outlaw => i d'ont mean what you describe. If i run an exit node and sniff every http packet out, i'll don't know where request are from, but i can see every parameters/data of post/get requests. Not every website has ssl activated guys.
Hidden services are another use case. There is no exit node, just an entry node to the hidden service. I don't know what happens when the two circuits connects. How are they connected ? It's the weak point ! 2013/1/9 Outlaw <[email protected]> > > > Or malicious code on the last node :) > > > > That would be the server hosting the hidden service. But the server of > > some Website you visit and what it does with your requests is beyond > > your control anyways (if it not your own server). > > So path can be seen by client and server that hosts hidden service, > malicious or not. Are you sure? :) I mean as I know SSL connection via > https protocol is done like "Connecting to server -> Establishing > secure connection -> After that go to target page, make requests, > download all things etc. ". So global observer cannot see what is > transferred (what I`d like to know for sure is path and GET request), > only the fact of connection and some encrypted traffic > - is this somewhat valid for onion-land? Thanks! > > -- > Outlaw > > _______________________________________________ > tor-talk mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
