Quote:
Originally Posted by Ramirez
I would not trust Tor with my login credentials. As the exit nodes can be sniffed.
For example, let’s say you are connecting to Google through Tor – your traffic is passed through several Tor relays, but it must eventually emerge from the Tor network and connect to Google’s servers.
The last Tor node, where your traffic leaves the Tor network and enters the open Internet, can be monitored. This node where traffic exits the Tor network is known as an “exit node” or “exit relay.”
|
Sniffing Tor is almost the same as the NSA sniffing traffic passing through the USA, or whatever Five Eyes country is appropriate:
1. They can see who you're connecting to, even when using TLS/HTTPS (with SNI the browser passes the domain name so the server knows which certificate to send back)
2. They can see HTTP headers (including the URL) and content, but
not HTTPS headers or content if TLS is used.
3. The difference with Tor is that the source IP is masked, although with a powerful enough adversary it may be possible to figure it out by using timing attacks to link the exit relay back to the entry IP.
I'd consider Tor to be something like free wifi in a coffee shop next door to a hacking convention... you remain somewhat anonymous (a typical exit relay probably won't know the source IP), but you should assume that whatever you're browsing is being passively recorded or monitored in some way, and you should
never submit data (especially login data) via a non encrypted form.