ISP logging

[enter sandman]

Hello. Just a simple question about using TOR....can my ISP track me 'log everything I do online' when I'm using TOR? I have never read a clear asnwer to this here on Icmag. Thanks for whoever replies to this...peace & be safe!

 

[SouthernGuerila]

your best bet is to check with the tor site, torproject.org

 

[enter sandman]

ok...I spent an hour reading everything on the site & still no answer. I guess I'll never know..........?

 

[drtask]

i'd say so yes. how else are you supposed to connect to tor, let alone the net without going through your isp? your best bet is encrypting everything you do over the net.

 

[growwatcher]

The whole point of TOR is that it encrypts "everything you do over the net." (to a point) Your ISP can see that you've connected to a TOR server, but the traffic between your computer and the TOR server is encrypted. This first TOR server then forwards your data to another TOR server, and then (as it is typically configured) to an "exit" server, at which point your data is decrypted and sent on to it's final destination.

All your ISP sees is your connection to the 1st tor server -- they have no idea where the connection goes after that, nor can they see what the data is.

The thing that you have to watch out for is that anyone can setup a tor server and configure it as an exit server. Since the data has to be decrypted at the exit server, that means that the operator of that server can snoop in and catch whatever information is being transmitted (such as passwords, etc). Unless, of course, you are connected using SSL.

 

[79towncar]

Expand on this alittle what's an SSL? So are you saying that some-1 can still read your encrypted meassage if they are operating the exit server? Sometimes a friend of mine needs to use a computer for information purposes but is afraid of having his ISP logged. What he does is uses a public computer that does not require you to log in or sighn in anywhere. An example of this is some community colleges. Some of them have computers any-1 can use without logging in. Usually they are near the cafeteria. Most of these places also don't have cameras. So even if some-1 could prove that suspicious imformation was being pulled up on that computer it would be impossible to tell who was actually looking at it. Unless somebody actually saw who was on the computer at the particular time the inforation was being obtained. But to answer your question i'm sure they can obtain every site you have visited within a certain time period if thay needed to. I bet the FBI uses theis technique to locate who is visiting websites about terrorism, bomb making, thigs like that.

 

[growwatcher]

Expand on this alittle what's an SSL?

SSL is the standard method of encryption for secure connections over the web (and other internet protocols, too). Any time you are connected to a site securely the address bar will show httpS:\\whatever.com (the S denoting a secure connection). This is a standard web protocol and has nothing to do in-and-of itself with TOR.

TOR essentially encrypts connections between your computer and the "exit" server on the TOR network.

So are you saying that some-1 can still read your encrypted meassage if they are operating the exit server?

If you are not using an SSL connection ("http" without the "s" in the address bar), then yes, the operator of the exit server can see the data that is being transmitted. If you are using SSL, though, your data stream within the TOR network is double encrypted, and once at the exit server it becomes only single encrypted, on to the final destination.

If you need any information on how to use TOR securely, check out their site. Specifically, Warning: Want Tor to really work?

HTH
GW

 

[nekoloving]

SSL is the standard method of encryption for secure connections over the web (and other internet protocols, too). Any time you are connected to a site securely the address bar will show httpS:\\whatever.com (the S denoting a secure connection). This is a standard web protocol and has nothing to do in-and-of itself with TOR.

TOR essentially encrypts connections between your computer and the "exit" server on the TOR network.



If you are not using an SSL connection ("http" without the "s" in the address bar), then yes, the operator of the exit server can see the data that is being transmitted. If you are using SSL, though, your data stream within the TOR network is double encrypted, and once at the exit server it becomes only single encrypted, on to the final destination.

If you need any information on how to use TOR securely, check out their site. Specifically, Warning: Want Tor to really work?

HTH
GW

+Rep