sdjfhasdufh wrote: > @andrew there is still a difference between plaintext traffic going > through ISPs and routers VS going through someones private server. > Your ISP may lose customers if they are found to be modifying > wikipedia, a malice node may have something to gain by doing so.
There is another difference, in that a private Tor server (end node), unlike your ISP, doesn't necessarily know who the original person is, especially if they are not identifying themselves over HTTP Also, this type of attack is a lot more difficult with Tor: http://www.wired.com/2014/10/verizons-perma-cookie/ The problem you are describing is a problem with many clients and servers not using end-to-end encryption and/or authentication. > If you don't know what tor is, how to use tor and have not read the > warnings you SHOULDN'T BE USING TOR. How easy would it be for me to > go into private mode to look up my illness, see a wiki page > (plaintext) and found a link for drug treatment (malicous). I completely agree, and I mentioned in my last post that more documentation on Private Browsing mode and Tor would be a good idea. > IMO this is enough reason to not have that tor feature. I linked an > article about binary patching so it's now well pass the point of > modifying simple html pages. I pointed out that (1) binary patching is possible both on Tor and clearnet, so that point is irrelevant, and that (2) Trisquel users almost exclusively use signed packages so binary patching would trigger an error anyway. Andrew
