By failing mostly. Tor, while obviously imperfect as kmfkewn will inform you, is an extremely impressive piece of software. The more I examine it's capabilities, the more impressive it is.
Didn't the U.S. Defense Department create it? or at least fund it? I forgot where I read that but I always kept it in mind. I feel like the more that people use TOR the more powerful/unstoppable it becomes and of course the same goes for Bitcoin. The other day I read an article about why you should use TOR and it made a lot of sense, I hope enough to make common users use it as well.
Yes, actually the advanced military research wing of the US government (it has sponsored a great many weird and wonderful bluesky projects, for which we the public can all be thankful to them for, I wish half the maintenance on nuclear rearming was instead spent by DARPA on research projects and to help the NSF, but sadly it is not to be). Pretty much the only wing of government I'd be happy to pay much more tax to and not less, it's a pity we can't select what branches of government we commit resources to, that would be seriously innovative (and controversial lol).
Anyway, the Tor project was initially sponsored by the Office of Naval Research and DARPA (which also sponsored the Internet itself). After that it was spun out to the wider world, again, just as with the Internet technology, and the Electronic Frontier Foundation sponsored it for a while until the Tor project was out of the cradle and deployable for serious work. I'm not sure if the Tor project still receives grant money from the ONR, DARPA and the EFF, but in any case they can always do with donations if you experience good fortune.
I have some (still mewling pups/kittens) ideas for a system like Tor of my own, based on some rather obscure/poorly understood concepts from the world of econ theory which would turn the network's meta information flow into a sophisticated price system that would run itself in an organic way like the stock exchanges. The implications of being able to harness market power in service to such a network are actually terrifyingly cool.
However I know nowhere near enough about the Tor network to even have a remote possibility of putting any of those ideas into practice, so I have a lot of work to do if any of them are to reach fruition. So many projects, and so little time ._.
Nice, was making sure I didn't just make that up cause I really don't remember where I read it. I don't think TOR is still receiving funding from them because one of the lead developers hinted that donations would make them work on bigger project and improve current project (tails, tor, etc). I donate whenever I have spare coins, we should get a sticky going so everyone can donate to the TOR developers. I keep trying to read about TOR but it's just way too complicated, I wish someone (maybe you pine?) could translate it into layman's terms about the innerworkings of TOR because as of now all I know is it's a huge network shared by people that connect to TOR and the more people that connect to TOR the more anonymous we become. I still don't understand how they can track you through exit nodes, that's the only part I'm confused/scared about. When the FBI caught the ring of pedophiles even though they were using TOR but finally got them through bad exit nodes, I still don't understand how that works. I'm assuming it was because they were sending files which we don't do on SR so I don't really worry about that.
First I think the tor developers do not want an organized effort on SR to send them money, that would be bad for their PR. Although if you do want to contribute by running a relay or donating go ahead, I just don't think Tor wants SR to be seen as sending them funding. Here I will explain how Tor works for you.
Tor is a low latency anonymity network. It gives users anonymity by routing their traffic through 'telescoping' encrypted tunnels through three nodes. The first node is the entry, the second is the middle and the third is the exit. The entry node knows who you are, but it can not see where you are surfing, the middle node does not know who you are or where you are surfing, and the exit knows where you are surfing but not who you are. The exit node connects to the servers you communicate with. Traffic from the exit node to the destination you communicate with is not encrypted, so it can be intercepted and spied on by the exit node. This could compromise 'who you are' if you go to your facebook page for example, but it will not compromise where you are unless you leak that through the exit traffic as well somehow. The destination you communicate with can not trace you because they see the IP address of the exit node you are using, not your own IP address. In the best case scenario they will need to go back one hop at a time an. d get logs until the trail leads them back to you. Hopefully at least one of the three nodes you are using is not keeping logs or being passively monitored, in which case the trails will go dead at the first such node and you will remain anonymous.
Tor is not perfect. There are two sorts of attacker involved with traffic analysis, passive and active. Passive attackers monitor the links between nodes, such an attacker could be an ISP that several Tor nodes use, for example. An active attacker is one who adds nodes to the network and is able to view their internal state. Some attackers are combinations of active and passive. The more Tor nodes there are, the more protection you are afforded from an active attacker. After all, if there are ten nodes and an attacker owns one, they can monitor 10% of the network, but if there are 100 nodes and an attacker owns one they are only monitoring 1% of the network. It is important that nobody owns a large percentage of the nodes on the network, because Tor does not prevent traffic confirmation attacks. An attacker who can see packets at two points on the Tor network can use timing correlation attacks to link the packets together. This would be very bad if the attacker doing this sort of attack owned your entry and exit node, because then they could link the packets they see you sending through their entry node to the packets arriving at the destination, thus deanonymizing you with only two out of the three nodes on your circuit.
Passive attackers are generally (but not necessarily) more powerful than active attackers. An attacker who owns the ISP used by one hundred Tor nodes is capable of monitoring the traffic into and out of those Tor nodes as well as if they ran the Tor nodes themselves. Again, if a passive attacker can monitor your entry and exit traffic they can use timing correlation attack to link them together and thus deanonymize you. Having more nodes on the network does not inherently protect from such an attacker, however having location diversity in the nodes on the network does protect from this sort of attacker. If the Tor network consisted of nodes all in one data center, the owner of the data center could deanonymize all Tor circuits without owning a single Tor node, regardless of how many nodes were on the network. However, if the nodes are in data centers distributed around the world, it becomes far less likely that the owner of a single data center can deanonymize Tor circuits by themselves. Thankfully there middle nodes as well, so even if your entry and exit are being monitored by different attackers, unless they are already colluding and sharing intelligence with each other they will not be able to identify each other to request collusion in specific cases unless they can get the middle node to cooperate to introduce them to each other. One of the most powerful sorts of attacker is called global passive, and this means that they are able to monitor the links between every node on a network (if they are global in the context of the network, some may argue that a true global passive adversary can monitor all links on the internet, but I find this definition to be irrelevant when a specific sub network is being discussed). Tor is completely incapable of offering any protection from such an attacker, but such attackers are likely very few and far between if any even exist. NSA would likely be the closest attacker to a GPA although some other signals intelligence agencies such as GCHQ may come close as well. Certainly the Swedish signals intelligence agency monitors all traffic in and out of Sweden, that is not GPA but is still a fairly powerful attacker, and it is likely impossible for Swedish people to anonymously access servers in Sweden unless they stay within their own country at entry or exit.
Connections to hidden services don't use exit nodes in the same sense as connections to the clearnet do, but the same general principles apply to them. Hidden services are actually much easier to deanonymize than clients, because clients can force them to open an arbitrary number of new circuits and send them packets + watch for the packets at malicious nodes until they trace up to their entry guards. Three entry guard nodes that make direct contact with a hidden service server can be enumerated in about a minute, and then for a passive capable attacker it is just a matter of monitoring one of them to deanonymize the hidden service. For an active attacker it is a little bit harder, they need to force the hidden service to use one of their entry guards, and the quickest way to do this involves DOSing guard nodes until you get lucky or run out of resources.