Newbie's questions
Michael Holstein
michael.holstein at csuohio.edu
Tue Feb 27 15:35:55 UTC 2007
> (1) Does it mean that even when I visit unencrypted sites, nobody would
> be able to tell what sites or pages I am requesting?
Correct. As long as you're also proxying the DNS via SOCKSv4, the only
person that could "see" your traffic in the clear is the folks between
the exit node and the destination.
However .. if you do something like access your (real) Yahoo mail,
someone could connect that traffic with the "real" you .. because they
could see your name in the HTTP traffic. Thus, it's unwise to leak the
recipe to the secret sauce, and then go check your Hotmail account all
in the same session.
You also need to be mindful of combining your "anonymous" and "regular"
activities .. if, for example, you allow sites to set cookies and you
visit two sites both using DoubleClick .. that cookie will connect the
"real" you and the "tor" you. Same goes for any website that requires
authentication (eg: Yahoo mail, etc.). Someone could check the logs and
say "well, I see it was TOR this time, but yesterday it was Comcast".
> (2) Can the green line be cracked by intercepting the packets or headers?
An attack against AES that's more effective than bruteforce is not (yet)
known, so I'd say "probably not", although TOR developers are clear to
tell you it doesn't defend against a "global adversary" (eg:
$3_letter_agencies).
> (3) I don't know where the encryption key is stored. Can it be stolen if
> my pc is hacked?
The client key is in memory, so no .. unless you do something like
suspend your laptop while TOR is running (thus writing it to disk).
Also, it's possible to have the key written to swap accidently.
You can prevent both those problems with a "liveCD" distro that dosen't
touch the hard disk. There are many such "internet privacy appliances",
my personal favorite being the one based on OpenBSD (Anonym.OS).
Other general recommendations :
Firefox (dump cookies on exit, no cache, etc)
NoScript plugin (no javascript)
FlashBlock plugin (no flash)
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
More information about the tor-talk
mailing list