Tor Exit Nodes are the gateways where encrypted Tor traffic hits the Internet. This means an exit node can be abused to monitor Tor traffic (after it leaves the onion network).
It is in the design of the Tor network that locating the source of that traffic through the network should be difficult to determine. However, if the exit traffic is unencrypted and contains identifying information, an exit node can be abused.
The tor project, therefore, is dependent on a diverse and wide range of exit nodes. As with any technology, you will gain the most benefit and keep your information safe by having a basic understanding of how it works. With an understanding, you will be better positioned to evaluate your risk. The majority of exit nodes are likely not monitored and are "safe". They are managed by good Internet citizens who believe in the aims of the Tor project. However, even a handful of bad nodes are a threat as exit nodes are periodically changed as you use the Tor network.
Understand the Technology, Understand the Risks
Use of the Tor Project by activists and Human Rights Defenders can be a valuable tool in avoiding surveillance. However, you should always have a good understanding of the risks and keep your traffic encrypted end to end, as any of these exit nodes could be watching your traffic flows.
At the most basic level, unless you are using encrypted protocols (HTTPS / SSH / TLS), the Tor traffic could be monitored. Here are two simple examples:
- Using a forum that does not use HTTPS your login, password, session cookie and posts could all be captured.
- If you send an email using SMTP (no TLS) then the email could be intercepted.
To gain an understanding of the technology the Tor Project website is the best place to start.
Tor Exit Nodes Geo-Located and Mapped
Map and Charts are updated daily
The list of exit nodes was downloaded from the Tor Project in csv format. Geolocation was performed against the IP addresses using MaxMind GeoLite2 databses (https://maxmind.com).
From the map it is clear to see the high concentration of Tor exit nodes within Europe, once you start to zoom in and see the European nodes it is clear there is quite a spread of locations where the Tor nodes are operating.
The Internet service providers and countries from the chart are the top 20 with the highest concentrations of Tor exit nodes.
Conclusion
In this post I have touched on a few of the security threats and benefits of the Tor network. I encourage anyone intending to use the Tor network to do some solid research around operational security. If you are using Tor to bypass a proxy you need to understand the risks to your traffic. If you are an activist using Tor to avoid monitoring by oppressive regimes, you need to have a solid understanding of the technology. Without knowing the threats you are putting yourself and perhaps others at risk.