Silk Road forums
Discussion => Newbie discussion => Topic started by: throwaway9011 on August 20, 2013, 05:55 pm
-
Does SR use sessions? What's to prevent a tor exit node from copying the session key?
-
When you use SR you never go through an exit node.
Read up on Tor hidden services.
-
Well for starters it's a hidden service so you do not utilize an exit node to access it. And the traffic is encrypted all the way from the client to the server.
-
Would it be correct to say that any logins outside of hidden services could be stolen?
-
If you're using tor to access an unencrypted resource on the clearnet such as http:// something then yes a malicious tor exit node can store/manipulate all that traffic.
-
even if a site uses https wouldn't the exit node be able to mimic your session data to access your account, or no? sorry if these are really newb questions.