[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: TOR is for anonymization; so how to add encryption as well?

> 1) is no one able to decrypt the tor's encryption?

As for the node-to-node encryption, you can assume the answer to be
"probably not". AES128 is seen to be reasonably secure at the present
time, enough so to be used for classified communication channels by the
US Government.

Does this mean $they probably couldn't brute-force a given key with
enough time and/or resources? .. No.

> 2) how can i trust the person who runs the tor's exit node?

You can't. Hence the need to use encrypted end-services like SSH, HTTPS,
IMAPS, etc.

> optional -3) [forgive me if it is too silly]
> why people run TOR nodes? is that only to support the community or
> other benifits as well?

Yes, to support the community and to generally frustrate repressive
governments (our own included, since doing so is still within the bounds
of the law at the moment).

Benefits? If you need a recent real-life example .. during the Iran
election protests, people were creating S3/Vmware instances for TOR that
allowed access to Twitter, etc. and created an ever-moving target for
the authorities over there .. enough so that information continued to
leak out to the rest of us. The same is true for China, WikiLeaks, etc.


Michael Holstein
Cleveland State University
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/