Tor Used To Collect Embassy Email Passwords 99
Several readers wrote in to inform us that Swedish security researcher Dan Egerstad has revealed how he collected 100 passwords from embassies and governments worldwide, without hacking into anything: he sniffed Tor exit routers. Both Ars and heise have writeups on Egerstad's blog post, but neither adds much to the original. It's not news that unencrypted traffic exits the Tor network unencrypted, but Egerstad correctly perceived, and called attention to, the lack of appreciation for this fact in organizations worldwide.
Heh (Score:3, Funny)
One thing that doesn't make sense to me: why does Tor operate MOSTLY over primary networks with non-tor functions? Doesn't it make sense that people who rely on Tor-offered anonymity would only operate the network bound to a specific NIC, a specific router and a specific network connection, separate from their main non-anonymous one? If anonymity is that important, why even bother trying to maintain an anonymous network connection concurrent with your non-anonymous one, with both utilizing the same single-point of exit/entry?
Doesn't make sense.
Unencrypted traffic is always unencrypted (Score:5, Funny)
eknagy
apples and onions (Score:3, Funny)
Re:Encryption is difficult for laypersons. (Score:5, Funny)
You know, not everybody likes onions. Cake! Everybody loves cakes! Cakes have layers!
You know what else everybody likes? Parfaits. Have you ever met a person, you say, "Let's get some parfait," they say, "Hell no, I don't like no parfait"? Parfaits are delicious.
Re:This reminds me... (Score:3, Funny)
Re:This reminds me... (Score:3, Funny)
Re:Raising the question... (Score:1, Funny)