Does connecting to your own Guard increase or decrease overall security?

I had also never heard of CyberBunker until now but reading over the wiki page I’m seeing that someone ran a MDMA manufacturing lab within a bunker which was then left vandalised, the company claimed to still operate from there yet the land owner verified they hadn’t been there since 2002 and the publicity publications were ‘all photoshop’.

Their second base was suspected of running 3 major darknet drug marketplaces along with numerous fraudsters. In my opinion I think the guys behind it are just basic criminals who create drugs, sell them online and then launder the money through a service used by people who don’t ask questions.

  1. 555 Sometimes I wonder if at least some of the government agencies do protest too much. After all, this is a good situation to set up your own anonymous infrastructure, hide behind the noise the public makes without the hassles of generating your own, and get some free research improving your own security. I thought a good (but like you said, hard to run) setup would be to run public entry, middle, and exit nodes with no links back to you and just route your traffic over these servers. The foundations that run the relays (and probably others) can be good fronts.

  2. But yet the most visible news about tor/related breaches are law enforcement actions. In China, it’s probably much worse. How do you hide from an authoritarian government? For democratic governments, if you or your service do something that the governments are interested in, the more your run it, the likelier you will get caught. Like you said, shit happens, running things anonymously are hard, and you make mistakes.

  3. Not just you. Your multiple levels of contacts. Make tripwires. Move often. Live on the run.

  4. 555 The news says the government wiretapped the entire ISP. Just don’t run your relays with questionable crowds; otherwise, you become more suspicious or otherwise get swept into the same bucket.

1 Like

This is also a good reason behind use of VPN, Tor is an open network full of random people with differing intentions and skill levels. As its open its more vulnerable to manipulation and no form of warrant would be needed, VPN networks are closed networks of company owned servers which require a warrant to access and if they’re bare metal RAM disk servers then even gaining access would give nothing as nothing is saved to begin with.

1 Like

An Anonymous no logging VPN is a good use, but don’t expect them to solve all your “issues”. There are some things to considder using VPNs. But this is something which is not related to this topic :wink:

I guess I got my answer, use trusted relays, if you host your own, use them. I only run one node so far, so I will use it :slight_smile:

Thanks everyone

The topic is about increasing security so in my mind it would relate to this topic. An anonymous VPN is basically Tor but without the need to trust random strangers

OK. Recognizing that this is probably off topics for the question at this point, but just to provide a useful link about VPN. This is from reddit’s TOR group (

This is a very frequently asked question we see in this subreddit. You
generally do not need to use a VPN in conjunction with Tor, and you may
even hurt your anonymity by doing so. However, a VPN may help if Tor is
censored by your network. Please see the Tor Wiki for more details.


You could only realistically harm your anonymity with a VPN if you use a pseudo anonymous one like Nord with a dedicated IP. If you use a truly anonymous VPN with shared pool IPs then hundreds of people will be using it so matching times and sizes won’t work. With a multi layer system the client IP would also be different from the IP given to the entry node, making it even harder.

Back to TOR,

if I consume only TOR sites, does it still help if I use my orn Guard as first hop ?

Yes because it doesn’t matter if you browse clearnet or onion sites through Tor.

I hope that somebody will be able to provide educated answers to my questions regarding this topic. I would be extremely thankful.

  1. According to the torspec document (clearnet!), a default nuber of 3 entry guards gets chosen (“NumEntryGuards: Min: 1. Max: 10. Default: 3”) Does using only a single entry guard make a user stick out? If so, should they anonymously host three entry guards and use those?

  2. Should a user manually rotate to (a) different entry guard(s) after ~120 days to avoid sticking out of the crowd by using the same entry guard(s) for a much longer period of time?

  3. For users of the Vanguards Add-On: Should the guard nodes for the 2nd and 3rd hop also be manually rotated when performing entry guard rotation after ~120 days or are they allowed to persist until they are also rotated according to their own time limit?

The end services don’t know who you entry guard is, so they can’t profile you based on that. The only one that will know are people that can see you connecting to the entry guards, which is more or less your ISP (and all the infrastructure in between). Since Tor browser rotates the entry guards periodically (not sure where it’s at now), connecting to the same set of 3 entry guards will make you stand out to the ISP, provided that they record you all that long (possibly by law in some jurisdiction). Because it is hard to properly host an anonymous service, hosting one entry guard is probably enough for people that don’t specifically have governments as the adversaries. Your ISP might know that you are unusual regardless.

If I am interested in your IP, and I can see that you connect to the same Tor entry guard for unusually long time, then I might suspect that you have a relationship with the people running the entry guard service, and you have a strong motivation to make sure your entry guard is not adversarial. If this is not tolerable, you may need to rotate the service providers for your entry guards. But then you would have to think about providing overlapping services, etc., to make it hard for analysis. It’s hard to escape the eyes of “authorized” governments.


Whether that’s bad depends on where you live and which ISP you have. In the western world we don’t have to hide the fact that we use Tor.
My ISP supports Tor and local hacker communities and has proxies for its customers. We are allowed to host exits at home. We also have our own anonymous community mesh VPN. Our city administration supports us to attach the WLAN mesh AP’s in refugee homes. Everyone knows and is allowed to know that I run Tor servers. Large Tor stickers are stuck on my front door.

On the other hand, there are the poor people in Turkmenistan. Hardly any pluggable transport works there. @gus and @meskio are working hard to make a few obfs4 bridges accessible from there.

1 Like