Hacker News new | comments | show | ask | jobs | submit login

This is a silly point to make. Exit nodes ARE shady, you should assume that with Tor and encrypt everything. That is not the purpose of Tor.

You'd be surprised how many people miss that point. There's a "let's just use Tor first" approach some people use that really undermine their anonymity. I.E. Using plugins like Flash while browsing and even JS. In the West, that's usually not a big deal, but elsewhere, people's freedom could be at stake if they don't take adequate precautions.

If you are using either TAILS or the Tor Browser button, both of those are intentionally impossible. Javascript can be enabled, but there's probably not as much issue with it as with Java or Flash.

This, I've often thought exit node operators should drop unencrypted connections and/or insert warnings into HTTP responses... but I guess that would only be done by less shady exit node ops and drive people who don't understand otherwise to use others.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact