Want to post more anonymously? Use tor.eff.org to hide your IP address

http://tor.eff.org/

How it works:

Tor is an "onion router". This means everything you post or download gets routed through someone else running Tor -- so it doesn't look like it's coming from your machine!

Once you install it, you can surf to www.showmyip.com and see where it "thinks" you're located. Could be any coutry in the world!

One slight problem is -- when you go to google, you might see the google instructions in a different language. That's because google now thinks you're logging in from France or the Netherlands or wherever. This is a feature -- not a bug! At least it helps you to learn the word "search" in many languages!

From the Tor website: "Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

If you use ANY PROXY (including this one) to post your Soc Sec #, Credit Card #, passwords, etc., the owner of that Proxy has FULL ACCESS to that info in clear text.

DO NOT USE A PROXY WHEN TRANSMITTING ANY PERSONAL INFO EVER.

If I'm sending personal data (such as credit card #), then I'm using SSL.

Doesn't SSL encrypt my outgoing info before sending it?

Tor just changes the ROUTING of my data, so it bounces through more places than it normally would have. If the data is still encrypted using SSL, how could a few extra bounces hurt?

I'm not a hacker so I may be confused about this.

Its a little hard to explain.

I know encryption is based on munging up a cleartext message in such a way that any brute-force attempt to decrypt it would take up too much computer power to be feasible. I don't know how SSL works but I would hope it would be "hard" to break like these other encryption technologies I've heard of.

What I want to know is, what exactly do you mean when you say the people running the (onion-router) server can "get at the data"?

Do you mean at the encrypted data, or at the decrypted data? Are you saying the people running additional (onion-router) servers could break the SSL?

... the server. The incoming packet is read via the proxy. Since they control it personally, they could get at all the data in the packet. As long as their proxy has SSL, it can be decrypted since its a valid destination (because you told it so).

I don't really know how SSL works I guess -- I assume it's some kind of encryption.

If I send Amazon my credit card number encrypted with SSL, all an interceptor has to do is say "I'm actually Amazon, so its ok to decrypt this SSL"? Sounds like the decryption is just generic to SSL - I thought it would involve the message actually getting to Amazon so Amazon would have to produce the key to decrypt it, not just say "I'm Amazon, now un-SSL this message." But I don't know the details of SSL.

So are you saying, it would be better to turn off Tor if you're about to give out your credit-card using SSL?

==

By the way, it is EASY to temporarily turn off Tor.

-- In Mozilla Firefox, go into Tools > Options > General > Proxy and tell the browser to connect directly (to not use a proxy).

-- Running Microsoft Internet Explorer, go into Tools > Internet Options > LAN Settings > Proxy Server and UNCHECK the check box next to "Use a proxy server..."

===

Just remember, after you're done ordering the latest Michael Moore book on Amazon.com, go back into your browser settings and turn the proxy back on before you post anything on the web which a wingnut might call treason.

First a brief bit about cryptographic keys. For a given person/website, they come in pairs. One is public that anyone can see and one is private. The nature of the keys is such that if a piece of info is encrypted using the private key, only the public key can un-encrypt it (without massive amounts of computing time). The reverse is also true. Anything encrypted with the public key can only be unencrypted by the private key.


With SSL most of the important stuff happens during the "handshake". When the connection is first established.

I'll use the most common case where the client doesn't have a certificate or public key but the server does. This is how e-commerce sites work.


So when you setup a SSL connection this happens:

1) The client says "hello i want secure connection"
2) The server sends back a certificate identifying itself along with a public key.
3) The client makes up a new set of keys and sends the public part of it back to the server encrypted using the server's public key
4) The server uses its private key to un-encrypt the new key the client just sent
5) Communication begins using the new keys the client just made up

One type of attack that is possible here is known as the man in the middle attack. If there is someone in the middle they could pretend to be the server. It would connect to the server itself but not send the data from the server back to the client. The man in the middle could alter the data so the client thinks they are talking to the server when they are not. In order to do this the man in the middle has to send a fake certificate, claiming they are the server the client is trying to contact. (By the way, MITM has nothing to do with TOR. It could be done using just regular internet routing as well)

Step 2 above mentions the certificate the server sends. This is the way to prevent the MITM attack. By only accepting certificates signed by a certificate authority the client trusts the MITM attack can be thwarted. Of course, you are only as safe as the authorities you trust are reliable.

