[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Hidden server path



outlaw => i d'ont mean what you describe. If i run an exit node and sniff
every http packet out, i'll don't know where request are from, but i can
see every parameters/data of post/get requests. Not every website has ssl
activated guys.

Hidden services are another use case. There is no exit node, just an entry
node to the hidden service.
I don't know what happens when the two circuits connects. How are they
connected ? It's the weak point !

2013/1/9 Outlaw <outlaw@xxxxxxxxx>

> > > Or malicious code on the last node :)
> >
> > That would be the server hosting the hidden service. But the server of
> > some Website you visit and what it does with your requests is beyond
> > your control anyways (if it not your own server).
>
> So path can be seen by client and server that hosts hidden service,
> malicious or not. Are you sure? :) I mean as I know SSL connection via
> https protocol is done like "Connecting to server -> Establishing
> secure connection -> After that go to target page, make requests,
> download all things etc. ". So global observer cannot see what is
> transferred (what I`d like to know for sure is path and GET request),
> only the fact of connection and some encrypted traffic
> - is this somewhat valid for onion-land? Thanks!
>
> --
> Outlaw
>
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk