[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: TOR is for anonymization; so how to add encryption as well?



On Sun, 2009-12-27 at 09:58 -0500, basile wrote:
arshad wrote:
> i want the traffic be encrypted as well?
> any workarounds?
>
> thanks.
>
> ***********************************************************************
> To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
>   
It is encrypted except at the exit unless you use https or imaps or
whatever protocol + s.

Let me illustrate.  Suppose you go to http://www.google.com via
privoxy+tor, then you establish a tunnel like this:

             --------Tor's encryption--------------
client         ------ clear http ------------->        Tor Relay ...
             --------Tor's encryption--------------

This continues until you get to the exit

--------Tor's encryption--------------
    ------ clear http ------------->         Tor Exit ------ clear http
----->
--------Tor's encryption--------------

So sniffing is impossible except at the exit.   The admin at the tor
exit should never look at the traffic leaving his/her node.

If you repeat the above, but go to https://www.google.com (note the
http+s), then the above changes in that the clear http is replaced by
encrypted https.  Then even the tor exit node admin can't see your traffic.

Hope this helps and that my ascii art didn't get wrapped beyond readability.


thank you very much for your reply.
the the ascii art really helped.
now i have two doubts in this.
1) is no one able to decrypt the tor's encryption?
2) how can i trust the person who runs the tor's exit node?

optional -3) [forgive me if it is too silly]
why people run TOR nodes? is that only to support the community or other benifits as well?

thank you very much.
best regards.