Forum Thread: About Tor, anonymity and exit node "sniffer"

Hello! After spending quite some hours reading about, installing it and experimenting with Tor I still have one basic question, that after all the "exit node sniffing danger" still not clear to me. I understand basically that: Tor protects my anonymity by "hiding" my ip address, thus my location, but at the exit node someone could see all the data that flows by. This is the question: No one would know where it comes from but they can read a message that I send to somebody telling them that we'll meet a 4 pm at Bennigans that day? And also they may know that someone is surfing or visiting "datingcentral.com" but is not possible to know who or where?

5 Responses

In a nutshell, no. It's not as simple as that.

Tor encapsulates your data in layers of encryption. Each node (other Tor routers on the network) can only decrypt its own layer to find the next nodes address to send the data to it. The 'peeling' away of the layers is what gives the name "Onion Routing"

Traffic travels through the network encrypted like this, but once it crosses an exit node, and goes into the clear (non-encrypted internet, like google or facebook) that encryption is gone, and anything you did not encrypt yourself ( SSH, PGP...etc) will be open. The data might be able to be read, but unless it contains personal information is is not as easy to trace it back, though with certain methods it can be done.

Thanks Allen!

All clear, bottom line to me is: This is only safe to SURF anonymously, to visit websites, etc., not to "comunicate" with people, not to fill forms, not for emails, specially if you want to send an anonymous email to somebody with sensitive information, like a whistleblower reaching an outside reporter, and, let's say, that using Tor you sign up for new yahoo email account, hoping that is not possible to trace back, but all of that effort is vane since anyone could read it at the exit node.

Excellent site, congratulations, admire your work! Keep on posting! :-)

Don't get me wrong, Tor is great as a web proxy. I use it for several email accounts i wish to keep as anonymous as I can. I just want to point out it is not 100% and some websites block traffic coming from a specific exit node from past abuse. Just don't use any personal details when using it and you will be good to go.

You could even just grab the Tor browser bundle and stick it on a thumb drive, use it where ever you travel.

Thanks for the kind words!

Just one more thing, again, to be clear and to clear up some others like me that want to make sure understands Tor limitations. Im going back to the email in the following scenario: Im using Tor bundle, with the included Firefox and "https anywhere" enable, I direct my browser to https:mail.yahoo.com (note the https), create an email account and log in.

1- Is my communication secured on that scenario? or

2- Privacy and communication is secured BUT the session cookie can be intercepted and stolen by someone sniffing the exit node and then grab my session and gain access to my email account?

Thanks again Allen!

The HTTPS is Transport Layer Security (TLS) and is used to encrypt traffic at and above the transport layer in the OSI model. Encryption for Tor works at lower layers then that even, so you have BOTH working for you in that situation.

1. Yep, you are good to go there, in fact, better even.

2. I would not worry about something like that. Your only concern would be information like names, addresses, birthdays, SS numbers...etc being sniffed. This is why, no matter what you should never send private details like that without encrypting it first yourself if needed.

5 Responses

Share Your Thoughts