The German Problem with Tor
Published: 19th of July 2020
Over the past year, relay operators have done a good job in diversifying the range of network that they use to host their relays. The problem is that the move away from popular ASNs has not always translated to a move away from popular countries.
This is where we come to Germany, which has the highest amount of Tor relay capacity in the World at 167Gbps, in contrast France is in 2nd place with 64.5Gbps of capacity aka more than 100Gbps lower than Germany.
The problem with Germany
The German state is that exactly in love with the Tor network. This is the state who started raiding Tor relay operators in 2006, illegally seized documents from German exit relay operator; torservers.net in 2018, tried to pass a really vague law in order to the running of Tor relays and now are about to vote on a law to hijack traffic to download Trojans on the computer of anyone they target.
This is the aggressive anti-privacy shit that most people would expect of somewhere like Russia. This might not be what you expect from a country that claims to love the right to privacy and pushed for the GDPR.
In reality, the German government has a double standard when it comes to the right to privacy. They will fully support that right if it's company's violating your privacy (especially, if they are American because protectionism) but in contrast, the German will give itself as many powers as it can to spy on its own citizens and those abroad.
Now you know how the Germans hate privacy, you will almost certainly be asking about alternative locations.
But Tor is encrypted?
The high number of high-speed relays and exits in Germany mean that it is not too uncommon to get both a German guard and exit. This gives the state an easier time if they want to target someone using traffic correlation attacks.
That also does not take in account the planned German law that will allow authorities to redirect traffic to state-owned servers, to infect users with viruses/Trojans. This is especially a concern for third-world users of Tor who are going to mainly accessing non-HTTPS sites on a computer without the best security.
What alternatives are there to Germany?
The current country with the best privacy to cost ratio is Luxembourg, where a 200Mbit can be gotten for 3.25 EUR per month. Or if you have the money then Switzerland would be more ideal but you would not want to waste a Switzerland VPS on a non-exit relay.
Or if you are cheap, you could get a VPS from a country who hates the western spy powers like Russia or Moldova which will still help enhance the security of the Tor network by decreasing the chances that someone's traffic will just travel though one spying block which will make traffic correlation attacks much harder.