

The Government Has Many Ways to Compromise the Network And using the Harvard bomb threat to highlight this, that Tor has weaknesses, and then using it to talk about it, inform others of what went wrong, what they should do better, is better in my opinion.īut, for most people, this probably won't be much of a (direct/immediate) problem.ģ. Of course it also highlights: Tor is not magic, it has strength and weaknesses.

(It can be made less suspicious by using Tor for a longer period of time). It is very suspicious that someone accessed Tor at that exact time, probably for a very short time, but it does not mean they did it. And that's critical for safety and security of the rest of them, because that means you can't, I mean if Iran wanted to round up all of their, it wouldn't actually work" And personally I think Tor actually worked to some extent. Roger puts it best: "the average Tor user in Iran is not a political dissident trying to take down their government, the average Tor user in Iran is a Facebook user trying to reach Facebook. The more the merrier! The diverse the better! And this is also important for the above person in a hostile place. And so I want to point out that being the only person on the network using Tor definitely makes you stand out, which is why anonymity loves company. They also point to the Harvard bomb threat.

It probably won't be perfect, the people blocking Tor might be able to figure out that it's Tor even if obfuscation helps hide it. If you are in a hostile place, use obfuscation: obfs4 bridges, meek or snowflake. all Tor relay IP addresses are also publicly known (so it probably doesn't matter much that Tor traffic doesn't look like any other type of traffic by default). The TLS (the same thing used by HTTPS) used by Tor can be distinguished from the TLS used by Browsers for HTTPS or well any other TLS. And as written, we do not know how many nodes are bad (although, with all the meetups and getting to know the operators of families, we might know how many aren't).Ģ.

And there have been many instances of bad nodes being found (and then excluded). The very first problem is the use of "clear" ("Why the Answer Is a Clear “No”"), NOTHING is ever clear/100%, anything like that, in anonymity/privacy/security.
