Would using direct connections on an exit be safe?

Question

Let's say the computer I'm using is an exit. If I don't use Tor for my own browsing, can we consider it safe because those connections will blend in with other connections that exit?

score 1 · Answer 1 · answered Mar 30 '14 at 15:31

This is safe in terms of the fact that there are no new attacks that can target you direct connections. In other words, running an exit node does not correlate to someone being able to sniff your traffic.

This is also safe if you mean, as you say, you'd like to blend your traffic in with the exit node traffic. It would be difficult for an attacker (like an ISP) to differentiate Tor exit node traffic and your personal traffic.

That being said, it does not really offer true traffic analysis protections because you're not actually routing across the Tor network. You're taking the plausible deniability route in this case but don't have much science/tech to back it up.

In short, safe - yes for some definitions. Smart, probably not.

This FAQ covers the topic a bit. https://www.torproject.org/docs/faq.html.en#BetterAnonymity

score 1 · Answer 2 · answered Mar 30 '14 at 21:45

I don't think it would be "safe" - you would have less anonymity.

Consider the case of an adversary who can watch your connection to the internet, e.g. your ISP. Such an adversary might sometimes observe a lack of correlation between encrypted tor traffic going into your node and traffic leaving your connection, and guess that you - rather than other tor users - are the origin of that traffic.

How easy it would be for an adversary to distinguish between tor-exit traffic and your own traffic probably depends on how busy your exit node is, but I definitely think it would be less safe than using tor.

score 1 · Answer 3 · answered Apr 05 '14 at 14:11

1

If you're trying to disguise as an exit-node, to post to some blog or whatsoever it's alright. If you're logging into Facebook, Google, or anything that is linked to you. Bad idea, and isn't safe.

answered Apr 05 '14 at 14:11

Carrot155

41
1

score 0 · Answer 4 · answered Mar 30 '14 at 08:20

0

The IP used by an exit is an information that you don't want to be linked to yourself, and that's precisely the whole purpose of the Tor software. Therefore, I would say that it is unsafe.

answered Mar 30 '14 at 08:20

Vincent

101
1

score 0 · Answer 5 · answered Apr 07 '14 at 15:48

This depends on your threat model and your intended use.

For example

If your intended use is to post to the same site every day, and you are doing from your computer which is also being used as an exit node. Then every day the site owner would know that someone is connecting from your computer and posting every day. The chances of this being someone connecting over tor and by random chance always connecting to your exit node, are very slim, so they would easily know it is you. - not safe

If your intended use is to make a single post and never go back, then they would see it is from your computer, and you would have plausible deniability as you could say it came from someone over tor. But if instead you just used to to make the post, then you wouldn't even need plausible deniability as it wouldn't be linked to your computer at all. - less safe

Would using direct connections on an exit be safe?

5 Answers5