Technology

36051 readers

126 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.

Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.

Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago

MODERATORS

[email protected]

138

Tor’s shadowy reputation will only end if we all use it | Engadget (www.engadget.com)

submitted 2 years ago by [email protected] to c/[email protected]

33 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 19 points 2 years ago (6 children)

So when I first learned about TOR almost 10 years ago in uni, it was said to be compromised to a significant extent by secret services holding entry and exit nodes.

Is that not true anymore?

[–] [email protected] 4 points 2 years ago (1 children)

Try i2p

[–] [email protected] 1 points 2 years ago* (last edited 2 years ago)

Interesting, ty

[–] [email protected] 1 points 2 years ago (1 children)

I also heared that bit about the secret service owning nodes a few years ago. It was trough a teacher that's also really in the stuff outside of teaching, and has a network of non-teaching proffesionals in the field.

It's something to keep in mind, at the very least. Tor already has some weaknesses anyways. You shouldn't trust it blindly just because it's Tor. If anything, I think it more has a false rep for how strong it is over struggling with a stigma.

[–] [email protected] 1 points 2 years ago

It was pretty much the same context for me, yeah.

Opsec always applies

[–] [email protected] 1 points 2 years ago (1 children)

Aren't bridges meant to prevent that?

[–] [email protected] 6 points 2 years ago

Iirc holding both the entry and exit of a routed connection, you can in theory match traffic going through, which would let you connect a user to the server/site they are connecting to. It might still be encrypted at that point, idk the details anymore.

[–] [email protected] 0 points 2 years ago (1 children)

I don't think a single credible source has shown this to be a vulnerability. You're talking about an attack that would cost, what, millions of dollars to run per day?

[–] [email protected] 1 points 2 years ago

Dunno if it's all that expensive when there are hundreds of nodes on several individual malicious networks confirmed https://nusenu.medium.com/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac

[–] [email protected] -1 points 2 years ago (2 children)

Most of the nodes are hosted by Tor Foundation itself

[–] [email protected] 5 points 2 years ago

[citation needed]

[–] [email protected] 1 points 2 years ago (1 children)

Is there any way to check that?

[–] [email protected] 4 points 2 years ago* (last edited 2 years ago)

Yup. You can check a lot of stat about a node on tor website. https://metrics.torproject.org/