAs are secretly compromised for the same reason.