Hello MRO!

** On Wednesday 11.09.24 - 21:17, MRO wrote to Arelor:

I don't think the Tor network is inherently insecure. Exit nodes may
attempt to sniff at your traffic, but since every modern service you may
use on the clearnet is encrypted then it does not make much of a
difference, not to mention if you don't use Tor you give the chance to
watch your traffic to even more people.

i wouldn't trust it. you're sending your data through random people, most of them not very nice people. furthermore the us govt developed it and released it to the public.

The Exit nodes can potentially monitor your internet activity,
keep track of the web pages you visit, searches you perform,
and messages you send. No doubt some government institutions
are operating exit nodes.

But isn't there more confidence in privacy and encryted
sessions when using .onion destinations?


--- OpenXP 5.0.58
* Origin: Ogg's Dovenet Point (723:320/1.9)
þ Synchronet þ CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Re: I don't think the Tor network is inherently insecure
By: Ogg to MRO on Thu Sep 12 2024 07:39 pm

The Exit nodes can potentially monitor your internet activity,
keep track of the web pages you visit, searches you perform,
and messages you send. No doubt some government institutions
are operating exit nodes.

But isn't there more confidence in privacy and encryted
sessions when using .onion destinations?

if it's going through us govt nodes then encryption and privacy is probably useless.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: I don't think the Tor network is inherently insecure
By: Ogg to MRO on Thu Sep 12 2024 07:39 pm

and messages you send. No doubt some government institutions
are operating exit nodes.

It's been said that well over half the exit nodes are run by the government. It's also been said that exit connections can easily be associated with entrance connections when you happen through those.

Yes, when using .onion destinations, I believe those security risks don't apply.

---
þ Synchronet þ TIRED of waiting 2 hours for a taco? GO TO TACOPRONTO.bbs.io

Re: I don't think the Tor network is inherently insecure
By: Ogg to MRO on Thu Sep 12 2024 07:39 pm

The Exit nodes can potentially monitor your internet activity,
keep track of the web pages you visit, searches you perform,
and messages you send. No doubt some government institutions
are operating exit nodes.

Well, I have doubts about that, considering most http traffic these days goes encapsulated in TLS.

An Exit node can't keep track of the sites you visit because different sites are accessed over different circuits. An exit node who gets a gazillion users through it cannot realistically determinate which site visits belong to a particular user either.

Searches cannot be tracked because the serch query is encrypted. Same with messages and the like.

But isn't there more confidence in privacy and encryted
sessions when using .onion destinations?

With onion destinations you generate to DNS query so I guess that is a win.

Still I prefer i2p.


--
gopher://gopher.richardfalken.com/1/richardfalken

---
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

Re: I don't think the Tor network is inherently insecure
By: Arelor to Ogg on Mon Sep 16 2024 06:41 pm

and messages you send. No doubt some government institutions
are operating exit nodes.

Well, I have doubts about that, considering most http traffic these days goes encapsulated in TLS.

An Exit node can't keep track of the sites you visit because different sites are accessed over different circuits. An exit node who gets a gazillion users through it cannot realistically determinate which site visits belong to a particular user either.

Searches cannot be tracked because the serch query is encrypted. Same with messages and the like.

the probably is, you trust encryption. don't you think all the big govts have cracked that encryption or have a way around it? they are probably 10 years or more ahead of what we think they are.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: I don't think the Tor network is inherently insecure
By: MRO to Arelor on Tue Sep 17 2024 06:59 am

the probably is, you trust encryption. don't you think all the big govts have cracked that encryption or have a way around it? they are probably 10 years or more ahead of what we think they are.

I don't think they can crack something like modern TLS in real time. I am sure they have a bunch of pre-cracked primitives stored somewhere so they are likely to actually crack sessions... whether they can crack them soon enough for that to be useful is speculation.

Personaly I think it is not likely they can perform real time cracking, because when they have needed such a thing they have opted to bribe operators of the trust chain instead (in order to get fake certificates to attempt MITM).


--
gopher://gopher.richardfalken.com/1/richardfalken

---
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

Re: I don't think the Tor network is inherently insecure
By: Arelor to MRO on Wed Sep 18 2024 03:41 pm

the probably is, you trust encryption. don't you think all the big govts have cracked that encryption or have a way around it? they are probably 10 years or more ahead of what we think they are.

I don't think they can crack something like modern TLS in real time. I am sure they have a bunch of pre-cracked primitives stored somewhere so they

you have no idea what they can do. nobody does.

Personaly I think it is not likely they can perform real time cracking, because when they have needed such a thing they have opted to bribe operators of the trust chain instead (in order to get fake certificates to attempt MITM).

why not have both?
---
þ Synchronet þ ::: BBSES.info - free BBS services :::