I installed Tor and...

[Jeffrey F. Bloss]

Lorenzo Taylor wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Tor is supposed to implement en-to-end encryption, so by the time the

Not precisely. Tor implements a layered encryption scheme that only
affects traffic inside the Tor network (with your machine assumed to be
a part of that network). Beyond the Tor network, between the Tor exit
node and your final destination, everything you do is in the clear. If
you want end-to-end encryption you need to be using SSL/TLS, etc., in
addition to Tor. 

> data leaves your computer it should be encrypted.  However there is a
> warning in the documentation not to trust tor if you need complete
> annonymity since tor is still considered to be experimental.  From
> playing around with it, however, I can tell you that the latest
> versions seem stable and secure enough for most tasks.  Just be sure
> the data you need to keep secure and anonymous is being routed
> through it properly.
[...]
> Version: GnuPG v1.4.3 (GNU/Linux)

I'm really not trying to pick on you, honest, but not only does clear
signing break sigdashes, you're using a known insecure version of
GnuPG. We're up to 1.4.7 now. ;)

-- 
     _?_      Outside of a dog, a book is a man's best friend.
    (o o)         Inside of a dog, it's too dark to read.
-oOO-(_)--OOo------------------------------[ Groucho Marx ]---
                    http://wrench.homelinux.net/~jeff/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070313/2ee86a52/attachment.sig>