have questions regarding Tor and a possible MiTM attack | Poal: Say what you want.

Welcome • User Guide
ToS • Privacy • Canary
Donate • Bugs • License

©2026 Poal.co

115

•

have questions regarding Tor and a possible MiTM attack

when connecting to the Tor network a MITM attack, such as by an ISP for instance, can apparently be performed using which can be used to route traffic to compromised nodes in a self-contained network which can then decrypt the traffic.

from the Shadow Simulator GitHub repo:

Shadow is a unique discrete-event network simulator that runs real applications like Tor and Bitcoin, and distributed systems of thousands of nodes on a single machine. Shadow combines the accuracy of emulation with the efficiency and control of simulation, achieving the best of both approaches.

also see https://shadow.github.io/

apparently every connection to Tor first connects to 1 of 10 and several of these are in the U.S.

i just learned of this today and am wondering if anyone has any input

when connecting to the Tor network a MITM attack, such as by an ISP for instance, can apparently be performed using [The Shadow Simulator](https://github.com/shadow/shadow) which can be used to route traffic to compromised nodes in a self-contained network which can then decrypt the traffic. from the Shadow Simulator GitHub repo: > Shadow is a unique discrete-event network simulator that runs real applications like Tor and Bitcoin, and distributed systems of thousands of nodes on a single machine. Shadow combines the accuracy of emulation with the efficiency and control of simulation, achieving the best of both approaches. also see https://shadow.github.io/ apparently every connection to Tor first connects to 1 of 10 [relay authorities](https://metrics.torproject.org/rs.html#search/flag:Authority) and several of these are in the U.S. i just learned of this today and am wondering if anyone has any input

(post is archived)

You are currently inside a comment thread.

Click here to see all the comments (7).

[–] • 1 pt

Any security system is going to have weaknesses and can be defeated, given enough resources and motivation.

You can never be 100% safe. The point is to make it as difficult as possible for the attacker, so that they pursue easier targets instead.

link

[–] • 1 pt

i totally get that - i'm interested in exploring the validity of this particular issue though because this apparently isn't an issue with Tor, rather it's a way to hijack a connection to the network which i've never heard of before

parent
link

[–] • 0 pt

It's absolutely true. It's not hard at all to set up a compromised subset of the TOR network and manipulate the routing. The good news is it does require the cooperation of your ISP and a few very powerful computers. The other good news is the three letter agencies that manipulate TOR don't give a shit about anything but preventing real actual large-scale crime or terrorism. They don't care what you fap to, what you smoke, or what you read. Kiddy fiddlers who actually have and are abusing children, terrorists, and other major scum are what they're after.

parent
link