I'm pretty sure tor is not anonymous. I read a while back that the US gov controls most of the exit nodes (or something like that) + can do some decrypting monkeybusiness
Apply the same logic to your assertion. There could be many legitimate reasons for Gov intelligence to control exit nodes without prosecuting every illegal activity.. Same as with local police not prosecuting every crime openly committed in nightlife districts of every major city.
I’m not sure this follows. Intelligence and federal police services routinely “manage” crime to various ends. Go read Tim Weiner’s Legacy of Ashes or Enemies for myriad examples.
Whether they can or can’t isn’t really the question. Tor is publicly believed to be private and the government has never tipped its hand that it’s not. In cases where maybe they could compromise Tor, they would have had to use parallel construction, because in court they have never stated they can compromise Tor.
So from an opsec perspective, the question is if the level of your activity rises to the point such that a government entity would take the effort to create parallel construction. If you are not doing something that would anger the government so much, then Tor is a good smoke screen in front of your activity.
Everything is effort and probability. Given enough time and resources you will always be unmasked - always!
Even if the government controls all of the Tor exit nodes, that does not give them omniscient knowledge. Presumably the wrapped communication protocols are still going to be encrypted. There would have to be a different information leakage to completely compromise you. So, not great if your interested in maintaining total secrecy, but better than nothing.
That being said, if the government was really interested in correlating timestamps with Tor activity, it is reasonable to assume they have that power. I assume Tor activity stands out, and every ISP might already be logging such connection events.
As a thought experiment, assume the government has perfect knowledge of Tor activity, yet chooses not to reveal this fact. I would say government compromise is the perennial anxiety of Tor enthusiasts.
My point is that even if it’s true that Tor is compromised, the value of Tor as a honeypot is so great that the government has thus far refused to acknowledge they can. Because if they did, Tor would die overnight and something even stronger would replace it.
So even if you operate under the theory that Tor is compromised, it’s still vastly superior to clearnet because the value of Tor as a honeypot means most people using it for anonymity will remain anonymous.
One thing to remember is that Tor was created by the government, specifically to encrypt the communication of CIA spies. They released it to the public specifically to provide plausible deniability to those spies. So backdooring the protocol right out of the gate would be an own goal.
That being said, I have no clue if they still use it. Presumably if the US government found a vulnerability in Tor, they'd either stop using it, or run some other layer of encryption on top.
Same reason the US didnt reveal they had an engima machine. If word got out, the Germans wouldve changed the codes or made a new process practically over night.
You just use the information to plan "random" "oopsie we spotted you" missions
Was this about that time the US govt paid CMU $1m?
From memory that attack involved running a huge number of exit/relay nodes and someone was able to show a massive spike in online nodes as evidence, but I can't remember who.
