TOR: is it any good?

Forum for general discussion of Peak Oil / Oil depletion; also covering related subjects

Moderator: Peak Moderation

User avatar
clv101
Site Admin
Posts: 10555
Joined: 24 Nov 2005, 11:09
Contact:

Post by clv101 »

As has been discussed it is currently perfectly possible to assess most online services totally anonymously. Maintaining such anonymity for any significant length of time under a serious attempt to compromise it would be far harder, however remains possible. Motivations for such activities are a separate issue.
Steve wrote:In view of that, sticking a few geek-operatives behind a few computer screens so that they can set up accounts on sites like this in order to engage in fishing exercises for potential enemies of the state is entirely plausible.
Unquestionably, this is happening today.
Blue Peter
Posts: 1939
Joined: 24 Nov 2005, 11:09
Location: Milton Keynes

Post by Blue Peter »

clv101 wrote:As has been discussed it is currently perfectly possible to assess most online services totally anonymously. Maintaining such anonymity for any significant length of time under a serious attempt to compromise it would be far harder, however remains possible. Motivations for such activities are a separate issue.
Steve wrote:In view of that, sticking a few geek-operatives behind a few computer screens so that they can set up accounts on sites like this in order to engage in fishing exercises for potential enemies of the state is entirely plausible.
Unquestionably, this is happening today.
Are you going to name and shame, Chris? :twisted: :D


Peter.
Does anyone know where the love of God goes when the waves turn the seconds to hours?
JavaScriptDonkey
Posts: 1683
Joined: 02 Jun 2011, 00:12
Location: SE England

Post by JavaScriptDonkey »

A recent one is the Chinese attack on Coke-a-Cola.

The long and short of it is that Coke's network was too secure to break in the available time so they targeted websites likely to be visited by Coke employees from their own PCs and hoped to get lucky.

Looks like they did.
User avatar
sam_uk
Posts: 382
Joined: 20 Oct 2008, 15:02

Post by sam_uk »

Hey nice tip on startpage. I have been missing scroogle since it stopped working..

I used to know one of the Tor developers a bit. It does work (with some limitations) but it's sloooow.
User avatar
emordnilap
Posts: 14814
Joined: 05 Sep 2007, 16:36
Location: here

Post by emordnilap »

Had a re-look at Tor and thought I'd see what I get when I visit here.

Image

PS geeks, can you explain what it's saying about 'tampering'?
I experience pleasure and pains, and pursue goals in service of them, so I cannot reasonably deny the right of other sentient agents to do the same - Steven Pinker
User avatar
PS_RalphW
Posts: 6977
Joined: 24 Nov 2005, 11:09
Location: Cambridge

Post by PS_RalphW »

Firefox gives the same report, if you try to access Powerswitch with the https protocol.

('standard' web protocol is http. https adds a digital signature based on encryption that gives some degree of security from snoopers and man in the middle attacks etc. etc. Owners of a web site buy a digital certificate from a commercial source and add it to their web site. The one on the powerswitch site appears to have been 'borrowed' from another web site. This may be an oversight, or it might belong to whoever set up the powerswitch site and they haven't bought a separate certificate for this URL. )

Tor , of course would never use plain http.

I don't think we are looking at a compromised site. Powerswitch is just a plain web site if no pretensions at real security. That would require more money and/or specialist knowledge.
Post Reply