Silk Road forums

Discussion => Newbie discussion => Topic started by: SirNomDePlum on July 19, 2013, 11:38 am

Title: Secret Tor sidechannel attacks via an exit node???
Post by: SirNomDePlum on July 19, 2013, 11:38 am
What are the "many secret Tor sidechannel attacks via an exit node" as referenced by SteveTX here?
http://www.wilderssecurity.com/showthread.php?t=228869 *Clearnet link*

He also goes on to say, "Tor is vulnerable to evil exit nodes, which can read your traffic and inject malicious code into it."

Does this SteveTX know what he's talking about?

Tor is supposedly encrypted end-to-end? If yes, then you're protected right? If yes, what does he mean when he says, "...nobody can encrypt to your final destination for you, especially if you destination doesn't support encryption."

Finally a person asks, "Does end-to-end encryption = anonymity? Contents transmitted is encrypted from one end to the other. But, is it anonymous? For example, can the ISP or those who intercept your connection know your real IP?"

Then SteveTX replies, "Wow. Great questions. NO. encryption != anonymity. encryption == content obfuscation, anonymity == context obfuscation. If I send you an encrypted message, you know it was me who sent it. Other people can't read it, but they can see who sent it. The content of the letter is a secret, but not the context of who sent it and under what circumstances. If I send you a plaintext message anonymously, anyone can read it, but they don't know who sent it, and neither do you. The content of the letter is not a secret, but who sent it and under what circumstances is a secret."

So does that mean my plain text passwords and login details can be read from the Tor exit nodes with special tools but that the person reading will not know who I am? In other words, Tor protects the sender from being known but not the content of what's being sent (in regard to plain text passwords and login data)?

Title: Re: Secret Tor sidechannel attacks via an exit node???
Post by: foobarbaz on July 19, 2013, 11:48 am
Exit node can potentially read unencrypted data passing through.