-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
John Case
But unning a Tor node anonymously is trivial...
First, there are a LOT of co-location/vps/webhost resellers operating in the US, and almost no regulation of them as "ISPs"....
... if you can find a joe-blow VPS reseller or datacenter reseller and call them up like any other vendor, they will bend over backwards to take your money. They're not going to ask for your drivers license or a credit check or anything like that. You can just mail them a postal money order or two and be done with it.
Earlier he wrote
Even without anything interesting, like packet inspection, or state inspection, it's easy to assume that all Internet traffic is logged somewhere - just connection logs and so on - a trivial amount of data to save, and gets more trivial every six months when bigger drives come out.
So _today_ your actions might be benign, and tomorrow they might also be benign, but what about next year or next decade or ...
When you have a permanent record of all of your transactions in Internet-space, it's just a matter of time before that is mined for something that you never intended...
So, what can be done with that Tor node once it's set up? It can't be
used interactively (i.e. with low latency) because that "permanent
record of all of your transactions in Internet-space" can be used
today or tomorrow or "next year or next decade or ..." to correlate
packet timings and destroy whatever anonymity the Tor node might
otherwise have had. And if the Tor node is configured to respond to
instructions anonymized by a remailer network, the remailer network
might as well have by used by itself in the first place, without the
Tor node in the picture at all.
-- StealthMonger