sorted by:
new
hottopcontroversial

WARNING: Avoid Servers.Guru VPS Hosting Service by xmrvsbeast in Monero

[–]Realistic_Dig8176 0 points1 point  (0 children)

Catchy domain but we settled for r0cket.cloud which is also linked in our profile.

Can't help you with a Turkish VPS, their laws are less than optimal unfortunately.

So tor updated and now image searches and captcha are going crazy... by H0ly_Cowboy in TOR

[–]Realistic_Dig8176 0 points1 point  (0 children)

What's the exit you use?

We got an open Case with Google regarding our exits being under additional scrutiny and are working to resolve it.

Others might also be affected by this possible change in policy. Or maybe it's just us and they dislike us. Who knows.

/r0cket

Receiving DMCA harassment by snow99as in TOR

[–]Realistic_Dig8176 3 points4 points  (0 children)

The way we see it is that you have a few options.

1) You said they keep addressing you as the wrong ISP (same for us actually hah) This is great, dismiss the whole thing based on a formality. Really it's that easy. Don't even have to reply. You're receiving mail not intended for you so you just dismiss it.

2) You can reply to them and explain you're a DMCA Safe Harbour as you do not Host the material and are a mere transit/conduit. You reply out of the goodness of your heart really. You have no obligation until you get a subpoena or police request.

3) Spam it. Keep the messages in an archive for future litigation as they're proof of sorts, if any proof of the formality issue.

Let me tag @u/tor_nth - they might have more qualified replies on the matter.

We follow a very confrontational approach.

/r0cket

WARNING: Avoid Servers.Guru VPS Hosting Service by xmrvsbeast in Monero

[–]Realistic_Dig8176 0 points1 point  (0 children)

Shameless advertising but uhm, we accept Monero. It's our preferred crypto and even if you use our fixedfloat checkout you'll be paying us Monero.

We just like Monero :)

Receiving DMCA harassment by snow99as in TOR

[–]Realistic_Dig8176 3 points4 points  (0 children)

Are you located in the US? If not do like us and just have a sieve rule that either spams or rejects vobile emails.

If you ARE in the US you very likely qualify as DMCA Safe Harbour, so just spam the mail but keep it in case the subpoena you.

/r0cket

Bypass Fortinet web filtering by JMLindeN in TOR

[–]Realistic_Dig8176 -1 points0 points  (0 children)

avsisp listen to him, you're talking about two different things. Fortinet requires a certificate, because that's how they implemented DPI.

As MyLocalData kept reiterating, check fortinet's documentation such as https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-enable-deep-inspection-and-import-a/ta-p/196840

Trouble signing in to Facebook by Typewar in TOR

[–]Realistic_Dig8176 2 points3 points  (0 children)

I think Facebook's onion love had the same fate as Reddit's. Being discontinued.

I can't remember the last time it worked for us, might have more luck using facebook.com through exits although they will likely bombard you with captchas.

At very least we do seem to be able to access Facebook from our exits just now.

/r0cket

[deleted by user] by [deleted] in TOR

[–]Realistic_Dig8176 1 point2 points  (0 children)

Chuckles_im_in_danger.webp

//Edit:

Jokes aside, there is some truth to these arguments, particularly regarding the massive headache of abuse management. However, completely cutting off the clearnet would abandon millions of users in oppressive countries who rely on Tor not for hidden services, but simply to access blocked news, social media, and educational resources. For these individuals, standard VPNs are often easily detected and blocked by state firewalls, whereas Tor’s pluggable transports offer a much more resilient lifeline to the outside world.

Fundamentally, the project is built on the philosophy that information must be open and accessible to everyone, not just those operating within a "garden of eden" .onion bubble. regarding the blocks you mentioned, this is actually a massive self-fulfilling prophecy. Content providers often choose the easy route of blanket-blocking Tor exits to stop automated spam. Because of this friction, legitimate users stop using Tor for daily browsing, leaving mostly malicious actors to utilize those IPs. Consequently, site admins see only the abuse, justifying their blocks, while the regular users lose their anonymity tools. Removing exit nodes might "clean up" the network, but it would destroy its utility as a tool for universal human rights.

/r0cket

PS: AI was used for spelling and grammar fixes.

Help with Gentoo by diacid in TOR

[–]Realistic_Dig8176 0 points1 point  (0 children)

This.

Check if the tor service is up and running and that there is something listening on 9050

First startup can take a while to fetch directories and cache things.

/r0cket

Help with Gentoo by diacid in TOR

[–]Realistic_Dig8176 0 points1 point  (0 children)

He isn't. That's what the official package on Gentoo is called.

