For the sake of argument, let us assume that all traffic is monitored and recorded at your ISP. Would hosting a Tor relay on the same machine that you are running Tor Browser Bundle protect you from some forms of traffic analysis?
Asked
Active
Viewed 170 times
1 Answers
1
Yes it does, however you have to distinguish between two kinds of protection
If you run a relay-only setup with no exits allowed, you make it harder for an attacker to measure your activity and compare it with the activity on certain websites, especially when you let the relay on all the time
If you run an exit node it will give you plausible denyability, because it may not be you visiting a certain website or using a certain service
However please keep in mind that from time to time people abuse exit nodes and it might result in house searches or letters and emails to you or your ISP. Depending on the type of complaint and the attitude of your ISP it may have negative effects for you. You can reduce the chance for this by only allowing certain ports or just stick to running an non-exit-relay.
See also the official FAQ:
Yes, you do get better anonymity against some attacks.
The simplest example is an attacker who owns a small number of Tor relays. He will see a connection from you, but he won't be able to know whether the connection originated at your computer or was relayed from somebody else.
There are some cases where it doesn't seem to help: if an attacker can watch all of your incoming and outgoing traffic, then it's easy for him to learn which connections were relayed and which started at you. (In this case he still doesn't know your destinations unless he is watching them too, but you're no better off than if you were an ordinary client.)
There are also some downsides to running a Tor relay. First, while we only have a few hundred relays, the fact that you're running one might signal to an attacker that you place a high value on your anonymity. Second, there are some more esoteric attacks that are not as well-understood or well-tested that involve making use of the knowledge that you're running a relay -- for example, an attacker may be able to "observe" whether you're sending traffic even if he can't actually watch your network, by relaying traffic through your Tor relay and noticing changes in traffic timing.
It is an open research question whether the benefits outweigh the risks. A lot of that depends on the attacks you are most worried about. For most users, we think it's a smart move.
