PDA

View Full Version : secure way to use TOR?




wackymacky
Dec 29, 2010, 08:33 PM
(No exactly a network question though I reasoned that this part of the forum was the most likely place to get a response from those who know what they are talking about. :) )

I want to use an externally anonymous way to access a site.

I was going to use TOR, using Firefox as a browser with the TOR plug-in for Firefox.

I understand the issues with the exit node being able to see the content of traffic as it leaves it to go to the destination server unencrypted.

However:.......

If I visit a secure site by entering in the https: addresses for the URL directly into the browser presuming the SSL is set up right is there any way for the exit node to tell anything about my content apart from the address it is accessing?

Thanks for suggestions.



Ktscheinqe
Apr 6, 2012, 09:38 PM
(No exactly a network question though I reasoned that this part of the forum was the most likely place to get a response from those who know what they are talking about. :) )
...
I understand the issues with the exit node being able to see the content of traffic as it leaves it to go to the destination server unencrypted.

However:.......
If I visit a secure site by entering in the https: addresses for the URL directly into the browser presuming the SSL is set up right is there any way for the exit node to tell anything about my content apart from the address it is accessing?

old post, but I think you have it exactly correct. the Tor exit node will communicate with the https url (webpage). That segment of the tor "jumps" will rely on regular web encryption.

Maybe an unusually badly written https webpage could have a http (not https) form action url. And you wouldn't see that unless you looked at the html of the webpage.
Also, maybe a script could send info unencrypted (not https/ssl), if the script specified http? (I'm really guessing at this)