Is Tor a Honeypot ?
TLDR:
1) Tor was created by the US government to provide anonymity for it's own spies to conduct their operations anonymously in remote countries
2) When countries try to censor the Tor network, they focus on censorship circumvention to ensure their spies can connect back to the Tor network
3) The Tor Project recieves millions in funding from the US government, through the Broadcasting Board of Governors
It's fine to use it only if you want anonymity against a state which is not the US nor one of it's allies.
This blogpost is going to be my own writeup on Yasha Levine's Surveillance Valley book, on his investigation on the Tor Project, be warned though, this is going to be a tough blackpill to swallow (even for myself), but i feel like it needs to be explored in detail. Personally i'll admit that I didn't want to believe it given how much trust i've put into torproject up until now, but given the leaked emails proving the ties of Tor project to the US government, the overwhelming evidence now leaves no room for doubt anymore.
Tor is FOSS, so how could it be a honeypot ?
In short, the only way for one adversary to deanonymize the vast majority of the Tor users would either for him to possess a 0day (like what happened in operation onymous):
Or, it would require that adversary to control most of the nodes, like what i suspected in this previous blogpost, when looking at the amount of tor nodes being concentrated in germany and the netherlands:
The Tor project has been known for more than a decade, making law enforcement butthurt about it's sheer existance ever since the beginning, obviously LE wouldn't have stayed here doing nothing all this time.
The evidence that Tor is a tool made for and used by the US government
Slides that Roger Dingledine presented to the FBI
(FYI, roger dingledine is the project leader, director and r&d director of the Tor project)
Here are his Slides he presented to the FBI:
Why would Tor serve the governments ? isn't it supposed to undermine law enforcement by providing anonymity to it's users ?
Partnerships of big tech to work on Torproject
Why would big tech participate in developing a tool that supposedly undermines it's ability to trace internet users ?
Funding from the US Government (through the BBG / IBB)
Why would the US government help fund a project aimed at undermining it's ability to track individuals through the BBG ?
The Tor project's ties to the US government
Using Tor to track users
Example of a study on deanonymizing Tor users:
Germany and Tor
Government-based Funding to the tor project
Cymru running malicious nodes, and selling the deanonymizing data for profit
Torproject's direct ties to Cymru
https://forum.torproject.org/t/why-is-torproject-org-hosted-on-team-cyru-servers/3452/4
Why is Tor getting funded millions every year by the US Government ?
Something's not adding up isnt it ? Why would governments fund Torproject millions every year for more than a decade, if it supposedly undermined law enforcement's efforts ?
They obviously won't ever admit officially to selling user data, as the userbase would flee from the network. Obviously they'll keep masquerading as protecting their users, while taking it easy, racking up millions in profits from the government, while not fixing the network's underlying issues, and not adding the obvious missing features to protect users' anonymity from state-level adversaries.
What's missing in Tor ?
Tor was built more than a decade ago, with a very simplistic threat model. The problem is that over time the threat landscape has considerably evolved, and Tor didn't evolve with it.
Here are today's main threats:
Passive Adversary Deanonymization (the ISP is spying on the traffic)
This is what we covered just above with Team Cymru running Tor nodes for their own profit, with Torproject's complete collaboration on the matter. Rejecting Cymru's nodes is their official action on the matter, which does not eliminate the threat, because the adversary can run nodes anonymously too.
Now according to Evgeny (the founder of Simplex Chat, which i've directly chatted with about on this topic), his approach to the problem is to rely on the law, KYC the node runners and force them to accept a ToS and sign a contract that contractually prohibits them from selling user data for profit, nor collect it either. In order to basically put the ones that dared to infringe on end users' privacy in jail.
[...] Except that it's governments that are the ones that want anonymity to disappear on the internet, they are the tyrants that are writing the laws. So that's not an option either. You cannot rely on the law because the laws are selectively enforced based on which law's currently popular, and based on whatever the government wants gone.
IMO The real solution here is to ensure that users' traffic looks the same using extensive padding on the traffic shape and timing
And implementing traffic decoy destinations is also absolutely vital for users to ensure that their anonymity is preserved,
Active Adversary Deanonymization (Sybil attacks, the adversary controls a portion of the network)
This one is the trickiest. The adversary can run nodes, any number of nodes in your network, and you can't stop them from running customized clients because you can't just SSH into their servers to check if the binary hash is correct, from the outside they'll lie to you and tell you that the hash is correct while in fact it is not.
So each individual node has to be treated like a blackbox. You can't see what's in each one, the only thing you can check is how the node behaves from the outside:
The only way to combat Sybil attacks is to have a protocol with clearly-written rules, which are to be the same for all nodes, which must allow nodes to independently, and anonymously verify one another's respect of that protocol from the outside..
For instance, you as a network client, which node can you effectively trust ? as far as you're concerned, one state adversary could run the entirety of the nodes right ? In this anonymous and decentralized setting, the only trust that matters is "me, who do I trust?"
The only nodes that you can trust are the ones that you are running yourself.
