TOR: the good honeypot

[basileusapoleiaoff]

Tor is just a honeypot

Tor was created by the US millitary before going open source

Tor's still receiving funds from the US government

There are only around 8000 relays, and the number doesn't change over the past 5-10 years Because the number of relays are too small, so a large part of it can belong to someone, who want to spy on you.

Tor Has Issues With Malicious Nodes

Security researchers actually found at least 110 Tor nodes that were snooping on user traffic and exposing devices to malware.
this is from 2017 so Imagine now


Here’s the thing about Tor nodes – pretty much anyone can set up and operate them. (NSA for example)

The Government Has Many Ways to Compromise the Network

https://www.washingtonpost.com/worl...0f08b6-2d05-11e3-8ade-a1f23cda135e_story.html

in 2014, there were even attacks against the Tor network that allowed the NSA (and any other agency, really) to de-anonymize around 81% of Tor users.

Most recently, the FBI apparently managed to de-anonymize Tor users to the point of finding their real IP addresses
https://www.techtimes.com/articles/...ase-to-avoid-disclosing-tor-vulnerability.htm


Exit Nodes Don’t Really Encrypt Your Traffic

Tor bounces your traffic between multiple servers, decrypting a small layer of encryption with each bounce (hence the “Onion” in The Onion Router name). Well, when your traffic passes through the last server, there’s no more encryption.

Tor Devs Actually Cooperate With the US Government
Basically, it seems that one of Tor’s co-founders (Roger Dingledine) had no problem discussing cooperation with the DOJ and FBI. Oh, and he also referenced installing “backdoors.”


https://www.documentcloud.org/documents/4379303-Bbg-Tor-Emails-Stack-21.html

“I contract for the United States Government to build anonymity technology for them and deploy it.”

“They need these technologies so that they can research people they’re interested in, so that they can have anonymous tip lines, so that they can buy things from people without other countries figuring out what they are buying, how much they are buying and where it is going, that sort of thing.”

Roger Dingledine

Just Google it tor History and see by you're own

“The United States government can’t simply run an anonymity system for everybody and then use it themselves only. Because then every time a connection came from it people would say, “Oh, it’s another CIA agent looking at my website,” if those are the only people using the network. So you need to have other people using the network so they blend together.” Roger Dingledine

Tor Can Leak IP Addresses (not even a joke )

Back in 2017, the Tor network had a serious flaw called TorMoil that leaked users’ IP addresses. While the devs eventually fixed that problem, there’s no telling when it will occur again.

Government Agencies Don’t Even Need Warrants to Spy on Tor Users​

https://www.techtimes.com/articles/...-even-if-youre-using-tor-and-dont-ask-why.htm


Governments Can Actually Block the Tor Network
Like Venezuela, China, and Turkey even you're ISP provider
all they have to do is check the current list of Tor nodes, and use routers and firewalls to block them.


Tor Can’t Access Many Websites
-Specifically websites that use Cloudflare security software since it has a firewall option that blocks Tor traffic.

 

[darkcoder_io]

Запросто. Who knows? Именно поэтому уповать лишь на тор, плохая идея.

 

[el84]

Tor bounces your traffic between multiple servers, decrypting a small layer of encryption with each bounce (hence the “Onion” in The Onion Router name). Well, when your traffic passes through the last server, there’s no more encryption.

Its not a Tor fault if people use protocols which are just plaint text. The same is true for any kind of tunnel, proxy, VPN etc.

 

[alex778]

There are only around 8000 relays

On top of that, only about 2400 are exit nodes. https://metrics.torproject.org/relayflags.html So don't be fooled by "millions" of TOR users. They all go through a tiny tollgate.

 

[el84]

On top of that, only about 2400 are exit nodes. https://metrics.torproject.org/relayflags.html So don't be fooled by "millions" of TOR users. They all go through a tiny tollgate.

I cant see where said "million".

 

[alex778]

I cant see where said "million".

Google:

site:torproject.org "millions of users"

. This is what the Tor Project claims. They create the impression that it is reliable mainstream technology, when in fact it is a honeypot.

 

[darkcoder_io]

when in fact it is a honeypot.

100%

 

[darkcoder_io]

Using the TOR network in its purest form is a trap for naive fools. However, if the routing scheme is refined (as I wrote in my article), then TOR can start to play into our hands.

 

[man514lo]

Using the TOR network in its purest form is a trap for naive fools. However, if the routing scheme is refined (as I wrote in my article), then TOR can start to play into our hands.

Can you direct me to article pls? I wanna read more kn the subject

 

[darkcoder_io]

Can you direct me to article pls? I wanna read more kn the subject

Sure, here you go: https://xss.pro/threads/96722/

P.S. Split it into chunks and use DeepL to translate from Russian if needed.

 

[man514lo]

Sure, here you go: https://xss.pro/threads/96722/

P.S. Split it into chunks and use DeepL to translate from Russian if needed.

Much appreciate it bro , thanks

 

[BlackByte]

Tor Devs Actually Cooperate With the US Government
Basically, it seems that one of Tor’s co-founders (Roger Dingledine) had no problem discussing cooperation with the DOJ and FBI. Oh, and he also referenced installing “backdoors.”

