Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: Tor anonymity/security at exit node

  1. #11
    Join Date
    May 2010
    Beans
    462
    Distro
    Ubuntu Development Release

    Re: Tor anonymity/security at exit node

    In short there is no such things as Anonymous. All can be traceable but it depend on the process or progression to track it down. I bet it is what you actually need is to protect your privacy.

  2. #12
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,554
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Tor anonymity/security at exit node

    If you are really paranoid and considered about anonymity, I'd also take a look at Mixmaster as a way of anonymizing your email as well. This program is often times mentioned in the same breadth of Tor/Privoxy. Also utilize gnupg.

  3. #13
    Join Date
    Jan 2009
    Beans
    Hidden!

    Re: Tor anonymity/security at exit node

    Quote Originally Posted by wacky_sung View Post
    In short there is no such things as Anonymous. All can be traceable but it depend on the process or progression to track it down. I bet it is what you actually need is to protect your privacy.
    I would not call it that dramatical, but when I try to read infos about problems the devs of such software and networks have, then I think they had easy job some 10 years ago.

    On the other hand, 10-15 years ago, people did take care of what programs talk to someone in internet and why.
    Today everybody finds it is not a bug but a feature when your computer connects all the time with dozens of servers all over the world 'just to check for updates'.

    People are very keen of storing their most personal data on cloud servers and they never ask who else can see it.

    With tor ,as with mixmaster etc, the idea was to remove the origin of the communication between a client and a webserver.

    But when all that was designed, browsers had not hundreds of extensions and plugins which behave completely unpredictable in this context.

    Tor will change your IP, but when your browser is full nice valuable other data which be collected by anyone then well privacy becomes relative.

    You can try the tor bundle browser. This will make you browse with no scripting, no plugins , no fancy cookie mechanisms.

    There are not many websites which you will be able to use.

  4. #14
    Join Date
    May 2010
    Beans
    462
    Distro
    Ubuntu Development Release

    Re: Tor anonymity/security at exit node

    Quote Originally Posted by ottosykora View Post
    I would not call it that dramatical, but when I try to read infos about problems the devs of such software and networks have, then I think they had easy job some 10 years ago.

    On the other hand, 10-15 years ago, people did take care of what programs talk to someone in internet and why.
    Today everybody finds it is not a bug but a feature when your computer connects all the time with dozens of servers all over the world 'just to check for updates'.

    People are very keen of storing their most personal data on cloud servers and they never ask who else can see it.

    With tor ,as with mixmaster etc, the idea was to remove the origin of the communication between a client and a webserver.

    But when all that was designed, browsers had not hundreds of extensions and plugins which behave completely unpredictable in this context.

    Tor will change your IP, but when your browser is full nice valuable other data which be collected by anyone then well privacy becomes relative.

    You can try the tor bundle browser. This will make you browse with no scripting, no plugins , no fancy cookie mechanisms.

    There are not many websites which you will be able to use.
    I do understand what you meant.Have you considered who setup those Tor servers and what information are they collecting from you.I do not need Tor because i pay for a VPN service which written clearly for their term and conditions. What we really need is privacy but not being anonymous. Tor is just another chain proxies to me.

  5. #15
    Join Date
    Jan 2009
    Beans
    Hidden!

    Re: Tor anonymity/security at exit node

    >who setup those Tor servers and what information are they collecting from you.<

    well tor server does not mean that any information can be collected. Everybody can do that and the system was set up by an voluntters org.
    A relay server can be any computer, I run one too. With this there is so far no way to collect anythnig as all comes highly encrypted and leaves again highly encrypted and nothing is decrypted.

    But do not confuse vpn with tor. Those are two entirely different things and for different purpose.
    Some tor users tend to think of tor as vpn too, but this is completly wrong.


    VPN is point to point operation, it can serve only two endponits and can only carry 'cargo' between them and those two have to trust each other.
    It can not have any anonymising function as it would not work.
    If the traffic has to be forwarded, it has to be done again in open format and free accessible to everyone again.

    Tor is for wiping out the origin of the traffic and make it by this not traceable. And it should work reliably not only between two dedicated users, but worldwide, dynamic selfmanaging .
    The purpose here is not to hide the traffic itself, only the origin of it.

    That it is possible to view the traffic comming out of the exit server is clear.
    That everybody can see the traffic coming out of the vpn server is also clear.
    The traffic on a vpn is well protected while underway, but it has to leave the tunel at some time and there it ends up in open plain traffic as if nothing was between.

    To have some term and agreements, well hope you understand that those things have zero security value, unless you absolutely trust each single person involved in operation of such server or you are the only person who has physical access to such installation.

    As far security of any software solutions today in the computer age, it is often considered anything open source to be more secure then any kind of pure proprietary and closed solution.
    The open source solution can be free reviewed by many people worldwide, they will try to find holes and issues in it and will discuss all problems open.
    With closed solutions this is often not possible and then we have 'security by obscurity' meaning an outsider has no idea what the solution actually does.

  6. #16
    Join Date
    May 2010
    Beans
    462
    Distro
    Ubuntu Development Release

    Re: Tor anonymity/security at exit node

    Quote Originally Posted by ottosykora View Post
    >who setup those Tor servers and what information are they collecting from you.<
    ======================
    Sound like you are new to data miner which can collect any information about you.Find out for yourself why google is evil.
    =====================

    well tor server does not mean that any information can be collected. Everybody can do that and the system was set up by an voluntters org.
    A relay server can be any computer, I run one too. With this there is so far no way to collect anythnig as all comes highly encrypted and leaves again highly encrypted and nothing is decrypted.

