I installed Tor and...
Jeffrey F. Bloss
jbloss at tampabay.rr.com
Tue Mar 13 23:04:13 UTC 2007
Lorenzo Taylor wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Tor is supposed to implement en-to-end encryption, so by the time the
Not precisely. Tor implements a layered encryption scheme that only
affects traffic inside the Tor network (with your machine assumed to be
a part of that network). Beyond the Tor network, between the Tor exit
node and your final destination, everything you do is in the clear. If
you want end-to-end encryption you need to be using SSL/TLS, etc., in
addition to Tor.
> data leaves your computer it should be encrypted. However there is a
> warning in the documentation not to trust tor if you need complete
> annonymity since tor is still considered to be experimental. From
> playing around with it, however, I can tell you that the latest
> versions seem stable and secure enough for most tasks. Just be sure
> the data you need to keep secure and anonymous is being routed
> through it properly.
[...]
> Version: GnuPG v1.4.3 (GNU/Linux)
I'm really not trying to pick on you, honest, but not only does clear
signing break sigdashes, you're using a known insecure version of
GnuPG. We're up to 1.4.7 now. ;)
--
_?_ Outside of a dog, a book is a man's best friend.
(o o) Inside of a dog, it's too dark to read.
-oOO-(_)--OOo------------------------------[ Groucho Marx ]---
http://wrench.homelinux.net/~jeff/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070313/2ee86a52/attachment.sig>
More information about the ubuntu-users
mailing list