Hundreds of Tor Relays are Being Used to De-anonymize Users

They produce light on their own or they are a black body?

Fukushima and tchernobyl are nothing next to all this irradiation.

@@vektersaxon Is the sun enough radiation?

So there’s free nuclear energy in Washington

@@hugoflores5806 You forgot to talk about UV rays.

@bodd boward Does Australia count?

To be a government you first need to be elected.

@@lukesutton4135 not true in many cases. You can buy, bribe, kill, assassinate, blackmail, lie, cheat, steal votes/elections, pull strings in media, be friends with the right people, be a willing puppet by someone bigger, etc. I could go on and on but no there's many ways to be part of a government or part of a world problem, most of them not legal and certainly not always voted or caused by the people.

“we get to have secrets, not you.”

@gu4t4f4c not as bad as government, international, and world corruption at a fundamental level with no way to root it out or fight back against it (with not enough money or power to do so legally) and the only anonymity is reserved for those corrupt governments and organizations.

It's not a war on drugs the wars on personal freedom. let's keep that in mind at all times - Bill H.

Stopping Covid though…

I agree. Its not like your ever destroying the drug market anyways. To much demand

Like taking drugs, basic human right

The government is gonna do everything they can in the coming decade to eliminate privacy

What are the risks of running an exit relay?

@@VeeTHis A knock on your door

@@BluecoreG OH SHIT

then who can run exit node?

@@PenguinCrayon269 people in countries where the government does not care

the name ron paul help me secure my network i know its leaking !

Honestly, you should just never assume anything is water-tight... and I don't think anyone ever said it was impossible to exploit Tor, just that it was difficult. The time had to come eventually and this is likely us only finding out about it just now.

Snowdon in Novemeber 2021, stated....
VPN are useless for protection against Government access, and so is encrptyion. As the Governments have so many back doors to your OS, Windows, Mac, Iphone, Android, they can see if you can see. They also can access your smartphone instantly if they have your IMEU number.
VPN and encryption only helps to stop basic hackers.

Also Snowdon stated you should do muliple VPNs ie VPN a VPN, to stop hackers, but it still won't stop government access.
Also VPN servers could be leaking or hacked by governments.

Have you noticed how they're trying to kinda pretend the last 20years of tech didn't happen.
Like phone privacy is a new thing, hell they even had reports on the new danger..facial recognition only last year. Funny that the USA have been keeping that quiet but the UK government was totally open about it. Sorry USA cats out and has grandkittens 😬😂

It won't if you configure it not to function as an exit node

If you're wealthy enough to decide who you do business with, it's better not to do business with any sites that auto-ban Tor associated IPs anyway

the best option is to create VPN tunnel, and use the VPN's ip address instead. Which will disguise your actual 1.

discrimination

I've never heard of a website doing that before... Can anyone provide some examples?

Tor was always super dumb in my eyes. It just seemed like what's happening here was guaranteed to happen. For a while I actually just assumed the Tor browser itself was made by the CIA or other agency. It would be a perfect way to just get everyone's data for free.
Give up on Tor, it's dumb. Alwas was.

That's the point

The issue is that trust is required for security. How do you know who to trust? Is it better to trust the government and/or private companies, or random people hosting servers, servers that happen to pipe all your internet traffic......Honestly you are already trusting the government and private companies anyways, then laying on top of it trust of random people....how is that more secure?

We (here in Russia) just hope it doesn't belong to Russian Government.

It is possible to reconfigure Tor to use 10+ hops instead of the default 3, paying for reduced deanonymization risk with yet more network latency.
This attack seems to be an anomaly because of how big it is. And how expensive it is. The relays have to actually deliver enough bandwidth to satisfy demand, otherwise they won't be used for making connections. Tor was started in 2002, where this was unthinkable. Maybe we're now at a point where commercial hosting is cheap enough to make such attacks viable, and that the devs need to find a way to counter that.
One possible counter is to add at least one node with increased trust - stable nodes added before 2015, nodes operated outside of the US by a known privacy organization, etc. I'm sure the Tor devs have already come up with ideas.
Even if US anonymity is compromised (which sucks), there are users who don't care about the US and are instead dodging some lesser threat. There's also a bunch that just shovels torrent traffic through Tor.