    ==================
    Does not mean highly encrypted which is not breakable.It depend on the talent and skill of breaking it
    ==================

    But do not confuse vpn with tor. Those are two entirely different things and for different purpose.
    Some tor users tend to think of tor as vpn too, but this is completly wrong.

    ===========
    Agree.
    ===========


    VPN is point to point operation, it can serve only two endponits and can only carry 'cargo' between them and those two have to trust each other.
    It can not have any anonymising function as it would not work.
    If the traffic has to be forwarded, it has to be done again in open format and free accessible to everyone again.

    Tor is for wiping out the origin of the traffic and make it by this not traceable. And it should work reliably not only between two dedicated users, but worldwide, dynamic selfmanaging .
    The purpose here is not to hide the traffic itself, only the origin of it.

    ============
    I totally disagree with you because it is still traceable in the memory even though you run it a relay as long as each relay does not break it memory.You just need to fix the puzzles to get to the actual person. The work is tough and long process.

    ============


    That it is possible to view the traffic comming out of the exit server is clear.
    That everybody can see the traffic coming out of the vpn server is also clear.
    The traffic on a vpn is well protected while underway, but it has to leave the tunel at some time and there it ends up in open plain traffic as if nothing was between.

    To have some term and agreements, well hope you understand that those things have zero security value, unless you absolutely trust each single person involved in operation of such server or you are the only person who has physical access to such installation.

    As far security of any software solutions today in the computer age, it is often considered anything open source to be more secure then any kind of pure proprietary and closed solution.
    The open source solution can be free reviewed by many people worldwide, they will try to find holes and issues in it and will discuss all problems open.
    With closed solutions this is often not possible and then we have 'security by obscurity' meaning an outsider has no idea what the solution actually does.

    ============
    Quite true and half hearten disagree if someone break it without reported it till somebody discover an intrusion. There are quite a handful cases down the years such as kernel website being hack which went unreported till someone discover it.
    ===========

  7. #17
    Join Date
    Nov 2009
    Location
    Los Angeles
    Beans
    383
    Distro
    Ubuntu

    Re: Tor anonymity/security at exit node

    Quote Originally Posted by wacky_sung View Post
    Have you considered who setup those Tor servers and what information are they collecting from you.
    I don't mean to sound paranoid, but if I worked for the FBI I'd make sure I had a few dozen machines in the Tor pool.

  8. #18
    Join Date
    Jan 2009
    Beans
    Hidden!

    Re: Tor anonymity/security at exit node

    >I totally disagree with you because it is still traceable in the memory even though you run it a relay as long as each relay does not break it memory.You just need to fix the puzzles to get to the actual person. The work is tough and long process.<

    hmm, in memory of what? As my computer has to no time any knowledge where the origin of the traffic came from, it is keeping in memory:
    'I have a traffic, but have no idea where it comes from'
    My computer will do: encrypt the whole stuff to the next server I am assigned just now in this second to forward my traffic to and send it there.

    So my computer has at this moment stored info that a traffic arrived from some tor part, and it ***appears*** to come from certain tor component.
    The traffic was encrypted to the next server from the pool used just at that moment.

    It has no information about the content of the traffic, no inofrmation where the traffic came from or what is its final destination (in case of tor relay)

    So everybody is welcome to pick this valuable info and see what to make of it.

    As far as cryptography, well best to say it is considered unbreakable at this state of knowledge and technology.

  9. #19
    Join Date
    Jan 2009
    Beans
    Hidden!

    Re: Tor anonymity/security at exit node

    Quote Originally Posted by rg4w View Post
    I don't mean to sound paranoid, but if I worked for the FBI I'd make sure I had a few dozen machines in the Tor pool.
    sure, Q is just what to use it for.

    one can monitor traffic coming out of the exit relay, ok, no problem with that, one can monitor any other forwarding computer too, no secret in it, all free and open there and why to operate such exit?

    To have normal relay in operation, well again the Q is what for?
    To keep the tor operational, fine welcome. The more relays there is the more efficient is the network.

    To sniff the traffic from a relay, hmmm, the info is highly encrypted, not decryptable with any currently known method within needed useful time .
    No idea where it comes from, no idea where it goes to.
    That there is increase of traffic let say from 0900-1200 and decrease of traffic during 1600-1900 is also an information which can be used. But it needs to be used statistically only, direct info is not present, but direct content might in many cases also not be particularly important.


    Welcome everybody to monitor this random noise. The more someone tries this, the more secure in fact the network becomes.

    So if FBI wants to set up some more relays, please do so, do as many as your power bill will allow you to have.

  10. #20
    Join Date
    Mar 2012
    Beans
    14

    Re: Tor anonymity/security at exit node

    If you're concerned with mail there's always Tormail, which is in the onion.

    (Link didn't turn out quite right ... )

    Edit: I realize this doesn't address the exit node issue at all. Though this would at least be, in theory, an anonymous origin.
    Last edited by ubunbu; March 18th, 2012 at 10:23 AM.

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •