Latency when using Tor Browser and other questions

So, I have some questions that maybe somebody here can assist with. By the way, I am really surprised with the amount of servers and operators, that there is not more peeps in here, sharing resources, asking questions, etc. But, I digress.

As a network administrator, one of my questions concerns latency. I understand the whole concept of building multiple circuits on the fly and the importance of randomness, but is latency suffering?

For example: a Tor browser user in the US wants to visit a website hosted in the US. Let’s say he is in LAX, and the website is hosted in Azure Chicago (just as an example). Why would he have to find a guard and/or middle relays in Germany or elsewhere overseas if there are plenty of viable relay resources in the US?

Once again, let me iterate, I understand the importance of randomness and sometimes getting ones traffic out of their own country as fast as possible, but in the case above, would relay hops on the US still serve the privacy and encryption purpose without adding the lag and latency (and network congestion) of traveling across the globe and back for every packet?

Is it possible to add into the algos a way to ‘prefer’ geo in some way? Maybe a setting in the Tor browser for ‘country secure’ and ‘world hop secure’. Give peeps the option if they are not transmitting state secrets and just grandmas recipes..lol

I know that this is my own opinion, and I may be way off base, but it just seems that something like that, imagined by brains much smarter than I, could take the slowness out of the Tor browser, and encourage more peeps to use the browser (I know when I tried Tor browser a few years ago, it was too slow for me to use).

I would really like to hear thoughts from other on this. Tell me where my thinking is wrong. Help me understand.

First things first, it is already possible to configure the desired country for your circuit by editing your torcc configuration file:

EntryNodes {fr} StrictNodes 1
ExitNodes {fr} StrictNodes 1
MiddleNodes {fr} StrictNodes 1

This configuration will select nodes in France. But I am not sure this is a good idea.

You posed an interesting question which basically comes down to evaluating what is more important for a specific use-case: security or ease-of-use. Just like many things in information security.

And while I understand your viewpoint, I personally strongly disagree.

It is actually VERY important that the nodes in the Tor circuit are distributed among different countries and jurisdictions. If you configure your circuit to only use nodes in one jurisdiction, you’re only one subpoena away from potentially being de-anonymized.

(I know when I tried Tor browser a few years ago, it was too slow for me to use). (…) not transmitting state secrets and just grandmas recipes.

Like I stated before, you have to evaluate your use-case to determine if it actually requires the level of anonymity Tor provides. If the extra latency is a turn-off, your use-case might not be ‘severe’ enough to require a high level of anonymity. If you are just searching for a little more privacy and an extra layer of encryption a VPN service like Mullvad might suit you better.

I agree that of course we should always aim to make the network as fast as possible. To achieve that there are implementations like Conflux and Arti to make the usage faster.

But I STRONGLY oppose that we should compromise on security/anonymity by default, to reduce latency or make the Tor browser faster so “more people would use it”. Currently there are people in tyrannic dictatorships like Iran or China risking their life to practice the principle of freedom of speech. Our responsibility is to those people, and in no way we should make compromises regarding their safety so someone can share grandmas recipes faster.

Thanks for this interesting question and discussion! While I personally may not agree, your different point of view is highly appreciated.

Some interesting links:

Yes it would be faster if all the nodes selected for your example were in the US but I agree with NeilD above.

I read the first link and noticed they only select one node from a /16 IP range. The torbulkexitlist I downloaded last week lists 297 IPs (~25.8%) from the US as per Maxmind DB. Of those about half are from 3 different /16 organizations. There are other /16 groups but I only selected the largest I could see quickly. This really reduces the number of available IPs for the US example. If you add in CA and MX which do not have to cross the Atlantic you are at ~26.6% of Tor IPs

Now if your grandma had the recipes for the Cadbury Caramilk or the Heinz ketchup then you may want Tor for those

My 3 cents.

Edited later:

I was curious about how many /16 IP range groups there were in torbulkexitlist. There are 346 groups