> I'm even more confused. Are you saying anonymity is not a security > property? By "security" are you limiting yourself to confidentiality? > There are many aspects of security, rarely all addressed at once by > any system. One of these is anonymity, which is why one finds > anonymity as a listed topic in the CFP of virtually every major > computer security conference. > > -Paul > Yes anonymity is a type of security and an important one. TOR makes me anonymous it make the data transmission secure up to the point on the exit node, it helps to prevent traffic analysis etc. all of the are security properties. I think the separation is one that exists in my mind. To my thinking TOR makes my communication anonymous, but does not make my communications secure in that everything is in the clear leaving an exit node. So, if I'm wanting secure and anonymous communications I'd have to connect to an encrypting endpoint in which case the SSH/TLS/SSL encryption is making my data secure while tor is making my communication anonymous. Clearly anonymous+encrypted = more secure then just encrypted. However anonymous + easily sniffable by an exit node or anything beyond = anonymous but not secure (encrypted). In the latter case I would need to be very judicial about what data I transmitted as if any of it were identifiable (alone or cumulatively) I will blow the anonymity that TOR provides. In the former case this concern is alleviated so long as I trust the encrypting endpoint. If I don't trust the encrypting endpoint I basically fubar'd That help? Freemor ------ Freemor <freemor@xxxxxxxx> Freemor <freemor@xxxxxxxxxx> This e-mail has been digitally signed with GnuPG
Attachment:
signature.asc
Description: This is a digitally signed message part