On Mon, Jun 30, 2014, at 10:15 PM, Bobby Brewster wrote:
> > But how can the person's computer be identified since all that is seen is > the connection between the exit node and the destination > target_website.com > > The point, surely, is that real time code injection should not be > possible since no-one can trace the connection from the exit node back to > the user. > If the code is injected between the target_website.com and the exit node, the exit node will relay it faithfully back through the Tor network to the client. It's all just bytes to Tor. > I am not saying that the user cannot be traced e.g. if he logs into his > own webmail account via Tor; I am saying that the trace should not occur > due to the Tor network. The trace doesn't take place through the Tor network: the malware placed on the target person's computer can call home over the clearnet (this is where Tails/Whonix/VMs come in as a second line of defense); or the cookies injected can end up being sent to another site that the target visits which helps link them to an identity or pseudonym (good cookie hygiene is some small help). GD -- http://www.fastmail.fm - Accessible with your email software or over the web -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
