Can Tor nodes be monitored?

If I boot tails on a DVD, use iceweasel, then make a blockchain wallet-- Can someone monitoring the known TOR exit node steal my login information. IE. steal money out of my wallet once I use it?


Comments


[3 Points] 13tom13:

http://www.reddit.com/r/DarkNetMarkets/comments/25vgim/rt_tor_is_not_prism_proof/


[3 Points] sohhlz:

No. blockchain.info uses https, so the link between the Tor exit node and the blockchain.info server is encrypted. A person running the exit node would only be able to see that someone is connecting to blockchain.info. They would not be able to see any of your clear data like passwords, etc.

If you get a warning that the SSL connection is untrusted, don't click through it. That could be a man in the middle attack where a bad exit operator tries to present you with a fake certificate. If that happens, click on the green icon next to the URL bar and select "New Identity" to get a different exit node.

Make sure that when you connect to blockchain.info, that it says "https". Click on the lock icon and hit "More Information" then hit "View Certificate". The fingerprints should be:

SHA1 Fingerprint=6F:78:51:57:AB:D5:70:15:1F:E0:65:1C:F9:54:62:F8:0E:13:87:94
MD5 Fingerprint=0D:D6:85:1B:80:D9:BE:47:71:59:14:53:71:6C:6C:17


[1 Points] plurblur:

If its not https as far as I know a malicious tor node could steal that data theoretically.