[agd]

Yes, this seems to be a case of users not understanding how Tor works and malicious exit node owners taking advantage.

[amelius]

Indeed. But this also is a problem with how Tor is being advertised, and presented in the media, imho.

A false sense of security is worse than no security at all.

[andreaso]

To be fair, at least the Tor Project itself makes a rather serious effort to be upfront with its own limitations, etc.

For example, when you use the (recommended) Tor Browser Bundle the start page contains a window containing the following headsup

"Tor is NOT all you need to browse anonymously! You may need to change some of your browsing habits to ensure your identity stays safe."

As well as a link to https://www.torproject.org/download/download.html.en#warning.

That same warning is also present on the main download page: https://www.torproject.org/download/download-easy.html.en

[SomeStupidPoint]

Tor also has extensive documentation about the threat model they protect against, and the limitations of that model.

If there were one thing I could change about security discussions, it's that you can't talk about security in the abstract -- only security relative to some threat or foe.

I think a lot of the conversation would change if we could get people to start talking about security that way.