You say "perceived void" as if these voids aren't real. You literally can't make a 100% open source device work with cell networks anymore, "privacy tech" is pretty much nothing but a void.

fundamental civil liberties of doing what?...

@@bentos117 in this context mainly the 4th amendment which gives you the liberty to stop unreasonable searches seizures etc from being done to you
And also the 1st amendment which gives you the liberty to engage in free speech and political communication
In other countries they might not be called amendments but the fundamentals of human rights are fundamental to human nature everywhere

@@HolbrookStark is Tor needed for any of that?

@@bentos117 in the context of the internet, obviously yes? What kind of question is that

Bright light at night isn't good for our chronobiology 😎

I know, right.

@@N.S.A. I was busy fixing an electrical cabinet then one of your Buds came closer that the blinding light put my life in danger. Idk what pills you're taking guys but it's getting problematic.

Reminder to hit glowies niggies with a car as the Lord intended.

@@ccriztoff One word : TempleOs.
He is infamous for his stream shouts too.

Correct
For proper anonymity, nobody should be able to differentiate between someone using TOR for legitimate purposes and those who aren't

Tor relay serves thousands of connections. So it is safe to make 2x relay count. Maybe even 10x. 100x will be a problem most likely. But it will not happen anytime soon.

@@sdjhgfkshfswdfhskljh3360
As long as you use a trusted guard node you can still have anonymity, but there's no way to defend against pattern matching if someone (law enforcement) was interested enough to put in the work
By correlating packets that you send with ones being received at the exit node, they can still unmask you

@@dustinjames1268 Wouldn't doing that be like a giant fishing expedition though? It almost feels like a ton of work to fish for cybercriminals when (assumingly) most of the connections you're sifting through have nothing incriminating or at least interesting.

@@fastestdino2
Basically they won't put in the effort to pattern match your traffic unless they have good reason
Say they suspect you of running or accessing a CP onionsite, they will try.

Wow, Germany cracks down on individual rights and privacy? Who would’ve thought

@@IanBLacy ikr. just a few weeks ago, they sentenced a 70-something years old woman for filesharing.
she doesn't even own a computer, wifi was set up by the phone company just to get a higher price on her package

ah, the older woman must've never changed her wifi password (if any at all), if ot was set up for her just to jack up the price.

Why would you do that when you could just get a bunch of secondhand desktops and run proxmox on them?

@@skywz $3 xenons go brrrrrr

@@skywz a desktop is quite overkill for this...the Pi has almost an order of magnitude less power consumption, so especially when scaling, the power cost would start to become a significant factor.

@@skywz its also about power consumption. A pie consumes 10 watts a server/desktop easily more than 150 for me this would be over 300€ a year on a desktop, under 50 is ok

@@skywz sounds like someone doesnt know how to have any efficiency in peer to peer networks

I agree.

AAAAAAAAAH

A toast to our fallen /qa/ brothers, their legacy will live on in the thousands of soi edits made in the last two years

Unless the vpn is owned by you it kinda defeats the purpose of tor. You'd be centralizing your traffic to the vpn crevice.

Untrue. Nobody cares if you run tor exit node.

If you are even asking these questions, you are unequipped to run an exit node.

There’s nothing more insufferable than a TORelitist

@@index7787 That's kind of why I'm asking the question.

Autotune just got mogged

I also noticed that, a funny upgrade

yeah

lol its not that impressive, just add images wherever he says a word
and it's not a "rhythm", it's literally just talking

@@2fifty533 first of all, it is rythm. Second, we are just appreciating that slight editing touch he made, a nice detail

I've given thought to some kind of TLS relay protocol. The server looks like just another TLS protocol server until it hears a relay request. Then it arranges a TLS connection and negotiation between the client and the next server in the chain, never sure if the next server is another relay, or just an ordinary TLS server.

