[tor-talk] How to find trust nodes?

grarpamp grarpamp at gmail.com
Wed Sep 27 20:35:39 UTC 2017

On Wed, Sep 27, 2017 at 3:04 PM, Jason Long <hack3rcon at yahoo.com> wrote:
> How can I sure a Tor node that I connected to it is secure and is not a NSA or CIA node?

Go meet the operator and conduct an anal probe on them
far more intensive and long running than an SF-86 SSBI.
Parallel to that, go image the node, try to find reproducible
source code version to it, and pay $1M for a full audit.
Then go ask Intel / AMD about what's really inside their chips.
Then verify if the chips in the box are what rolled off the fab.

Or note improved odds with tor's multiple hops, plus user
opsec and defense in depth, pursuant to reading whitepapers
detailing exploits against tor and your entire stack and usage.

A non generic answer depends on your use case and
threat model. Once you can articulate those, you'll be
closer to finding an answer. Without them, we probably
aren't able to be of much help.

More information about the tor-talk mailing list