

WikiLeaks Intercepted Private Communications via TOR  - este
http://vrritti.com/2010/12/10/wikileaks-intercepted-private-communications-via-tor-proxy-network-maintains-access/

======
rick888
So the network that was lauded as being anonymous and that people should use
it if they want to have secure transmissions wasn't so secure.

Nice.

~~~
samdk
No, that's not the case at all. Tor does not claim (and never has claimed) to
protect against attackers trying to do what's described in the article. Tor
provides _anonymity_ only, not full end-to-end encryption.

If you don't want your messages to be sent as plaintext, you have to encrypt
them. This is true whether or not you're sending your data through Tor. Tor
_does_ do some encryption, but all traffic between the exit router and the
final destination is unencrypted, because Tor can't magically encrypt traffic
to a server that doesn't know how to deal with encrypted traffic. (Which, on
the internet, is still most of them).

Tor is not the be-all end-all of anonymity online. As their website very
clearly states, you need to do other things (like encrypt your sensitive
traffic) if you don't want people reading it. Messages on their download page
and in their FAQ very clearly address this.

The same explanation from the Tor people themselves:
[https://blog.torproject.org/blog/plaintext-over-tor-still-
pl...](https://blog.torproject.org/blog/plaintext-over-tor-still-plaintext)

~~~
rick888
Many people are not this tech savvy and don't realize this. I think I'm going
to do the same thing to see how much data, accounts, and other goodies I can
get.

