On 07/09/2007, David Gerard dgerard@gmail.com wrote:
On 07/09/07, David Gerard dgerard@gmail.com wrote:
You can edit Wikipedia securely from here: https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page It's slower, but the connection is SSL, so can't be snooped - only the fact of a transaction can be snooped. Your IP will show up in the server logs, so will be viewable by Wikimedia sysadmins or by those with checkuser, but it's as secure as we can do.
Note also this is a bit beta, so check you're still logged in as you and so on before you hit "edit". (You may wish to choose a different skin to Monobook to give a clear visual clue as to whether you're logged in.)
- d.
There are different types of security. TLS will obscure the contents of the packet (most notably, the one's password), but not packet header, which includes routing information, such as IP addresses.
Tor will 'hide' routing information by using a series of nodes - so each node replaces the routing information with it's own. (Basically, if Alice can talk to Carol and Carol can talk to Bob, then Carol can talk to Bob on behalf of Alice.) Layered encryption is used to prevent any of the Tor nodes from knowing the full circuit. Tor still has some vulnerabilities, but it takes significant resources to exploit them - more than the average packet sniffer has.
You might be interested in the Nym software, which issues a certificate corresponding to a particular IP address - theoretically a scarce, non-proxy one. A user could then use Tor with that certificate, a nym, presenting that nym to a service. The service could then block the user's nym.
And no, Thomas, packet sniffing is not hard. It does, however, require an opportune position on the network.