@MMS21 @KitlerIs6 >Is it even possible to patch? Seems a reoccurring thing in many places too e.g. 51% attack in crypto, voting systems and p2p
It's impossible to patch, but Tor has been designed to mitigate such attacks as much as possible.

When it comes to consensus, as sadly no reliable distributed consensus mechanism exists, so Tor uses a select few dedicated servers for consensus handled by trusted parties (you can also run your own consensus servers if you're unhappy with the default).

BadExits and attacking relays are constantly search for and removed from the network as well.

The NSA have admitted among themselves that "Tor stinks", as they can't spy on every user, all the time, even with all the traffic interception and MiTM capabilities they have.


I'd like to note that my Tor relay running 100% free software certainly isn't compromised by proprietary software.