Silk Road forums

Discussion => Newbie discussion => Topic started by: throwaway9011 on August 20, 2013, 05:55 pm

Title: What prevents Tor exit nodes from sniffing SR login credentials?
Post by: throwaway9011 on August 20, 2013, 05:55 pm
Does SR use sessions? What's to prevent a tor exit node from copying the session key?
Title: Re: What prevents Tor exit nodes from sniffing SR login credentials?
Post by: farmer1 on August 20, 2013, 05:58 pm
When you use SR you never go through an exit node.

Read up on Tor hidden services.
Title: Re: What prevents Tor exit nodes from sniffing SR login credentials?
Post by: mcguire39 on August 20, 2013, 05:59 pm
Well for starters it's a hidden service so you do not utilize an exit node to access it. And the traffic is encrypted all the way from the client to the server.
Title: Re: What prevents Tor exit nodes from sniffing SR login credentials?
Post by: throwaway9011 on August 20, 2013, 06:02 pm
Would it be correct to say that any logins outside of hidden services could be stolen?
Title: Re: What prevents Tor exit nodes from sniffing SR login credentials?
Post by: mcguire39 on August 20, 2013, 06:12 pm
If you're using tor to access an unencrypted resource on the clearnet such as http:// something then yes a malicious tor exit node can store/manipulate all that traffic.
Title: Re: What prevents Tor exit nodes from sniffing SR login credentials?
Post by: throwaway9011 on August 20, 2013, 06:22 pm
even if a site uses https wouldn't the exit node be able to mimic your session data to access your account, or no? sorry if these are really newb questions.