Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Being a bit naive about Tor, what is there to prevent an exit node operator from doing some transparent traffic manipulation and injecting tracking pixels into non HTTPs webpages?

Or playing silly games like flipping all jpegs upside down?



Things like this is why https everywhere must be a part of the solution.

The network components - your router, whoever might have gotten root on your router, your ISP, a relayer like a proxy/Tor/etc, a router on the border of your country, the target server's ISP - all of them should be treated as potentially hostile. It's not paranoia, since for all of those steps there have been well published cases where they have been actually malicious.


Nesting an encrypted connection inside the traffic being routed through tor is what you would need to protect HTTP traffic from being manipulated and/or monitored by an exit node.

So instead of doing (you -> tor -> internet), do something like (you -> tor -> VPN -> internet). To be even safer do (you -> VPN -> tor ->VPN -> Internet) that way your ISP isn't aware of tor traffic and the exit node cannot manipulate requests.

Easiest way to accomplish that is with a VM. The host has a VPN connection, force route the VM through tor (with something like Tortilla) and install a VPN client on the VM as well. This requires you anonymously set up the VPN running in the VM so there is no connection back to you, of course.


The most difficult part in your setup is to make untraceable the VPN you run after going through Tor. The problem is: if you believe this VPN is safe / untraceable enough, why do you even use Tor in the first place ?

The problem is that you, at some point, pay the VPN, and that is very likely to be linked to your real identity somehow.


Paying for the VPN anonymously is possible with Bitcoin.

The reason you tunnel it all through tor is because you can't trust the VPN not to fold if the government subpoenas them. So if the data center hosting the VPN is subpoena all they can hand over are logs of tor exit nodes. If you didn't use tor, they would get your home IP and the jig is up.


Or my configuration when I want to stay anonymous; Me->VPN->INTERNET->TOR. You have to have access to a corporate VPN though.


Another reason why 'magic anonymity box' is actually a really tricky idea. It's a heck of a trade-off.


An alarmist blog post on Hacker News.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: