If no one has told you yet. The feds busted a child porn network in the UK that used for because they were hosting over 65% of the exit nodes at the time. If your open source anonymous VPN is hosted by the feds, they can 100% see where the traffic is coming and where it’s going
Please link to a story substantiating this. What I have heard of happening repeatedly is that they trick criminals into communicating outside of tor, running an executable, or just take over the endpoint and nail people eg take over dark web drug markets and use information to track down the folks using it.
As the article notes, it’s hard to tell just how much of the unmasking comes from exit node control. An exit node will only know what public services are being accessed, without knowledge of any of the user’s addressing/location data (since each node only knows that information about the single hop in each direction). Plus, I’m not even sure exit nodes are used at all when connecting to a tor-hosted service (no need to exit the tor network, after all).
It sounds like the servers are being compromised and then being used to exploit IP-leaking vulnerabilities in how the browser/plugins and Tor network connection are configured.
I’m sure they’ve got a lot of tricks up their sleeves, but exit node control seems like the least significant of them.
If no one has told you yet. The feds busted a child porn network in the UK that used for because they were hosting over 65% of the exit nodes at the time. If your open source anonymous VPN is hosted by the feds, they can 100% see where the traffic is coming and where it’s going
Please link to a story substantiating this. What I have heard of happening repeatedly is that they trick criminals into communicating outside of tor, running an executable, or just take over the endpoint and nail people eg take over dark web drug markets and use information to track down the folks using it.
https://arstechnica.com/tech-policy/2015/07/feds-bust-through-huge-tor-hidden-child-porn-site-using-questionable-malware/
As the article notes, it’s hard to tell just how much of the unmasking comes from exit node control. An exit node will only know what public services are being accessed, without knowledge of any of the user’s addressing/location data (since each node only knows that information about the single hop in each direction). Plus, I’m not even sure exit nodes are used at all when connecting to a tor-hosted service (no need to exit the tor network, after all).
It sounds like the servers are being compromised and then being used to exploit IP-leaking vulnerabilities in how the browser/plugins and Tor network connection are configured.
I’m sure they’ve got a lot of tricks up their sleeves, but exit node control seems like the least significant of them.