On Sun, 2009-12-27 at 12:48 +0100, Nils Vogels wrote: > On Sun, Dec 27, 2009 at 12:26, arshad <arsha...@gmail.com> wrote: > > i want the traffic be encrypted as well? > > any workarounds? > > Traffic within TOR itself is encrypted as part of the anonimization: > When you are in the cloud, it is almost impossible to make heads or > tails out of the messages that are being sent. > > When the traffic leaves the cloud, it is sent in the same way it was > entered into the cloud, ie. HTTP will still be HTTP, HTTPS will be > HTTPS. > > If you want your traffic to be both anonymous and encrypted throughout > the entire path, use an encrypted protocol, such as HTTPS, IMAPS, > POP3S, etc. > > Please, also read http://www.torproject.org/overview.html.en it will > answer not only this question, but also a few similar questions that > you might have when first starting to use tor. > > Greets, > > Nils > >
hi, thanks for your reply. i mean to avoid this: Eavesdropping by exit nodes In September 2007, Dan Egerstad, a Swedish security consultant, revealed that by operating and monitoring Tor exit nodes he had intercepted usernames and passwords for a large number of email accounts.[17] As Tor does not, and by design cannot, encrypt the traffic between an exit node and the target server, any exit node is in a position to capture any traffic passing through it which does not use end-to-end encryption, e.g. SSL. While this does not inherently violate the anonymity of the source, it affords added opportunities for data interception by self-selected third parties, greatly increasing the risk of exposure of sensitive data by users who are careless or who mistake Tor's anonymity for security.[18] http://en.wikipedia.org/wiki/Tor_(anonymity_network)