Bugtraq mailing list archives
Re: Serious security holes in web anonimyzing services
From: jeremey () TERISA COM (Jeremey Barrett)
Date: Mon, 19 Apr 1999 14:54:10 -0500
On Thu, Apr 15, 1999 at 10:49:04PM +0100, Chris Wilson wrote:
In any case it is simply impossible to be completely anonymous on the Internet, because packets must find some way to reach the client. The fact that anonymising services do not keep logs of their users, makes tracing significantly harder, but what if an anonymiser was hacked? The hacker would make light work of identifying individual users. IMHO, nobody should ever rely on being completely anonymous on the web.
The goal of Onion Routing is to prevent this. An attacker controlling an onion router would not be able to discern who was doing what. The anonymizer is a "hide the client from the server" solution. Onion Routing is a "hide the fact that the client and server are communicating" solution, including from individual onion routers. Onion Routing is a network, it isn't one site with the keys to everything. Read the stuff on http://www.onion-router.net/ for more info. Regards, Jeremey. -- Jeremey Barrett <jeremey () terisa com> GPG fingerprint = 7BB2 E1F1 5559 3718 CE25 565A 8455 D60B 8FE8 B38F
Current thread:
- Re: Serious security holes in web anonimyzing Chris Wilson (Apr 15)
- Re: Serious security holes in web anonimyzing services Jeremey Barrett (Apr 19)