出口节点不知道你的 IP 地址——这就是洋葱路由的重点。相反，它知道要联系哪个中继节点，以便最终将数据返回给您。为了让你的 IP 地址被确定地泄露，整个链需要是易受攻击的；如果入口和出口节点都易受攻击，攻击者可以通过关联中继节点的使用来合理猜测您的 IP。

TOR 最近开始拒绝所有未更新其 SSL 的服务器。未来还会主动阻止任何使用未打补丁的 SSL 联机的服务器。这些削减导致 Tor 的网络容量下降约 12%。这是由于阻塞了大约 380 台服务器。

以下是 Tor 邮件列表中消息的摘录：

I thought for a while about taking away their Valid flag rather
than rejecting them outright, but this way they'll get notices
in their logs.

I also thought for a while about trying to keep my list of fingerprints
up-to-date (i.e. removing the !reject line once they've upgraded their
openssl), but on the other hand, if they were still vulnerable as of
yesterday, I really don't want this identity key on the Tor network even
after they've upgraded their openssl.

If the other directory authority operators follow suit, we'll lose about
12% of the exit capacity and 12% of the guard capacity.

I/we should add to this list as we discover other relays that come
online with vulnerable openssl versions.

Also these are just the relays with Guard and/or Exit flags, so we should
add the other 1000+ at some point soon.

有关邮件列表的更多信息：https : //lists.torproject.org/pipermail/tor-relays/2014-April/004336.html