Silk Road forums
Discussion => Security => Topic started by: AlbertHoffman1943 on April 23, 2013, 07:05 am
-
What is the difference between onion.to addresses and just onion addresses?
-
Onion.to is a regular website, accessible outside of Tor, that acts as a proxy into Tor hidden services for people not using Tor. Whoever operates onion.to has access to everything you do through onion.to
The only reason to ever use a site like onion.to is if you're on a computer where Tor isn't available, and you must check something on a Tor hidden service. However, anything you do there will NOT be anonymous. Silk Road, for example, is an example of an onion site that you should NOT access through onion.to!!!
I hope you don't do your vendor-y stuff through onion.to, because that would endanger both you and your customers.
-
Also, I just noticed that you link in your signature through .onion.to, which is a bad idea. At the best case, people will have slower access since they'll be going through Tor to Onion.to and then back into Tor... at the worst case, somebody will go to jail and it could even be you.
-
my browser bundle from torproject seem to do that automatically - many of my bookmarked pages are just onion addresses, but a few are onion.to
i guess it's a good thing i also use several vpn's and very rarely the same internet connection...
thx for the explanation
-
FIRST, STOP using .to at all and replace any bookmarks that use it so you never accidentally use it
Second, change your sig and get rid of the .to - don't encourage anyone to use that!
Third, change your password on SR and the forums (might not be necessary but I certainly would)
NEVER USE .to!!!!!!
-
In case it's still not clear:
DONT USE ONION.TO LINKS EVER
-
my browser bundle from torproject seem to do that automatically - many of my bookmarked pages are just onion addresses, but a few are onion.to
Although I haven't heard of such a thing existing, you might have a compromised version of TBB. You can download it again and verify the GPG signatures.
Your IP might be safe, but your account name and password could still be compromised. Onion.to has access to ALL data that passes through it, just like any proxy server. It can sniff out your passwords, your messages, everything.
-
Just in case you missed it....
Never use onion.to for anything... delete that tor bundle and reformat your PC or at the very least run anti-everything (male ware, virus etc) and be sure you are clean before going to the tor site and downloading again a fresh copy. Do this through Firefox or chrome but not through any browser you have installed any tool bars, search bars or any 'add-on' to. ie AskJerks, Google, Norton etc. they are the baine of my existence with every computer I'm asked to fix for friends having them and usually a fair part of the issues is their doing.
Delete the bookmarks, change your sig and, if your inclined to help yourself stay out of trouble, do some researching/googling about why these .to and similar web 'portals' are so dangerous and why they should be avoided. By understanding them you will understand why its important not to have other browsers open while on Tor and basically a better understanding of the whole system..
Tor is only as safe as you make it and complacency is the biggest danger to to your security..
Peace.