Comment by bragr
Comment by bragr a day ago
>This could cost less than $5000 for a month
I ran a bunch of nodes for a couple years and that's optimistic by perhaps an order of magnitude. No $5 a month VPS provides enough bandwidth to sustain the monthly traffic of a Tor node, and nodes need to be continuously online and serving traffic for about 2-3 months[1] before they will be promoted to guard relays. Throttling traffic to stay in your bandwidth allocation will just get you marked as a slow node and limit the number of connections you get. Sustaining just 1 Mbps will blow your monthly transfer allocation on the cheap tiers of both Digital Ocean or Linode.
Now to add additional problems. 1000 tor nodes on a single platform would be very noticeable and geographically limited. Platforms also have different weight attached to them in the consensus, which adds further time requirements before a node is promoted. The developers do not want a single platform provider to be able to observe a large portion of all the traffic, so there are counter measures.
The attacker could try to create a handful of accounts on hundreds of platforms in as many countries as possible, assuming one verify that the platforms accepts tor and do not share underlying providers and data centers. The cost would then be the average price of said providers, which is going to be a fair bit more than the cheapest providers out there. Managing and spreading them out is also going to cost a lot of man hours. Also the secops need to be fairly on the point and need to be maintained quite strictly across all the providers.