Silk Road forums

Discussion => Newbie discussion => Topic started by: saidanddone on May 24, 2013, 02:52 pm

Title: Significance of ".to" in Tor addresses?
Post by: saidanddone on May 24, 2013, 02:52 pm
Hi Everyone,

I am new and I have learned a lot on these discussion boards. What a great community this is.

I am wondering if anyone can shed light on the significance of the ".to" part of a Tor address? Lately, I have been having some trouble getting to the forum. In iceweasel browser (using TAILS), I generally do a search for "silk road forums" and then click on the appropriate link. The address that comes up is "dkn255hz262ypmii.onion.to". But lately when I go there, I get the following error message: "onion.to
A connection to dkn255hz262ypmii.onion could not be established. Connection refused by destination host." I just discovered that I can still get to the forums if I lop off the ".to" part of the address.

Is the ".to" part of the address critical? Am I somehow unprotected if I access the forum in this way? In layman's terms, can anyone explain the significance of the ".to" extension?

Thank kindly,
-saidanddone
Title: Re: Significance of ".to" in Tor addresses?
Post by: rock_lobster on May 24, 2013, 03:12 pm
Hey there
Dont use the ".to", that is only for accessing tor sites, from a computer with no tor enabled. That is, its like accesing tor but from the clearnet, using a proxy which can make you into different kinds of trouble.

So use only the ".onion" links, without the ".to"

Tip: once you login to SR, there are a couple links on top (like who are your heros and sth else) and another link in the bottom of the page, that lead you directly to the forum. Or, you could bookmark it though that is a bit un-cypher behaviour ;)

Hope this helped!
Title: Re: Significance of ".to" in Tor addresses?
Post by: snufkin on May 24, 2013, 03:13 pm
Hi saidanddone.

http://onion.to is a "clearnet" site. If you open it you'll see that they have pretty good description of what it does.
Quote
Onion.To is a web application that will forward your web request to the Tor network. Through this web application you can fetch websites from within the Tor network and interact with them without installing the Tor software on your computer.
It's a nice feature for anyone who wishes to fetch a page from a tor hidden service without running their own tor client. However, this service will act as a middle man and can, if they would like to, inspect or even intercept traffic between you and the hidden service, and what's worse is that this traffic is not encrypted between you and onion.to. You ISP or network administrator could see that you're resolving <some_known_and_shady_tor_service>.onion.to and inspect traffic.

In simple terms for anyone using Silk Road, using onion.to instead of running your own local tor client undoes most of the privacy benefits from using tor. In you case, and now I'm assuming that this "TAILS" distribution is set up to run it's own tor client and wrap all browser traffic, you're using the tor network to access the clearnet site <whatever>.onion.to only to access a tor-hidden service again. It's completely unnecessary and I suggest you remove the .to ending. I would also recommend you write down somewhere the service string for SR and SR forums and type it in when you want to access SR instead of doing Google/whatever-search for these terms.
Title: Re: Significance of ".to" in Tor addresses?
Post by: saidanddone on May 24, 2013, 03:49 pm
rock_lobster & snufkin:

Thank you so much, that clarifies a lot. I've got it now. Simply copied the real ".onion" guts of the address into a text file on my persistent drive. I was always a bit mystified at the 'gateway to onion' page that I would get in between my search and accessing silk road and/or the forums. Now I have a better understanding about what that is, and why and how to avoid it.

Here's a follow-up question then. If I access tor directly through ".onion" addresses, does that mean that my ISP has no idea I was on the tor network? I thought they could always tell that. It would be really comforting to know if my use of tor was completely under the radar.

Thanks again,
-saidanddone
Title: Re: Significance of ".to" in Tor addresses?
Post by: rock_lobster on May 24, 2013, 04:42 pm
Your ISP will know you connect to tor, but they won't be able to know anything about whatever it is you do there. Afaik if you really want to hide you're using tor, you should use a vpn or a proxy service, and then connect to the tor network from there. That way your ISP will only see your first "jump" but not the entry point to tor network.

But then you'd have to hire and trust another service provider! (The vpn or proxie). I think I've read that ppl who want or need greater stealth do it that way, first tunnelling through a vpn, and then entering tor at the other end of the tunnel, that way you have another layer of protection, and your isp only knows about the first one.

And remember, you can always add layers... and be behind 7 proxies! ;D
Title: Re: Significance of ".to" in Tor addresses?
Post by: Libertas on May 24, 2013, 05:24 pm
Hi Everyone,

I am new and I have learned a lot on these discussion boards. What a great community this is.

I am wondering if anyone can shed light on the significance of the ".to" part of a Tor address? Lately, I have been having some trouble getting to the forum. In iceweasel browser (using TAILS), I generally do a search for "silk road forums" and then click on the appropriate link. The address that comes up is "dkn255hz262ypmii.onion.to". But lately when I go there, I get the following error message: "onion.to
A connection to dkn255hz262ypmii.onion could not be established. Connection refused by destination host." I just discovered that I can still get to the forums if I lop off the ".to" part of the address.

Is the ".to" part of the address critical? Am I somehow unprotected if I access the forum in this way? In layman's terms, can anyone explain the significance of the ".to" extension?

Thank kindly,
-saidanddone

You're searching for the URL, and you're using onion.to?!?! :o Searching for the URL is a surefire way to get your account phished - there is only one Silk Road URL active at the moment and that is silkroadvb5piz3r.onion

Silk Road will never ask you for your PIN except for when you're buying something on your 'Cart' page. If you have ever logged in at a site other than silkroadvb5piz3r.onion then I would highly recommend that you change your passphrase and PIN immediately.

Regarding onion.to, by using that you are potentially revealing your login details to the operators of the onion.to proxy and should never be used to access either the Silk Road marketplace or the Silk Road forums.

Libertas
Title: Re: Significance of ".to" in Tor addresses?
Post by: snufkin on May 24, 2013, 10:42 pm
Quote
If I access tor directly through ".onion" addresses, does that mean that my ISP has no idea I was on the tor network? I thought they could always tell that. It would be really comforting to know if my use of tor was completely under the radar.
Quote
Your ISP will know you connect to tor
This is correct but I would like to clarify a little further. The ISP can inspect your traffic and detect tor traffic. However, when you shut down your tor client it wont be making any traffic like that anymore and unless the ISP actively logs down which one of their users are using tor, it'd be hard for them to answer any law enforcement's question about whether you have used tor in the past. I would say it's safe.
Title: Re: Significance of ".to" in Tor addresses?
Post by: DoctorFate on May 24, 2013, 11:34 pm
In this world majority rules, even if something is illegal if everyone is doing it then there really is no point in it being illegal any more.   I don't know where that came from, basically the more people that use tor the better it will be for everyone.