Destination Linux 442: Is Tor Safe? The Big Security Questions w/ Sandfly CEO Craig Rowland
Nov 7, 2025
Craig Rowland, Founder and CEO of Sandfly who builds Linux security and EDR tools. He tackles whether Tor and VPNs truly provide anonymity, explains endpoint fingerprinting and metadata risks, and discusses agentless SSH-based security, DIY VPNs, and cautious AI use in security operations.
AI Snips
Chapters
Transcript
Episode notes
Endpoint Fingerprinting Defeats IP-Only Anonymity
- Tor and VPNs only hide IPs; attackers and defenders instead fingerprint endpoints to deanonymize users.
- Craig Rowland explains his iOvation work showing device fingerprinting and metadata leaks beat IP-only protections every time.
Tor Puts You In A High‑Risk Crowd
- Using Tor exposes you to a high-risk population where malicious activity concentrates, increasing surveillance attention.
- Craig warns innocent users on Tor are 'hanging out with a group' law enforcement intensely monitors.
Never Log Into Identifying Accounts While On Tor
- Do not log into personal accounts while using Tor or VPN if you want anonymity.
- Ryan and Craig note logging into Gmail or other persistent accounts immediately links your identity to the supposedly anonymous session.