this post was submitted on 10 Mar 2026
19 points (100.0% liked)

Privacy

5343 readers
123 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 1 year ago
MODERATORS
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
19
OpSec shower thought (lemmy.dbzer0.com)
submitted 1 day ago by PiraHxCx@lemmy.dbzer0.com to c/privacy@lemmy.dbzer0.com
6 comments fedilink hide all child comments
 

I was checking a friend network over Tor and I was curious about the country that would show in his logs so I checked where my exit node was from...

It got me thinking, it's well known most exit nodes are in the hands of governments, so people deep in OpSec using Tor network, do they check if the exit node they are using is not in a 14 Eyes country (or other places depending on their threat model)? And if this is a practice, do you believe countries controlling exit nodes for intel and surveillance might actually be connecting their nodes to servers in other unsuspecting countries, VPN-like, just to not reveal that node is actually feeding data to their country?

you are viewing a single comment's thread
view the rest of the comments
[–] wildbus8979@sh.itjust.works 16 points 1 day ago* (last edited 1 day ago) (2 children)

People who are seriously invested in OpSec absolutely do control their nodes. There's a few settings in the Tor conf that allow you to exclude countries out of exit (and entry) nodes.

[–] PiraHxCx@lemmy.dbzer0.com 4 points 1 day ago* (last edited 1 day ago) (1 children)

But given their resources and the knowledge that people they want data the most will avoid exit nodes in their home countries, how likely do you think agencies might have just rented some room in Albania and Morocco, or just got a room in their own country embassies, and put their exit nodes there instead? (if they can't just "VPN" an IP from other country)

I've drunk too much conspiracy juice this morning.

[–] wildbus8979@sh.itjust.works 5 points 1 day ago

That might be, but if they've choose their nodes carefully that will make correlation attacks very difficult.

[–] XLE@piefed.social 1 points 1 day ago* (last edited 1 day ago) (1 children)

Is it relatively straightforward to blacklist countries just based on IP address? I've seen it discussed before, and I swear it was never described as uncomplicated.

[–] wildbus8979@sh.itjust.works 5 points 1 day ago

You don't need to blacklist based on IP. You can specify the country directly.

See man 5 tor.conf: ExcludeNodes and ExcludeExitNodes as well as the node definition under NodeFamily:

This option can be used multiple times. In addition to nodes, you can also list IP address and ranges and country codes in {curly braces}.