Silk Road forums
Discussion => Security => Topic started by: somethingunique3 on November 18, 2012, 09:02 pm
-
What are the security risks of using onion.to??
From what I understand, if you connect to SR using onion.to you go through the clearnet website onion.to and then directed from there back into TOR. So, if onion.to was working with the Feds they could deanonymize you right?
I went to their website to do a little research but there is very little information on how it affects your anonymity.
Can someone please explain how onion.to works?
-
What you say pretty much sums it up. Do NOT use it, it bypasses all mechanisms that make Tor safe; it completely kills your anonymity.
-
From another post:
Settings for Proxxor
; ------------ Server Settings ------------------------------------------------
; IP
; Set the TCP IP Address of the interface the server should listen on.
; Or specify multiple IP addresses delimiter-separated by a comma.
; Or use the ip address 0.0.0.0 to listen on every interface.
IP = "0.0.0.0"
; PORT
; The TCP IP port the server should listen on. Or multiple ports
; delimiter-separated by a comma.
PORT = "80,443"
DOMAINNAME = "tor2web.org" ; A wildcard domain name, including colon and port if not 80.
MAXCONNECTIONS = 128
CONNECTIONTIMEOUT = 300
USESYSLOG = 1
ACCESSLOGFILE = "/var/log/proxxor_access.log"
TIMEZONE = "" ;Timezone. eg. "Europe/Stockholm" For a List of Supported Timezones See http://php.net/manual/en/timezones.php
CHROOTDIRECTORY = ""
RUNASUSER = "nobody" ; The username of a low privileges user.
DETECTSECURE = 1
FORWARDSECURE = 0
PEMPASSPHRASE = "bajs2" ; Set a password for the PEM SSL formated Certificate.
PEMFILE = "/etc/ssl/tmp_public.key" ; Set a path / filename for the PEM formated SSL Certificate.
-------------------------------------------------------------------------------
DEBUGMODE = 0
STREAMRWBUFFER = 8192
STREAMWRITECHUNK = 4096
AUTOONIONDOMAIN = 1
SOCKS5IP = "127.0.0.1"
SOCKS5PORT = 9050
SOCKS5OPTIMISTICDATA = 1
As you can see onion.to is specifically set up to spy on you and use a MITM attack to spy on you even if you attempt to use secure SSL, and uses tracking cookies to uniquely identify you even if you connect through a proxy.
- when a simple tunnel/port map on port 80 and/or 443 to a running Tor client (like I use) would do none of these things.
the blacklist is another can of worms
do you think they are working with the feds??
also, why would the onion.to silkroad link work when the regular .onion SR link not work??
-
do you think they are working with the feds??
We can't rule that out.
also, why would the onion.to silkroad link work when the regular .onion SR link not work??
It does? That's weird. I'm not going to try it, but that would either mean that
a) Your Tor browser isn't working properly
or
b) It's not the actual SR site they show you, but a "mirror" of it. A phising site if you like, designed to steal your SR login and then your BitCoin.
Also a possibility I wouldn't rule out.
-
its not a phishing site because i tried bogus logins and it didn't let me in. then i tried a legitimate login and it worked. also, you can use onion.to to connect to any .onion site through your normal web browser. It seems very likely that it's run by the feds
-
They're pretty up front about why no one should use their services in the disclaimer that appears when you try to access anything:
By using this service instead of connecting directly to the Tor network you are trading off security and anonymity for convenience. Know that we can identify the IP of visitors using this service (but chooses not to). We strongly recommended to access Tor Hidden Services directly using the Tor Browser Bundle to increase your security and anonymity.
Couldn't have said it better myself, conjugation issues notwithstanding!
Problem is, if they're served with a subpoena, they won't have the option of choosing not to identify visitors. Or maybe they would- onion.to is run out of Sweden according to a DNS lookup (if they really are Swedish it's odd because most Swedes speak excellent English...) Who knows. I just shudder to think of how many less cautious users are using this gateway as their only means of accessing SR.
-
They're pretty up front about why no one should use their services in the disclaimer that appears when you try to access anything:
By using this service instead of connecting directly to the Tor network you are trading off security and anonymity for convenience. Know that we can identify the IP of visitors using this service (but chooses not to). We strongly recommended to access Tor Hidden Services directly using the Tor Browser Bundle to increase your security and anonymity.
Couldn't have said it better myself, conjugation issues notwithstanding!
Problem is, if they're served with a subpoena, they won't have the option of choosing not to identify visitors. Or maybe they would- onion.to is run out of Sweden according to a DNS lookup (if they really are Swedish it's odd because most Swedes speak excellent English...) Who knows. I just shudder to think of how many less cautious users are using this gateway as their only means of accessing SR.
i could see this gateway becoming useful if you need to log on to SR from a library computer or something. I guess you could just use a flash drive with TOR on it instead.
-
i would like to know more about this. can they log everything you do? can they steal passwords even though they are just a gateway to .onion sites? Even through tor browser?
-
What the hell, im so confused? I use the tor bundled browser, and it has always been using onion.to in the address bar, it just happens whenever i start it and visit any website. So am i fucked?
-
What the hell, im so confused? I use the tor bundled browser, and it has always been using onion.to in the address bar, it just happens whenever i start it and visit any website. So am i fucked?
WTF? This is very wrong. Maybe you downloaded the bundle from an unofficial source?
I strongly recommend fixing your TOR and creating all new accounts.
-
What the hell, im so confused? I use the tor bundled browser, and it has always been using onion.to in the address bar, it just happens whenever i start it and visit any website. So am i fucked?
WTF? This is very wrong. Maybe you downloaded the bundle from an unofficial source?
I strongly recommend fixing your TOR and creating all new accounts.
I got it off tor project.org.
And yeah, i will do that for sure. Like whenever i start it it says tor is working bla bla and then when i try to visit any website it takes me to a green page that has me reclick the link and agree to enter tor network or something along those lines..
EDIT: actually nevermind, some how i got caught up in onion.to for all my websites... i will be recreating all my accounts just for good measure, but not reinstalling, as it was probably my fault. /derp
-
I connect to a VPN before Tor as well, and set up a premium server in another country. My IP is always based out of another country, and I'm moving all over the world seconds at a time. I use the same VPN, as the group Anonymous, and I havent had any problems so far. I am concerned by NoScript, I was playing around and reset it, I cant remember the icon is supposed to be S! or an S with a / thru it... I just dumped TBB and restarted... What else can I do to make myself completely untraceable?
-
I connect to a VPN before Tor as well, and set up a premium server in another country. My IP is always based out of another country, and I'm moving all over the world seconds at a time. I use the same VPN, as the group Anonymous, and I havent had any problems so far. I am concerned by NoScript, I was playing around and reset it, I cant remember the icon is supposed to be S! or an S with a / thru it... I just dumped TBB and restarted... What else can I do to make myself completely untraceable?
honestly you should be fine. ive heard the tor browser is just about all you need, but i also use a vpn when i feel like i need to be extra safe for something lol.
-
It's as leaky as a trying to use a colander as a bucket.
Avoid at ALL costs - do a little research and create yourself a 'tails' USB drive, or a decent install of a tor bundle for mac/windows.