I wrote back in September a blog post titled The Advantages Of Tor 1. While that post was a prospective look at Tor, this one is a retrospective look. In the months between that post and now, I have tried to go all in on Tor. Over Christmas break, when I read Snowden's memoir, I decided that I would run my entire server infrastructure over Tor, making my domain just a pointer to my Tor services.
In January, I did just that. I went all-in on Tor, even having my Matrix homeserver federating through it, and my email server receiving emails through it. Unfortunately, I have come to the conclusion that Tor is unsuitable for my purposes. It is simply too unreliable and prone to breaking. I think Tor is a great technology. For what it's intended purpose is, it works good enough. Tor is not unusable if you're just using it as a browser that has special privacy protections, but if you're a server administrator like me that wants to run more than just a static website behind a .onion, you'll find that you simply cannot.
The first thing to point out is that Tor is unbearably slow. This in and of itself is fine; I can tolerate slow loading times, because I am used to using old machines, so there's nothing new there. The people I talked to over Matrix did find the slow speeds annoying, but they also got used to it. The real problem comes with reliability. Tor drops connections or just straight up fails to make connections way too freqeuently to be useful. When it re-negotiates relays, it causes a temporary blackout that can take hours to resolve itself. I stopped getting emails, and Matrix homeservers stopped federating with me, because my server was not only slow to respond; sometimes it just wouldn't respond at all, and there was no rhyme or reason for these events.
Tor would also cause my OpenBSD gateway to freeze entirely, and I'd have to force-reboot it occasionaly to restore connectivity to the outside world. That's pretty unacceptable to me. OpenBSD is incredibly reliable; it does not crash under normal use, so the fact that Tor was causing my gateway to choke indicates to me that it is not practical to send very large amounts of data through an always-open Tor connection.
I think there are a lot of problems with Tor that just never come up when you're using the browser, because browsing the internet is fairly light and short lived. But when you're keeping Tor running all the time, and pushing gigabytes of data through it, and making a ton of connections—as is the case with the Matrix homeserver—it simply does not hold up.
I am sad that this is the case with Tor. I really wanted it to be my all-in-one privacy solution, but for now, I'm stuck operating on the clearnet. To be fair, it really isn't so bad. My Matrix server is protected with TLS, and my conversations are protected with end-to-end encryption. While Tor would be better, my current situation really could be much worse. The reason I like Tor though is because it protects me from my ISP and other malicious actors on the internet. It keeps me anonymous and more difficult to track.
Unfortunately, my experiment with Tor has come to a close. I no longer run a Tor relay or keep my Onion sites online. I know that doesn't help out the Tor community much, and probably makes things worse, but I simply don't have the time to troubleshoot issues with Tor. I need something stable and reliable, and at the end of the day, an OpenBSD server sitting at the edge of my network is that. Adding Tor into the mix only makes things less reliable.
I am absolutely still a privacy advocate. I think everyone has a right to privacy, including myself, and I think that right should be maintained. I'm still limiting my usage of online services as much as I can, and I'm still self-hosting everything. I'm always looking for ways to become less dependent on the internet and on my phone. My core beliefs regarding computers and the internet have not changed in the slightest. I am just realizing that Tor is not the way to achieve my goals, and unfortunately I have to live with the potential privacy risks of running a public-facing server on my home network and doing all my internet stuff out in the open.
© 2019-2023 Jordan Bancino.