Is It Actually More Anonymous to Be a Tor Entry Node Rather Than Just a Tor Client?

I want to become an Entry or MAYBE a Relay node on the Tor Network because I want to contribute to the network after using it as a client for so long. I don't want to be an exit node mainly because of the risks associated with it. I am also not 100% certain that being an Entry or Relay node is safe. I read an article a few months ago which claims that becoming an Entry node increases your anonymity and speed. Is that true?

I think becoming an Entry or Relay node would be a very honorable thing to do in order for me to return the favor of anonymity the Tor Network has provided me (which by the way I am using right now). However, I want to first make sure that by becoming an entry or relay node doesn't compromise my anonymity (or better yet my anonymity increases along with the speed of my Tor internet connection).

So correct me if I am wrong because I want to understand the risks (and benefits) of becoming an Entry or Relay node.

 

Maybe you should donate to the EFF or TOR itself. The money will be well spent.

Before you jump in the deep end just think a little bit more please.

 

I thought the very same thing for 2 minutes then I came to my senses. You would probably lose some or all of the anonymity you seek. I would leave the risk taking to people who know how to protect themselves and just donate to the EFF or TOR and not risk winding up in serious trouble.
https://www.wilderssecurity.com/showthread.php?t=337008
For example.

 

Actually, being a relay or an entry node shouldn't compromise your anonymity. Being an EXIT node (like the one in the article quoted above) is an entirely different thing though. From TOR FAQ:

 

I never said I was going to become an exit node because I am already well aware of the dangers as I stated in my opening post. Btw, I already knew about the Austrian man who had his computers seized by those fascist police officers.

To Nebulus

Exactly. That's what I plan to become. An entry or relay node but never an exit node.

I already donated to TOR project via Bitcoins. I just want to use my own Internet connection to help relay connections on Tor to make it run a bit faster.

 

You are a brave soul.

 

That's why I am asking if it isn't too risky to become a relay or entry node. I am not brave or knowledgeable enough to be an exit node yet.

 

Let me put it to you this way, if you're not knowledgeable enough to be anything but a user, then no, it's not safe enough to be anything but a user. No matter what you do, TOR will be slow. It's by design and because the network is tiny. Let it go and just use the service. Nebulous isn't completely wrong, but there is just too much risk of finger pointing should anyone try any funny stuff while connected. You don't have to be the "origin of unlawful content" to find yourself in trouble.

 

Using TOR in general (not only as middle or entry nodes) is not 100% safe, as nothing in life is. There is a very very small chance that an attacker (think government) will manage to take control of all the nodes you are using. This will effectively cancel your anonymity. And in spite of this, TOR is still used (both by good and bad guys). In the end, it is a matter of risk evaluation and management, and you are the only one deciding if it is worth it or not, or how big is the risk. Nobody here will give you an 100% yes or no answer, because that would not be the truth.

 

Actually it would be Safer and more Anonymous if you run your own entry node. The reason is this, you would have a good piece of mind knowing that the entry node you connect to isn't hacked or compromised because you are the one who is running it and who has secured it.

you would also have a good piece of mind knowing that even if other tor nodes
in the network have been compromised you know that the entry node you run isn't going to reveal your ip address to the compromised nodes. so in reality your entry node is going to keep you safe from other possible compromised nodes.



I'm surprised nobody else has said this yet.

 

So you are saying that if I run an entry node, then I would be less vulnerable to MIMT (Middle-in-the-man attacks) which require the attacker to control both the entry and exit nodes? That makes perfect sense since being my own entry node makes it impossible for the attacker to control both ends of my Tor connection. By the way, do you have any citation that proves this method of preventing MiMT attacks? Are there still ways the attacker can discover my real IP address?

 

*Sigh* You're still at risk if you run an entry node because all entry and exit nodes are public, and IP addresses that go through you can still be found. I'll say it a last time, middle nodes/user is the absolute safest way to be on TOR. And, even then, the strength of your anonymity depends on how many nodes there are to connect to.

Edit: Only you can decide if you've got enough know-how and will to help out TOR while keeping yourself safe from both being compromised and false accusations. If you don't think you do, stay far away from anything beyond simply using the service. The risks are not worth the exceptionally small amount of "help" you'll be providing TOR and it's overflow of users. If you do have it, or are at least prepared to research and prepare before being anything other than a user and are willing to accept any possible consequences for doing so, go for it.

