Preselect entry nodes that are internal to the country

[grugq]

• ask user for the country they live in to optionally only use entry nodes in that country, to avoid data packets getting routed over country borders. This could reduce the probability of traffic correlation by NSA/GCHQ for some users.

Not sure how to do this, so, low priority. :)

[strasharo]

https://www.torproject.org/docs/faq.html.en#ChooseEntryExit

[grugq]

Something like this, I guess:

EntryNodes {us,uk}

[securedmh]

Could also add updated spoiled onions list or introduce a service that monitors if an exit node on the list is being used to provide a warning of some sort.

[ad90df8e708e8fa8153e56a059]

You can specify preferred entry/exit nodes using:

• EntryNodes {cc}
• ExitNodes {cc}

You can also specify excluded entry/exit nodes using:

• ExcludeEntryNodes {cc}
• ExcludeExitNodes {cc}

If you set StrictNodes 1, the above lines are mandatory instead of preferred, and tor will not connect if nodes meeting those requirements are not met.

Countries are specified as a 2 letter ISO3166 country code in curly braces.

However

Depending on how many entry nodes are available in your country, this might drastically limit the pool of available entry nodes. Keeping your first hop domestic might technically provide some legal protection against collection, but I'm skeptical that it provides much if any practical protection. It could have the unintended side effect of making your circuits stand out, since this is not the default behavior and probably not implemented by many users.

The tor project people recommend not doing this:

We recommend you do not use these — they are intended for testing and may disappear in future versions. You get the best security that Tor can provide when you leave the route selection to Tor; overriding the entry / exit nodes can mess up your anonymity in ways we don't understand.