I'm new to tor, trying to understand some stuff. I understand the .onion TLD is not an officially recognized TLD, so it's not resolved by normal DNS servers. The FAQ seems to say that tor itself resolves these, not to an IP address, but to a hidden site somehow.
When I look at thehiddenwiki.org, I see a bunch of .onion sites, with random looking names. Why is this? What if someone at thehiddenwiki.org registered a new .onion site (for example http://somerandomletters.onion), which then relayed traffic to duck-duck-go (http://3g2upl4pq6kufc4m.onion)? Thehiddenwiki could give me the link http://somerandomletters.org, and of course I would never know the difference between that and http://3g2upl4pq6kufc4m.onion Without trusting a CA to validate a site name, what prevents MITM attacks? Am I supposed to get the duckduckgo URL from a trusted friend of mine, and then always keep it? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk