I was checking a friend network over Tor and I was curious about the country that would show in his logs so I checked where my exit node was from…

It got me thinking, it’s well known most exit nodes are in the hands of governments, so people deep in OpSec using Tor network, do they check if the exit node they are using is not in a 14 Eyes country (or other places depending on their threat model)? And if this is a practice, do you believe countries controlling exit nodes for intel and surveillance might actually be connecting their nodes to servers in other unsuspecting countries, VPN-like, just to not reveal that node is actually feeding data to their country?

  • XLE@piefed.socialEnglish
    2·
    16 days ago

    Is it relatively straightforward to blacklist countries just based on IP address? I’ve seen it discussed before, and I swear it was never described as uncomplicated.

    • wildbus8979@sh.itjust.works
      6·
      16 days ago

      You don’t need to blacklist based on IP. You can specify the country directly.

      See man 5 tor.conf: ExcludeNodes and ExcludeExitNodes as well as the node definition under NodeFamily:

      This option can be used multiple times. In addition to nodes, you can also list IP address and ranges and country codes in {curly braces}.