1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

TOR = Anonymity !?

Discussion in 'BlackHat Lounge' started by dr.doom, Dec 29, 2012.

  1. dr.doom

    dr.doom Junior Member

    Joined:
    Oct 3, 2012
    Messages:
    122
    Likes Received:
    13
    Hi,

    I need some explanation:

    How can it be possible that the goverments are not able to catch criminals who use it ( like terrorists, pedophiles etc. ), but companys can find out the real IP behind it? I mean for example using it with adsense will get you banned super fast, I know adsense monitors more factors then that its just an example... How can this be possible and why aren´t the companys helping the goverments to catch criminals in the deep web (there are drugs sold and much more disgusting things), it seems like the companys could find out the real IPs of the users even if they use HTTPS everywhere and SSL encryption...

    I am very interested in your thaughts on that topic!
     
  2. DarkPixel

    DarkPixel Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 4, 2011
    Messages:
    1,328
    Likes Received:
    1,239
    Location:
    ↓↓↓↓
    Home Page:
    I think that the TOR network, doesn't use people's IP addresses. It uses public IP's only available for browsing the Deep Web. So there is no way to get the IP of the user browsing the Deep Web. Even TOR websites don't have domains in order to check the WHOIS.
     
  3. Beingakrant

    Beingakrant BANNED BANNED

    Joined:
    Aug 22, 2012
    Messages:
    380
    Likes Received:
    626
    FBI takes help of companies managing IPs time and again. Many cases have been solved in past by taking help of these companies.
     
  4. haaaas

    haaaas Newbie

    Joined:
    Oct 22, 2012
    Messages:
    44
    Likes Received:
    21
    TOR = ANONYMITY? mhh i would say yes.
    You are using tunnels to other pcs which are in the tor network, too.
    Therefore you' ve got a different ip and nobody knows what the original ip was.
    But you cannot be sure that someone is browsing with your own ip..


    What I think, by using TOR you will get a random ip, but it even could be your own one..
    something like that, i cannot really explain :/ to be honest: superficial knowledge
     
  5. unclemike

    unclemike BANNED BANNED

    Joined:
    Nov 6, 2012
    Messages:
    827
    Likes Received:
    984
    Companies do not find out the real IP behind TOR.
    What companies can do is see you are consistently relaying on a basic VPN network where the IP has been used a million times.
    Therefore the IP is blacklisted or else.

    Cheers
    Unclemike
     
  6. MrBlue

    MrBlue Senior Member

    Joined:
    Dec 18, 2009
    Messages:
    950
    Likes Received:
    662
    Occupation:
    Web/Bot Developer
    It is the TOR exit node IPs that are being identified and blocked, not the TOR user's IP.

    TOR exit nodes lists are readily available.
    Code:
    http://torstatus.blutmagie.de/
     
  7. fluor

    fluor Newbie

    Joined:
    Mar 29, 2010
    Messages:
    47
    Likes Received:
    4
    Occupation:
    SelfEmployed IM & Student
    Location:
    Romania
    The real TOR is not public, even what you see(tor directories) are a small part of the TOR internet. That's why. And TOR criminals that don't have good security are caught.
     
  8. x5050

    x5050 Junior Member

    Joined:
    Mar 15, 2011
    Messages:
    108
    Likes Received:
    70
    In layman's terms, TOR works like this.

    I need to send a letter to person C. Instead of sending it directly to them and having them reply, I instead send a letter to person A. Person A takes the letter out of the envelope, encrypts what's inside, and then sends that letter in a new envelope to person B. Person B takes the letter out of the envelope, encrypts the data again, and puts it in a final new envelope and sends it to person C. Person C sees the data request, sends the webpage info back to person B, who then sends it to person A, and then back to me.

    All of these transactions are encrypted and none of the "exit nodes" (read: websites) know who it is that will ultimately receive the packet of information they send out. This, coupled with the fact that people's IP addresses are changed and relayed every few minutes leads to damn near perfect anonymity on TOR.

    Problems arise if poor security somewhere in the chain, i.e. someone doesn't take your letter out of the envelope to send it to the next person in the chain, allows the exit node to discover who the packets are ultimately supposed to be delivered to.

    EDIT: This is in stark contrast to the way the traditional web works where every node in the chain (meaning your ISP and all of the datacenters your packets pass through to get to their final destination) pass on both WHO you are and WHAT you're requesting. This is why websites know your IP address.
     
    Last edited: Dec 29, 2012
  9. 2011nfl

    2011nfl Supreme Member

    Joined:
    Aug 9, 2010
    Messages:
    1,223
    Likes Received:
    5,955
    Location:
    Dallas, Texas
    Home Page:
    TOR aka "onion" sucks anyways. Sorry for the trolling, just had to say that...... :D
     
  10. sirgold

    sirgold Supreme Member

    Joined:
    Jun 25, 2010
    Messages:
    1,260
    Likes Received:
    645
    Occupation:
    Busy proving the Pareto principle right
    Location:
    A hot one
    Having an IP whose DNS resolves as torexit.blahblah is easy to catch even with the most lousy php script for everybody. This doesn't imply you know who's the originating request IS, you can just tell that's coming from tor whoever that is. That's why you get banned by adsense, that's why you get "this ip is blocked on cl, but why silkrope can live there without any issue.
     
  11. PinguSpy

    PinguSpy Jr. VIP Jr. VIP

    Joined:
    Dec 7, 2007
    Messages:
    1,045
    Likes Received:
    935
    Occupation:
    Internet Farmer
    Location:
    Pineal Gland
    Home Page:
    I agree. I don't know why people are so excited about the "deep web"?
    Boring.