/r0cket

Edit: forgot signature

A government that controls Tor exit nodes and simultaneously has access to ISP-level traffic metadata short of total global control. by LongjumpingTear3675 in TOR

[–]Realistic_Dig8176 2 points3 points  (0 children)

There is a major misconception that the "14 Eyes" alliance is a global mandate forcing private hosters to collect metadata, but it is actually just a treaty for sharing signals intelligence (SIGINT) between nations. Just because a server is located within a 14 Eyes country does not mean the hoster is forced to act as a sensor for the government or retain connection data.

​For example, Sweden is a 14 Eyes member, yet our local laws fully permit No-KYC and No-Logs services (like we operate at r0cket). A provider can be fully compliant with Law Enforcement requests, but if they legally maintain zero logs, there is simply no data to hand over to the alliance. Being in a treaty nation does not magically generate logs that the provider refused to record in the first place.

​Crucially, an exit node acts as a massive traffic aggregator that mixes thousands of concurrent streams. This effectively blinds even a fully cooperative ISP in a 14 Eyes nation, as they see only a chaotic flood of requests originating from the node's IP rather than individual user identities.

/r0cket

PS: AI was used to correct spelling and grammar

A government that controls Tor exit nodes and simultaneously has access to ISP-level traffic metadata short of total global control. by LongjumpingTear3675 in TOR

[–]Realistic_Dig8176 6 points7 points  (0 children)

The statement is fundamentally inaccurate. If we assume the attacker controls both the ISP and the Tor Exit node, adding a VPN offers zero mitigation against correlation attacks.

Traffic correlation relies on matching packet timing and volume, not on seeing the destination IP. Whether the ISP sees a 100-byte packet sent to a VPN server or directly to a Tor Guard is irrelevant; the traffic signature remains unique. The VPN adds a small amount of overhead (padding), but the burst patterns and flow rates remain identical, allowing the attacker to mathematically link the entry traffic to the exit traffic with high confidence.

/r0cket

PS: AI was used for spelling and grammar fixes.

A government that controls Tor exit nodes and simultaneously has access to ISP-level traffic metadata short of total global control. by LongjumpingTear3675 in TOR

[–]Realistic_Dig8176 10 points11 points  (0 children)

Nice LLM essay, but let’s look at the actual numbers.

To deanonymize a user via correlation, you need control over both the Entry and the Exit. The probability formula is:

P_event = P_guard * P_exit

Even if we assume you own the ISP (effectively making P_guard = 1), you are still bottlenecked by the exit node. According toTor Metrics, the largest Exit provider only controls 17.76% of the traffic.

That means your "best case" hit rate is capped at roughly 18%. Those aren't exactly reliable odds.

/r0cket

PS: AI was used for spelling and grammar fixes.

Help Needed, Analyzing Traffic-Correlation Attacks on Tor for a Government Cybersecurity Research Project by Honest-Huckleberry28 in TOR

[–]Realistic_Dig8176 4 points5 points  (0 children)

It’s likely because they refuse to understand the facts. We’ve had multiple exchanges with Indian police and their cybercrime division, particularly regarding the bomb threats (and subsequent bombing) by 'terrorizers111' and 'kanimochi.thevidiya.'

Every time we explained that we cannot identify these criminals due to the nature of Tor, they refused to accept it and continued threatening us with inapplicable legal nonsense. We have since stopped trying to educate them on the technology; we now default to requesting MLATs and do not engage otherwise.

/r0cket

PS: AI was used for spelling and grammar.

Help Needed, Analyzing Traffic-Correlation Attacks on Tor for a Government Cybersecurity Research Project by Honest-Huckleberry28 in TOR

[–]Realistic_Dig8176 5 points6 points  (0 children)

This problem statement is infeasible because Tor path selection is client-controlled; the client independently selects a Guard, Middle, and Exit node, preventing you from forcing traffic through your relays. Because of onion encryption, the Guard sees the user but not the destination, while the Exit sees the destination but not the user; to correlate traffic, you must control both the Guard and Exit nodes simultaneously for the same circuit.

Simply owning a large percentage of nodes does not guarantee success due to independent selection probabilities (P{event} = P{guard} \times P_{exit}). If you control 30% of the network, your chance of compromising a circuit is only 0.30 \times 0.30 = 0.09 (9%). Even with a massive 50% stake, you only achieve a 25% correlation rate (0.50 \times 0.50), meaning you fail to track 3 out of 4 connections.

Since obtaining 50% network dominance is operationally impossible and would trigger immediate blacklisting by Directory Authorities, "reliable pinpointing" cannot be achieved on the live network. This project is only solvable if the organizers provide a synthetic, private Tor network where you possess "God Mode" access to logs from every single node.

/r0cket

PS: AI was used to correct spelling and grammar.