Unfortunately, the level of education of even our forum visitors (let alone other people) is so low that they are completely sure that they will be protected by TOR or even a simple VPN. It's sad.

 

[el84]

Google:

site:torproject.org "millions of users"

. This is what the Tor Project claims. They create the impression that it is reliable mainstream technology, when in fact it is a honeypot.

Still 0 technical proofs here.

 

[darkcoder_io]

Still 0 technical proofs here.

Not all traps have been explicitly disclosed and it would be foolish to disclose TOR just like that. In that case, what evidence are you waiting for? For me personally, the fact that TOR was not originally designed as a tool to provide anonymity is enough. Especially if you look at who its parents are.

 

[нарк]

Tor is just a honeypot

Tor was created by the US millitary before going open source

Tor's still receiving funds from the US government

There are only around 8000 relays, and the number doesn't change over the past 5-10 years Because the number of relays are too small, so a large part of it can belong to someone, who want to spy on you.

Tor Has Issues With Malicious Nodes

Security researchers actually found at least 110 Tor nodes that were snooping on user traffic and exposing devices to malware.
this is from 2017 so Imagine now


Here’s the thing about Tor nodes – pretty much anyone can set up and operate them. (NSA for example)

The Government Has Many Ways to Compromise the Network

https://www.washingtonpost.com/worl...0f08b6-2d05-11e3-8ade-a1f23cda135e_story.html

in 2014, there were even attacks against the Tor network that allowed the NSA (and any other agency, really) to de-anonymize around 81% of Tor users.

Most recently, the FBI apparently managed to de-anonymize Tor users to the point of finding their real IP addresses
https://www.techtimes.com/articles/...ase-to-avoid-disclosing-tor-vulnerability.htm


Exit Nodes Don’t Really Encrypt Your Traffic

Tor bounces your traffic between multiple servers, decrypting a small layer of encryption with each bounce (hence the “Onion” in The Onion Router name). Well, when your traffic passes through the last server, there’s no more encryption.

Tor Devs Actually Cooperate With the US Government
Basically, it seems that one of Tor’s co-founders (Roger Dingledine) had no problem discussing cooperation with the DOJ and FBI. Oh, and he also referenced installing “backdoors.”


https://www.documentcloud.org/documents/4379303-Bbg-Tor-Emails-Stack-21.html





Just Google it tor History and see by you're own



Tor Can Leak IP Addresses (not even a joke )

Back in 2017, the Tor network had a serious flaw called TorMoil that leaked users’ IP addresses. While the devs eventually fixed that problem, there’s no telling when it will occur again.

Government Agencies Don’t Even Need Warrants to Spy on Tor Users​

https://www.techtimes.com/articles/...-even-if-youre-using-tor-and-dont-ask-why.htm


Governments Can Actually Block the Tor Network
Like Venezuela, China, and Turkey even you're ISP provider
all they have to do is check the current list of Tor nodes, and use routers and firewalls to block them.


Tor Can’t Access Many Websites
-Specifically websites that use Cloudflare security software since it has a firewall option that blocks Tor traffic.

The US government is also a big player when it comes to exploiting and de-anonymizing users on Tor. They've done it before in the past and most likely still can.

 

[el84]

Not all traps have been explicitly disclosed and it would be foolish to disclose TOR just like that. In that case, what evidence are you waiting for? For me personally, the fact that TOR was not originally designed as a tool to provide anonymity is enough. Especially if you look at who its parents are.

Well in a forum with technical people I just expect to see some code related arguments.

 

[BlackByte]

Well in a forum with technical people I just expect to see some code related arguments.

You're not a cop by any chance? It's been written many times in this thread or other threads that there aren't many nodes to get traffic out. Most of them are controlled by unknown people. And what's more, even the developers of TOR were quite open about the implementation of backdoors. Otherwise, it's a closed system, what kind of evidence in the form of code are you talking about?

 

[el84]

You're not a cop by any chance? It's been written many times in this thread or other threads that there aren't many nodes to get traffic out. Most of them are controlled by unknown people. And what's more, even the developers of TOR were quite open about the implementation of backdoors. Otherwise, it's a closed system, what kind of evidence in the form of code are you talking about?

I just asked for proof of the Tor being vulnerable. Not news or article without any reference to code or network analysis.

 

[BlackByte]

I just asked for proof of the Tor being vulnerable. Not news or article without any reference to code or network analysis.

You're confusing vulnerability with control. If I (the state) owns a TOR, my software may have absolutely no vulnerabilities, and yet I can go there as if I were at home, looking for villains on the count of "one". A backdoor is not a vulnerability. With this view, there is no way to provide technical evidence. However, this does not mean that you cannot be tracked via TOR (they can track you, though).

 

[el84]

You're confusing vulnerability with control. If I (the state) owns a TOR, my software may have absolutely no vulnerabilities, and yet I can go there as if I were at home, looking for villains on the count of "one". A backdoor is not a vulnerability. With this view, there is no way to provide technical evidence. However, this does not mean that you cannot be tracked via TOR (they can track you, though).

Got your point but I do not agree, how can we know if something can be compromised without any evidence? It seems like "perfect" backdoor which is impossible at all.