???- Θ Should https be turned on using TOR or doesn't matter? Θ

Tried searching for answer but cannot find, can someone answer? I mean when using REDDIT - sorry for confusion. login to reddit / preferences / security


Comments


[3 Points] ziz1:

Always use https with any clearnet site that you can when using Tor. It prevents the exit node from reading or modifying your traffic. It also prevents NSA style injection malware attacks, where they insert malicious code into packets destined for you before the the actual site can respond with the real data:

https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html


[1 Points] Der_Dichter:

never use regular http when passing sensitive information to a clearnet site. If your on a clearnet site and not using http, then whichever exit node your'e connected to can view all of your internet traffic.


[1 Points] 1mm0m:

Tor-to-Tor (hidden service) connections are encrypted end-to-end, so many markets don't use HTTPS, but packets that leave the network via an exit relay are not encrypted between the exit node and the website unless you are using SSL (HTTPS). So use HTTPS for clearnet sites that you may send sensitive data (e.g passwords) to, but don't worry if your connection to a hidden service is not SSL, because the data is already encrypted.


[1 Points] u3565572:

There are bad exit nodes that sniff cleartext traffic. Use https:// where possible.

Sorry if this is not the question you are asking.


[0 Points] None:

[deleted]