31 comments

[ 5.3 ms ] story [ 56.3 ms ] thread
I've never felt like I knew how to use Tor correctly, or trusted anyone to be able to guide me on that.
Tor is nice, but I still prefer i2p.
But it is more difficult to run
I2P is a superior network design. It's a shame it gets so little attention.
I think i2p will eventually replace Tor. Or should replace. Because Tor has inherent issue with de-anonymisation: you just need to deploy certain number of nodes to facilitate that. And there’s no way of knowing if certain agencies already did that.
I'd never used Tor, though had to scrape a bunch of things that required different IPs. I figured their endpoints were already tarred.

With the porn block in the UK though, the "New Private Window with Tor" in Brave is very convenient.

Maybe not for long, or maybe not. I guess websites don't need to comply beyond a certain point.

There are tons of "residential proxy" and whatnot type services available, IP being a source of truth doesn't seem to matter much in 2025. The Perplexity 'bot' recent topic being an example of that.

Basically if you want to access any resource on the web for a dollar a GB or so you can use millions of IPs.

>With the porn block in the UK though, the "New Private Window with Tor" in Brave is very convenient.

Has someone interested in seeing privacy secured into the future, I’ve been happy that governments are accelerating their censorship for this reason.

i wish they were also a lifeline for censorship too, tor is effectively non functional in many countries :(
I ran a bridge until recently, but the server died a heat death after I moved to another apartment :(

I have not yet had time to find a suitable replacement machine. But running a bridge is a cheap, safe low network volume method people can help out from home. I had it going to help people in 'bad' countries to get out to the rest of the world.

https://community.torproject.org/relay/setup/bridge/

> I ran a bridge until recently

A lifetime ago, I ran bridges from RAM only distros. But early versions of the Dan list (1st in wide use) killed that.

DL didn't try hard to differentiate between bridge IPs and exit IPs. Server hosts just grabbed the first list they saw and blocked with it.

It was years before the notion of Exit != Bridge became understood but everyone had moved on. We're at the entropic 'No One Cares Anymore' phase now.

I used Tor for surveillance. But an appropriate kind, IMHO.

I used Tor as a small part of one of the capabilities of a supply chain integrity startup. I built a fancy scraper/crawler to discreetly monitor a major international marketplace (mainstream, not darknet), including selecting appropriate Tor exit nodes for each regional site, to try to ensure that we were seeing the same site content that people from those regions were seeing.

Tor somehow worked perfectly for those needs. So my only big concern was making sure everyone in the startup knew not to go bragging about this unusually good data we had. Since we were one C&D letter away from not being able to get the data at all.

(Unfortunately, this had to be a little adversarial with the marketplace, not done as a data-sharing partnership, since the marketplace benefited from a cut of all the counterfeit and graymarket sales that we were trying to fight. But I made sure the scraper was gentle yet effective, both to not be a jerk, and also to not attract attention.)

(I can talk about it now, since the startup ran out of runway during Covid investor skittishness.)

HEH

I'm letting my imagination fill in the color on the specifics here and I'm working up a little grin.

A hat tip to you

This is not a good way to do this. Tor exit nodes are public and may be marked for special behavior by the marketplace you are surveying. There is no reason to believe you are getting good information this way.

The right way to do this would be through a VPN/tor + Residential proxy to hide your intentions from everyone involved.

Next time you find yourself in this situation, a $5 VPN subscription (Mullvad, etc.) gets you the same result without the IP being an obvious Tor exit node. Faster, too, in latency, bandwidth, and the time it takes to change locations. You only care about the VPN part for this, not the onion part.
(comment deleted)
Is it that difficult for a business to colo in various locations? Not rhetorical, I've never thought about it.
Especially as the internet, itself, started as a military project. [DARPA]
>Tor: How a military project became a lifeline for privacy

Arpanet: How a military project gutted personal privacy, destabilized self esteem and strangled attention spans

[flagged]
I think they publicized it so they could obscurely use it for military purposes. The users are easy to spot if they are all military users. Get tons and tons of regular users to use it and you obscure who is trying to hide.
I assume when I’m using Tor that every packet is the under the highest level of collection/analysis priority. I think maybe sometimes it’s better to blend into in the crowd
Friendly reminder that exit nodes are to be avoided. Hidden services are the way to go.
And now its all honey pot exit nodes.

Just setup a vpn.

Tor is hardly private IMO. Whoever has the largest no of servers can see all the traffic
Btw, a Tor relay can be relatively lightweight. I run one on a $5/mo VPS (which does many other things). You need 1 GiB of RAM, but a single basic CPU core largely suffices. My relay sends/receives ~150 GiB of traffic per day (~15 Mbits/s). It’s not an exit node, so no legal worries.

Here’s my torrc:

  SocksPort  0
  ExitRelay  0

  ORPort     NNNN
  DirPort    NNNN

  Nickname     X
  ContactInfo  X@X.com

  RelayBandwidthRate    80 megabits
  RelayBandwidthBurst  120 megabits

  MaxMemInQueues  384 megabytes

  AvoidDiskWrites  1
  HardwareAccel    1
  NoExec           1
  NumCPUs          1
Here’s my override config for systemd (Ubuntu 24.04):

  $ sudo systemctl edit tor@default
  [Service]
  Nice=15
  CPUAffinity=0
  CPUWeight=60
  StartupCPUWeight=6
  IOWeight=60
  TimerSlackNSec=100us

  MemoryMax=896M
  MemoryHigh=800M
  OOMScoreAdjust=1000

  LimitAS=2G
  LimitNPROC=512
  LimitNOFILE=10240

  PrivateDevices=true
  ProtectSystem=true
  ProtectHome=true