Jason Long: > Hello. > How can I sure a Tor node that I connected to it is secure and is not a NSA > or CIA node?
You can't ensure that none of the Tor nodes in a particular three-node circuit aren't run by some three-letter government agency. There are regular checks about expired versions of Tor, poorly configured Tor policies on nodes, or other explicit bad things, but those only catch the most obvious insecurities. You can run your own relay or bridge, which could at least ensure one hop isn't compromised, not to mention the benefit for the many other Tor users. But ultimately, Tor's topography mitigates against one of the three nodes in your circuit being compromised. If the first hop is compromised, then they only know who you are, but not where your destination is. If the last hop is compromised, they only know where you're going, but not who you are (unless your providing clear text of personally identifying information). This happens to be why that quiet individual who runs one bridge or relay is so vital to the integrity of the network. g -- 5F77 765E 40D6 5340 A0F5 3401 4997 FF11 A86F 44E2 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
