Is Tor still safe to use?

Original Article ↗ Hacker News Discussion ↗

Context: German Investigation & Ricochet Case

  • Discussion centers on a German TV report alleging a timing-based deanonymization of an onion service (Boystown CSAM forum) between ~2019–2021.
  • Tor Project blog says: likely a guard-discovery attack on a user of an old Ricochet client lacking Vanguards(-lite); mitigations have existed in Ricochet-Refresh since 2022.
  • Technical details from NDR/CCC are limited or not shared with Tor; several commenters flag this lack of transparency as a problem.

“Is Tor Safe?” – Threat Model Framing

  • Many stress “safe for whom, against whom?”
    • Against local ISPs, adtech, basic law enforcement, and many non-Western regimes: Tor is seen as significantly safer than plain internet or most VPNs.
    • Against well-resourced Western intelligence (NSA, Five Eyes, Mossad, etc.): several argue you should assume they can sometimes deanonymize users, especially targeted ones.

Guard Discovery, Timing & Correlation Attacks

  • Known weaknesses: traffic analysis using packet size/timing, guard discovery, and flow-correlation, especially for onion services repeatedly contacted.
  • Vanguards (entry + middle guard design) aim to make these attacks more expensive but not impossible; mitigations shift economics, don’t “fix” the problem.
  • Some propose additional obfuscation (VPNs with padding/shaping, more hops, aggressive padding), but others note performance and practicality issues.

Relay/Exit Node & Global Adversary Concerns

  • Long debate about whether governments run “most exits” or a large fraction of relays; concrete evidence is scarce, but metrics show many relays in 14‑Eyes countries.
  • Tor community does active bad-relay detection and relay governance; still, commenters consider large-scale relay control or IXP fiber taps realistic for state actors.
  • Important nuance: exits are irrelevant for onion services; their main risk is correlation, not exit logging.

US Government Funding & “Honeypot” Fears

  • Tor’s origins in US Naval Research and majority US-government funding trigger suspicion for some, who see Tor as a possible “NOBUS” or honeypot.
  • Others counter: US agencies also need strong anonymity tools; funding doesn’t prove backdoors, and there’s no visible mass-arrest pattern attributable to breaking Tor’s core design.

Legitimate Uses, Crime, and OpSec

  • Use cases cited: bypassing censorship, anonymous journalism/whistleblowing (e.g., SecureDrop), avoiding tracking (e.g., via onion mirrors of major sites), NAT traversal.
  • Many arrests of Tor users are attributed in the thread to endpoint compromise, zero-days, metadata (who used Tor when), or blatant operational mistakes, not Tor protocol breaks.
  • Consensus: nothing is 100% safe; Tor remains the best widely deployed option for practical anonymity, but users must understand limits and risk tolerance.