Saw an article a while back (years) saying NSA/FBI is able to track TOR connections and won’t say how even if it means they’d forfeit some cases.. anyone remember this?
Edit to add: Also, it’s public knowledge that TOR is funded by the DoD, it seems extremely feasible that they privately control a sizable chunk of nodes. Based on what I know of American 3 letter agencies, I don’t think one could resist designing a “secure” system only they can listen in on.
I consider TOR a very secure messaging channel between you, the other party, and the American government (metadata only, but that’s really not too big of a limitation in this case).
Well then aren’t I glad the US intelligence agencies don’t have a history of collaborating across national boundaries!
Some nodes can be under hostile control, but as the number increases the likelihood increases that they can link entry to exit based on timings. I consider it quite likely that the us govt can say “hey Germany/UK/Fance/etc., we have this batch of exit times, do any of your nodes correspond on entry?” or vice virce.
If your threat model is that the whole world is out to get you and will stop at nothing to find you, it is very much the case that you are going to lose. Tor raises the cost of surveillance, but is not magic.
As an aside, the five eyes countries collaborate much more closely with one another than they do with France or Germany (or that was the case when I read about this after the Snowden leaks.)
Edit to add: Also, it’s public knowledge that TOR is funded by the DoD, it seems extremely feasible that they privately control a sizable chunk of nodes. Based on what I know of American 3 letter agencies, I don’t think one could resist designing a “secure” system only they can listen in on.
I consider TOR a very secure messaging channel between you, the other party, and the American government (metadata only, but that’s really not too big of a limitation in this case).