Privacy advocates are growing leery of the Tor network these days, as recently published research has shown a great number of network’s exit relays are compromised. Furthermore, on September 15, the Hacker Factor Blog published a new Tor report that shows IP addresses being uncovered. The paper called “Tor 0-day” says that it is an open secret among the internet service community: “You are not anonymous on Tor.”
For years now, a great number of digital currency proponents have utilized Tor and virtual private networks (VPNs) to stay anonymous while sending bitcoin transactions. The Tor Project was released 17 years ago in 2002, and it has always claimed to obfuscate internet traffic for the end-user.
Essentially, the software written in C and Python leverages a volunteer overlay network consisting of thousands of different relayers. The very basics of this network are meant to conceal a user’s activity on the internet and allow for unmonitored confidential communications.
However, since Covid-19 started and during the months that followed a number of individuals have exposed a few of Tor’s weaknesses. One Tor vulnerability exposed in August is the large-scale use of malicious relays.
A paper written by the researcher dubbed “Nusenu” says 23% of Tor’s current exit capacity is currently compromised. Nusenu also warned of this issue months ago in December 2019 and his research fell on deaf ears. Following Nusenu’s critique, another scathing report called “Tor 0-day” details that IP addresses can be detected when they connect directly to Tor or leverage a bridge.
The paper “Tor 0day” stresses that it is pretty much an “open secret” between those who know, that users “are not anonymous on Tor.” The research is part one of a new series and a follow up will publish data that describes “a lot of vulnerabilities for Tor.” The hacker describes in part one how to “detect people as they connect to the Tor network (both directly and…