Ultimate solution
Paul Syverson
syverson at itd.nrl.navy.mil
Mon Mar 26 16:47:31 UTC 2007
On Mon, Mar 26, 2007 at 12:16:07PM -0400, Freemor wrote:
>
>
> I think the separation is one that exists in my mind. To my thinking TOR
> makes my communication anonymous, but does not make my communications
> secure in that everything is in the clear leaving an exit node. So, if
> I'm wanting secure and anonymous communications I'd have to connect to
> an encrypting endpoint in which case the SSH/TLS/SSL encryption is
> making my data secure while tor is making my communication anonymous.
>
> Clearly anonymous+encrypted = more secure then just encrypted. However
> anonymous + easily sniffable by an exit node or anything beyond =
> anonymous but not secure (encrypted). In the latter case I would need to
> be very judicial about what data I transmitted as if any of it were
> identifiable (alone or cumulatively) I will blow the anonymity that TOR
> provides. In the former case this concern is alleviated so long as I
> trust the encrypting endpoint. If I don't trust the encrypting endpoint
> I basically fubar'd
>
> That help?
Yes. I understand what you mean now. But you are misusing 'secure' by
saying something is not secure if it is not confidential. As an
imperfect analogy, people sometimes say "home computer" when they are
really only counting it as a computer if it's a wintel box.
-Paul
More information about the tor-talk
mailing list