[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Does my ISP know I'm using Tor?

Hi Andre,

> Does my ISP know I'm using Tor?

Very short answer: Yes.

If your ISP would check, they would know, unless you're using bridges.

The more technical explanation is this: Unless you're using bridges, you
are connecting to a server from a publicly available list. If you would
like to check that one out, you could open
Even if you are using bridges, it is technically possible, albeit rather
hard (you need DPI for that one, probably), to determine that someone is
using Tor.

That being said, I don't see any reason why an ISP would care, unless
you're in a country with questionable practices regarding the internet (China, Burma etc). Tor is completely legal in nearly all countries. Any ISP that tells you what servers you can or can not connect to should be avoided. An ISP has nothing to gain from preventing customers to use completely legal services that don't put excessive load on their networks.

> Is that answer any different if I were to switch to Tails?

Tails (and all other Tor live CDs) just give you a pre-configured system
optimized for privacy. The basic circumstances remain the same.

> I read the best is end to end encryption.....but have no idea what that
> means?  Does it mean my connection is https?

"End-to-end encryption" basically means that only your computer and the
server (e.g. the website you are visiting) can read the content of your
communication. https is one example of this - if you're browsing the
web, make sure to only enter any account credentials (username/password)
and stuff like credit card data on sites that use https.

To make this a bit more general and "paranoid": You should only enter
personally identifiable information on sites using https. That includes
your mail address, home address, phone number etc. The reason for this
is that the Exit Node (the last Tor node in a circuit, i.e. the computer
that actually does the request to a web site on your behalf) can read
all unencrypted communication. (it can not determine, however, who you
are - at least not from metadata)

End-to-end encryption also exists for protocols other than http (which
is the one your browser usually speaks when visiting websites). One
example is mails (imaps/pop3s for receiving,
smtps/ssmtp/smtp-over-starttls for sending). Basically, whenever you see a field
that asks if you want to use encryption, you should answer yes ;)

> Does my ISP know what information I'm looking at while using Tor?  Let's
> say I use DuckDuckGo to search for suppliers of Silly String.  I click
> on a link in the search results that takes me to SillyStringSupplier.com
> Does my ISP know what I was looking for and where I went?

No. That's what Tor is good for - your ISP knows _only_ that you are
connecting to a Tor node to do an encrypted transmission. It doesn't
know where you're connecting to and also can't read the content of the
communication. It doesn't know what the other Tor nodes in your circuit
(the "path" from your computer to the web site/server you're using) are,

To sum it up, your ISP knows WHO you are, but not WHAT you send. The
same goes for the entry node (see the reply to your first question). The
middle nodes basically know nothing. The exit node knows WHAT you send,
but not WHO you are.


tor-talk mailing list