I would be hesitant listening to oscarzulu, some of what he says is correct but he gets a lot of things wrong too. I highly doubt that he has a masters in IT security considering some of the extremely stupid shit he has said, like it being possible to brute force 13 character passwords in minutes, or BSD being a type of Linux (for two examples). Most of what Shannon said is correct. One thing I disagree with, public bridges are not safer than private bridges. However, it is an extremely bad idea to use private bridges that you get on an illegal forum like silk road, and using public bridges would be better than using such a private bridge. Not only do you give your IP address to the person running the bridge, you also give your IP address to anyone who monitors the bridge after determining its IP address. Normally it wouldn't matter that the person running the bridge knows your IP address, but if they know who you are and the illegal sites you visit then you pretty much are deanonymizing yourself to them and any potential feds that learn the 'private' bridges IP address. Also, I know you mean well, but it is not that offensive for Shannon to point out that feds have engaged in similar tactics many times in the past, running private VPNs only advertised on carder forums in order to scoop up IP addresses of the people who visit carder forums. Shannon is correct in saying that you should use less bridges. For someone in China, more is better. Because they want to have one that is not blocked at all times, and the more they have the less likely all of them will be blocked. They use bridges for censorship evasion. We use bridges for membership concealment. The more bridges you use, the more likely one of them will be owned by an attacker, and thus the more likely the attacker will be able to determine your IP address is using the Tor network. Additionally, using more than three bridges at a time makes you significantly weaker to end point timing attacks than using Tor without bridges and with the standard number of entry guards selected (3). The reason to use bridges is indeed what oscar said (wow I guess even a broken clock can be right sometimes). Let's say a vendor lives in a remote rural area. They leak their rough geolocation to customers every time they ship a package. If they ship to law enforcement and law enforcement can get a list of Tor client IP addresses (numerous ways to do this), then they can come to the conclusion that the one Tor client in the middle of nowhere is probably the vendor who just sent them drugs from the middle of nowhere. Even if you live in a more densely populated area, law enforcement could still narrow you down to maybe a few hundred IP addresses. Pretty much any crowd size reduction is bad, and should be avoided. You want to use protocol obfuscators because they strongly compliment bridges, bridges can hide the fact that you are connecting to Tor relays based on IP addresses, but it can not hide that the traffic you are sending has a fingerprint that is consistent with Tor traffic. Also you misunderstood Shannon when he/she pointed out that a bridge doesn't hide Tor traffic patterns. It is true that bridges do not hide Tor traffic patterns. This is why they made obfsproxy. Obfsproxy hides Tor traffic patterns, and is used IN ADDITION to bridges which hide that you are connecting to Tor relay IP addresses. Another example of Oscar saying stupid shit. Oscar, end point timing correlation requires the attacker to be able to monitor entry and exit of traffic. If you use multiple entry points you are increasing your exposure. In fact, using two entry points instead of one doubles the risk of being pwnt by an end to end correlation attack. Regular Tor used three entry points which rotate every month to two months, I believe that you should configure bridges in a similar way (use three at a time, and change them every month to two months). More stupid bullshit from Oscar. Yes let's concentrate all of our IP addresses to a "private" SR run bridge! Then anyone can monitor a single point on the internet to deanonymize all of us! Most fucking god damn stupid shit ever, the school that gave you a masters should be ashamed of themselves lol (oh wait you don't really have a masters in IT security). Go read about shadowcrew if you think this idea is even remotely good, that is how they were pwnt (by being stupid enough to all use a VPN run by the feds). True dat. There is absolutely no reason to set up a fake company to get a server. Nothing sticks out more than streams of 512 byte cells, and that is what Tor traffic looks like if you don't use a protocol obfuscator.