@@hanelyp1 you should take a look at bridges and the obfs family of protocols, especially the latest interation. A bridge with obfs is basically a private guard relay, only used by those who know it exists. Later obfs protocols are actually actively trying to prevent probing, by requiring the user to know a secret key, in order to even detect it as a bridge. I'm sadly not very familiar on how exactly this is achieved though.

There isn't a technical solution, just like there is no political one. The people behind this want us dead, so they need to be removed.

@@lord_khufu what kind of order is that

@@nullsphix8382 my 5th grade english teacher's order

I am very grateful to live in a country where weed is legal and I don’t need to bother with dark web bullshit

U got telegram or sumn. Or link to a tutorial to how to buy it online

@@sj-bg4up Nice try, fed boy.

@@LaPapaMollido original

@@LaPapaMollido he just said weed is legal where he’s at so why would a fed care

real props goes to whoever drew it, those neets are doing Gods work.

@@MentalOutlaw
Damn straight.

@@emperorhadrian6011 Based Emperor. But you let some escape!

@@SchemingGoldberg
Shame on me. finish the job I couldn't, fren.

@@emperorhadrian6011 Sir yes sir!

Thank you.

@@N.S.A. hol up

Make sure that your ISP allow exit nodes. Otherwise they may just ban you. I am not kidding. It happened to me.

@@quidquopro1185 don't worry. I'm using a vps and the hosting provider is fine with it. I am going to host a relay and a bridge from my home internet once i get the chance

@@spinningjenny1629 ok sweet! Yeah i were just worried because I got my mom and dads network banned for 1 month just for running an exit node a few years ago. They were NOT happy...

Hi spook here.
If we wanted to fuck over various groups of people. Why wouldn't we simply tell tor devs to add obfuscated code that would run on every tor node?
1. we have done it before for large scale applications
2. the US gov't is still by far the largest donor of tor project (so do what we say or don't get paid)

lol

If the feds were running the show they wouldn't get caught trying to subvert it.

@embrace thank you! I was wondering the same thing like...👀 wasn't Tor created by the government tho? Like a military branch or something? Why should we be surprised that they're trying to use it to their advantage yet again?

I feel like most who comment know what Tor is used for. They wanna see babies die rvery waking hour. Darkweb is fun!!

I don't think that means anything

they have way more funding and resources than literally everyone. cant fight back lol

@@bruh.j4mes Not with that attitude.

what is that dumb shit 😂

That abyss is real my friends, be safe out there!

whole reason I never bothered using it lmao rip

@@CornRecords972 what do u use then?

A route of compromised IOT devices is probably the way to go.

I use what the rothchilds use. carrier pigeons.

@@krozareq illegally using routers as proxies huh
man of culture

How illuminating

enLightening

what cause do you fight for? of course if you don’t wanna mention it i understand

@@xenonbreakout I fight for the Constitution of the United States.

@@untermench3502 i think you can stop now, it got ratified like 235 years ago

​@@untermench3502😭noooooo I thought it was gonna be real like u were in some peon middle eastern country or something. I would be curious what targeting you've been subject to for defending the constitution, or if the tin foil hat has been protecting you from the government brainwave hacking.

@@untermench3502 lmfao so in clearer terms you're a far-right wannabe fascist. gotcha.

What gave you that idea in the first place? Genuine question here, not sarcastic nor rhetorical.

@@5555Jacker Remember reading about theories that the FBI were hosting exit nodes back in the silk road haydays. Nothing concrete, but entirely plausible theories if you ask me. Haven't revisited the subject since. Might've been debunked with today's knowledge for all I know.

@@BromTeque Probably they were, but exit nodes alone shouldn't be enough to deanonymize somebody AFAIK. Could definitely be used for MitM attacks like SSL stripping, though. If I'm correct, Silk Road actually got brought down due to terrible opsec, rather than a weakness in Tor.

in almost every case where someone or a service was discovered on Tor it was bad Opsec and greed. however there are other but rarer examples and it requires a lot of resources (aka your tax dollars) to do this sort of thing, and it isn't even sure fired way.

