Site > Rules

Read This!

<< < (3/3)


--- Quote from: The Lone Stranger on May 03, 2011, 05:47:41 PM ---Salat .....when your old man pops off please PM me......... LOL.......

To TOR . How does one get into it and what protects the comunication between client and the network ? The same for that onion wotsit bit ? And poxys........Oooops !!! sorry proxys.........What stops the pigs from scaning the users in and out traffic and rideing piggy back ?

Lugh why is it that very often i cant get in here and post useing a proxy ? Up untill i joined this site and W.D.R. proxys worked very well for me .

--- End quote ---

Torbutton for Firefox plus the Vidalia bundle, regardless of platform. Specific platforms have fully integrated packages. For Windows, OSX, and GNU/Linux, there are both standalone browser bundles as well as Vidalia/Torbutton installation bundles. GNU/Linux (depending on distribution) also has the option of pulling binaries directly from the Tor repos, which is preferable for reasons of convenience, fast updates, and end-to-end code signing. See the Tor site for more info.

The general idea behind Tor's anonymity (not connection security, you need SSL for that) is that all data is randomly mixed around and sent through multiple relays, with each intermediate not knowing if it is speaking directly to the source, before the data finally leaves the Tor network through an exit node. The exit node can deny being the origin, as it is an exit node. Furthermore, the intermediate relay can also deny being the source, as that is the nature of the Tor network, and so on back through the chain.

Think of it like unmarked bills. Each person handling an unmarked bill only knows who they got it from and where they spent it - not where the bill actually originated. With Tor, though, strong cryptography ensures that the data can be passed to and from the destination anonymously by keeping each node in the dark but for those with which they communicate directly.

The Lone Stranger:
Thanks . Lovely reply .......BUT ....... i`m still puzled ....... i see that once a person is in the network hes safe in the network but i still dont understand how all that would help someone if the pigs were interested in him and were monitoring his traffic ? I mean to go into any form of secure line to anyone there must surely be a key that has to be exchanged between the original poster and the entry point to the TOR network ? So if the pigs were watching him they would have that too and they could very easily follow everything that was sent back and forwards . What i mean is for example when someone uses a wifi network all i have to do is to zap the router so it shits out . Then i start my router pretending to be it and connect to it when it turns back on as one of the network users . That network user when he turns on then conects to my router thinking its the origibnal one and i can watch everything thats comeing in and out and surf as the user . I am tired so i hope i explained what i mean well . Whatever what i`m trying to say is posible and very easy coz i`ve done it and from my way of thinking the pigs if they wanted to could do something similar with the conection between the client and the tor network . OR in another way just like useing a wire tap to tap someones fone and through that be able to watch all the incomeing and out going traffic . OR say like PGP . To use it two people have to exchange a key and untill they do nothing is private . So if i`m watching i can see the key and therfore be able to follow everything thats goin on ?

To be honest i`ve been following TOR since it started and i`ve used it . I`ve also been looking at all the reports about it that i have seen . From what i`ve read TOR is good for keeping a clients IP safe after the comunication enters the network and comes out at the other end BUT the comunication between the client and the entry point isnt safe ?

If that isnt clear or i`m talking crap can you or anyone please explain  . Thanks .

Hmmm, the DEA maybe but not your average local cop.  Typical dept has maybe one or two who can do computer forensics.  They might pull all the stops out for someone who presents a good target like Strike, but most on here don't warrant that kind of effort.

I think if they did something like the swap out of the network they'd have to have a warrant.  More likely is someone getting busted and his hard drive confiscated and then they can find your messages and use that as additional evidence.  But even that kind of thing is expensive so you need to have some assets they can take to pay for all of it.

When I worked for the military getting a secure network was just really a bitch.  There were tokens and fancy rooms you had to go into for typing up secret stuff, but I think security on the internet is an illusion and could give you a false sense of security to say dumb stuff.

Lord knows I have....


The key section of the TOR design specification:

The Tor Design
The Tor network is an overlay network; each onion router (OR) runs as a normal user-level process without any special privileges. Each onion router maintains a TLS [17] connection to every other onion router. Each user runs local software called an onion proxy (OP) to fetch directories, establish circuits across the network, and handle connections from user applications. These onion proxies accept TCP streams and multiplex them across the circuits. The onion router on the
other side of the circuit connects to the requested destinations and relays data. Each onion router maintains a long-term identity key and a short-term onion key. The identity key is used to sign TLS certificates, to sign the OR’s router descriptor (a summary of its keys, address, bandwidth, exit policy, and so on), and (by directory servers) to sign directories. The onion key is used to decrypt requests from users to set up a circuit and negotiate ephemeral keys. The TLS protocol also establishes a short-term link key when communicating between ORs. Short-term keys are rotated periodically and independently, to limit the impact of key compromise. Section 4.1 presents the fixed-size cells that are the unit of communication in Tor. We describe in Section 4.2 how
circuits are built, extended, truncated, and destroyed. Section 4.3 describes how TCP streams are routed through the network. We address integrity checking in Section 4.4, and resource limiting in Section 4.5. Finally, Section 4.6 talks about congestion control and fairness issue


Onion routers communicate with one another,and with users’ OPs, via TLS connections with ephemeral keys. Using TLS conceals the data on the connection with perfect forward secrecy, and prevents an attacker from modifying data on the wire or impersonating an OR. Traffic passes along these connections in fixed-size cells. Each cell is 512 bytes, and consists of a header and a payload. The header includes a circuit identifier (circID) that specifies which circuit the cell refers to (many circuits can be multiplexed over the single TLS connection), and a command to describe what to do with the cell’s payload. (Circuit identifiers are connection-specific: each circuit has a different circIDoneachOP/ORorOR/OR connection it traverses.) Based on their command, cells are either control cells, which are always interpreted by the node that receives them, or relay cells, which carry end-to-end stream data. The control cell commands are: padding (currently used for keep alive, but also usable for link padding); create or created (used to
set up a new circuit); and destroy (to tear down a circuit). Relay cells have an additional header (the relay header) at the front of the payload, containing a stream ID (stream identifier: many streams can be multiplexed over a circuit); an end-to-end checksum for integrity checking; the length of the relay payload; and a relay command. The entire contents of the relay header and the relay cell payload are encrypted or decrypted together as the relay cell moves along the circuit, using the 128-bit AES cipher in counter mode to generate a cipher stream. The relay commands are: relay data (for data flowing down the stream), relay begin (to open a stream), relay end (to close a stream cleanly), relay tear down (to close a broken stream), relay connected (to notify the OP that a relay begin has succeeded), relay extend and relay extended (to extend the circuit by a hop, and to acknowledge), relay truncate and relay truncated to tear down only part of the circuit, and to acknowledge), relay send me (used for congestion control), and relay drop (used to implement long-range dummies). We give a visual overview of cell structure plus the details of relay cell structure, and then describe each of these cell types and commandsin more detail below.

[17] T. Dierks and C. Allen. The TLS Protocol — Version 1.0. IETF RFC 2246, January 1999.

Thus there is encryption except at the exit node, so unless one is using SSL or a TOR hidden service there is a possible issue of vulnerability  :P  The paper published by the developers is attached, when members edit their posts to remove the evidence of what they typed because they're inebriated it might look like harshness but what is being done is what's best for the membership  :-[ It's this sort of nonsense that contributed to the end of the Hive  8)


[0] Message Index

[*] Previous page

Go to full version