In the last few days I get nodes from Russia

Hi, as the title says, in the last 2 days, when I change the Tor circuit I get nodes from Russia, and it’s a surprise, because this never happen before.

I only use Tor Browser at work, mostly because some sites are blocked, in recent years happen that people get distracted on the net and the projects suffer delays or other deadline issues and, as because ‘that is not good for the company’, we all be grounded.

Anyway, the thing that when a website takes a lot of time to loading, especially if there is a Cloudflare human verification, I change the circuit, or use a bridge, or set the Security Level to Safer, and as I said before, I get a Russian node in the circuit.

In my humble opinion, this is not a good thing.
The Tor Project goal is to ‘defend your privacy and freedom online’ also, in its own words, ‘defeat surveillance and censorship’, meaning that in places around the World, where Governments censor or decide what content their people should or not should access, the mission of Tor Project is well, give them the freedom that few individuals do not want or allow.

I mean, how do you, or we, the Tor users, could trust that the volunteers who own that nodes are not going to use it for collecting data or information or activities from the users, especially from those who live in, this case, Russia?
Yes, of course, nobody could be secure that the nodes from the other European countries or from the USA are safe, but as is the situation in Russia I have my doubts about the intention or the goal of the nodes.

I have fear, that the Tor Project is missing one of the goal for what for was created, which is free to speech, free to hear another voices, beside the official ones, the right to choose of believe or not in what other people said about.
I have fear that the Tor Project is concentrated more in selling it as a solution for avoid surveillance of the ISPs, or the US Government, or sell privacy as a product and not as Right.

I attach a screenshot.

Sorry if I feel uneasy, but I never had doubts about the Project.

EntryNodes {us},{fr} and ExcludeExitNodes {us},{fr} might help (configuration - Is there a way in tor to tell to prefer tor relays from another country? - Tor Stack Exchange)

The relays of the Tor network are not operated by the Tor Project itself but rather by a global community of volunteers, including some volunteers running nodes in Russia (you can check the metrics on Tor Metrics). Although operating Tor nodes or other censorship circumvention technology is not legally forbidden in Russia, there are multiple attempts from the Russian authorities (such as Roskomnadzor) to block the Tor Project main website and the Tor network.

But, regarding your question about trust and potential malicious relays, it’s important to note that the design of Tor makes it harder for a single node to compromise, intercept or monitor users’ data, information, or activities. Tor provides strong protections against such risks (you can learn more here and here).

In addition to the Tor design, the Tor Network Health and Community teams are currently working to develop technical tools and building a healthy Tor relay operator community to combat and defend the Tor network against bad relays and malicious activity that could harm Tor users.

Earlier this year, we launched a call for proposals for improving the health of the Tor relay operators community and the Tor network. You can find the details of this call here: [tor-relays] Open call for proposals for improving the health of the Tor relay operator community and the Tor network. And the received proposals can be accessed on the Tor Project GitLab ticket. Over the next few months, we will evaluate all the proposals, formulate new ones (for example), approve a few and then follow up with their implementation.

If you have new ideas to improve the relay operator community, we encourage you to read this metaproposal that explain the process for submitting a proposal.

This is how random works I suppose.

You may ask for example @cozybeardev.

Yes, that’s why it is better to use encrypted connections (like https) to access websites via Tor.
But if you think chances to encounter malicious exit node are higher for some country, you can add such country to ignore list in torrc file (ExcludeExitNodes option).

Relay operators are people that offer some resources and knowledge for free spending their own time and money. Please, don’t judge them upon their governments.
If we were to forbid relays in privacy-unfriendly countries, we would have to ban the USA for its intelligence, the EU for its crappy regulations, most of Africa due to its colonization by eastern countries, and so on.

That said, it does be possible that malicious relays log informations to try to deanonymize tor users. However, in order to succeed the attacker must control all the three nodes of the circuit, and even then if the connection uses HTTPS he would have no way to know its content. See Tor Browser’s manual page about secure connections for details. I don’t think Russia has that much power over the Tor network: there are only 75 relays from Russia, compared to, for example, 1684 from the USA and 1962 from Germany (I can’t post the links because I’m a new user, but you can see the numbers in Tor metrics).
Also, there are measures in place to remove malicious relays from the network and moderate and to detect ongoing attacks.

If you are still uncomfortable with Russian relays, you can can change your circuit.

If you have reasons to believe a relay is misbehaving, please report it.

Good chance you routed through one of my nodes, it’s not by accident I primarily increase node bandwidth in that location. Geopolitically it’s important to distribute Tor through as much networks as possible. You should always assume a relay is malicious, and Tor is designed like that as well. You can whitelist/blacklist nodes, but in general that increases your privacy and security risks severely.

I honestly don’t get your argument as well, USA has way more cyber capabilities than Russia - you just don’t hear about it as much (not by accident). NSA > FSB/GRU. Given how much bandwidth is already in the USA/Europe I intentionally don’t focus on contributing there as much. If I could, I’d also deploy nodes in e.g. China.

Honestly, I would love if there were more relays in East Asia (maybe other than China), countries such as Japan, South Korea, Taiwan, Singapore, etc. Many of these countries have very fast connections, eons faster than my “fiber” here in Seattle.

Asia isn’t as good of a place for a datacenter, which is partially why less relays are there. Connections between countries have to cross the ocean otherwise they’d cross China or Russia .

You have to remember that one malicious relay is not enough to deanonymize you.
IMO having a Tor circuit go through Russia is a good thing, because it’s one of the few places where you are (hopefully somewhat) safe from the alphabet boys.

Sorry, but what does this have to do with Russian relays?