I think i2p will eventually replace Tor. Or should replace. Because Tor has inherent issue with de-anonymisation: you just need to deploy certain number of nodes to facilitate that. And there’s no way of knowing if certain agencies already did that.
I'd never used Tor, though had to scrape a bunch of things that required different IPs. I figured their endpoints were already tarred.
With the porn block in the UK though, the "New Private Window with Tor" in Brave is very convenient.
Maybe not for long, or maybe not. I guess websites don't need to comply beyond a certain point.
There are tons of "residential proxy" and whatnot type services available, IP being a source of truth doesn't seem to matter much in 2025. The Perplexity 'bot' recent topic being an example of that.
Basically if you want to access any resource on the web for a dollar a GB or so you can use millions of IPs.
I ran a bridge until recently, but the server died a heat death after I moved to another apartment :(
I have not yet had time to find a suitable replacement machine. But running a bridge is a cheap, safe low network volume method people can help out from home. I had it going to help people in 'bad' countries to get out to the rest of the world.
I used Tor for surveillance. But an appropriate kind, IMHO.
I used Tor as a small part of one of the capabilities of a supply chain integrity startup. I built a fancy scraper/crawler to discreetly monitor a major international marketplace (mainstream, not darknet), including selecting appropriate Tor exit nodes for each regional site, to try to ensure that we were seeing the same site content that people from those regions were seeing.
Tor somehow worked perfectly for those needs. So my only big concern was making sure everyone in the startup knew not to go bragging about this unusually good data we had. Since we were one C&D letter away from not being able to get the data at all.
(Unfortunately, this had to be a little adversarial with the marketplace, not done as a data-sharing partnership, since the marketplace benefited from a cut of all the counterfeit and graymarket sales that we were trying to fight. But I made sure the scraper was gentle yet effective, both to not be a jerk, and also to not attract attention.)
(I can talk about it now, since the startup ran out of runway during Covid investor skittishness.)
This is not a good way to do this. Tor exit nodes are public and may be marked for special behavior by the marketplace you are surveying. There is no reason to believe you are getting good information this way.
The right way to do this would be through a VPN/tor + Residential proxy to hide your intentions from everyone involved.
Next time you find yourself in this situation, a $5 VPN subscription (Mullvad, etc.) gets you the same result without the IP being an obvious Tor exit node. Faster, too, in latency, bandwidth, and the time it takes to change locations. You only care about the VPN part for this, not the onion part.
I think they publicized it so they could obscurely use it for military purposes. The users are easy to spot if they are all military users. Get tons and tons of regular users to use it and you obscure who is trying to hide.
I assume when I’m using Tor that every packet is the under the highest level of collection/analysis priority. I think maybe sometimes it’s better to blend into in the crowd
Btw, a Tor relay can be relatively lightweight. I run one on a $5/mo VPS (which does many other things). You need 1 GiB of RAM, but a single basic CPU core largely suffices. My relay sends/receives ~150 GiB of traffic per day (~15 Mbits/s). It’s not an exit node, so no legal worries.
31 comments
[ 5.3 ms ] story [ 56.3 ms ] threadWith the porn block in the UK though, the "New Private Window with Tor" in Brave is very convenient.
Maybe not for long, or maybe not. I guess websites don't need to comply beyond a certain point.
There are tons of "residential proxy" and whatnot type services available, IP being a source of truth doesn't seem to matter much in 2025. The Perplexity 'bot' recent topic being an example of that.
Basically if you want to access any resource on the web for a dollar a GB or so you can use millions of IPs.
Has someone interested in seeing privacy secured into the future, I’ve been happy that governments are accelerating their censorship for this reason.
I have not yet had time to find a suitable replacement machine. But running a bridge is a cheap, safe low network volume method people can help out from home. I had it going to help people in 'bad' countries to get out to the rest of the world.
https://community.torproject.org/relay/setup/bridge/
A lifetime ago, I ran bridges from RAM only distros. But early versions of the Dan list (1st in wide use) killed that.
DL didn't try hard to differentiate between bridge IPs and exit IPs. Server hosts just grabbed the first list they saw and blocked with it.
It was years before the notion of Exit != Bridge became understood but everyone had moved on. We're at the entropic 'No One Cares Anymore' phase now.
I used Tor as a small part of one of the capabilities of a supply chain integrity startup. I built a fancy scraper/crawler to discreetly monitor a major international marketplace (mainstream, not darknet), including selecting appropriate Tor exit nodes for each regional site, to try to ensure that we were seeing the same site content that people from those regions were seeing.
Tor somehow worked perfectly for those needs. So my only big concern was making sure everyone in the startup knew not to go bragging about this unusually good data we had. Since we were one C&D letter away from not being able to get the data at all.
(Unfortunately, this had to be a little adversarial with the marketplace, not done as a data-sharing partnership, since the marketplace benefited from a cut of all the counterfeit and graymarket sales that we were trying to fight. But I made sure the scraper was gentle yet effective, both to not be a jerk, and also to not attract attention.)
(I can talk about it now, since the startup ran out of runway during Covid investor skittishness.)
I'm letting my imagination fill in the color on the specifics here and I'm working up a little grin.
A hat tip to you
The right way to do this would be through a VPN/tor + Residential proxy to hide your intentions from everyone involved.
Arpanet: How a military project gutted personal privacy, destabilized self esteem and strangled attention spans
- https://github.com/mikeperry-tor/vanguards/blob/master/READM...
- https://github.com/mikeperry-tor/vanguards/blob/master/READM...
- https://spec.torproject.org/proposals/344-protocol-info-leak...
Just setup a vpn.
Here’s my torrc:
Here’s my override config for systemd (Ubuntu 24.04):