Doesn’t https / .onion take care of that?
Discussion
Http and https definitely not. I am not sure about onion. For https, the only way to avoid gov takeover is to check if the certificate is using the exact keys of the original party. Beyond the usual https checks.
Yes you’re right. Tor fixes this. Look into it, I’m pretty sure we already have a few tor relays too. But it’s easy to set up a private one.
I am not confident Tor doesn't allow a Stateless relay to be placed between you and your own Tor relay. For me, the safe way is to hardcode the relay's pubkey in the app to make sure only that key can decode incoming payloads and the relay only take encrypted msg from that key
You don’t know how tor works
Probably. But I also can't find proof that somebody can't put a server in between my phone and my server. https://security.stackexchange.com/questions/215155/how-does-tor-protect-against-mitm-attacks-between-the-client-and-relay-nodes
