I'm sorry - this is a nice article but I strongly advise against anyone considering doing this. - Using TOR is not as secure as a lot of people think:



The TOR network works by channeling your data through a chain of highly encrypted SSH proxy tunnels, a so called "proxy chain".



If you visit, for example, this link: http://www.google.com/search?hl=en&q=paris+hilton, your request will be encrypted and tunnelled to another TOR user, then another, then another and so on. Your data could be passed around 20 times. The other TOR users cannot see the link you typed in (as it is encrypted). This sounds very very secure.



However, the data has the be decrypted again before google can understand what you searched for. In order to do this, the last TOR user in a proxy chain is called an "exit node". The exit node decrypts the data, contacts google for your results, encrypts the results and sends them back through the chain to you.



Sound secure so far? Well, actually, it does.



But what happens if the exit node runs a packet sniffer (like Wireshark) on their computer to monitor outgoing network connections? The url you typed in appears in plain text on their screen. They don't know who you are, but they saw what you did.



I hear you ask; "So what? - I don't care if a random Ukranian sees that I searched for 'Paris Hilton'." True. Most random Ukranians won't care at all if you searched for Paris Hilton. In fact, they may enjoy calling up the same link you searched for. But what about if you had been reading your hotmail email instead? - They get to see what you typed and to who you sent it.



The problem gets even worse if you start channeling E-Mail and Instant messenger programs through TOR. The POP3 E-Mail protocol sends usernames and passwords in PLAIN TEXT to the mail server. This means, that an exit node could sniff outgoing traffic and steal your email account. - They could then probably go to Paypal.com and request that your password be sent to your registered email address. The would then steal your Paypal information directly from your email account. - Is it sounding very secure now? Bye bye money.



But that isn't all... Some exit nodes act as bridges between you and the website you want to access, altering the data before it is send back to you. e.g. They could change all references to the name, "Paris Hilton" into "Bill Gates". - All of a sudden, you aren't looking at the innocent pictures you intended.



Even worse: It is possible for exit nodes to dynamically swap out SSL certificates of secure websites. If you called up https://www.myreallysecurebank.com over TOR, you might be sent back an SSL certificate which doesn't actually belong to your bank. - This would mean that your login details for your online banking are also visible to the exit node. - Bye bye money, again.



Sorry to rant on, but this should really be known before anyone tries to use the TOR network.



I am not saying TOR is bad - but don't ever consider sending anything personal over it or you might end up with less security than you bargained for.



Thanks



Dave from Germany.

