15 Dec
2019
15 Dec
'19
8:26 a.m.
On 12/15/2019 12:11 AM, Shawn K. Quinn wrote: <snip>
No, Tor is not perfect; it certainly beats nothing, but shouldn't be considered a complete countersurveillance solution in and of itself for many threat models.
I used to think pretty much that. Now it seems all too possible that some malicious relays operate with the tacit approval of at least some Tor Project staff. Given the FOIA production that I've seen. So sure, "it certainly beats nothing". But it's proselytized in ways that foster a false sense of security. At this point, if you want low-latency connectivity, botnets are your safest bet. Or, for those who consider that immoral, nested VPN chains. You can go at least five deep, with iptables rules to prevent leaks. <snip>