Silk Road forums
Discussion => Security => Topic started by: bipper on January 04, 2013, 12:08 am
-
Hi, and a happy new year to you all...!
So, I was mooching about on the boring clearnet earlier and came across a site called ".onion.to"... This site basically allows or claims to let you onto onion sites such as SR and BMR without using Tor..
They have a directory with the urls on the website, being the cautious soul I am I didnt try to use the site on any of my devices, however I used a computer at work and sure enough it got me to the SR login page, or one that appeared to be it. Obviously I didnt try to log on. Whats this all about then anyway, can anyone shed any light on it??
Is this site sending you to the real SR?
Is it a scam, maybe watching key strokes to access accounts or something like along those lines..?
Anyone got any ideas??
-
Yep, I think it send you to the real SR.
However, I wouldn't even visit the URL (much less log in) through clear net.
Not sure as to the .to action or what the purpose is, only that I would avoid it like the plague :)
-
Completely agree.
I can see some careless people using it, folk can find the whole Tor thing bewildering.
I hope its not as dodgy as I suspect it is, LE or scammers. If it has to be there I hope its just for the lazy or technophobe who soon learn that its not a good idea to be there..
-
I use it for the forums because it is faster and I'm not anonymous.
I would never in a million years use it if I wanted to remain anonymous.
-
I use it for the forums because it is faster and I'm not anonymous.
I would never in a million years use it if I wanted to remain anonymous.
So other than losing anonymity its not dodgy??
My over active imagination getting carried away again...! Id still never use it and can still see people using it all the way into SR or negotiating terms with a hitman with it..
-
A normal connection to a hidden service goes like this
Tor client -> entry guard -> middle relay -> rendezvous point <- exit node <- middle relay <- entry guard <- hidden service
The client and hidden service are anonymous to each other, since the only see their path up to the rendezvous point.
onion.to is a proxy to the Tor network, so the connection goes like this
clearnet user -> onion.to -> rendezvous point <- exit node <- middle relay <- entry guard <- hidden service
The hidden service is still protected, but the user isn't.
onion.to contacts the hidden service for you, so it knows your IP address and the hidden service you're visiting. Theoretically it doesn't log, but we don't know that for sure. If the onion.to server is seized by LE, they could get that info. So, it's not safe to use onion.to.
-
A normal connection to a hidden service goes like this
Tor client -> entry guard -> middle relay -> rendezvous point <- exit node <- middle relay <- entry guard <- hidden service
The client and hidden service are anonymous to each other, since the only see their path up to the rendezvous point.
onion.to is a proxy to the Tor network, so the connection goes like this
clearnet user -> onion.to -> rendezvous point <- exit node <- middle relay <- entry guard <- hidden service
The hidden service is still protected, but the user isn't.
onion.to contacts the hidden service for you, so it knows your IP address and the hidden service you're visiting. Theoretically it doesn't log, but we don't know that for sure. If the onion.to server is seized by LE, they could get that info. So, it's not safe to use onion.to.
I wouldn't use it either. And thanks for the quoted post, it was very informational. Id give you karma if I could.
-
dont do it