|
|
|
|
|
|
by cyphar
2431 days ago
|
|
|
No, that's not entirely true. No single node in a Tor circuit knows both who the user is and what site they are going to. In order to compromise a user's anonymity, you need to do a traffic correlation attack (where you look at packets going through both the guard node and the exit node and match up the timing of packets). There are some protections against this attack in Tor (guard nodes are not changed often by clients, relays need to be running for a long time in order to be permitted to be guards, and there is some randomised traffic sent to the guard by the client) but it is definitely not a solved problem. But of course, if you aren't using TLS then your traffic is not encrypted as it leaves the pipe. So obviously you should use TLS over Tor. |
|
|