Infographics - Tor, HTTPS and Security

    In the wake of the panic “our government is watching us” that panicked around the United States (surprise!), The Electronic Frontier Foundation laid out in an accessible graphic form what Tor is hiding, what the HTTPS encryption protocol is hiding, and what they can hide together.

    So, all the information transmitted over the Internet from the user to the site and vice versa can be divided into (as indicated in the pictures):

    site.com - site address
    user / pw - username and password on the site
    data - data transferred between the user and the site
    location - information about the user (ip-address, and potentially - his identification)
    tor - information that the user is using the tor network

    Open channel


    Naturally, in the absence of any encryption, all this information is available to everyone - a hacker who maliciously sticks to the wi-fi channel of your router, the sysadmin isp and the lawyer and cop standing behind him, cunningly connected to the channel between the user’s provider and the site’s provider NSA (National Security Agency, or, as the Americans joke, “No Such Agency”), as well as the administrator of the site itself, as well as any lawyers and cops who came to the hoster.


    Https


    When https encryption is enabled, the picture changes - now no one but those having access to the server receives the transmitted data, and the login with the user password. But his ip address and site address are still available.


    Tor


    When using the onion Tor network without https, the picture is as follows: the hacker is satisfied only with the user's ip and knowledge of the tor network, his provider and the vicious Pinocchio from NSA who listen to traffic before entering the tor network are interrupted.
    Then joyful chippolins, Tor nodes, appear. All of them, of course, know about the network tor. At the same time, the input node only knows the user's IP address, intermediary nodes do not know anything at all, and the outgoing node knows everything except the user's ip. And everyone knows the same information after him - Pinocchio from the NSA, listening to the channel exiting Tor, hoster, admin of the site and its hangers-on.


    Tor + HTTPS


    Finally, the safest possible option is Tor and https.

    Almost all banquet participants know very little - either the user's ip and tor network usage, or just the site address and about the Tor network. And only the owners of the site itself know everything except the ip user.


    Total


    These, of course, are not all ways to restrict access to your traffic. Using them or not is up to you. But, as popular wisdom says, it is better to play it safe than vice versa ...
    There is no doubt that the increasing pressure on users will lead to an increase in traffic encryption methods and an improvement in the bandwidth of user-hiding networks. Whether this struggle will lead to the liberation of the Internet or to an unrealistic tightening of the nuts will be shown by time, and most likely, not so distant.

    Only registered users can participate in the survey. Please come in.

    What did you do to hide your data?

    • 26% Open channels are not scary for me, it would be something to eavesdrop 743
    • 41.9% I use HTTPS - maybe not everywhere, but for particularly sensitive data 1194
    • 11.5% I use Tor 328
    • 3.6% I use i2p 104
    • 14.3% I'm through a VPN, let 410 choke
    • 2.4% Other 70

    Also popular now: