361
Tor’s shadowy reputation will only end if we all use it | Engadget
(www.engadget.com)
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
To give you an idea, last time I used Tor, I suddenly started to get a bunch of connection attempts from the FBI. Was I doing anything illegal? Nope. Was TOR a legal liability? You betcha.
Connection attempts from the FBI? Could you specify that a bit further?
I was using peerblock and one of the blocklists contained known governmental IP addresses. Those blocked connections began quickly filling the logs.
Spooked the crap outta me. It's been a few years since I did that, so I could have that detail wrong. I know it was for sure one of the three letter acronyms, DOD, FBI, CIA, but they were definitely incoming.
That does not sound plausible to me. Typically, your own computer would be behind a router that is either doing NAT or has a firewall (probably the former). Any incoming traffic would be directed to the router without any chance of reaching your computer. Whatever you saw was either outgoing traffic or incoming traffic in response to connections initiated by your own computer.
Consider this, the Tor software was accepting connections from government IPs.
Regardless of whether it was active intrusion or a significant portion of the Tor network, (at that time) had a number of governmental IP ranges in it, It's enough to dissuade my use, at least without more significant OpSec.
I do understand your point though.
How can I observe connection attempts like this?
I use peerblock and had some good blocklists set up. The hardest part should be finding peerblock or a more modern fork, the blocklists are mostly public. Helps keep from connecting to known bad actors.