-
January 18th, 2006, 03:34 PM
#11
No wait, that doesn't make any sense. Is it indeed encrypted before it is send and is it encrypted by the receiving computer? Or does the first Tor node encrypt it and the last Tor network decrypt it????
The first Tor node is you.... You encrypt the packets and send them on their way. The intermediate Tor routers do not know either the origin nor the contents of the packets. The final Tor router, (or the Tor computer if both of you are running Tor because I believe that the Tor computers become part of the network) _has_ to decrypt the packet in order that the receiving computer can understand the request. There is no telling how many hops the unencrypted packets go through and therefore no telling how many people can see the data. But, there is also no telling where the packets originated since that information is only held by the first router in the chain.
So, in order to remain absolutely anonymous you must not have any identifying information in that packets you send to non Tor boxes because the final router may be several untrusted hops away from the target.
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
January 18th, 2006, 04:54 PM
#12
With tor, your anonymity is protected but the confidentiality of the data isn't there. Anyone can run a tor node and all nodes have access to the data.
The encryption between nodes is a courtesy, not anything reliable. Using tor with a browser brings up too many interesting situations for me personally to recommend it for something important... until it's all documented.
-
January 18th, 2006, 05:11 PM
#13
So how would the I2P factor in with a secondary layer or required encryption?
\"It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.\"
- Charles Darwin
-
January 18th, 2006, 05:39 PM
#14
Note that it is likely that there are bugs in the software and there has been insufficient peer review to date. People should not use I2P prior to the 1.0 release without understanding the risks of their actions.
That's all I need to see!
-
January 19th, 2006, 06:17 AM
#15
Junior Member
Hey guys,
A while ago a subscribed to the TOr mailing list and a couple of emails camw down today about the new version of tor, apparently it will use the Diffie-Hellman key exchange and AES. What hasn't been put down yet is if your tor server and the remote tor client will be doing the diffie-hellman key exchange or if it will need to be compleated at each tor node.
Obviously if it is compleated between your tor client and the remote tor client then the key exchange is in the clean over multiple hosts.
Not cool
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|