I don't really see how TOR effects this in any negative way. The person can't fake being the server because it would still have to fake the certificate to trick you. On the other hand , with or without TOR, it is much easier to fake being a client since servers don't typically ask clients for a certificate (since most people don't have one). But, even then it would have to do it before the connection was established , it can't hijack one that is in progress. And, that is basically useless to a hacker since thye still don't have any of your info (logins , cc numbers etc)

Is all this info available to sites that I visit?

Try this website out showmyip.com

And welcome to DU! Your first post!
I'm honored.

:hi: :toast:

(I'm just starting to read about TCP/IP so others feel free to correct me.)

The internet works because every packet of data being sent (eg, a GET or POST you do in your browser) has its source and destination address quite visibly tacked onto it.

This unique "IP address" routes every piece of data between your machine and the other machines and naturally HAS TO BE visible to every machine relaying your data.

The site showmyip.com shows you your IP address -- but all sites you visit have to know your IP address -- otherwise they couldn't display pages back at you (or upload your posts).

A lot of sites also LOG your IP address permanently -- either becauset they feel like it, or because the government requires them too. (I think porn sites in the US are required to save a log of the IP addresses of all visitors.)

So, if you install the onion router from tor.eff.org, you'll be giving out the wrong IP address all the time.

That's why after you install tor and go to google, the instructions for google might show up in a different language. Or try going to news.google.com -- you might get news from a different country!

It's easy to take an IP address (a sequence of four numbers between 0 and 255) and look up what country it's coming from -- so google is doing this to figure out what language to talk to you in. I think the WHOIS website lets you look up the country and all kinds of stuff based on the IP address.

I like the idea of improving my security.

How hard is it to switch back to your own ip?

Temporarily turn off Tor.

-- In Mozilla Firefox, go into Tools > Options > General > Proxy and tell the browser to connect directly (to not use a proxy).

-- Running Microsoft Internet Explorer, go into Tools > Internet Options > LAN Settings > Proxy Server and UNCHECK the check box next to "Use a proxy server..."

====

This is good point you brought up, particularly in light of the fact that the browser DOES a bit slower using Tor, because the data is bouncing around the world a few extra times. So you only really need to turn Tor on when you want the extra privacy.

Another suggestion -- you can set up one browser that uses Tor and another browser that doesn't. Then you can put a shortcut to each one on your Desktop and/or your Start menu, and label each shortcut accordingly ("Regular Browser" -- "Private Browser").

If there's a computer geek in the house have them set this up for everyone else -- maybe have them download a copy of IE and a copy of Firefox. I'm sure everyone in your home would appreciate the extra privacy, and it doesn't hurt to be familiar with both browsers. (Also, the browsers look pretty different, providing a quick visual reminder if you forget which browser you're in.)

=====

I'd make Microsoft Internet Explorer (IE) the "EXPOSED BROWSER" and Mozilla Firefox the "PRIVATE BROWSER" -- keep the open-source onion-router with the open-source browser, you know.

=====

Then use the "EXPOSED BROWSER" to visit propaganda mouthpieces innocuous places like MSNBC.

=====

If you want HEAVY-DUTY secrecy, there's always Waste (by the guy who wrote WinAmp before AOL crippled it after version 2.78):

http://waste.sourceforge.net/

That's what I was wondering, if I could use two different browsers.

Thanks again.

"Tor is an "onion router". This means everything you post or download gets routed through someone else running Tor -- so it doesn't look like it's coming from your machine!"

Does this mean other people using this to visit kiddie porn sites will look as though they came from MY IP address if I install this?

And really no way to trace whos machine it actually came from... definitely a disadvantage.

There's two ways you can use Tor, as a client or as a server.

The default installation sets you up as a client. So in that case, your IP isn't one of the IPs masking other people's IPs, and you can't act as a relay for those potential kiddie porn enthusiasts out there.

At the Tor website, they encourage you to be a server here:

http://tor.eff.org/cvs/tor/doc/tor-doc-server.html

but if you're running the Tor client (the default installation) you won't be relaying anybody else's web transmissions -- just letting the people running Tor servers to relay yours.

The reason the Tor people encourage (but don't insist) that you run a server, is because Tor scales the way BitTorrent does -- it gets faster the more clients and servers there are. (In BitTorrent, unlike Tor, I believe the software automatically REQUIRES you to be a server as well as a client.)

:thumbsup:

<http://www.onion-router.net>

And at the bottom of the page...
This Is An Official U.S. Navy Web Site operated by the Center for High Assurance Computer Systems in the Information Technology Division of the US Naval Research Lab