@@5555Jacker you can't know what really brought it down.

at first i thought that was actually the case, that every tor user is a relay, was pretty surprised when i found out it wasnt

@Guy Dude they should make it so if your internet connection and computer specs can handle it you are forced to be a relay

then you got me 1mbps on a 90s machine here

You described i2p

this is literally I2P

You can already donate to organizations that host servers

Why not make a Monero like crypto where nodes and miners exist and all miners are also nodes

Usually alphabetti sting ops pin exit relay engineers with cp

@@synthesoul I figured glow joggers may do that, to be safe there is documentation you should have and should live a squeaky clean lifestyle.
Beyond documentation, you want CCTV in house, hidden. You also want to comply when they come, let them check your shit and hand copy of documentation that states you run an exit node and have no responsibility in what comes out but they are free to look
I know you can run a tor site off a rasp pi, think you can make one a cheap dedicated exit node so if they confiscate it they are taking a $30-$100 pi rather than a multi hundred to multi thousand computer that you use for work and school
Hopefully mental outlaw makes a video covering all this

@@folkishappalachian6827 they probably would confiscate more than just the rasberry-pi if they are suspicious of you running a terroris or cp group

@@folkishappalachian6827 Using a VPS is always an option. I would never use tangible bits to run anything related to tor. I used to run tor on my physical devices, but even that is unsafe these days as big data gets fatter.
Find a trusted VPS, or make your own. Got trusted partners or friends across the country or globe? There's your freedom.

@@folkishappalachian6827 dude I don't know what country you live in, but when cops bust peoples homes in the UK looking for computer crimes they take everything. Not just your raspberry pi, they'll take your kids computers and anyone else's computers in the house. And in my country saying I have no responsibility for what comes out of the exit node won't hold water either, in my country .. you signed the contract with the ISP and you're responsible for what happens across that link regardless of who uses it. That's why a bunch of local people who setup wifi because we didn't have fibre setup a company because nobody wanted to take the responsibility for who does what on the internet.

If half the servers belong to the US or Russia, then aren't you safer in the third world? Unless they are collaborating with your local dictator, which does happen a lot. But if you're in a random other country or aligned with their interests then their servers may actually protect you from your own government's attempt

​@@muscularclassrepresentativ5663oh yeah, no, there was a story where people would use this tor/o ion gist to help with getting aid and voices heard. Great for USA as its a intelligence spy aid into country affairs.
I think it was russia to, who uses it to surf our american clear web, or it was a middle eastern place, i forget.

Or nk.. i think nk, how rlse we know the sll great kim joung ung is nit so great? We dont send shit there, chuna might also start using it

How did you get in bill, my door is locked and you don't have a key!
Loads shotgun "nether do you!"

Who cracks Windows anymore? Just don't register it or get a gray market CD key.

@I ain't no millionaires son! It was God who drowned all of humanity, unleashed plagues, killed the 1st born of families, turned people into salt, etc, etc.

@I ain't no millionaires son! Dude, it's in The Bible. Your god is evil.

@@LePedant Why all this over a joke?

The Tor network needs to be turned into some kind of blockchain environment where you get rewarded for hosting a relay and mining is the act of relaying data.
Kind of like a virtual version of the Helium network.
If we could do that, the amount of nodes would explode. The informational sovereignty of the entire planet can't rest on a handful of volunteers.

It's Santa Claus updating his naughty list.

mostly taketh away

Boxes decked out in RGB T glowing lights.

now that's an intersting idea. we could sell raspberry pies in enclosures togheter with a manual on how to conect the tor network. this is something that even i would buy depending on the price

@@l0k048 20-30 bucks a pop. Boomers buy relays, but pissed their speed slows

maybe bundle it with a mini-fridge for beers/energy drinks similar to the kfc game console

This is a brilliant idea.

this

The theory behind networking is that with powerfull enough subnet scanners and webcrawling software ANYTHING can be detected . Nothing on the internet is truly obscurable, only securable and even security isnt a 100% guarantee. I tell my clients this all the time. Its just about funding and intellect.

