[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: first hop to entry node, encrypted? sorry for trivial question

     On Tue, 6 Nov 2007 10:12:58 +0000 Dave Page <grimoire@xxxxxxxxxxxxxxxxx>

>On Tue, Nov 06, 2007 at 08:38:10AM +0000, Jefferson Iblis wrote:
>> I've heard variously that Tor does encrypt my communications with my
>> entry node, and also that it does not. Which is true? Can my ISP sniff
>> my communications with my entry node?
>There is often some confusion as to the definition of an "entry node".
>The user runs a local Tor proxy, normally on the same machine as their
>web browser / IM client. Connections between client applications and
>this local Tor are *not* encrypted.

     The above is incorrect.  tor, whether client or server, expects
incoming connections to be encrypted.  tor's client side expects SOCKS
for incoming connections, and SSL is used elsewhere.
     The connection from a web browser does not go to tor, but rather
to some intermediary, e.g., privoxy.  That intermediary uses SOCKS,
preferably 4a (tor doesn't yet support 5), to connect to tor.
>However, this local proxy is not the "entry node" in Tor terms. The
>entry node is the first hop in the chain of *public* Tor servers.
>Traffic between your local Tor proxy and the entry node *is* encrypted,
>and that's the bit which goes across your ISP's network.

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *