It’s true that a large adversary with a little money (like the US or Israeli government) could host a huge amount of compromised exit nodes and relays (I don’t think compromising exit nodes alone is enough) and de-anonymize users.
It is also true that you can run a relay right now by running the Snowflake proxy in a normal browser tab: https://snowflake.torproject.org/
It is safe to run a relay on your home connection, because you aren’t hosting any exit traffic. I’ve never had trouble when I’ve done it.
Tor also hosts “hidden services” or “onion services”, which don’t exit the Tor network. The client and the server agree on a rendezvous node and meet each other there, and the traffic is encrypted from end-to-end. I am pretty secure this is more resistant to the “global passive adversary” type of attack, but nothing is perfect. A GPA can always look at timing and make some correlations based off of it.
It is true that the network is more secure if more people use it, because that provides cover. It is true that if you pirate stuff through I2P you won’t get a letter from your ISP.
The other comment already pointed this out better, but yeah tor and i2p as a concept use onion routing which if you utilize correctly, won’t de-anonymize you if a government runs exit nodes, since they won’t know where that traffic is originating from*
*big disclaimer is that you must ensure your tor/i2p traffic itself is clear of identification. There’d be no purpose in logging into your personal gmail since anyone with access to that info could easily identify that its you. Lots of people have been caught simply because they performed bad opsec and did not separate their clearnet and darknet activities (ex: Ross Ulbricht advertised his silk road with his regular old gmail on a forum with his real name).
The systemic threat to Tor and i2p is if a government is able to influence the routing algorithm or create enough tor nodes that the routing guarantees a path through controlled nodes where traffic can be de-anonymized via logistical analysis (Sybil attack). This is significantly harder to accomplish but not impossible. Tor particularly has been hit with recent attacks that successfully de-anonymized hidden servers by poisoning the route algorithm. Even though Tor nodes are decentralized, the routing map is not (controlled by a handful of route authorized servers) which was done to protect against the Sybil attack specifically by dropping known bad nodes, though it has become controversial since it clearly didn’t protect against certain attacks.
i2p is theory is supposed to be better due to its complete decentralized nature and advanced garlic routing, but successful attacks have been demonstrated in a lab environment.
Still, both darknets become stronger just by having more users to mix all the traffic and make it more difficult to de-anonymize
The other annoying issue which i2p actually does solve quite well compared to Tor is speed. Darknets are notoriously slow due to their hefty routing to ensure anonymity. i2p improves this with its garlic routing, but its still feels like you’re running on a congested DSL line from 1999.
Isn’t tor super dodgy because anyone, even the government, can host exit nodes? Honest question, I haven’t read too much about it.
It’s true that a large adversary with a little money (like the US or Israeli government) could host a huge amount of compromised exit nodes and relays (I don’t think compromising exit nodes alone is enough) and de-anonymize users.
It is also true that you can run a relay right now by running the Snowflake proxy in a normal browser tab: https://snowflake.torproject.org/
It is safe to run a relay on your home connection, because you aren’t hosting any exit traffic. I’ve never had trouble when I’ve done it.
Tor also hosts “hidden services” or “onion services”, which don’t exit the Tor network. The client and the server agree on a rendezvous node and meet each other there, and the traffic is encrypted from end-to-end. I am pretty secure this is more resistant to the “global passive adversary” type of attack, but nothing is perfect. A GPA can always look at timing and make some correlations based off of it.
It is true that the network is more secure if more people use it, because that provides cover. It is true that if you pirate stuff through I2P you won’t get a letter from your ISP.
Better practice now before you really need it.
The other comment already pointed this out better, but yeah tor and i2p as a concept use onion routing which if you utilize correctly, won’t de-anonymize you if a government runs exit nodes, since they won’t know where that traffic is originating from*
*big disclaimer is that you must ensure your tor/i2p traffic itself is clear of identification. There’d be no purpose in logging into your personal gmail since anyone with access to that info could easily identify that its you. Lots of people have been caught simply because they performed bad opsec and did not separate their clearnet and darknet activities (ex: Ross Ulbricht advertised his silk road with his regular old gmail on a forum with his real name).
The systemic threat to Tor and i2p is if a government is able to influence the routing algorithm or create enough tor nodes that the routing guarantees a path through controlled nodes where traffic can be de-anonymized via logistical analysis (Sybil attack). This is significantly harder to accomplish but not impossible. Tor particularly has been hit with recent attacks that successfully de-anonymized hidden servers by poisoning the route algorithm. Even though Tor nodes are decentralized, the routing map is not (controlled by a handful of route authorized servers) which was done to protect against the Sybil attack specifically by dropping known bad nodes, though it has become controversial since it clearly didn’t protect against certain attacks.
i2p is theory is supposed to be better due to its complete decentralized nature and advanced garlic routing, but successful attacks have been demonstrated in a lab environment.
Still, both darknets become stronger just by having more users to mix all the traffic and make it more difficult to de-anonymize
The other annoying issue which i2p actually does solve quite well compared to Tor is speed. Darknets are notoriously slow due to their hefty routing to ensure anonymity. i2p improves this with its garlic routing, but its still feels like you’re running on a congested DSL line from 1999.
For anyone curious and willing to try a safe website - lemmy.cafe is also served on tor.
https://lemmy.cafe/post/22287795