@@wantrafinancial The idea wasn't not being detected, but rather be detected and be ignored. "Hide in plain sight" if you will.
Basically, my point with a "Tor fork" is that, currently, Tor provides a way to detect if it's beign used on the serverside (to clarify, I mean that hosters such as cloudflare can block Tor browser and, at least cloudflare, currently provides an option for that to its clients). IMO that's like trying to be anonymous in public by wearing a balaclava, you will be anonymous but will also stand out in a way that can trigger some alarms to get somebody keeping an eye on you. Then the fork comes in by removing the identification part, like trying to stay anonymous in public by looking similar to all the people around.
Then by "just their users know about" I was trying to refer to a small userbase, like small enough to not be worth spending resources on to spy if you don't have anything on them. I.e: anonymous because nobody noticed you exist, or are beign ignored.
BTW, in case it wasn't clear, I do agree with you. Is just that my aproach wasn't aiming to be 100% secure, just to make the attacker need to waste way more resources than what's worth. And I do know this isn't scalable, because of its nature.

​@lyamschuss8786 dont talk about fightclub, just fight to join fight club.

​@wantrafinancial ive met people who could sit there and waste time decoding. Theres the 1st type of game programming, i think its called abyss, but very hard to learn now a days and even harder to read, yet, my old friend decoded it and recoded it. He knew more then 1 type of program for software and wpuld use them properly. Python for simple AI tasks, any games preset programming which could be CC+ i think (?) Never told me, just a gander based on how he expressed it all.
I know some darkweb sites are probably connected to those fakeouts hence, you join fight club by fighting, not talking.
Id never go on darkweb, even discord has my where abouts 😢

Need to ketchup with his steak videos!

@@LeFatalpotato OP is a bot

@@notpreacher1564 lol. Didn't expect a 170k channel to be a bot. The feds have infiltrated here too I guess.

@@LeFatalpotato it is probably a botted channel that was then sold and now youtube will hopefully terminate it soon before he becomes a terrible commentary youtuber

Nice sub bot tho

Woah

"I can neither confirm nor deny, but man I feel ya."

This is why I tell people who swear a VPN protects them that they haven't solved anything about protecting their privacy, they just moved their point of trust from their ISP to the VPN provider (and even then only partially). They still don't know what is being collected or who its shared with.

@@TheFinagle You never can as this hack shows. Might as well pick a good VPN provider since it's better than nothing.

@@TheFinagle Tbh, i think most people use VPNs just so they can watch region-locked content.

Source? I have never heard of getting flagged or blocked by being tor exit node.

@@hitler69 I’ve seen it mentioned in the comments previously (and have also noticed in threat feeds used by Umbrella, Firepower, etc) but I think companies can semi-easily block tor via URL / IP threat feeds. Not 100% sure but I believe Cisco firepower’s security intelligence for example allows you to whitelist, monitor, or block tor nodes.

Running a middle node is fine. It would only help the issue. Fed

I only had one problem running a guard node - some copy protection scheme for streaming video that flagged every node. That was years ago.

> online privacy
That's a thing similar to a result of division by zero. Doesn't exist. You'd need to send from a literal blackhole to have any expectation of not being traced back, if only someone powerful enough insists.

@@TheLukasz032 lmao facts, it’s more centred around anonymity but there is a focus on keeping your data as secure as possible

Why would I want to help pedophiles to watch CP? Do you support the abuse of children?

@@uekvowzkaebbzuvrgipqxhemmwbhe Aah, the classical. It's not about supporting CP, it's about protecting people's rights, or would you say that govt should micro-manage what people eat because some individuals for some reason want to eat junk-food and shit? What's that? They shouldn't? Are you supporting people destroying their own digestive system?
Fuck me, if you think fighting something that's evil is worth throwing out the window any semblance of freedom and dignity humanity once had because it's "too hard" to do it otherwise, I'd argue you're insane, like the rest of the collectivist scum.

