Sometime ago I was talking with a friend about security of different anonimity software kits. The most famous software we talked about was Tor.
While I was talking about the triple secret used in tor nodes, he asked me a very sensible question: Have you ever asked yourself how are the circuits built?
What I immediately thought is that the first connection must be made to a kind of central authority. And what I also thought is that such authority can be compromised beforehand, generating compromised circuits which could lead you to a ... "trap" (i.e. a sniffing exit node).
Am I right? I did not find any explanation un the official docs about where does Tor client connect to make the circuit. How are the circuits built? How secure is it (security: regarding having compromised nodes)?
Aucun commentaire:
Enregistrer un commentaire