Silk Road forums
Discussion => Security => Topic started by: virmo_vendor on July 03, 2013, 10:50 am
-
Hi,
With older versions this message was not displayed.
Is .onion not always an encrypted connection like it is supposed to?
Or is this because of some settings?
Totally not cool if info gets in 3th parties hands..
Any help please?
-
Iceweasel shows the prompt when you're not using SSL (https) to connect to a site.
They say Tor hidden services are inherently encrypted, as part of the network design. While the prompt is correct (you aren't using SSL), it's also misleading.
-
So basically it can be ignored? Onion sbould indeed not require ssl. Whick makes the new version strange. But liberte has not been updated for ages. Oh well..
Thx for the reply 8)
-
where exactly do you see that message... connecting to https://check.torproject.org?
because you shouldn't see any warnings going to a .onion site, Tor doesn't use SSL
you aren't accessing this through .onion.to clearnet 2 tor gateway are you? because if you google 'silk road forums' it's like one of the first options that comes up http://dkn255hz262ypmii.onion.to and if you signed in through it, you just lost your anonymity/loginpassword
-
where exactly do you see that message... connecting to https://check.torproject.org?
because you shouldn't see any warnings going to a .onion site, Tor doesn't use SSL
you aren't accessing this through .onion.to clearnet 2 tor gateway are you? because if you google 'silk road forums' it's like one of the first options that comes up http://dkn255hz262ypmii.onion.to and if you signed in through it, you just lost your anonymity/loginpassword
No when moving from an SSL encrypted site to a non SSL encrypted site. (ie from https://tails.boum.org/news/ to dkn255hz262ypmii.onion).
No he's just using default Iceweasel install that is packaged inside Tails.
Good looking out on the clearnet 2 tor gateways, they are honestly a terrible invention. It completely undermimes the security Tor offers in the first place. I suppose low-hanging fruit will always hang low.
-
where exactly do you see that message... connecting to https://check.torproject.org?
because you shouldn't see any warnings going to a .onion site, Tor doesn't use SSL
you aren't accessing this through .onion.to clearnet 2 tor gateway are you? because if you google 'silk road forums' it's like one of the first options that comes up http://dkn255hz262ypmii.onion.to and if you signed in through it, you just lost your anonymity/loginpassword
I get the same warning message on Iceweasel, when moving from a clearnet SSL site to a darknet .onion site. This one is safe to ignore.
-
Hi,
With older versions this message was not displayed.
Is .onion not always an encrypted connection like it is supposed to?
Or is this because of some settings?
Totally not cool if info gets in 3th parties hands..
Any help please?
I started to get them when I went from tails .17 to tails .18 ?
I don't like seeing it either
-
Don't worry, nothing's changed. If you are browsing .onion sites you can ignore the 2 warnings that IceWeasel will give you about "Leaving an encrypted page" and "Sending unencrypted info". While browsing a hidden service (like SR) ALL data remains encrypted because there is no exit node... the data never leaves the Tor Network.
I turn the warnings off if I'm browsing inside Tor, and leave them on if I intend to browse ClearNet. Don't let the warnings spook you... TAILS is definately the way to go!
-
Good point about the onion.to
Bad duckyducky go for listing that!
But it's while visiting onion sites for everyone using the new tails. Older versions of tails were not annoying like that. Unchecking that warning is no use. It keeps showing that message.
Not sure if tails is the way to go. It has more features than Liberte and Liberte has not been updated since ages. It seems better encrypted but is even more annoying because switching identity does not work. Rebooting all the time is a lot worse than messages.
Strange thing is that tails is stepping away from truecrypt. So if somebody gets the device then it is obvious tails is on it.
Multiple bootable OS'es on external devices would be awesome. Especially if one OS could be booted from a hidden partition.