@@uekvowzkaebbzuvrgipqxhemmwbhe Not sure if you realize this but some people live in countries with media censorship. That's the primary reason I support the existence of the Tor network - information freedom. If all Tor was used for was illegal creep shit no one would ever publicly support the network considering the majority of its users and supporters are not in fact creeps; most are people concerned about their privacy, whether because it's dangerous to seek media that isn't state-controlled in their country, or because they don't want the government to know everything they do. Over time I've come to realize that ultimately there's no way to prevent the government monitoring anymore, especially in surveillance states like the US. Tor's most important usage now is to provide people with resources they can't access from the 'clear' (censored) web in their country, including news, historical resources, and banned media of all kinds that's illegal not because it's immoral but because the government doesn't want people to know about it. Tiananmen square massacre is an example of this - you can't find resources about it and you can't talk about it on social media behind the great firewall.

it's closer to being a vpn provider than it is to being a torrent seeder

Seeder isn't a good analogy. Everyone on a torrent tracker is sharing their ip address with everyone else.

Yup. Want to monitor traffic and spy on dumb users on the internet who think they're hiding? Set up a Tor relay.

@@gymkhanadog a single relay cannot spy on users' traffic

@@olpporsetty I bet you also think I can't see your VPN traffic if I were the host. ;)

hi john

no way it's john
when was the last time you logged on oldfrog (or the other alias which i will not state)

well my question is... what are you all buying and viewing on the dark web that makes you want to remain anonymous?

​@@smoothbrained4channer976 None of your business

​@@smoothbrained4channer976Mods for games nothing more

@@smoothbrained4channer976 "smoothbrained4channer" accurate username

You’re chill

As far as I know the most basic free VPN, even if controlled by the glowies is more than enough to do that.

@@supernovaw39
It isn't.

Yeah I just want my ISP to not know what I'm doing or downloading. Is it still good for that?

@@emperorhadrian6011 Can you please explain how? If the only thing that the ISP should see is that I'm using a VPN, and unlike the glowies they can't pay the VPN service a visit, how would they know?

and where you live

They know what you did during NNN, you're in serious trouble my dude!

needing tor to access your fetishes is highly suspect

@@lililililililili8667 ikr

sus

nice idea!

That would probably be the final generation of anonimized networks

Great idea for giving people free nightlights.

And ontop or it all it only uses say 20% of their network speed unless certain parameters are .eth so it just sits and lurks. Would be amazing because of the boomers that leave their pcs on 24/7 so at night it could run full speed and they wouldn't be the wiser.

anti-based

Doesn't really matter when they own the VPN server

@@LiEnby that's why you work with reputable companies, ideally located in countries with strong privacy laws like Iceland or Switzerland

@@Herbaling yeah except they will still spy on you lol

@@Herbaling You think a bizznes in Swiss can say no to the damn feds?

@@muchotexto4248 dude, have you seen how much US has difficulties extraditing Assange to US from UK?
And that's UK, not Switzerland.
If countries start cooperating to catch you, I think you have bigger problems.

It's already been successfully done in Iran afaik, that's the reason for the existence of obfsproxy bridges, which mask tor traffic as https

the TOR
Mosfet Transistor
LCD Display
mfw when
PIN number
check what an abbreviation stands for before deciding which words to add

@@ccriztoff you guess this why

There’s just no way to know for sure at the end of the day. We should assume everything we do is not anonymous. They’ve won

@@isolatedbutjacked7036 threat actor KAX17 ran 900 server as both an entry guard and middle, and few exit relays. And been doing this since 2017.
“Tor user connecting to the Tor network through one of KAX17’s servers was 16%, there was a 35% chance they would pass through one of its middle relays, and up to 5% chance to exit through one.”

loki net?

@@damani662 maybe, I don't know.

How do you identify one which is "bad" ? That's the problem I think. I could run some for years and be considered legit, then someone could tap me on the shoulder and say here's $1m to do this or that for us on your exit nodes. How would you know that my nodes were bad?

@@silverismoney i would suspect maybe hashing is used and if the hash does not match then the node is disabled.
would be my guess

he showed a picture of a rug that was banned in the U.S as of 2018, a literal illegal rug.

@@average-neco-arc-enjoyer I'd like to know more about this, please elaborate.

@@liamholcroft7212 there are a lot of websites that cover this better than I can, but basicly persian rugs were banned in the US multiple times by US sanctions.

@@average-neco-arc-enjoyer Oh i see, it's a sanction thing, like with cuban cigars? I thought there might have been a funny story behind it.