Hi, I am a long-time cybersecurity researcher and Tor-user. I have also used Linux for a few years, and have studied various topics such as cybersecurity, networking, opsec, and similar topics.
I became made aware of information implicating various rich people and people in government, in criminal activity, and became a whistleblower, using Tor to leak plain-text (non-documents, just text) whistle-blowing information to various entities, in order to safeguard the public.
I used a brand-new laptop, fully firmware updated, running on Linux, with a firewall, on public wifi, with a "no-log" VPN (paid via Monero).
I ensured my screen wasn't on camera, so the only way I could have been identified, was via a Tor compromise (backdoor, trace such as via big-data analysis via tracking all Tor relay connections and providing correlations via timing analysis using AI/super computers., or both).
So, because my information was non-specific to me, (I wasn't one of a few people aware of the information), and my whistleblowing was done using plain-text (not documents, with metadata), and I also modified my writing style to specifically avoid stylometric analysis, used a decent operating system (linux), with a VPN to add an additional protection for my source (original) IP, on public wifi (rather than connecting from my house), my analysis concludes that the only way to identify me, as the whistleblower, was via a technical Tor compromise, such as a backdoor, (most likely due to a bribe from the rich criminals, bribing a Tor developer), or a deep intelligence agency backed timing correlation, which is also logical because the criminals were both rich civilians, and government agents.
Because of my technical OPSEC, and use of Public wifi, I believe strongly that Tor was, or is currently, deeply compromised, de-anonymizable, and traceable, in some way.
Even using public wifi, I could have been seen on nearby security cameras, coming to or going from the area where I used public wifi, indicating high-level governmental involvement in my survived assassination attempt, (I got poisoned, with a rare toxin, which was confirmed with a 3rd party lab-test, and also dodged two gunmen while taking a nap in my car, in a very low-crime, safe neighborhood.) which tracks with me analysis of the criminally responsible, which I was whistle-blowing on.
Therefore, I henceforth conclude, based upon my experiences, that Tor is compromised, deeply. Direct deanonymization. Thus, in order to fix Tor, if it is possible, we, as a community, must deeply analize Tor's source code, of both the Tor Browser, and Tor Network software code, crypto analysis, etc.
We should also act as if Tor is compromised currently, and use Tor only from public wifi, wifi not linked to our identity, such as Phone data, or home WIFI connection. Be sure your screen ins't on camera, even with reflections. Preferably, turn off your cellphone to prevent keystroke analysis via audio capture.
Message too long. Click here to view full text.