TOR is for anonymization; so how to add encryption as well?

arshad arshad3m at gmail.com
Sun Dec 27 11:54:28 UTC 2009


On Sun, 2009-12-27 at 12:48 +0100, Nils Vogels wrote:

> On Sun, Dec 27, 2009 at 12:26, arshad <arshad3m at gmail.com> wrote:
> > i want the traffic be encrypted as well?
> > any workarounds?
> 
> Traffic within TOR itself is encrypted as part of the anonimization:
> When you are in the cloud, it is almost impossible to make heads or
> tails out of the messages that are being sent.
> 
> When the traffic leaves the cloud, it is sent in the same way it was
> entered into the cloud, ie. HTTP will still be HTTP, HTTPS will be
> HTTPS.
> 
> If you want your traffic to be both anonymous and encrypted throughout
> the entire path, use an encrypted protocol, such as HTTPS, IMAPS,
> POP3S, etc.
> 
> Please, also read http://www.torproject.org/overview.html.en it will
> answer not only this question, but also a few similar questions that
> you might have when first starting to use tor.
> 
> Greets,
> 
> Nils
> 
> 

hi,
thanks for your reply.
i mean to avoid this:

Eavesdropping by exit nodes
In September 2007, Dan Egerstad, a Swedish security consultant, revealed
that by operating and monitoring Tor exit nodes he had intercepted
usernames and passwords for a large number of email accounts.[17] As Tor
does not, and by design cannot, encrypt the traffic between an exit node
and the target server, any exit node is in a position to capture any
traffic passing through it which does not use end-to-end encryption,
e.g. SSL. While this does not inherently violate the anonymity of the
source, it affords added opportunities for data interception by
self-selected third parties, greatly increasing the risk of exposure of
sensitive data by users who are careless or who mistake Tor's anonymity
for security.[18]
http://en.wikipedia.org/wiki/Tor_(anonymity_network)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20091227/555c93f4/attachment.htm>


More information about the tor-talk mailing list