The intent of this post is to clear the suspicion regarding the potential for three-letter agencies(or anyone else) to compromise the anonymity provided by Tor.
Through civilized discussion and respected manner.
Some basis:
Tor’s anonymity provided largely by routing through multiple servers(volunteer-operated, known as guard node, middle relay and exit node ), while the first one in the chain knows the identity of the user and the last one knows the destination.
The amount of these (active)servers are approximately 7000-9000.
The raw price for one of these servers is USD 5(an average price for 1vcpu, 1gb ram vps). Meaning budget of USD 50000 will cover 10000 servers.
Based on the above basis, what makes it impossible(to whoever it may be), to take full control of the majority(or almost all) of the servers and use them for de-anonymization?
Moreover, the above is highly likely based on the knowledge that Tor was funded by US government agencies and how secret services operate in general.
Secret service can use Tor as a honeypot to track down those they want, but they won’t act until it’s absolutely necessary to avoid compromising their involvement.
The vast majority of relays are far more capable than the bare-bones basic one you are quoting the price for.
But yes, malicious relays may pop up, as the (very relevant) article ebanam quoted shows, and they may pop up in quantities.
The network design, technically and organizationally:
limits the amount of damage a new relay can do
resists haphazardly promoting a relay to a position where it can do real damage
To answer your questions and assertions though:
That is significantly under-costing for the quality of server most of the good relays are. And that is a price per month of the raw server, not manpower to deploy them, link them, etc. Imagine what it would take for you personally to deploy 5000-10000 servers across the world without leaving tracks.
You’re getting to the philosophical now. The actual answer is nothing. Nothing makes it impossible. The best that can ever be achieved with any security it to raise the activation energy needed to accomplish the task. In this case, the measures put in place by some of the best talent in the world have implemented a structure that both resists what you propose and makes it even more difficult to achieve without detection.
How you assess the likelihood is of course up to you. The agencies of the US are a bit schizophrenic in that some resist efforts that others advance. So yes, some agencies of the US support Tor, as they should. Others resist it. The fact that any US government agency was involved in its creation and furtherance is no more evidence of the assertion the network is compromised than the fact that any US private citizen is involved. US government agencies have widely different opinions on free speech and privacy just like regular citizens do. Your assertions here are basically FUD, which helps no one.
Is a government agency that act as bodyguards for the president and, due to a weird jurisdictional history, investigates money counterfeiting. Its involvement in Tor one way or the other is likely limited to asking for help from other, smarter people if the topic ever comes up in one of their investigations. Do you actually mean the NSA?
You want to know how intelligence agencies fight Tor? They do it by discrediting it. Because one of the best ways to maintain the health of Tor, is simply to use it. Without many users, the traffic would be easier to spot. Tor becomes more healthy and more anonymous the more people use it.
There will always be those that attack it, but reading the relay operators mailing list, listening to people here, and learning about the protocol and safety measures put in place now, and the ones that are in the pipeline to improve the system in the future, I’m pretty confident in the system and direction.