If you are running only one node, then your ability to verify how other nodes behave is very limited:
But if you are running more than one node (and keeping it a secret of course), you are suddenly expanding your ability to verify how other nodes behave from the outside:
For instance, it becomes possible to check if a potentially malicious node is correctly routing the packets that you asked it to route or not:
With such a protocol that includes the ability to manually verify that a given node is behaving according to plan from the outside, (with for example the decoy destinations and bandwidth usage ratios), you are raising the malicious adversary's potential attack surface in such a way that they are forced to contribute to the network as it is expected out of them, or they'll risk being rejected from the network altogether. Simply by protocol enforcement.
So what do i use instead of Tor then ?
Yep, you guessed it. I'm working on a Darknet that is going to replace Tor. We're calling it Datura Network, or "The Datura Router", or "Tdr". Here's the project board where we're brainstorming it.:
We're currently brainstorming what features the network will have, and how it will behave to protect against sybil attacks and passive adversary deanonymizations, and we're going to go all the way as long as usability of the network remains there.
In the meantime we don't have a choice but to use Tor, because sadly they're the only usable darknet option out there currently. And no, I don't consider i2p to be a solution either, they don't have a measures in place to protect against the above 2 threats i mentionned above.
Once our new Darknet is completed, i'll officially declare that people don't need to use Tor nor i2p anymore, and we can finally move on to the next step in online anonymity, by hopefully protecting even from against state-level adversaries and defeating the current attack vectors that they are using to undermine anonymity networks.
Our motto for this new darknet is going to be as follows: "Anonymity at all costs, without sacrificing usability".
Post Scriptum - My Honest Thoughts
i'll admit it frankly, i used to be a clear Torproject advocate, i blindly trusted what they were doing up until this year. I also wanted to believe that they were supposedly these white knights of human rights defenders, but the truth isn't what we want to hear usually. It took me some time to accept it, But i think i've been disillusionned now.
When i started to have doubts given how they responded to my suggestions to improve the network, back then i didn't think much of it but it started to creep more and more on me.
When you start to undermine your own confirmation bias and beliefs you're going to start to notice what you weren't allowing yourself to notice previously, so that's why i wrote the blogpost on Tor's german and netherlands nodes problem:
If you ask me, that's definitely not normal.
Which brings us to 4 weeks ago, when i stumbled upon Yasha Levine's Tor files, which you just read above, with Torproject's and BBG's leaked internal mails, and that frankly was a though blackpill to swallow. By all means i should've read those files many years ago.
So what i think of Tor is the following: it's a tool that provides anonymity against states that aren't colluding with the US government, Great if you want to remain anonymous against non-US state allies, but given what i've just uncovered above you should come to the same realization that i've gotten to:
Online Anonymity as we know it today (via Torproject), is as it is allowed AND FUNDED by the US government, and that includes all the carding websites, all the drug websites, all the illegal content you can find on it, is as it is currently allowed by them.
Put yourself in the US Govt's shoes. What if you could maintain the illusion that you can do whatever you want on the internet, without any repercussions ? Having the opportunity to keep all crime concentrated into one network, and maintaining the illusion that it's possible to remain perfectly anonymous no matter what ?
Wouldn't it be smart to keep 90% of the criminals free using this network, while prosecuting only the remaining 10%, and blaming it on non-related opsec failures at the same time ? All to keep everyone locked in and believeing that the network's protecting them.
If i was a sadistic asshole i'd try to do that for sure, and I think that's what's happening. It's alarming for sure, and yes there's no anonymity network up to my standards yet. Tor is only up there as far as i'm concerned regarding the usability of the network (darknet and clearnet uses), but the anonymity side of the network is NOT where it should be.
I still think it's fine to use for non-sensitive uses, as long as you're not in the US govt's top 10% of their wanted list.
How can I get involved with the new Datura Network Project ?
Currently 3 ways:
1) help us Brainstorm the Network's features to ensure that we do everything to preserve online anonymity, to know exactly how the network should work
2) help us write the Network's Proof of Concepts if you're a good rust developer, with skills in implementing cryptography, and handling TCP/UDP especially.
3) if you're a talented rust developer, rest assured that we'll pay for your contributions (in monero), for actually building the network once we finish planning it.
4) And lastly if you want to donate to us, you can go ahead and donate in XMR to the address on this page here, (XMR address: 84Zqdr7o2RfTKRhjc6SR3TdhK1yLxRLMPARU3PMvmyH8XmCgMoBHa7X8YoM7WphfbkJsjQ4SeEQCr4Nn2uzJSfCD9KiBu9E)
But please note that i intend to make a proper crowdfunding in the near future when we actually finish planning everything we want to build in this network. I intend to fund this myself aswell anyway, because i want to see it happen for sure. This new darknet project is going to be my first priority going forward (at least for a few more months), (above The Opsec Bible, which i'll keep maintaining on the side).
Suggest changes
Nihilist
2025-12-11
Donate XMR to the author:8C1MNeB4KEHGApg6sPxFPn3NWERD3mPv7AjC8mCm1CJCXjoKnf36SYBdZ6ywCMdZRC4cxu7Uax3tufDqMXS2mLvHNCJzQZS