
A month with BadOnions - r721
https://chloe.re/2015/06/20/a-month-with-badonions/
======
jonahx
I see a lot of HN posts about the security of Tor, but as a casual user I
don't know what conclusions to draw.

Could someone who knows answer:

Is Tor currently a safe way to communicate securely and anonymously? Or: is it
mostly safe, but theoretically insecure if, say, you were being targeted by
the NSA? Or: Is it basically unsafe?

~~~
phaer
Mostly your second answer. It can be regarded safe against most, if not all,
non state level attackers, when used cautiously. If you use Tor Browser and
HTTPS and check how identifiable your browser is on
[https://panopticlick.eff.org/](https://panopticlick.eff.org/) you should be
safe against employers, coffee shops, university administration and so on. At
least as long as you don't make a mistake which reveals your identity (email
reuse, etc) of course.

It get's a bit more complicated for other services besides web browsing.
torsocks works well to send traffic trough tor, but providing anonymity means
you have to be really sure that no identity related information is leaked.

~~~
doomrobo
Also note that DNS lookups do not go through a SOCKS proxy, which leaves a
huge surface of attack and monitoring.

~~~
mhuffman
DNS does seem to go through SOCKS to an exit node, which then does the name
resolution[1]

Supposedly more attention is to be paid to this in the next major version.

[http://tor.stackexchange.com/questions/8/how-does-tor-
route-...](http://tor.stackexchange.com/questions/8/how-does-tor-route-dns-
requests)

------
aaronem
Sixteen out of a hundred thousand? That's a lot lower rate than I'd have
expected.

~~~
edmccard
>Sixteen out of a hundred thousand?

FTA: there were about 1400 exit nodes each tested about 95 times (that's where
the 100,000 number comes from). And in addition to the 16 logins, there were a
number of page views without login that seem to also have come from exit
nodes.

------
qquestion
Interesting find. Could also check for session reuse in case they captured
cookies from the original logins.

------
rsync
Holy crap, there are over 100k _exit_ nodes these days ?

I can't believe it.

~~~
foldor
(*)This number does not show the total amount of uniquely tested exit nodes,
just how many fingerprints that was tested. But every node was tested around
95 times(there's around ~1400 exit nodes).