 

I agree

 

Ok I'll accept your advice. I think I need to do more research on Tor before I can be knowledgable enough to be a part of the network rather than just a client. Thank you very much.

 

Good move I think it's great you're wanting to assist, but your own protection and even performance needs to come first.

 

Hi Please Help Me,

In msg#1, you mentioned that you were using Tor in posting the message. If that is so, then you must have at some time logged into your Wilders Security website account. By using Tor, if the Exit Node was capturing all network traffic at the time, then your login credentials to Wilders were probably compromised - not a good plan on your part unless your were running the Exit Node (which I doubt).

To those whom consistently claim that Tor is slow - it all depends. There are essentially two parts of the Internet, the ClearNet, and the Deep Web which are accessible through the use of Tor.

The first is what we aim our browsers at without using Tor - and sometimes it can be slow if a website is experiencing traffic overload which means its capacity to handle a large volume of traffic is being sorely tested. It is not always as slow as one would believe.

The second is what we aim our Tor browsers at when we attempt to reach a .onion website. Like the clear net, after a connection is made, it can be either slow or somewhat fast - it all depends on the amount of network traffic coursing through the Tor network, and whether or not the ClearNet route is encumbered at the time with lots of traffic. The same goes for the DeepWeb (.onion websites).

The takeaway from this is that Tor is not always as slow as some would have you believe and at times can be quite fast depending on the website you are visiting via Tor be it a ClearNet website or a .onion website to which your Tor browser is maintaining a good connection. On the other hand, some websites just run lousy servers which do not have good turnaround capacity on traffic to their website.

-- Tom

 

TOR on the "Clear Net" is rather pointless considering just about everything you need (JS, Flash and such) can and likely will blow your anonymity wide open, plus you deal with the risk of compromised exit nodes. TOR speed has more to do with the amount of nodes operating and being connected through than website traffic, though you did touch on that in explaining too much traffic through TOR itself. Either way, generally TOR is much slower than a normal connection, whether Deep or Clear Net.

 

I always login via https://www.wilderssecurity.com/. That should be secure, even via Tor, right?

 

That's why I now use JonDo for anonymously (or at least semi anonymously) browsing clearnet sites. I realize that clearnet on Tor is not the safest option and it is safer to browser .onion sites with Tor. Besides I never enable Javascript, flash, and anything else that could destroy my anonymity when I used Tor for clearnet which I don't do anymore.

Same here. I always use https for login via this site. I realized that must be done since this is a clearnet site that uses an exit node which can potentially sniff my login credentials.

 

It looks like messages posted in this thread as "https://..." print out as "http://..." when viewed in the thread as a logged in user.

However, when you use Quote to reply to what looks like "http://..." then an "https://..." link is clearly visible.

I suppose that might mean that Wilders Security Forum may force login with an "https://..." link - or my HTTPSEveryWhere Firefox plugin may have forced its use to login.

If so, then indeed (despite some known pitfalls with TSL/SSL protocol), then as mirimir posted it should be secure if "http://..." is forced to be used (even over Tor which is encrypted) as the "https" forcing presumably would be a tunnel withing the Tor encryption. However, this is speculation on my part and I really do not know for sure whether, where, and how the protection of "https://..." occurs with regard to the Tor Exit Node.

Note: I just looked at my HTTPSEveryWhere Firefox Add-on plugin, and Wilders Security Forum is self-signed, so, in this regard, the "https://..." protocol is not enforced (shows a Red X) -- but, this is just my case, not necessarily yours.

-- Tom

 

This might be true if you are not careful. If you connect through TOR from a virtual machine, your will still be anonymous. I agree that many people are not careful, but that doesn't make the tools used or the method itself less secure.

 

Tor can only handle TCP traffic. With proper Tor setups, all non-TCP traffic is dropped. There's a workaround for DNS lookups, which normally use UDP. Apps that require non-TCP traffic just don't connect.

But people tend to break proper Tor setups, in order to get something they want working. So non-TCP traffic ends up bypassing the Tor connection.

Setups with Tor client and user apps on separate machines or VMs, such as Whonix or ra's Tor gateway, are more forgiving. They take more effort to break.

Another major risk is opening downloaded files that access the Internet, either bypassing the Tor connection, or when the Tor client isn't running. Using machines or VMs that can only see the Internet via Tor, as Nebulus notes, protects against that.