Why don't you just use a VPN for this (self hosted or 3rd party like NordVPN)? Especially given the additional risk of tor users being attacked, which the author refers to in the opening paragraphs of the post.
Exit node does not know your source IP and will only see your connections for 10 minutes. NordVPN knows your source IP and will see your entire connection history.
For the first usecase, the #1 problem in privacy security is that databases get leaked at some point in the future. Some VPN's has been caught logging way to much, and then either having to disclose it or have it leaked. Three hops with with no logs with my name and banking information, and only a gate node that has an ip address is fine enough for privacy sensitive visits to regular (legal) websites.
For 2), Tor browser is a single executable that I can just start and run on any computer, even through a remote control if I want to very the network through a customers own computer. No credentials, no payments, no waiting.
Don't know enough about nordvpn for 3).
4) Hidden services is tor only.
5) Nordvpn would work fine for that.
Different security threat need different security measures. The biggest risk to my own security is not that someone mitm my tor connection because I do not use tor for services which I have an account with, and would never do banking on a tor connection. My bank can more or less find what my network is anyway by looking at my transaction and which of those is an ISP. Leaks from companies however seems so common that one get posted here on HN every month, and haveibeenpawned feel more relevant today than antivirus.
Just to say, I'm not a shill for NordVPN - no affiliation with them. I was wanting to reiterate a hosted option vs self-install and it was the first one that came to mind. Noted they are not good!
I get your point here, but its been years since that happened and they kept clean since then as far as I know. That server didn't store any user data just as none of their servers do, I've also read their audits and no evidence of logs were ever found. Even with that breach, it was not directly their fault, but a data center that left a backdoor. Since then they cut ties with the and nothing similar happened again. What I'm trying to say is that no one is 100% safe from a breach as the tech world changes daily and new exploits are growing just as fast. Once company can stay breach free for a decade and then get one. All that such companies can do is work to constantly improve and keep such problems under control.
No one is immune to a breach. You're absolutely right. Which is why the response to the breach is what is so important.
NordVPN left the backdoor open themselves - they left a remote admin console enabled. Then, they proceeded to hold their silence for _six months_, before informing their customers... And take no responsibility. They struggled to even admit they got their dates wrong.
That kind of behaviour, and lack of transparency, is the problem. Not that a breach occurred.
