On 07/09/2007, David Gerard <dgerard(a)gmail.com> wrote:
On 07/09/07, David Gerard <dgerard(a)gmail.com>
wrote:
You can edit Wikipedia securely from here:
https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page
It's slower, but the connection is SSL, so can't be snooped - only the
fact of a transaction can be snooped. Your IP will show up in the
server logs, so will be viewable by Wikimedia sysadmins or by those
with checkuser, but it's as secure as we can do.
Note also this is a bit beta, so check you're still logged in as you
and so on before you hit "edit". (You may wish to choose a different
skin to Monobook to give a clear visual clue as to whether you're
logged in.)
- d.
There are different types of security. TLS will obscure
the contents of the packet (most notably, the
one's password), but not packet header, which
includes routing information, such as IP addresses.
Tor will 'hide' routing information by using a series
of nodes - so each node replaces the routing
information with it's own. (Basically, if Alice can talk
to Carol and Carol can talk to Bob, then Carol can
talk to Bob on behalf of Alice.) Layered encryption
is used to prevent any of the Tor nodes from
knowing the full circuit. Tor still has some
vulnerabilities, but it takes significant resources
to exploit them - more than the average packet
sniffer has.
You might be interested in the Nym software,
which issues a certificate corresponding to
a particular IP address - theoretically a scarce,
non-proxy one. A user could then use Tor with
that certificate, a nym, presenting that nym to
a service. The service could then block the
user's nym.
And no, Thomas, packet sniffing is not hard. It
does, however, require an opportune position
on the network.