Technology
This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.
Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.
Rules:
1: All Lemmy rules apply
2: Do not post low effort posts
3: NEVER post naziped*gore stuff
4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.
5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)
6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist
7: crypto related posts, unless essential, are disallowed
view the rest of the comments
So when I first learned about TOR almost 10 years ago in uni, it was said to be compromised to a significant extent by secret services holding entry and exit nodes.
Is that not true anymore?
Aren't bridges meant to prevent that?
Iirc holding both the entry and exit of a routed connection, you can in theory match traffic going through, which would let you connect a user to the server/site they are connecting to. It might still be encrypted at that point, idk the details anymore.
No, bridges are meant to bypass censorship
I also heared that bit about the secret service owning nodes a few years ago. It was trough a teacher that's also really in the stuff outside of teaching, and has a network of non-teaching proffesionals in the field.
It's something to keep in mind, at the very least. Tor already has some weaknesses anyways. You shouldn't trust it blindly just because it's Tor. If anything, I think it more has a false rep for how strong it is over struggling with a stigma.
It was pretty much the same context for me, yeah.
Opsec always applies
Try i2p
Compare and use the right service for your needs: https://geti2p.net/en/comparison/tor
Interesting, ty
Most of the nodes are hosted by Tor Foundation itself
[citation needed]
Is there any way to check that?
Yup. You can check a lot of stat about a node on tor website. https://metrics.torproject.org/
If true, I'm not happy about that. I want lots of different owners so it's harder to compromise the network by compromising a single entity.
I don't think a single credible source has shown this to be a vulnerability. You're talking about an attack that would cost, what, millions of dollars to run per day?
Dunno if it's all that expensive when there are hundreds of nodes on several individual malicious networks confirmed https://nusenu.medium.com/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac
You'd need much more than hundreds of nodes.
The graph tracks exit probability and the article speaks about the matter, especially what you're referencing. Check it out.