Full Thread: Privacy
View Single Post
Old January 19th, 2014 #12
varg
...
 
Join Date: Apr 2004
Posts: 9,701
varg
Default

The US govt funds a large percentage of TOR's development. I think something like 90% .

It's not a 'secure' protocol either. It just proxies your traffic through other hosts to add a layer of anonymity, without much attention given to encryption. It's not known whether tor is entirely anonymous, or if the NSA can still trace it.

The problem with TOR are the exitnodes. Anyone can set up a fake TOR exitnode and watch all the traffic going across the wire, even eavesdrop on passwords. I've read that the US govt sets up fake/honeypot tor exitnodes. Also there's been proof of concepts for removing the encryption from HTTPS sites (ssl encryption), eavesdropping on the data, and sending it back to the user while they're fooled into thinking their traffic is being encrypted. It's also theoretically possible for the exitnode to inject malicious code or viruses into websites and send it back to the user without them being aware.

Do not login to any private accounts while using tor.

Last edited by varg; January 19th, 2014 at 10:00 AM. Reason: .