Security Basics mailing list archives
RE: Anonymize internet access
From: "Joshua Graham" <jgraham () anexix com>
Date: Thu, 29 Sep 2005 16:04:33 -0500
-----Original Message----- From: Alexander Klimov [mailto:alserkli () inbox ru] Sent: Wednesday, September 28, 2005 7:11 AM To: security-basics () securityfocus com Subject: Re: Anonymize internet access <snip> * Should I snoop on the plaintext that exits through my Tor server? No. You are technically capable of monitoring or logging plaintext that exits your node if you modify the Tor source code or install additional software to enable such snooping. However, Tor server operators in the U.S. can create legal and possibly even criminal liability for themselves under state or federal wiretap laws if they affirmatively monitor, log, or disclose Tor users' communications, while non-U.S. operators may be subject to similar laws. Do not examine the contents of anyone's communications without first talking to a lawyer. -- Regards, ASK </snip> Hello, Well this whole post got me interested in TOR so I went ahead and set it up on my machine. Overall, I'm pretty impressed... the setup was simple, and I was browsing "anonymously" in about 10 minutes. Too bad this last statement is a little unnerving. For something that is created to help with anonymity and privacy - having to worry about someone snooping on my actions while using TOR is a little scary. Can someone please elaborate on what exactly could be monitored or logged? While we are at it Jeffrey mentioned a couple sites that helped check your anonymity. One of those sites was: http://www.stilllistener.com/checkpoint1/. One of the tests that they had was a Java based test at: http://www.stilllistener.com/checkpoint1/Java/. While running through TOR in Firefox the page was still able to get my real IP address. I was wondering if anyone could explain what happened and if there was anyway around that. Thanks in advance. Best Regards, Josh
Current thread:
- Re: Anonymize internet access, (continued)
- Re: Anonymize internet access Jonathan Pauli (Sep 26)
- Re: Anonymize internet access Alexander Klimov (Sep 28)
- Re: Anonymize internet access aeast (Sep 26)
- RE: Anonymize internet access Joshua Graham (Sep 26)
- Re: Anonymize internet access Jeffrey F. Bloss (Sep 26)
- Re: Anonymize internet access Michael Painter (Sep 28)
- Re: Anonymize internet access Jeffrey F. Bloss (Sep 28)
- Re: Anonymize internet access Michael Painter (Sep 28)
- Re: Anonymize internet access Jeffrey F. Bloss (Sep 28)
- Re: Anonymize internet access Jeffrey F. Bloss (Sep 26)
- Re: Anonymize internet access Jonathan Pauli (Sep 26)