[joconde]

What traffic does it log exactly, and who logs it? As I understand Tor:

- the exit node knows the second-to-last node, the cleartext data and the destination,

- each intermediate node knows the previous and next nodes,

- the entry node knows the sender and the second node.

And using HTTPS prevents the exit node from knowing the cleartext data.

This doesn't enable any individual node to know who sent what to whom, assuming that the whole path isn't entirely controlled by one person.

[qw3rty01]

Everything you mentioned goes back to my point that it's an anonymity service, not a privacy service. Tor exit nodes don't know who sent traffic, but they do see all the traffic that passes through them.

HTTPS can mitigate some of that, just like it can for VPNs, but the site you're going to is still very much visible.

Don't get me wrong, Tor is a very useful service if anonymity is your goal, but it requires a solid understanding of what can go wrong, which torproject provides a decent list for: https://support.torproject.org/faq/staying-anonymous/

[joconde]

> HTTPS can mitigate some of that, just like it can for VPNs, but the site you're going to is still very much visible.

Not in a sense that defeats privacy, since the exit node doesn't know the sender.

With Tor and HTTPS, no Tor node sees the cleartext data, and no node can associate me with the server I'm contacting. That sounds very much private to me.

> https://support.torproject.org/faq/staying-anonymous/

I've read these warnings, but I don't see anything that would defeat privacy if Tor is used correctly.

[saurik]

With Tor the site you are going to is visible, but not who you are (there actually are some quibbles with this, but those don't seem to be your better argument); that someone--somewhere out there--is accessing a specific site doesn't seem to be particularly secret information. I think Tor might tend to use a single circuit for all of your traffic, which allows for correlations, but that is trivially fixable (you can hash the websites you are accessing to multiple circuits that egress with separate exit nodes, so you don't provide the attacker that information).