Tor and https

Discussion in 'privacy general' started by Broadwood, Dec 30, 2006.

Thread Status:
Not open for further replies.
  1. Broadwood

    Broadwood Registered Member

    Joined:
    Dec 30, 2006
    Posts:
    3
    Hi all, my first post so apologies if this has been answered elsewhere, just got so hooked on the discussion boards, such good stuff here!

    I use Tor and Privoxy with Vidalia bundle. My question is, is the connection from my machine to the first node server encrypted or just from the first server to the exit node? In other words, can my ISP read what is passing from my box to the first server in the onion ring? I have tried to use wireshark to work this out but I can't understand wireshark, too technical for me. A simple yes or no encryption will suffice here!!

    Neo
     
  2. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    Broadwood,
    Welcome to Wilders!!! No need to apologize for asking a legitimate question. It is my understanding that whatever you are sending using the method of communication TOR provides prevents your ISP from knowing what you’re communicating by encapsulating it in an encrypted envelop prior to sending it out.

    However, I’m not 100% certain on this, so please give deference to a member who follows this up with a more certain answer.
     
  3. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    With Tor, everything from your system to the Tor exit node is encrypted. With https sites, the https encryption will cover the whole connection (from your PC to the destination server) so in this case, Tor serves to hide the site URL you are visiting from any observers (your ISP notably).
     
  4. security_concerned

    security_concerned Registered Member

    Joined:
    Nov 14, 2006
    Posts:
    24
  5. Broadwood

    Broadwood Registered Member

    Joined:
    Dec 30, 2006
    Posts:
    3
    Thanks Paranoid, so just using Tor I do not need to use another https site like Amegaproxy at the same time to encrypt the info? My ISP can't see the content or URL of anything going both ways while I use Tor. Correct? Just making sure for the insane newbie!!

    Neo
     
  6. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Just to make things absolutely 100% clear:

    No encryption: Your ISP can see everything;
    HTTPS encryption: Your ISP can see the domain you connect to (e.g. mybank.com) but not the exact webpage or any data in that page;
    Tor encryption: Your ISP can see encrypted data going to the first Tor node only. They have no way of finding the actual destination, assuming you have set everything up properly.

    Using any commercial proxy service on top of Tor will actually weaken your anonymity because their administrators can tell users are doing (they have as much data as your ISP would) and since you have to pay for their service, there will be a link (unless you manage to use a totally anonymous payment method) between your traffic, your account and you as an individual. The only circumstance where chaining another proxy would make sense would be to bypass a site trying to block Tor and for that, any proxy server will do (including Google and Babelfish).

    You can also confirm this for yourself by installing a packet sniffer and examining the data packets sent out by your PC.
     
  7. Broadwood

    Broadwood Registered Member

    Joined:
    Dec 30, 2006
    Posts:
    3
    Thanks Paranoid, that makes it very clear. I hadn't thought about the weakening of the system though, an intriguing thought. Out of interest, if it's allowed, what do you think of megaproxy? Is it state owned as some make out?

    Neo
     
  8. Mover

    Mover Registered Member

    Joined:
    Oct 1, 2005
    Posts:
    165
    Is there anything in the config that should be given special attention to ?
     
  9. MakePB

    MakePB Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    85
    Location:
    Find-IP-Address.org
    Good explanations by Paranoid2000 what ISP can see and what not if you are behind TOR+Privoxy.

    Do not forget to edit Privoxy "Main Configuration" and disable logging by add a # to logfile privoxy.log and jarfile jar.log
    Section 1.5. logfile will have then
    Code:
    # logfile privoxy.log
    and section 1.6
    Code:
    # jarfile jar.log
     
Loading...
Thread Status:
Not open for further replies.