TOR: Can exit nodes eavesdrop on communications?

[Werner Schram]

arshad wrote:
> Yes, the guy running the exit node can read the bytes that come in and
> out there. Tor anonymizes the origin of your traffic, and it makes sure
> to encrypt everything inside the Tor network, but it does not magically
> encrypt all traffic throughout the Internet. 
> This is why you should always use end-to-end encryption such as SSL for
> sensitive Internet connections. (The corollary to this answer is that if
> you are worried about somebody intercepting your traffic and you're
> *not* using end-to-end encryption at the application layer, then
> something has already gone wrong and you shouldn't be thinking that Tor
> is the problem.) 
> Tor does provide a partial solution in a very specific situation,
> though. When you make a connection to a destination that also runs a Tor
> relay, Tor will automatically extend your circuit so you exit from that
> circuit. So for example if Indymedia ran a Tor relay on the same IP
> address as their website, people using Tor to get to the Indymedia
> website would automatically exit from their Tor relay, thus getting
> *better* encryption and authentication properties than just browsing
> there the normal way. 
> We'd like to make it still work even if the service is nearby the Tor
> relay but not on the same IP address. But there are a variety of
> technical problems we need to overcome first (the main one being "how
> does the Tor client learn which relays are associated with which
> websites in a decentralized yet non-gamable way?").
>   
It would have been nice if you had told that you quoted this text from 
the tor site at the beginning ;)
> https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers
>
> so hows this going to effect the users? i mean the exit node dont really
> know who is the first node (original user) right?
>   
The problem is that only the packet headers are anonymized, not its 
contents. If there is information in the content of the packet that can 
identify you, then the end node will be able to read that. For example, 
if you send out your credit card information over an unencrypted channel 
trough TOR, the end node would be able to read it. The owner of the end 
node wouldn't know the IP adres from which this information has been 
sent, but he would have your credit card details.

So for personal information, TOR alone doesn't do the job. If you 
combine TOR with encryption, then the encryption makes sure the contents 
of your package are unreadable for untrusted hosts, and TOR makes sure 
the destination (before entry) or the origin (after entry) is unreadable.

Regards,
Werne



> thank you for your time.
>
>