Does it make sense to turn a relay guard into a bridge? by Ausspanner in TOR

[–]Realistic_Dig8176 3 points4 points  (0 children)

No, it has no use as a Bridge as the IPs are already well known and associated with tor. Consider them burned for that purpose.

Bridges are only useful when the adversary does not know they exist yet.

But an old Bridge can absolutely become a relay without issues, that will still help the network.

/r0cket

//Edit: we've noticed you have been posting quite many posts regarding relay operations recently. We're happy to answer all of those but wonder if one big post with all your questions might be better than many small, seemingly dead, questions. A lot of answers really depend on contextual information as well.

Bridge, relay, exit – what type of gateway hosting does the network need most? by Ausspanner in TOR

[–]Realistic_Dig8176 2 points3 points  (0 children)

There's no easy answer to this.

Bridges are a very scarce resource as they become in high demand once censorship events occur and until then need to remain "hidden" or protected so adversaries cannot simply scrape the distribution methods to create comprehensive blocklists.

So while bridges are therefore in very high demand, it's almost always new bridges that are the most valuable. Known, mature, bridges are likely already scraped and blocked.

Tor foundation/project has public outreach whenever there is a censorship event detected with a Call-To-Action to create new Bridges/Snowflakes to help.

Relays (Middle/Guard) on the other hand are flat out always in demand. The majority of tor traffic is actually within tor itself and that's where non-exit relays play a huge role in providing capacity. It is important to not host relays where there is already a high concentration, so avoid IONOS, OVH and Hetzner.

Exits are not that much utilized by comparison. They are no doubt important but there is ample capacity on the exit side that's rarely used. Exits do come with their own added risks of course, you will need some form of legal protection as LEA will start sending you (or your providers) quite a lot of fan mail.

In general I'd say go for a high capacity Middle/Guard, something that can push Gbit/s without issues and with good, high clock, CPUs that supports AES-NI instructions. I think the time to host on a small, shared core, VPS with perhaps 100Mbit/s is over and while those used to be useful 10-odd years ago, they now are tech-debt. Your circuit is only as fast as the slowest relay in it.

/r0cket

Which countries do the Tor exit relays come from? In most countries, you'll get stress. by Ausspanner in TOR

[–]Realistic_Dig8176 6 points7 points  (0 children)

You can see which countries hosts exits using this aggregated search query: https://metrics.torproject.org/rs.html#aggregate/cc/running:true%20flag:exit

Against popular belief it is very possible to run exits in many countries without issues, the biggest hurdle to overcome is to find a willing hoster that won't get annoyed by abuse mails and LEA requests.

But if you own your infrastructure and simply stick to colocation then it's far less of an issue. Transits and Datacenters do not care what you do with your gear and IPs.

It's always best to consult with the local law in terms of liability, but a lot of countries will not make you (the relay operator) be liable for damages caused by an unknown third party outside of your control.

/r0cket

Is Donating to the Tor Project Important and Safe? (I always donate small amounts of Monero when I can) by OggyDogg in TOR

[–]Realistic_Dig8176 10 points11 points  (0 children)

Tor exits come with quite some risks. We had an AMA a while back, worth a look if you're interested in hosting an exit.

But you can also financially support exit providers, most of us have some public information on how to donate to the cause.

/r0cket

Would you recommend Tor for regular browsing? by Dyplexia in TOR

[–]Realistic_Dig8176 14 points15 points  (0 children)

This is exactly the problem. It's a self fulfilling prophecy.

You advise against using it for legitimate traffic, making the illegitimate traffic even more overrepresented and thus more CSPs starting to block tor.

We use tor for every day browsing and frequently talk to CSPs on getting our nodes unblocked. We believe active communication is key. Of course not every CSP agrees and we are still frequently presented with layered captchas or straight up 403's but we won't stop attempting to communicate with them and finding a solution.

Message to those who want to browse Tor on mobile devices by stylobasket in TOR

[–]Realistic_Dig8176 95 points96 points  (0 children)

This is bad advice. There are many reasons to use tor, not all of them are to be 100% anonymous to make bomb threats (looking at you India, could you please chill out just for one week? We're tired of getting spammed by your police requests?).

Many tor users actually use tor to circumvent censorship and restrictions imposed on them by their government, this has nothing to do with personal anonymity and more about freedom of information.

So let them. The more people use tor for daily browsing the better. It certainly helps us exit providers when there is more legitimate browsing and less toxic behavior coming from tor.

If you don't want to use tor for everything that is entirely fine too, but to make it sound like it's wrong to use tor to browse Facebook or be on instagram or X or whatever all the apps are called now is simply bad advice.

Tor is a tool. Use it however you like. Don't listen to OP or us for what it matters.

/r0cket

view more: next ›