tag:blogger.com,1999:blog-2659416969867866171.post8147019377863778976..comments2024-03-28T09:09:41.534-07:00Comments on No Tricks: Anonymity at the EdgeAnonymoushttp://www.blogger.com/profile/16153635896554944056noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-2659416969867866171.post-60748896459074955032011-08-30T00:22:10.383-07:002011-08-30T00:22:10.383-07:00Sometime the security of computer depends on how i...Sometime the security of computer depends on how it network.<br /><br /><br />Laby[<a href="http://www.mensusa.com/tools.aspx?id=230" rel="nofollow"><b>big suits for men</b></a>]Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-2659416969867866171.post-894027976727539782008-07-21T02:22:00.000-07:002008-07-21T02:22:00.000-07:00Hello paerty,I seem to recall reading that the IP ...Hello paerty,<BR/><BR/>I seem to recall reading that the IP address may be exposed, but you are right that it would not make sense. I have updated the statement.<BR/><BR/>I don't think that the core issue here is exposure of Alice's identity, but rather logon and password information to target systems (the recipient node) is exposed. <BR/><BR/>regards LukeAnonymoushttps://www.blogger.com/profile/16153635896554944056noreply@blogger.comtag:blogger.com,1999:blog-2659416969867866171.post-17565316436112430962008-07-17T12:46:00.000-07:002008-07-17T12:46:00.000-07:00"However the exit nodes learn everything - the IP ..."However the exit nodes learn everything - the IP address of Alice (for a return message), the message itself, and the address of the recipient."<BR/><BR/>I believe this is incorrect. Since the "return message" would go back to the TOR exit node, as it is the node that sent the message), Alice's original IP address is never revealed.<BR/><BR/>Alice's identity, however, may be exposed in the application layer data, and that is what the core of the issue is all about.Anonymoushttps://www.blogger.com/profile/13566486568260452494noreply@blogger.comtag:blogger.com,1999:blog-2659416969867866171.post-21042589513497995582008-06-18T05:45:00.000-07:002008-06-18T05:45:00.000-07:00I learn from this story that you should always che...I learn from this story that you should always check for proper requirements definition. You're able then to check against them to give the assurance that a sufficient level of security is achieved. <BR/>Second point is that you might need to re-evaluate your existing systems for new vulnerabilities.oljhttps://www.blogger.com/profile/04155990698964856876noreply@blogger.com