I have a very strong suspicion that Tor is completely compromised, and that's actually how they caught Ross Ulbricht (Silk Road). All the stuff about his previous posting, etc, is tenuous and circumstantial-- it seems totally feasible that it is parallel construction.
The "Tor Sucks" document is from 2012. It talks about the GCHQ running Tor nodes. What could have happened in the years since?
What many people don't realize is that Tor has only ~5000 exit nodes and ~3000 relays. If you control 50% of the nodes, Tor is essentially compromised. Half is ~4000 servers.
Seems like a lot for an individual person, right? Just a rough estimate, at $40/month for a cheap linode VPS, 4000 nodes would cost $160k/month.
But that's _nothing_ for a nation-state. $160k/month isn't even a rounding error. And that's all it costs to _completely_ compromise Tor.
These nation states don't want anyone to know they compromised Tor, so they won't waste it on little fish. They'll save it for real terrorists and major criminal actors like Ulbricht. But if they compromised Tor, they're certainly recording _all_ that activity somewhere. It's sitting in archived storage ready to be mined if necessary.
> All the stuff about his previous posting, etc, is tenuous and circumstantial-- it seems totally feasible that it is parallel construction.
I've done similar things in the past (trying to find a user's real identity, when that user has taken active steps to stop anyone finding out - before you ask, tracking scammers, not doxxing innocents) and to me it sounded totally plausible. He made exactly the same kind of mistakes many of the people I've tracked down did, and they found him the same way I would have gone about it.
My suspicion is essentially the opposite: Tor is secure, but the two high profile arrests (Freedom Hosting and Silk Road) where given priority to make the general public a.) feel that the entire function of Tor is illegal and often repulsive activity b.) that Tor is not safe.
The latter part of that theory, that law enforcement agencies intentionally stepped up the resources for both the FH and SR cases in order to intentionally create disgust and distrust of Tor, is of course merely conjecture. Basically I find it an amazing coincidence that the two most notorious parts of the Tor hidden service world where busted very quickly after a huge amount of positive public attention was brought to Tor right after the Snowden leaks. Additionally if you actually look at the details of the FH exploit the FBI unleashed it is fairly useless, but very terrifying when you read just the headline. Legally there seems no useful reason to use such an easy to discover exploit that would have delivered no particularly interesting information. However from the stand point of creating public fear it worked marvelously. If you talk to even technical people that don't understand security and Tor well they often assume that the feds "hacked Tor". Which, in my opinion, is exactly what state actors want people to think.
As for the former part of the claim, that Tor is secure, look at the Snowden leaks about the methods that the NSA was thinking about for attacking Tor. Egotistical Giraffe, the attack used on FH, as mentioned was not a particularly useful exploit, and attacks user behavior not the network. Other similar leaks also suggest that neither the NSA nor any other state agency, has the ability to completely compromise Tor.
Finally,if you are a state agency and you have completely compromised Tor, you would actually want the general public to think it is safe. It is an amazing advantage to have your adversary think they are on a secure line when they absolutely are not. On the other hand if you haven't (and probably can't) compromised Tor you want the majority of people to think you have so that they disregard one of their best tools for defense.
Now of course there is plenty of evidence that federal agencies can perform targeted timing attacks against specific individuals. Tor does not and really cannot guard against this, and this has always been the case and fairly well known. If a state agency is targeting you specifically, I don't think there is anything you can do. However, given the information that is available to us, I do think it's reasonable to assume that Tor is secure from general, large scale, untargeted surveillance.
You don't address my specific point; namely that it is not only possible but relatively inexpensive for any nation-state to compromise users' anonymity on Tor en masse not by cracking its cryptography but by running >50% of the nodes themselves.
a bit of a pedantic note: If you want to control 50% of the servers by adding servers, you actually have to double the total server count... ie, 8k servers now, if you want to control 50% you have to add 8k of your own servers for 16k total servers ...
Indeed, but my proposition is that they already did that, some time ago. It's just such a small amount of money that it seems unlikely that they _didn't_ do this.
The "Tor Sucks" document is from 2012. It talks about the GCHQ running Tor nodes. What could have happened in the years since?
https://metrics.torproject.org/network.html
What many people don't realize is that Tor has only ~5000 exit nodes and ~3000 relays. If you control 50% of the nodes, Tor is essentially compromised. Half is ~4000 servers.
Seems like a lot for an individual person, right? Just a rough estimate, at $40/month for a cheap linode VPS, 4000 nodes would cost $160k/month.
But that's _nothing_ for a nation-state. $160k/month isn't even a rounding error. And that's all it costs to _completely_ compromise Tor.
These nation states don't want anyone to know they compromised Tor, so they won't waste it on little fish. They'll save it for real terrorists and major criminal actors like Ulbricht. But if they compromised Tor, they're certainly recording _all_ that activity somewhere. It's sitting in archived storage ready to be mined if necessary.