Warning: Last releases of Tor degraded its anonimity level compared to I2P

I found out an unpleasant fact about Tor during last year.
As people in [tor-relays] Police request regarding relay - tor-relays - Tor Project Forum thread say, police officers use Tor Browser’s Tor Circuit widget to collect public tor relay operator addresses and then send them requests about user data.
Not every relay operator is good at law. They can just answer police’s request with actual IP addresses of Tor users/previous relays and other sensitive information in place.

Out of curiosity, I opened Circuit widget and it turned out that, in many cases, all relays and exit nodes were from Germany! Only one relay, which is German, and one exit node from Germany.
That is [due to tor developers], lucky German officials can collect huge amount of real visitors for specific sites over a short period of time.

I’m not alone in this concern, see Never use any two countries in the same circuit? - General Discussion - Tor Project Forum :
Someone else don’t like {germany} → {germany} → {germany} circuit in his TB but tor devs do not care.

What next?

I’m serious about making I2P as a default profile in my Whonix. Tor does not protect you against building same-country path from relay to the exit node, but I2P does (it uses a different terminology, but it provides such a protection in effect). See official I2P info: Strict Countries - I2P :

You can try Stormycloud exit node: StormyCloud - I2P Outproxy | I2P Anonymous Network. Their speed is close to what you experience with Tor exit nodes.

Please share.

This is nonsense. Tor circuit widget not needed. List of Tor relays has always been public.

You should hide the list of Tor relays, so people can’t block the exits.

Please read the FAQs including the abuse FAQs before making up such claims.

Tor’s abuse FAQ only confirms claims that Tor is ready to collaborate with police officers:

They are h-a-p-p-y to work with police, no less. I’m discouraged by Tor even more.
Has anyone ever heard I2P to be happy to collaborate with police?

You’re failing to understand their strategy. If Tor was anti-government, the government could just ban running of Tor and alike software as it had happened already in many countries.

No countries that allow running Tor would mean no more Tor network.

By making law enforcement how to use Tor as a user, the government will be dependent on Tor. Due to the own interest of the government to use Tor, they won’t ban Tor.

And the government cannot make their own Tor for themselves either because then everyone would always know it’s the government due to lack of other users to hide among.

Training law enforcement to use Tor as a user doesn’t reduce the anonymity of other Tor users.

I clearly understand that you are not a native speaker and may misinterpret the information the Tor Project shares about itself, but, please, try to read carefully their words - they don’t tell us about “how to use [Tor as an ordinal user]” but “how to use [Tor] to conduct [police] investigations”:

What is one of the main activities during any police investigation against internet users? The answer is obvious - their de-anonymization. Period.

Another question which may come up - if they help ordinal users be anonymous and “are happy” to collaborate with police to de-anonymize ordinal users, which group of mentioned actors has the highest priority for the Tor Project then?

Americans say “He who pays the piper calls the tune”. As of 2012, 80% of the Tor Project’s $2M annual budget comes from the United States government. The US and non-US governments’ total share is some 61%, with individual users comprising about 28% as of 2022.
So the answer to this question is obvious as well.

Hence, when police comes into action, the goal of the Tor Project is to help police investigation in this case.

The Tor Project has way too close relationships with the government’s subordinate organizations - and, given German Police requests regarding relay, frequent {germany} → {germany} → {germany} circuits in TB worry many ordinal users, whereas Tor developers leave such worries unaddressed.

Police requests inside the same country need lesser bureaucracy compared to international requests, so all-domestic TB circuits, in theory, can be quickly de-anonymized.

Just your interpretation / FUD. Where’s the evidence that Tor Project helped law enforcement to help deanonymize users?

Discussed upstream here:


related:

chatper: I2P

1 Like

They help German Police because all-domestic TB circuits comprise a significant share in whole European Tor traffic. If all two German relay operators and the exit node operator are agree to transmit user and log data to the police, there are no obstacles preventing police from de-anonymization of users.

Also, see

Another interesting article:

Very nice.

There’s a lot theoretical issues with Tor and room for improvement. The Tor Project has always openly communicated these.

In practice however, Tor is safe.

Another NSA quote:

the king of high-secure, low-latency internet anonymity

Whonix considered I2P and decided against it as you can see from above link.

Back in 2013, a typical circuit might contain 4 - 6 nodes from different countries. Nowadays, even one relay and one exit node inside the same country are not rare. Right now, I see two German flags and a site being visited right after them in my tor circuit widget.

I2P typically includes from 6 to 8 routers being node equivalents of Tor.

I think there’s much more fun in being a NSA employee when they see the whole circuit is made of only two elements.

@Patrick
If you have Tor Circuit widget installed, can you please say how many nodes are in you typical circuit?

You got your answer. What you want to realistically accomplish here now?

Ticket Disallow more than one relay per country in a circuit (#3678) · Issues · The Tor Project / Core / Tor · GitLab is from 2012.

I don’t know when Tor used more than 3 relays. Maybe was different when vanguards.

The situation is worse than one could think.

The ticket you have mentioned contains obsolete information:

Oh! And as a workaround, if none of the above issues concern you, then you can get something close to what you want here by splitting countries with lots of Tor nodes into two halves, and saying EntryNodes {aa},{bb},{cc},… ExitNodes {nn},{oo},{pp},… You’ll need to use Tor 0.2.3.x for support for country codes in your EntryNodes list, and you might want to decide whether to use “StrictNodes 1” to make sure that Tor forbids circuits you don’t want even when they would be needed to connect to a directory or hidden service.

This no longer works according to recent Tor Project: manual, which says that “StrictNodes applies to neither ExcludeExitNodes nor to ExitNodes, nor to MiddleNodes”. Tor devs deprecated it.

While that statement may sound alarming it does not necessarily mean what you think it means. While I would not trust them for absolute anonymity there have been VPN services that have accepted questioning by police or other government and have been unable to furnish logs implicating anyone. So in that case they are ‘compliant’ with authorities. If you have evidence of Tor Project staff doing something else please present it.

German law enforcement agencies have managed to de-anonymize Tor users after putting surveillance on Tor servers for months

Am I wrong?

Yes, wrong.

First, this was about onion services. Not using Tor as a client.

Second, they used deprecated software. Easily avoided mistake.

Third, no details are known.

duplicate of the same story vanguards - Additional protections for Tor Onion Services - #28 by Torprotector

1 Like

Yes, One case i know the FBI set with one of I2P devs and started discussing how I2P design and how it works (The dev himself told me that personally).

So to avoid such police, its very hard, check cryptoparty in germany, or riseup…etc how many times got into police talk whether willingly or unwillingly.

This is unavoidable situation in nowadays countries sadly, but still nothing can be confirmed as a breach to the anonymity by just sitting with the police.

Only One of numerous developers living around the world, but not the whole I2P project. There two I2P clients, written in Java and C++, which are developed by independent developers living in non-allied countries.
Tor Project, as a whole, claims they are police collaborators.

Germans themselves say the details:

Tor Project responded that the reason for that de-anonymization had been the use of their software without Vanguard:

However, a local Whonix forum user @JesusLucas found that Vanguard was effectively broken by Tor developers some nine months ago and all this time successful de-anonymization attacks were possible.

@JesusLucas

As I see, I am not the only user here worrying about real Tor anonymity level.

I’ve started this thread about German government’s intrusion into Tor infrastructure two months ago and now see the worst apprehensions to come true:

@Patrick
I feel the day we need to re-view our trust in Tor and to consider to use I2P is getting closer.

No please