Silk Road forums
Discussion => Security => Topic started by: Nemesis0914 on August 06, 2013, 05:05 pm
-
can i be the victim of a man in the middle attack on using tor? im thinking this because i want to use tail, however it has warned to authenticate the site. So here i am people is tor.org crediblr?
-
You definitely could by a malicious exit node if you are accessing unencrypted (http) clearnet sites using tor.
For hidden services it seems a man in the middle attack would be pretty difficult, because the information sent between each node is encrypted with the public key of the next node it is going to.
-
You definitely could by a malicious exit node if you are accessing unencrypted (http) clearnet sites using tor.
For hidden services it seems a man in the middle attack would be pretty difficult, because the information sent between each node is encrypted with the public key of the next node it is going to.
So what are the majority of sites on tor unencrypted right? How do I distingish between the two? And are mitma targeted at individuals or does the exit node trick anyone going through that path?
-
All tor hidden service traffic is encrypted between your computer and the server hosting the hidden service. In other words, it is encrypted to all relays that handle it. Tor hidden services do not utilize an exit node.
-
yes yes of course, so man in the middle attacks are more likely to occur on clearnet?
-
How do I distingish between the two?
Hidden Tor services will have a .onion address. It's as simple as that!
-
yes yes of course, so man in the middle attacks are more likely to occur on clearnet?
You don't have to worry about it on onion sites. To perform a man in the middle attack on encrypted data, you have to be able to decrypt the data and then encrypt it again. Otherwise one side will notice that, strangely, their encrypted session is not arriving very encrypted -- and if you don't decrypt it, you're in the middle of nothing but gibberish and have no idea how to monitor the data or inject anything into it believably.
Being able to do so would mean not only is Tor unsafe, but lots and lots of other things are as well. I'm a little hesitant to say "it's fine," given the past week, but I think this is one case where it really is nothing to worry about.
In brief: not only more likely, infinitely more likely.