Tor: How a military project became a lifeline for privacy

Original Article ↗ Hacker News Discussion ↗

Is Tor Compromised or “Dead”?

  • Some argue three‑letter agencies likely control many entry/exit nodes and can deanonymize targeted users via timing/flow correlation, especially with a small global relay set (~8k relays, ~2.5k exits).
  • Others counter that most real‑world busts stem from operational‑security mistakes, not core Tor failures, and that for “normal people” it remains one of the best options.
  • There’s acknowledgement that capabilities have advanced since the Snowden era, but also that broader post‑Snowden security hardening may have raised the bar.

Threat Models and Known Attacks

  • Tor’s own design explicitly does not protect against a “global passive adversary” (e.g. Five Eyes monitoring large portions of backbone traffic).
  • End‑to‑end traffic correlation (entry vs exit timing/volume) is viewed as the main realistic attack when both ends are observed or controlled.
  • AS/BGP‑level attacks like RAPTOR and early TLS termination by powerful network operators are highlighted as serious, protocol‑agnostic risks.
  • Some cases of de-anonymization are suspected to be hidden behind “parallel construction” or dropped prosecutions.

Operational Security vs Tor Flaws

  • The Silk Road case is repeatedly cited: investigators largely used reused usernames, email, IDs, time zones, and other basic mistakes rather than Tor exploits.
  • Consensus: if a state actor “really, really wants you,” Tor alone is insufficient; disciplined OPSEC is critical.

Using Tor Safely (Practical Advice)

  • Recommended: Tor Browser only; no addons; don’t resize windows; avoid logins/PII; prefer HTTPS and onion services; beware downloads.
  • Higher security: bootable OSes like Tails or Qubes‑Whonix instead of just a browser on a normal OS.
  • JS is enabled by default for usability; stronger anonymity requires changing security level and accepting breakage.
  • Fingerprinting mitigations (window size “buckets,” limited UA spoofing) help but aren’t perfect.

Exit Nodes, Liability, and Censorship

  • Exit nodes are considered risky: legal protections exist, but operators report raids and seizures; middle relays/bridges are seen as safer.
  • Some users report Tor (even with bridges/Snowflake) being effectively blocked in places like Russia; obfs4 bridges sometimes still work.
  • Legal landscape (e.g., Section 230, DMCA, EU moves against VPNs) is seen as fragile and evolving.

Alternatives: I2P, VPNs, Mixnets

  • I2P supporters argue its architecture (everyone a relay, one‑way tunnels, frequent rotation) is inherently harder to deanonymize, though more complex and historically buggier; others say it’s unclear which is safer in practice.
  • Mixnets like Nym/Loopix and experimental tools (e.g., manual padded proxy chains) aim to defeat end‑to‑end correlation via constant‑rate dummy traffic, at the cost of latency and practicality; known attacks (e.g., Mixmatch) exist but are seen as less fundamental than Tor’s correlation issues.
  • VPNs and residential proxies are widely used to “blend in” and avoid Tor‑wide blocking/CAPTCHAs; some note that less‑anonymous tools can paradoxically be safer because they’re mostly used by non‑criminals.

Government Origins and Honeypot Theories

  • Several commenters accept the original pitch: publicizing Tor so US agencies can hide among civilian traffic.
  • Whether it’s actively run as a honeypot is disputed and considered inherently hard to prove either way.
  • Some argue that widespread bans (or lack thereof) are weak signals about compromise, since many authoritarian states already block Tor/VPNs.

Use Cases and Community Support

  • Tor is used both for circumvention (e.g., UK porn blocks, censorship) and for non‑criminal scraping, regional testing, and investigations.
  • Some run relays/bridges on cheap VPSes to support users in censored countries; running a non‑exit relay is described as low‑cost and low‑risk.
  • There’s mention of ongoing research (Tor proposals, vanguards, anonymization bibliographies) and a free MIT Press book that documents Tor’s social and technical history.