I mean, there are a couple of major points against it: it was originally developed by the CIA, the US government still funds quite a bit of its development and upkeep, and it’s intrinsically vulrnable to de-anonymization of traffic if a bad actor manages to control or spy on enough nodes (namely, if they are simultaneously spying on all of the nodes in your circuit), and the vast majority of Tor nodes are based in the US and EU, specifically the 5/9/14/69/420 eyes countries. Tor seems mainly intended for US intelligence use and also for political dissidents against socialist countries (or just any country the US hates). It’s no coincidence that Tor traffic spikes from whatever country a colour revolution is taking place, like Iran and Russia as two recent examples, which is very apparent if you download Snowflake (which creates a small Tor entry node/bridge on your computer) and monitor which IP addresses are connecting to it.
At the same time, we’re also very explicitly political dissidents and therefore we absolutely need ways to protect our data privacy and security. So… Should communists, especially ones actively campaigning for socialism/communism, be using Tor to anonymize their traffic? I’d instinctively say no but thinking more about it I actually don’t know for sure. Is there a risk it can be booby trapped for us. Are there any alternatives? Anyone familiar with Tor’s architecture who’s able to weigh in on how big a risk it is for us compared to benefit?
Thank you for the info
Should one use a vpn + tor, or just tor alone?
There are many opinions about this. I use both (locally creating packets for Tor, then sending them through a VPN connection) just in case a circuit happens to be completely accessible by a single actor (probably the Amerikan government). The only downside I see with this is that it’s a bit slower than just going through Tor, but it doesn’t matter for my use cases. In the worst-case scenario (an entire malicious circuit and a malicious VPN), it’s not going to be any worse than just going through my malicious ISP
It depends on who your VPN is exactly. When you enter the Tor browser when concurrently using a VPN, all of your Tor browsing is being routed solely into the VPN, meaning that the VPN provider can see all of what you’re doing if they happen to log your actions. Meaning that if you use a compromised VPN provider which hands its logs over to governments, it could entirely defeat the purpose of using the Tor browser.
That’s not how it works, unless you’re allowing the VPN provider to create the Tor connection rather than doing it yourself (which is a “feature” offered by some providers, and that does almost entirely defeat the purpose of using Tor, aside from exposing a different IP address to the destination). If you’re using Tor Browser normally, you’re creating and encrypting the packets to send to the first Tor node in the circuit locally; the only thing exposed to the VPN server is that you’re sending a Tor packet and what the first node is, not the entire circuit or what the packet contains
I was being very general but you’re right.