It is getting increasingly difficult for Tor exit operators to find ISPs that are willing to let the relays "poison" IP space. I know the torservers.net non-profit has a /22 that it manages and assigns to relay operators. If that's something you would like to support, the Tor community would surely appreciate it.
Aren't most of the Tor exit nodes widely thought to be run by government agencies? People thought that was true at a security firm I used to work at. I wouldn't be surprised if Tor was a honey pot designed to catch people doing nefarious things.
It's not. The entire purpose of Tor was for US spies overseas to be able to make anonymous secure communications. They opened it up to the rest of the world, because if the only people using Tor are US spies, it's pretty easy to tell what someone's using it for.
Governments also run a lot of relays and exit nodes for a similar reason. Not to make it easier for themselves to identify traffic. For no one actor to have a majority of nodes, which would make it a lot easier to identify traffic.
> I wouldn't be surprised if Tor was a honey pot designed to catch people doing nefarious things.
So far, the high profile busts involving Tor all involve some other weaker link in the chain, such as traffic analysis[0], a CI, a targeted sting operation. etc.
If this is the case and your hypothesis is true, then it appears to be unnecessary on their part, since all the folks they're prosecuting are those for whom other evidence is more readily available.
(Before someone replies with "parallel construction": the point of parallel construction is to use methods that are easy but illegal to obtain evidence that can be used to help find "legal" sources of evidence that would otherwise not be easy or feasible. That doesn't really apply here, where the illegal (or in this case, secretive) method is more work than the "official" method).
[0] e.g. that case a decade ago where a student called in a bomb threat using Tor, and the university was able to determine that exactly one person on campus was using Tor at that time - not by compromising Tor itself, but because Tor traffic is detectable by ISPs.
> So far, the high profile busts involving Tor all involve some other weaker link in the chain, such as traffic analysis[0], a CI, a targeted sting operation. etc.
(If I recall, the Snowden files also contained a claim by NSA that they could not break Tor.)
Assuming that was true - wouldn't it be much easier to simply remove their exit nodes, making Tor intolerably slow, let the users leave for alternatives like VPNs, and then just buy up some VPN providers through shell companies?
After all, with a VPN you get to see source and destination IPs, username, e-mail, payment information, and maybe they even download your connection tool and run it as root.
You assume that the same part of the government that runs it wants to stop crime.
If you control the exit nodes, you can snoop on the content, even if you don’t have the destination. The goal for governments isn’t catching crime, it’s spying on secrets. Same way WikiLeaks was supposedly started by snooping on Tor traffic.
The traffic is almost all SSL-encrypted, so all you get to snoop on is the fact that someone unknown is connecting to https://www.example.com
Anyone browsing non-SSL sites through Tor is a fool, because malicious exit nodes are well known to exist, doing things like replacing bitcoin addresses in unencrypted web traffic. You don't need to be the NSA to benefit from doing that.
Even if that were true, how would it work practically? For anyone who might be interested in identifying or tracking you, how would they "use Tor" to look up your identity? Over 200 countries, across all government agencies, and then including non-governmental actors? Maybe a Tor user isn't trying to protect from "the NSA" (or whoever you think is "running the Tor network")?
And, again assuming this is true, how would any other technology protect you better?
Especially people working at "a security firm" should know that security is not black and white, but has many dimensions to it.
And then, here we are talking about diversifying relay operations, so even if you believe the rest of the network to be totally compromised, it would still add some net benefit, no?
Others have already presented good reasons that's unlikely, but either way - and especially if that is the case, then all the more reason to add non government exit nodes.
I run a largeish Tor relay family on rented servers and have thought about running exits on my own "ISP" for quite some time. I already have an ASN and IPv6 addresses but Tor needs v4 and those are prohibitively expensive to buy and leasing is not possible because of the blacklist problematic. My email is in my profile if that is something you want to support and could spare a /24 of your assignment.
