LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

GNU/Linux free software tools to preserve your online privacy, anonymity and security (FSM)

GNU/Linux free software tools to preserve your online privacy, anonymity and security (FSM)

Posted Jul 8, 2008 22:07 UTC (Tue) by martinfick (subscriber, #4455)
In reply to: GNU/Linux free software tools to preserve your online privacy, anonymity and security (FSM) by salimma
Parent article: GNU/Linux free software tools to preserve your online privacy, anonymity and security (FSM) 

I don't think that you understand properly how tor works.  A single compromised node will not
affect your anonymity.  If the entrance node is affected, at worst it may divulge you and your
middle node, still not your destination or exit node.  If your middle node is compromised, it
will not divulge you or your destination.  If your exit node is compromised it will only
divulge your middle node and destination, but not your entrance node or you.  It would
probably take at least 2 compromised nodes to make a guess at your identity and all three to
positively divulge it.

Nevertheless, the tor protocol is such that the tor client is selecting its own path.  This
way you could also eliminate any known compromised nodes from your path.

If you have your doubts about tor, perhaps you should join the tor mailing list and post your
questions/suspicions there; it might be very informative to you.  If your suspicions turn out
to be valid, I am sure that the tor project will appreciate your input.

(Log in to post comments)

GNU/Linux free software tools to preserve your online privacy, anonymity and security (FSM)

Posted Jul 9, 2008 0:08 UTC (Wed) by smithj (subscriber, #38034) [Link] 

I believe he was referring to the ability of the exit node to view the traffic being sent.
This is unavoidable, given the fact the the traffic must be sent to a destination outside the
tor network.

However, this isn't a "vulnerability" or "security risk" per se. Tor is intended to
*anonomize*, not to secure traffic on an insecure protocol. Tor should be used when you don't
want the target server to know which IP you're using, or if you don't want routers along the
way to know with whom you're communicating. It does *not* provide end-to-end encryption. If
you need that, use a secure protocol such as HTTPS, SSH, etc, or simply tunnel your protocol
over SSL/SSH/VPN/whatever.

If you need end-to-end message integrity, protection against eavesdropping, and anonymity (a
whistle-blower would fit this definition, for example), the use of a secure protocol over tor
works just fine.

GNU/Linux free software tools to preserve your online privacy, anonymity and security (FSM)

Posted Jul 9, 2008 1:22 UTC (Wed) by salimma (subscriber, #34460) [Link] 

Indeed; my problem with the article is in the way people misuse and misrepresent what Tor
does. There is this anonymity = security misconception among the general public, and the onus
is on the article to make a clear distinction between the two.

Given what we know people actually send over Tor (unencrypted!), the header-level anonymity
they get from Tor can be essentially useless if the payload contains enough identifying
information.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds