back to article Rogue nodes snoop on TOR traffic

Researchers have uncovered more evidence that the TOR anonymiser network is being misused by hackers, and quite likely government intelligence agencies. TOR (The Onion Router) is a network of proxy nodes set up to provide some privacy and anonymity to its users. Originally backed by the US Naval Research Laboratory, TOR became …


This topic is closed for new posts.
  1. Anonymous Coward

    Like everything else ...

    ... Tor is safe to use for people who know what it is, and therefore how it can be used appropriately and safely. It's not like the documentation is light on warnings about what can be seen at exit nodes, although that should be obvious anyway.

    When using Tor, bear in mind that someone else can see your traffic, but not where it came from and where it's going. If I send an HTTP request via Tor, the content of the request itself and the content of the response will be easy to intercept at the exit node.

    Encryption helps but as the article mentions it's not perfect if it is subject to man-in-the-middle attacks since the exit node can still have a snoop.

    Tor is for anonymity. If you are sending password or credit card information you are volunteering to sacrifice your anonymity to the system you are sending that information to. While there are conceivable example where you might want to identify yourself to the destination system and still use Tor, they are few and far between.

  2. Ashley

    Anonymity Not Security!

    Remember Tor is designed for providing anonymity not security of your information/data. It hides you from the site your visiting. The trick is not to use the TOR network for sending any of your sensitive data, if you do want transmit your sensitive data over the network encrypt it! Whether using SSL, SSH or TrueCrypt, anything. For anyone interested in the technicalities in the TOR network I would recommend listening to episode 70 of 'Security Now!'

  3. Anonymous Coward
    Anonymous Coward


    "TOR is set up such that users have little or no idea who controls the exit nodes their data passes through."

    This, of course, being the whole point.

  4. heystoopid
    Black Helicopters


    So the only real way to hide text is to hide in plain sight within pictures as you cannot extract the data from within without the original !

    And the only other way to be a whistle blower is to use a different Internet Cafe every time and one in which you can add file attachments via a USB key port !

    What price a choice ?

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019