On 24/03/2025 16:48, bjewrn2a--- via tor-relays wrote:
is there any documentation on self-hosting a bridge at home and using it for your own connections? I am trying to understand why this isn't a recommended setup, would it lead to de-anonymization? Why/how much? your traffic blends with other users directly via the same connection other users use your bridge on a regular basis together with you and your hidden services ISP monitoring of your exact connection times are made harder (not sure how much exactly) I don't understand why hosting a bridge outside of your geographic location is necessary?
is it a problem that the first hop is from your own IP address if the other two hops are external? were there any studies or similar questions asked before? I couldn't find anything
I can't find help anywhere, so would appreciate any advice
Tersely: CWE-656.⁽¹⁾
If you have nothing to hide about your security, you have nothing to fear. But in the proposed setup you have something to hide, and therefore to fear about.
The approach relies entirely on the adversary not being aware, how things are set up. With this reasoning we could simplify it even further. Set up your own exit node, connect directly from it, skipping the entire Tor. As long as the adversary doesn’t know, you blend into traffic and can’t tell the difference.
But this isn’t how security works and security through obscurity is a frequent anti-pattern. Tor’s security is rooted firmly in maths and network’s design, that are completely open. Whatever the adversary knows about them, it’s of little help. The guarantees of high cost to circumvent the protection still holds.
With the proposed setup you throw away those guarantees. Replace them with little more than hope. Yes, it does provide some protection. But this is the same kind of protection as hiding keys under the doormat.
Cheers, mpan ____ ⁽¹⁾ https://cwe.mitre.org/data/definitions/656.html