Archive

Posts Tagged ‘Privacy’

Tor – Anonymity Guaranteed?

January 22, 2010 Leave a comment

If you use Tor, your anonymity could be at risk from simple browser scripting tricks.
If you don’t already know, Tor is the name given to a set of software tools that route your internet traffic through relays to disguise your origin IP address.

Tor employs cryptography in a multi-layered manner, ensuring perfect forward secrecy between routers.

Read the Wikipedia Reference – They define it better than me.

Activist groups like the Electronic Frontier Foundation (EFF) recommend Tor as a mechanism for maintaining civil liberties online.

Read about Tor direct from the Tor Project website

You need the Tor software and some brains to set it all up; there is a one click activate Tor Add-On for Firefox which I highly recommend. (The Firefox browser, IMHO, is better than IE because it auto-updates. )

Now, If you’re a Tor user, head on over to the Metasploit Decloaking Engine to see if your browser can be tricked into revealing your true identity.
My configuration is Firefox 3.6, TorButton 1.2.4 and an old Tor software bundle; with Tor activated I am presented with 2 popup messages.

Metasploit Tor De-Anonymiser

Metasploit Tor De-Anonymiser

If you launch the application, your true IP is revealed to the remote server.
With Tor disabled, alarmingly, iTunes and Word automatically opened on my PC, no warnings, no polite requests.

Understanding what Tor can and cannot do is the best way to maintain your anonymity.

Advertisements
Categories: Privacy Tags: , ,