| > Unless you have hundreds of these There are single operators that run dozens of nodes. Just take a look at the article.
Anyone can setup nodes and give no contact info or just change it to something else.
I could spin up nodes as gzer0 and the next week add new ones as gze1. You could run hundreds of nodes as a single person without anyone noticing it. >and a lot of time and patience Tor has been around for a while ...
Creation of nodes, which mostly are just VM's running in some datacenter, can be automated to some extend. > and somehow knock off all of the non-malicious guard-nodes There is no need for that. When you become the malicious guard of someone, by design, you can run correlation attacks for months. Just be patient and probability will do the rest for you. Tor is not as secure as it (maybe) once was. Related reading: https://medium.com/@nusenu/the-growing-problem-of-malicious-... Also when being a guard you get the IP addresses of Tor users. Using Tor puts you in a group consisting of "interesting" people. No, these are probably not thousands of whistleblowers and people from oppressed regimes (well maybe russia). The majority of traffic comes from the US, and western European countries. Interesting people are: hackers, fraudsters, crawlers (guess why many sites block Tor), drug dealers, drug users, pedophiles, literally everything (cyber)crime and people having something to hide. A list of those people would be quite interesting wouldn't it? Even if there would be thousands of whistleblowers these are persons of interest, too. |